Merge remote-tracking branch 'john/master' into development

# Conflicts:
#	app/build.gradle
#	app/src/main/java/com/topjohnwu/magisk/model/receiver/GeneralReceiver.kt
#	app/src/main/java/com/topjohnwu/magisk/ui/hide/HideViewModel.kt
#	app/src/main/java/com/topjohnwu/magisk/ui/home/HomeViewModel.kt
This commit is contained in:
Viktor De Pasquale 2019-05-13 16:50:08 +02:00
commit 80855e89ec
22 changed files with 147 additions and 100 deletions

View File

@ -65,7 +65,7 @@ dependencies {
def vRoom = "2.1.0-alpha05" def vRoom = "2.1.0-alpha05"
implementation "androidx.room:room-rxjava2:${vRoom}" implementation "androidx.room:room-rxjava2:${vRoom}"
def markwonVersion = '3.0.0' def markwonVersion = '3.0.1'
implementation "ru.noties.markwon:core:${markwonVersion}" implementation "ru.noties.markwon:core:${markwonVersion}"
implementation "ru.noties.markwon:html:${markwonVersion}" implementation "ru.noties.markwon:html:${markwonVersion}"
implementation "ru.noties.markwon:image-svg:${markwonVersion}" implementation "ru.noties.markwon:image-svg:${markwonVersion}"
@ -97,13 +97,12 @@ dependencies {
implementation "com.chibatching.kotpref:kotpref:${vKotpref}" implementation "com.chibatching.kotpref:kotpref:${vKotpref}"
implementation 'androidx.constraintlayout:constraintlayout:1.1.3' implementation 'androidx.constraintlayout:constraintlayout:1.1.3'
implementation 'androidx.appcompat:appcompat:1.0.2'
implementation 'androidx.browser:browser:1.0.0' implementation 'androidx.browser:browser:1.0.0'
implementation 'androidx.preference:preference:1.0.0' implementation 'androidx.preference:preference:1.0.0'
implementation 'androidx.recyclerview:recyclerview:1.1.0-alpha04' implementation 'androidx.recyclerview:recyclerview:1.1.0-alpha05'
implementation 'androidx.cardview:cardview:1.0.0' implementation 'androidx.cardview:cardview:1.0.0'
implementation 'com.google.android.material:material:1.1.0-alpha05' implementation 'com.google.android.material:material:1.1.0-alpha06'
implementation 'androidx.work:work-runtime:2.0.1' implementation 'androidx.work:work-runtime:2.0.1'
implementation 'androidx.transition:transition:1.1.0-beta01' implementation 'androidx.transition:transition:1.2.0-alpha01'
implementation 'androidx.multidex:multidex:2.0.1' implementation 'androidx.multidex:multidex:2.0.1'
} }

View File

@ -16,12 +16,6 @@
# public *; # public *;
#} #}
# BouncyCastle
-keep,allowoptimization class org.bouncycastle.jcajce.provider.asymmetric.rsa.**SHA1** { *; }
-keep,allowoptimization class org.bouncycastle.jcajce.provider.asymmetric.RSA** { *; }
-keep,allowoptimization class org.bouncycastle.jcajce.provider.digest.SHA1** { *; }
-dontwarn javax.naming.**
# Snet # Snet
-keepclassmembers class com.topjohnwu.magisk.utils.ISafetyNetHelper { *; } -keepclassmembers class com.topjohnwu.magisk.utils.ISafetyNetHelper { *; }
-keep,allowobfuscation interface com.topjohnwu.magisk.utils.ISafetyNetHelper$Callback -keep,allowobfuscation interface com.topjohnwu.magisk.utils.ISafetyNetHelper$Callback
@ -40,12 +34,6 @@
# BootSigner # BootSigner
-keepclassmembers class com.topjohnwu.signing.BootSigner { *; } -keepclassmembers class com.topjohnwu.signing.BootSigner { *; }
# SVG
-dontwarn com.caverock.androidsvg.SVGAndroidRenderer
# RetroStreams
-dontwarn java9.**
# Strip logging # Strip logging
-assumenosideeffects class com.topjohnwu.magisk.utils.Logger { -assumenosideeffects class com.topjohnwu.magisk.utils.Logger {
public *** debug(...); public *** debug(...);

View File

@ -10,8 +10,10 @@ import com.topjohnwu.magisk.data.database.base.su
import com.topjohnwu.magisk.data.repository.AppRepository import com.topjohnwu.magisk.data.repository.AppRepository
import com.topjohnwu.magisk.ui.surequest.SuRequestActivity import com.topjohnwu.magisk.ui.surequest.SuRequestActivity
import com.topjohnwu.magisk.utils.DownloadApp import com.topjohnwu.magisk.utils.DownloadApp
import com.topjohnwu.magisk.utils.RootUtils
import com.topjohnwu.magisk.utils.SuLogger import com.topjohnwu.magisk.utils.SuLogger
import com.topjohnwu.magisk.utils.inject import com.topjohnwu.magisk.utils.inject
import com.topjohnwu.magisk.utils.get
import com.topjohnwu.magisk.view.Notifications import com.topjohnwu.magisk.view.Notifications
import com.topjohnwu.magisk.view.Shortcuts import com.topjohnwu.magisk.view.Shortcuts
import com.topjohnwu.superuser.Shell import com.topjohnwu.superuser.Shell
@ -20,8 +22,15 @@ open class GeneralReceiver : BroadcastReceiver() {
private val appRepo: AppRepository by inject() private val appRepo: AppRepository by inject()
private fun getPkg(i: Intent): String { companion object {
return if (i.data == null) "" else i.data!!.encodedSchemeSpecificPart const val REQUEST = "request"
const val LOG = "log"
const val NOTIFY = "notify"
const val TEST = "test"
}
private fun getPkg(intent: Intent): String {
return intent.data?.encodedSchemeSpecificPart ?: ""
} }
override fun onReceive(context: Context, intent: Intent?) { override fun onReceive(context: Context, intent: Intent?) {
@ -40,7 +49,7 @@ open class GeneralReceiver : BroadcastReceiver() {
return return
} }
when (action) { when (action) {
SuRequestActivity.REQUEST -> { REQUEST -> {
val i = Intent(context, ClassMap[SuRequestActivity::class.java]) val i = Intent(context, ClassMap[SuRequestActivity::class.java])
.setAction(action) .setAction(action)
.putExtra("socket", intent.getStringExtra("socket")) .putExtra("socket", intent.getStringExtra("socket"))
@ -48,8 +57,9 @@ open class GeneralReceiver : BroadcastReceiver() {
.addFlags(Intent.FLAG_ACTIVITY_MULTIPLE_TASK) .addFlags(Intent.FLAG_ACTIVITY_MULTIPLE_TASK)
context.startActivity(i) context.startActivity(i)
} }
SuRequestActivity.LOG -> SuLogger.handleLogs(intent) LOG -> SuLogger.handleLogs(intent)
SuRequestActivity.NOTIFY -> SuLogger.handleNotify(intent) NOTIFY -> SuLogger.handleNotify(intent)
TEST -> Shell.su("magisk --use-broadcast").submit()
} }
} }
Intent.ACTION_PACKAGE_REPLACED -> Intent.ACTION_PACKAGE_REPLACED ->
@ -67,7 +77,7 @@ open class GeneralReceiver : BroadcastReceiver() {
Config.managerLink = intent.getStringExtra(Const.Key.INTENT_SET_LINK) Config.managerLink = intent.getStringExtra(Const.Key.INTENT_SET_LINK)
DownloadApp.upgrade(intent.getStringExtra(Const.Key.INTENT_SET_NAME)) DownloadApp.upgrade(intent.getStringExtra(Const.Key.INTENT_SET_NAME))
} }
Const.Key.BROADCAST_REBOOT -> Shell.su("/system/bin/reboot").submit() Const.Key.BROADCAST_REBOOT -> RootUtils.reboot()
} }
} }
} }

View File

@ -69,7 +69,7 @@ class HomeViewModel(
"" ""
} }
val safetyNetTitle = KObservableField(R.string.safetyNet_check_text.res()) val safetyNetTitle = KObservableField(R.string.safetyNet_check_text)
val ctsState = KObservableField(SafetyNetState.IDLE) val ctsState = KObservableField(SafetyNetState.IDLE)
val basicIntegrityState = KObservableField(SafetyNetState.IDLE) val basicIntegrityState = KObservableField(SafetyNetState.IDLE)
val safetyNetState = Observer(ctsState, basicIntegrityState) { val safetyNetState = Observer(ctsState, basicIntegrityState) {
@ -121,7 +121,7 @@ class HomeViewModel(
fun safetyNetPressed() { fun safetyNetPressed() {
ctsState.value = SafetyNetState.LOADING ctsState.value = SafetyNetState.LOADING
basicIntegrityState.value = SafetyNetState.LOADING basicIntegrityState.value = SafetyNetState.LOADING
safetyNetTitle.value = R.string.checking_safetyNet_status.res() safetyNetTitle.value = R.string.checking_safetyNet_status
UpdateSafetyNetEvent().publish() UpdateSafetyNetEvent().publish()
} }
@ -130,7 +130,7 @@ class HomeViewModel(
response and 0x0F == 0 -> { response and 0x0F == 0 -> {
val hasCtsPassed = response and ISafetyNetHelper.CTS_PASS != 0 val hasCtsPassed = response and ISafetyNetHelper.CTS_PASS != 0
val hasBasicIntegrityPassed = response and ISafetyNetHelper.BASIC_PASS != 0 val hasBasicIntegrityPassed = response and ISafetyNetHelper.BASIC_PASS != 0
safetyNetTitle.value = R.string.safetyNet_check_success.res() safetyNetTitle.value = R.string.safetyNet_check_success
ctsState.value = if (hasCtsPassed) { ctsState.value = if (hasCtsPassed) {
SafetyNetState.PASS SafetyNetState.PASS
} else { } else {
@ -152,7 +152,7 @@ class HomeViewModel(
safetyNetTitle.value = when (response) { safetyNetTitle.value = when (response) {
ISafetyNetHelper.RESPONSE_ERR -> R.string.safetyNet_res_invalid ISafetyNetHelper.RESPONSE_ERR -> R.string.safetyNet_res_invalid
else -> R.string.safetyNet_api_error else -> R.string.safetyNet_api_error
}.res() }
} }
} }
@ -162,6 +162,9 @@ class HomeViewModel(
.doOnSubscribeUi { .doOnSubscribeUi {
magiskState.value = MagiskState.LOADING magiskState.value = MagiskState.LOADING
managerState.value = MagiskState.LOADING managerState.value = MagiskState.LOADING
ctsState.value = SafetyNetState.IDLE
basicIntegrityState.value = SafetyNetState.IDLE
safetyNetTitle.value = R.string.safetyNet_check_text
} }
.subscribeK { .subscribeK {
it.app.let { it.app.let {

View File

@ -10,6 +10,7 @@ import com.topjohnwu.magisk.R
import com.topjohnwu.magisk.databinding.ActivityRequestBinding import com.topjohnwu.magisk.databinding.ActivityRequestBinding
import com.topjohnwu.magisk.model.entity.Policy import com.topjohnwu.magisk.model.entity.Policy
import com.topjohnwu.magisk.model.events.DieEvent import com.topjohnwu.magisk.model.events.DieEvent
import com.topjohnwu.magisk.model.receiver.GeneralReceiver
import com.topjohnwu.magisk.ui.base.MagiskActivity import com.topjohnwu.magisk.ui.base.MagiskActivity
import com.topjohnwu.magisk.utils.SuLogger import com.topjohnwu.magisk.utils.SuLogger
import org.koin.androidx.viewmodel.ext.android.viewModel import org.koin.androidx.viewmodel.ext.android.viewModel
@ -31,15 +32,15 @@ open class SuRequestActivity : MagiskActivity<SuRequestViewModel, ActivityReques
val intent = intent val intent = intent
val action = intent.action val action = intent.action
if (TextUtils.equals(action, REQUEST)) { if (TextUtils.equals(action, GeneralReceiver.REQUEST)) {
if (!viewModel.handleRequest(intent) {}) if (!viewModel.handleRequest(intent) {})
finish() finish()
return return
} }
if (TextUtils.equals(action, LOG)) if (TextUtils.equals(action, GeneralReceiver.LOG))
SuLogger.handleLogs(intent) SuLogger.handleLogs(intent)
else if (TextUtils.equals(action, NOTIFY)) else if (TextUtils.equals(action, GeneralReceiver.NOTIFY))
SuLogger.handleNotify(intent) SuLogger.handleNotify(intent)
finish() finish()
@ -58,10 +59,4 @@ open class SuRequestActivity : MagiskActivity<SuRequestViewModel, ActivityReques
else else
ActivityInfo.SCREEN_ORIENTATION_LOCKED ActivityInfo.SCREEN_ORIENTATION_LOCKED
} }
companion object {
const val REQUEST = "request"
const val LOG = "log"
const val NOTIFY = "notify"
}
} }

View File

@ -15,6 +15,8 @@
<import type="com.topjohnwu.magisk.R" /> <import type="com.topjohnwu.magisk.R" />
<import type="com.topjohnwu.magisk.utils.XStringKt" />
<variable <variable
name="viewModel" name="viewModel"
type="com.topjohnwu.magisk.ui.home.HomeViewModel" /> type="com.topjohnwu.magisk.ui.home.HomeViewModel" />
@ -225,7 +227,7 @@
android:layout_marginRight="@dimen/margin_generic" android:layout_marginRight="@dimen/margin_generic"
android:gravity="center" android:gravity="center"
android:maxLines="1" android:maxLines="1"
android:text="@{viewModel.safetyNetTitle}" android:text="@{XStringKt.res(viewModel.safetyNetTitle)}"
android:textStyle="bold" android:textStyle="bold"
app:autoSizeMaxTextSize="14sp" app:autoSizeMaxTextSize="14sp"
app:autoSizeTextType="uniform" app:autoSizeTextType="uniform"

View File

@ -1,9 +1,12 @@
mount_partitions() { mount_partitions() {
[ "`getprop ro.build.ab_update`" = "true" ] && SLOT=`getprop ro.boot.slot_suffix` || SLOT= [ "`getprop ro.build.ab_update`" = "true" ] && SLOT=`getprop ro.boot.slot_suffix`
[ "`getprop ro.build.system_root_image`" = "true" ] && SYSTEM_ROOT=true || SYSTEM_ROOT=false [ "`getprop ro.build.system_root_image`" = "true" ] && SYSTEM_ROOT=true || SYSTEM_ROOT=false
} }
get_flags() { get_flags() {
$SYSTEM_ROOT && KEEPVERITY=true || KEEPVERITY=false $SYSTEM_ROOT && KEEPVERITY=true || KEEPVERITY=false
[ "`getprop ro.crypto.state`" = "encrypted" ] && KEEPFORCEENCRYPT=true || KEEPFORCEENCRYPT=false [ "`getprop ro.crypto.state`" = "encrypted" ] && KEEPFORCEENCRYPT=true || KEEPFORCEENCRYPT=false
RECOVERYMODE=false
} }
run_migrations() { return; }

View File

@ -732,4 +732,7 @@ void boot_complete(int client) {
install_apk("/data/magisk.apk"); install_apk("/data/magisk.apk");
} }
} }
// Test whether broadcast can be used or not
broadcast_test();
} }

View File

@ -54,6 +54,7 @@ static void *request_handler(void *args) {
case LATE_START: case LATE_START:
case BOOT_COMPLETE: case BOOT_COMPLETE:
case SQLITE_CMD: case SQLITE_CMD:
case BROADCAST_ACK:
if (credential.uid != 0) { if (credential.uid != 0) {
write_int(client, ROOT_REQUIRED); write_int(client, ROOT_REQUIRED);
close(client); close(client);
@ -90,6 +91,10 @@ static void *request_handler(void *args) {
case SQLITE_CMD: case SQLITE_CMD:
exec_sql(client); exec_sql(client);
break; break;
case BROADCAST_ACK:
LOGD("* Use broadcasts for su logging and notify\n");
CONNECT_BROADCAST = true;
close(client);
default: default:
close(client); close(client);
break; break;

View File

@ -233,7 +233,7 @@ int get_db_strings(db_strings &str, int key) {
return 0; return 0;
} }
int get_uid_policy(int uid, su_access &su) { int get_uid_policy(su_access &su, int uid) {
char query[256], *err; char query[256], *err;
sprintf(query, "SELECT policy, logging, notification FROM policies " sprintf(query, "SELECT policy, logging, notification FROM policies "
"WHERE uid=%d AND (until=0 OR until>%li)", uid, time(nullptr)); "WHERE uid=%d AND (until=0 OR until>%li)", uid, time(nullptr));

View File

@ -12,6 +12,8 @@
#include <db.h> #include <db.h>
#include <flags.h> #include <flags.h>
using namespace std::literals;
[[noreturn]] static void usage() { [[noreturn]] static void usage() {
fprintf(stderr, fprintf(stderr,
FULL_VER(Magisk) " multi-call binary\n" FULL_VER(Magisk) " multi-call binary\n"
@ -33,6 +35,7 @@
" --clone-attr SRC DEST clone permission, owner, and selinux context\n" " --clone-attr SRC DEST clone permission, owner, and selinux context\n"
" --clone SRC DEST clone SRC to DEST\n" " --clone SRC DEST clone SRC to DEST\n"
" --sqlite SQL exec SQL to Magisk database\n" " --sqlite SQL exec SQL to Magisk database\n"
" --use-broadcast use broadcast for su logging and notify\n"
"\n" "\n"
"Supported init triggers:\n" "Supported init triggers:\n"
" post-fs-data, service, boot-complete\n" " post-fs-data, service, boot-complete\n"
@ -48,66 +51,70 @@
int magisk_main(int argc, char *argv[]) { int magisk_main(int argc, char *argv[]) {
if (argc < 2) if (argc < 2)
usage(); usage();
if (strcmp(argv[1], "-c") == 0) { if (argv[1] == "-c"sv) {
printf(MAGISK_VERSION ":MAGISK (" str(MAGISK_VER_CODE) ")\n"); printf(MAGISK_VERSION ":MAGISK (" str(MAGISK_VER_CODE) ")\n");
return 0; return 0;
} else if (strcmp(argv[1], "-v") == 0) { } else if (argv[1] == "-v"sv) {
int fd = connect_daemon(); int fd = connect_daemon();
write_int(fd, CHECK_VERSION); write_int(fd, CHECK_VERSION);
char *v = read_string(fd); char *v = read_string(fd);
printf("%s\n", v); printf("%s\n", v);
free(v); free(v);
return 0; return 0;
} else if (strcmp(argv[1], "-V") == 0) { } else if (argv[1] == "-V"sv) {
int fd = connect_daemon(); int fd = connect_daemon();
write_int(fd, CHECK_VERSION_CODE); write_int(fd, CHECK_VERSION_CODE);
printf("%d\n", read_int(fd)); printf("%d\n", read_int(fd));
return 0; return 0;
} else if (strcmp(argv[1], "--list") == 0) { } else if (argv[1] == "--list"sv) {
for (int i = 0; applet_names[i]; ++i) for (int i = 0; applet_names[i]; ++i)
printf("%s\n", applet_names[i]); printf("%s\n", applet_names[i]);
return 0; return 0;
} else if (strcmp(argv[1], "--unlock-blocks") == 0) { } else if (argv[1] == "--unlock-blocks"sv) {
unlock_blocks(); unlock_blocks();
return 0; return 0;
} else if (strcmp(argv[1], "--restorecon") == 0) { } else if (argv[1] == "--restorecon"sv) {
restore_rootcon(); restore_rootcon();
restorecon(); restorecon();
return 0; return 0;
} else if (strcmp(argv[1], "--clone-attr") == 0) { } else if (argv[1] == "--clone-attr"sv) {
if (argc < 4) usage(); if (argc < 4) usage();
clone_attr(argv[2], argv[3]); clone_attr(argv[2], argv[3]);
return 0; return 0;
} else if (strcmp(argv[1], "--clone") == 0) { } else if (argv[1] == "--clone"sv) {
if (argc < 4) usage(); if (argc < 4) usage();
cp_afc(argv[2], argv[3]); cp_afc(argv[2], argv[3]);
return 0; return 0;
} else if (strcmp(argv[1], "--daemon") == 0) { } else if (argv[1] == "--daemon"sv) {
int fd = connect_daemon(true); int fd = connect_daemon(true);
write_int(fd, DO_NOTHING); write_int(fd, DO_NOTHING);
return 0; return 0;
} else if (strcmp(argv[1], "--post-fs-data") == 0) { } else if (argv[1] == "--post-fs-data"sv) {
int fd = connect_daemon(true); int fd = connect_daemon(true);
write_int(fd, POST_FS_DATA); write_int(fd, POST_FS_DATA);
return read_int(fd); return read_int(fd);
} else if (strcmp(argv[1], "--service") == 0) { } else if (argv[1] == "--service"sv) {
int fd = connect_daemon(true); int fd = connect_daemon(true);
write_int(fd, LATE_START); write_int(fd, LATE_START);
return read_int(fd); return read_int(fd);
} else if (strcmp(argv[1], "--boot-complete") == 0) { } else if (argv[1] == "--boot-complete"sv) {
int fd = connect_daemon(true); int fd = connect_daemon(true);
write_int(fd, BOOT_COMPLETE); write_int(fd, BOOT_COMPLETE);
return read_int(fd); return read_int(fd);
} else if (strcmp(argv[1], "--sqlite") == 0) { } else if (argv[1] == "--sqlite"sv) {
int fd = connect_daemon(); int fd = connect_daemon();
write_int(fd, SQLITE_CMD); write_int(fd, SQLITE_CMD);
write_string(fd, argv[2]); write_string(fd, argv[2]);
send_fd(fd, STDOUT_FILENO); send_fd(fd, STDOUT_FILENO);
return read_int(fd); return read_int(fd);
} else if (argv[1] == "--use-broadcast"sv) {
int fd = connect_daemon();
write_int(fd, BROADCAST_ACK);
return 0;
} }
#if 0 #if 0
/* Entry point for testing stuffs */ /* Entry point for testing stuffs */
else if (strcmp(argv[1], "--test") == 0) { else if (argv[1] == "--test"sv) {
return 0; return 0;
} }
#endif #endif

View File

@ -17,7 +17,7 @@ enum {
BOOT_COMPLETE, BOOT_COMPLETE,
MAGISKHIDE, MAGISKHIDE,
SQLITE_CMD, SQLITE_CMD,
ZYGOTE_NOTIFY, BROADCAST_ACK,
}; };
// Return codes for daemon // Return codes for daemon
@ -82,6 +82,8 @@ void magiskhide_handler(int client);
*************/ *************/
void su_daemon_handler(int client, struct ucred *credential); void su_daemon_handler(int client, struct ucred *credential);
void broadcast_test();
extern int SDK_INT; extern int SDK_INT;
extern bool RECOVERY_MODE; extern bool RECOVERY_MODE;
extern bool CONNECT_BROADCAST;

View File

@ -154,7 +154,7 @@ typedef std::function<bool(db_row&)> db_row_cb;
int get_db_settings(db_settings &cfg, int key = -1); int get_db_settings(db_settings &cfg, int key = -1);
int get_db_strings(db_strings &str, int key = -1); int get_db_strings(db_strings &str, int key = -1);
int get_uid_policy(int uid, su_access &su); int get_uid_policy(su_access &su, int uid);
int validate_manager(std::string &alt_pkg, int userid, struct stat *st); int validate_manager(std::string &alt_pkg, int userid, struct stat *st);
void exec_sql(int client); void exec_sql(int client);
char *db_exec(const char *sql); char *db_exec(const char *sql);

View File

@ -11,12 +11,21 @@
#include "su.h" #include "su.h"
bool CONNECT_BROADCAST;
#define START_ACTIVITY \ #define START_ACTIVITY \
"/system/bin/app_process", "/system/bin", "com.android.commands.am.Am", \ "/system/bin/app_process", "/system/bin", "com.android.commands.am.Am", \
"start", "-n", nullptr, "--user", nullptr, "-f", "0x18000020", "-a" "start", "-n", nullptr, "--user", nullptr, "-f", "0x18000020", "-a"
// 0x18000020 = FLAG_ACTIVITY_NEW_TASK|FLAG_ACTIVITY_MULTIPLE_TASK|FLAG_INCLUDE_STOPPED_PACKAGES // 0x18000020 = FLAG_ACTIVITY_NEW_TASK|FLAG_ACTIVITY_MULTIPLE_TASK|FLAG_INCLUDE_STOPPED_PACKAGES
#define START_BROADCAST \
"/system/bin/app_process", "/system/bin", "com.android.commands.am.Am", \
"broadcast", "-n", nullptr, "--user", nullptr, "-f", "0x00000020", \
"-a", "android.intent.action.REBOOT", "--es", "action"
// 0x00000020 = FLAG_INCLUDE_STOPPED_PACKAGES
static inline const char *get_command(const su_request *to) { static inline const char *get_command(const su_request *to) {
if (to->command[0]) if (to->command[0])
return to->command; return to->command;
@ -39,9 +48,9 @@ static inline void get_uid(char *uid, su_info *info) {
: info->uid); : info->uid);
} }
static void silent_run(const char **args, su_info *info) { static void exec_am_cmd(const char **args, su_info *info) {
char component[128]; char component[128];
sprintf(component, "%s/a.m", info->str[SU_MANAGER].data()); sprintf(component, "%s/%s", info->str[SU_MANAGER].data(), args[3][0] == 'b' ? "a.h" : "a.m");
char user[8]; char user[8];
get_user(user, info); get_user(user, info);
@ -62,6 +71,16 @@ static void silent_run(const char **args, su_info *info) {
exec_command(exec); exec_command(exec);
} }
#define LOG_BODY \
"log", \
"--ei", "from.uid", fromUid, \
"--ei", "to.uid", toUid, \
"--ei", "pid", pid, \
"--ei", "policy", policy, \
"--es", "command", get_command(&ctx->req), \
"--ez", "notify", ctx->info->access.notify ? "true" : "false", \
nullptr
void app_log(su_context *ctx) { void app_log(su_context *ctx) {
char fromUid[8]; char fromUid[8];
get_uid(fromUid, ctx->info); get_uid(fromUid, ctx->info);
@ -75,19 +94,21 @@ void app_log(su_context *ctx) {
char policy[2]; char policy[2];
sprintf(policy, "%d", ctx->info->access.policy); sprintf(policy, "%d", ctx->info->access.policy);
const char *cmd[] = { if (CONNECT_BROADCAST) {
START_ACTIVITY, "log", const char *cmd[] = { START_BROADCAST, LOG_BODY };
"--ei", "from.uid", fromUid, exec_am_cmd(cmd, ctx->info);
"--ei", "to.uid", toUid, } else {
"--ei", "pid", pid, const char *cmd[] = { START_ACTIVITY, LOG_BODY };
"--ei", "policy", policy, exec_am_cmd(cmd, ctx->info);
"--es", "command", get_command(&ctx->req), }
"--ez", "notify", ctx->info->access.notify ? "true" : "false",
nullptr
};
silent_run(cmd, ctx->info);
} }
#define NOTIFY_BODY \
"notify", \
"--ei", "from.uid", fromUid, \
"--ei", "policy", policy, \
nullptr
void app_notify(su_context *ctx) { void app_notify(su_context *ctx) {
char fromUid[8]; char fromUid[8];
get_uid(fromUid, ctx->info); get_uid(fromUid, ctx->info);
@ -95,13 +116,14 @@ void app_notify(su_context *ctx) {
char policy[2]; char policy[2];
sprintf(policy, "%d", ctx->info->access.policy); sprintf(policy, "%d", ctx->info->access.policy);
const char *cmd[] = { if (CONNECT_BROADCAST) {
START_ACTIVITY, "notify", const char *cmd[] = { START_BROADCAST, NOTIFY_BODY };
"--ei", "from.uid", fromUid, exec_am_cmd(cmd, ctx->info);
"--ei", "policy", policy, } else {
nullptr const char *cmd[] = { START_ACTIVITY, NOTIFY_BODY };
}; exec_am_cmd(cmd, ctx->info);
silent_run(cmd, ctx->info); }
} }
void app_connect(const char *socket, su_info *info) { void app_connect(const char *socket, su_info *info) {
@ -110,7 +132,17 @@ void app_connect(const char *socket, su_info *info) {
"--es", "socket", socket, "--es", "socket", socket,
nullptr nullptr
}; };
silent_run(cmd, info); exec_am_cmd(cmd, info);
}
void broadcast_test() {
su_info info;
get_db_settings(info.cfg);
get_db_strings(info.str);
validate_manager(info.str[SU_MANAGER], 0, &info.mgr_st);
const char *cmd[] = { START_BROADCAST, "test", nullptr };
exec_am_cmd(cmd, &info);
} }
void socket_send_request(int fd, su_info *info) { void socket_send_request(int fd, su_info *info) {

View File

@ -32,7 +32,7 @@ public:
int ref; int ref;
time_t timestamp; time_t timestamp;
su_info(unsigned uid); su_info(unsigned uid = 0);
~su_info(); ~su_info();
void lock(); void lock();
void unlock(); void unlock();

View File

@ -83,7 +83,7 @@ static void database_check(su_info *info) {
} }
if (uid > 0) if (uid > 0)
get_uid_policy(uid, info->access); get_uid_policy(info->access, uid);
// We need to check our manager // We need to check our manager
if (info->access.log || info->access.notify) if (info->access.log || info->access.notify)

View File

@ -44,7 +44,7 @@ public class Networking {
gms.getClassLoader() gms.getClassLoader()
.loadClass("com.google.android.gms.common.security.ProviderInstallerImpl") .loadClass("com.google.android.gms.common.security.ProviderInstallerImpl")
.getMethod("insertProvider", Context.class) .getMethod("insertProvider", Context.class)
.invoke(null, context); .invoke(null, gms);
} catch (Exception e) { } catch (Exception e) {
// Failed to update SSL provider, use NoSSLv3SocketFactory on SDK < 21 // Failed to update SSL provider, use NoSSLv3SocketFactory on SDK < 21
if (Build.VERSION.SDK_INT < 21) if (Build.VERSION.SDK_INT < 21)

View File

@ -33,6 +33,8 @@ repositories {
dependencies { dependencies {
implementation fileTree(include: ['*.jar'], dir: 'libs') implementation fileTree(include: ['*.jar'], dir: 'libs')
implementation 'org.bouncycastle:bcprov-jdk15on:1.60'
implementation 'org.bouncycastle:bcpkix-jdk15on:1.60' def bcVer = '1.61'
api "org.bouncycastle:bcprov-jdk15on:${bcVer}"
api "org.bouncycastle:bcpkix-jdk15on:${bcVer}"
} }

View File

@ -23,7 +23,7 @@ import java.util.zip.ZipFile;
* On the other hand, when a JarFile is provided, it simply works as a wrapper. * On the other hand, when a JarFile is provided, it simply works as a wrapper.
* */ * */
public class JarMap implements Closeable, AutoCloseable { public class JarMap implements Closeable {
private JarFile jarFile; private JarFile jarFile;
private JarInputStream jis; private JarInputStream jis;
@ -119,7 +119,10 @@ public class JarMap implements Closeable, AutoCloseable {
@Override @Override
public void close() throws IOException { public void close() throws IOException {
(jarFile == null ? jis : jarFile).close(); if (jarFile != null)
jarFile.close();
else
jis.close();
} }
private static class JarMapEntry extends JarEntry { private static class JarMapEntry extends JarEntry {

View File

@ -11,7 +11,6 @@ import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator; import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData; import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder; import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner; import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException; import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
@ -60,16 +59,11 @@ public class SignAPK {
private static final String CERT_SF_NAME = "META-INF/CERT.SF"; private static final String CERT_SF_NAME = "META-INF/CERT.SF";
private static final String CERT_SIG_NAME = "META-INF/CERT.%s"; private static final String CERT_SIG_NAME = "META-INF/CERT.%s";
private static Provider sBouncyCastleProvider; private static Provider sBouncyCastleProvider = Security.getProvider("BC");
// bitmasks for which hash algorithms we need the manifest to include. // bitmasks for which hash algorithms we need the manifest to include.
private static final int USE_SHA1 = 1; private static final int USE_SHA1 = 1;
private static final int USE_SHA256 = 2; private static final int USE_SHA256 = 2;
static {
sBouncyCastleProvider = new BouncyCastleProvider();
Security.insertProviderAt(sBouncyCastleProvider, 1);
}
public static void sign(JarMap input, OutputStream output) throws Exception { public static void sign(JarMap input, OutputStream output) throws Exception {
sign(SignAPK.class.getResourceAsStream("/keys/testkey.x509.pem"), sign(SignAPK.class.getResourceAsStream("/keys/testkey.x509.pem"),
SignAPK.class.getResourceAsStream("/keys/testkey.pk8"), input, output); SignAPK.class.getResourceAsStream("/keys/testkey.pk8"), input, output);

View File

@ -12,7 +12,6 @@ import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERPrintableString; import org.bouncycastle.asn1.DERPrintableString;
import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.FilterInputStream; import java.io.FilterInputStream;
@ -23,7 +22,6 @@ import java.nio.ByteBuffer;
import java.nio.ByteOrder; import java.nio.ByteOrder;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.PublicKey; import java.security.PublicKey;
import java.security.Security;
import java.security.Signature; import java.security.Signature;
import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory;
@ -32,10 +30,6 @@ import java.util.Arrays;
public class SignBoot { public class SignBoot {
static {
Security.addProvider(new BouncyCastleProvider());
}
private static class PushBackRWStream extends FilterInputStream { private static class PushBackRWStream extends FilterInputStream {
private OutputStream out; private OutputStream out;
private int pos = 0; private int pos = 0;

View File

@ -1,9 +1,12 @@
package com.topjohnwu.signing; package com.topjohnwu.signing;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.FileOutputStream; import java.io.FileOutputStream;
import java.io.InputStream; import java.io.InputStream;
import java.io.OutputStream; import java.io.OutputStream;
import java.security.Security;
public class ZipSigner { public class ZipSigner {
@ -22,6 +25,8 @@ public class ZipSigner {
if (args.length != 2 && args.length != 4 && args.length != 6) if (args.length != 2 && args.length != 4 && args.length != 6)
usage(); usage();
Security.insertProviderAt(new BouncyCastleProvider(), 1);
try (JarMap in = new JarMap(args[args.length - 2], false); try (JarMap in = new JarMap(args[args.length - 2], false);
OutputStream out = new FileOutputStream(args[args.length - 1])) { OutputStream out = new FileOutputStream(args[args.length - 1])) {
if (args.length == 2) { if (args.length == 2) {