TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2024-12-22 07:57:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix fd sanitization

Browse Source
This commit is contained in:
topjohnwu 2023-10-31 13:39:56 -07:00
parent da766f2a4e
commit 489100c755
1 changed files with 14 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
native/src/zygisk/hook.cpp
View File

@ -38,7 +38,7 @@ enum {
APP_SPECIALIZE, APP_SPECIALIZE,
SERVER_FORK_AND_SPECIALIZE, SERVER_FORK_AND_SPECIALIZE,
DO_REVERT_UNMOUNT, DO_REVERT_UNMOUNT,
SKIP_FD_SANITIZATION, SKIP_CLOSE_LOG_PIPE,
FLAG_MAX FLAG_MAX
}; };
@ -167,13 +167,13 @@ DCL_HOOK_FUNC(int, unshare, int flags) {
return res; return res;
} }
// Sanitize file descriptors to prevent crashing // Close file descriptors to prevent crashing
DCL_HOOK_FUNC(void, android_log_close) { DCL_HOOK_FUNC(void, android_log_close) {
if (g_ctx == nullptr) { if (g_ctx == nullptr || !g_ctx->flags[SKIP_CLOSE_LOG_PIPE]) {
// Happens during un-managed fork like nativeForkApp, nativeForkUsap // This may happen during un-managed forks like nativeForkApp and nativeForkUsap, or
// forks that does not allow exemption like nativeForkSystemServer and
// nativeForkAndSpecialize before Android O.
zygisk_close_logd(); zygisk_close_logd();
} else {
g_ctx->sanitize_fds();
} }
old_android_log_close(); old_android_log_close();
} }
@ -438,9 +438,6 @@ void HookContext::fork_post() {
} }
void HookContext::sanitize_fds() { void HookContext::sanitize_fds() {
if (flags[SKIP_FD_SANITIZATION])
return;
if (!is_child() || g_allowed_fds == nullptr) { if (!is_child() || g_allowed_fds == nullptr) {
zygisk_close_logd(); zygisk_close_logd();
return; return;
@ -468,7 +465,7 @@ void HookContext::sanitize_fds() {
} }
} }
*args.app->fds_to_ignore = array; *args.app->fds_to_ignore = array;
flags[SKIP_FD_SANITIZATION] = true; flags[SKIP_CLOSE_LOG_PIPE] = true;
return array; return array;
}; };
@ -490,8 +487,6 @@ void HookContext::sanitize_fds() {
} }
} else { } else {
zygisk_close_logd(); zygisk_close_logd();
// Switch to plain old android logging because we cannot talk
// to magiskd to fetch our log pipe afterwards anyways.
android_logging(); android_logging();
} }
@ -586,8 +581,6 @@ void HookContext::app_specialize_post() {
// Cleanups // Cleanups
env->ReleaseStringUTFChars(args.app->nice_name, process); env->ReleaseStringUTFChars(args.app->nice_name, process);
zygisk_close_logd();
android_logging();
} }
void HookContext::server_specialize_pre() { void HookContext::server_specialize_pre() {
@ -626,6 +619,9 @@ HookContext::~HookContext() {
if (!is_child()) if (!is_child())
return; return;
zygisk_close_logd();
android_logging();
should_unmap_zygisk = true; should_unmap_zygisk = true;
// Unhook JNI methods // Unhook JNI methods
@ -655,7 +651,7 @@ HookContext::~HookContext() {
} }
bool HookContext::exempt_fd(int fd) { bool HookContext::exempt_fd(int fd) {
if (flags[POST_SPECIALIZE] || flags[SKIP_FD_SANITIZATION]) if (flags[POST_SPECIALIZE] || flags[SKIP_CLOSE_LOG_PIPE])
return true; return true;
if (!can_exempt_fd()) if (!can_exempt_fd())
return false; return false;
@ -669,7 +665,7 @@ void HookContext::nativeSpecializeAppProcess_pre() {
process = env->GetStringUTFChars(args.app->nice_name, nullptr); process = env->GetStringUTFChars(args.app->nice_name, nullptr);
ZLOGV("pre specialize [%s]\n", process); ZLOGV("pre specialize [%s]\n", process);
// App specialize does not check FD // App specialize does not check FD
flags[SKIP_FD_SANITIZATION] = true; flags[SKIP_CLOSE_LOG_PIPE] = true;
app_specialize_pre(); app_specialize_pre();
} }
@ -686,6 +682,7 @@ void HookContext::nativeForkSystemServer_pre() {
if (is_child()) { if (is_child()) {
server_specialize_pre(); server_specialize_pre();
} }
sanitize_fds();
} }
void HookContext::nativeForkSystemServer_post() { void HookContext::nativeForkSystemServer_post() {
@ -705,6 +702,7 @@ void HookContext::nativeForkAndSpecialize_pre() {
if (is_child()) { if (is_child()) {
app_specialize_pre(); app_specialize_pre();
} }
sanitize_fds();
} }
void HookContext::nativeForkAndSpecialize_post() { void HookContext::nativeForkAndSpecialize_post() {