TheArchive/Magisk
1
0
Fork 0
mirror of https://github.com/topjohnwu/Magisk.git synced 2024-12-22 07:57:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Hook up denylist IPC routines

Browse Source
This commit is contained in:
topjohnwu 2021-08-19 04:55:17 -07:00
parent ffe47300a1
commit decdd54c19
5 changed files with 69 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
native/jni/magiskhide/hide_policy.cpp
View File

@ -14,11 +14,10 @@ static void lazy_unmount(const char* mountpoint) {
LOGD("hide: Unmounted (%s)\n", mountpoint); LOGD("hide: Unmounted (%s)\n", mountpoint);
} }
void hide_daemon(int pid) { void hide_daemon(int pid, int client) {
if (fork_dont_care() == 0) { if (fork_dont_care() == 0) {
hide_unmount(pid); hide_unmount(pid);
// Send resume signal write_int(client, 0);
kill(pid, SIGCONT);
_exit(0); _exit(0);
} }
} }
@ -29,7 +28,7 @@ void hide_unmount(int pid) {
if (pid > 0 && switch_mnt_ns(pid)) if (pid > 0 && switch_mnt_ns(pid))
return; return;
LOGD("hide: handling PID=[%d]\n", pid); LOGD("hide: handling PID=[%d]\n", pid > 0 ? pid : getpid());
vector<string> targets; vector<string> targets;

2
native/jni/magiskhide/magiskhide.hpp
View File

@ -21,7 +21,7 @@ bool hide_enabled();
bool is_hide_target(int uid, std::string_view process); bool is_hide_target(int uid, std::string_view process);
// Hide policies // Hide policies
void hide_daemon(int pid); void hide_daemon(int pid, int client);
void hide_unmount(int pid = -1); void hide_unmount(int pid = -1);
enum { enum {

57
native/jni/zygisk/entry.cpp
View File

@ -9,6 +9,7 @@
#include <magisk.hpp> #include <magisk.hpp>
#include "inject.hpp" #include "inject.hpp"
#include "../magiskhide/magiskhide.hpp"
using namespace std; using namespace std;
@ -124,6 +125,8 @@ static void inject_init() {
} }
} }
// Start code for magiskd IPC
int app_process_main(int argc, char *argv[]) { int app_process_main(int argc, char *argv[]) {
android_logging(); android_logging();
@ -154,6 +157,34 @@ int app_process_main(int argc, char *argv[]) {
return 1; return 1;
} }
bool remote_check_denylist(int uid, const char *process) {
if (int fd = connect_daemon(); fd >= 0) {
write_int(fd, ZYGISK_REQUEST);
write_int(fd, ZYGISK_CHECK_DENYLIST);
int ret = -1;
if (read_int(fd) == 0) {
write_int(fd, uid);
write_string(fd, process);
ret = read_int(fd);
}
close(fd);
return ret >= 0 && ret;
}
return false;
}
int remote_request_unmount() {
if (int fd = connect_daemon(); fd >= 0) {
write_int(fd, ZYGISK_REQUEST);
write_int(fd, ZYGISK_UNMOUNT);
int ret = read_int(fd);
close(fd);
return ret;
}
return DAEMON_ERROR;
}
// The following code runs in magiskd // The following code runs in magiskd
static void setup_files(int client, ucred *cred) { static void setup_files(int client, ucred *cred) {
@ -175,12 +206,38 @@ static void setup_files(int client, ucred *cred) {
write_string(client, path); write_string(client, path);
} }
static void check_denylist(int client) {
if (!hide_enabled()) {
write_int(client, HIDE_NOT_ENABLED);
return;
}
write_int(client, 0);
int uid = read_int(client);
string process = read_string(client);
write_int(client, is_hide_target(uid, process));
}
static void do_unmount(int client, ucred *cred) {
LOGD("zygisk: cleanup mount namespace for pid=[%d]\n", cred->pid);
if (hide_enabled()) {
hide_daemon(cred->pid, client);
} else {
write_int(client, HIDE_NOT_ENABLED);
}
}
void zygisk_handler(int client, ucred *cred) { void zygisk_handler(int client, ucred *cred) {
int code = read_int(client); int code = read_int(client);
switch (code) { switch (code) {
case ZYGISK_SETUP: case ZYGISK_SETUP:
setup_files(client, cred); setup_files(client, cred);
break; break;
case ZYGISK_CHECK_DENYLIST:
check_denylist(client);
break;
case ZYGISK_UNMOUNT:
do_unmount(client, cred);
break;
} }
close(client); close(client);
} }

13
native/jni/zygisk/hook.cpp
View File

@ -129,12 +129,6 @@ string get_class_name(JNIEnv *env, jclass clazz) {
// ----------------------------------------------------------------- // -----------------------------------------------------------------
// TODO
int remote_check_denylist(int uid, const char *process) { return 0; }
void remote_request_unmount() {}
// -----------------------------------------------------------------
#define DCL_HOOK_FUNC(ret, func, ...) \ #define DCL_HOOK_FUNC(ret, func, ...) \
ret (*old_##func)(__VA_ARGS__); \ ret (*old_##func)(__VA_ARGS__); \
ret new_##func(__VA_ARGS__) ret new_##func(__VA_ARGS__)
@ -161,10 +155,11 @@ DCL_HOOK_FUNC(int, fork) {
DCL_HOOK_FUNC(int, selinux_android_setcontext, DCL_HOOK_FUNC(int, selinux_android_setcontext,
uid_t uid, int isSystemServer, const char *seinfo, const char *pkgname) { uid_t uid, int isSystemServer, const char *seinfo, const char *pkgname) {
if (g_ctx && g_ctx->flags[DENY_FLAG]) { if (g_ctx && g_ctx->flags[DENY_FLAG]) {
// Ask magiskd to cleanup the mount namespace before switching context // Ask magiskd to cleanup our mount namespace before switching context
// This is the latest point where we can still connect to the magiskd main socket // This is the latest point where we can still connect to the magiskd main socket
remote_request_unmount(); if (remote_request_unmount() == 0) {
LOGD("zygisk: process successfully hidden\n"); LOGD("zygisk: mount namespace cleaned up\n");
}
} }
return old_selinux_android_setcontext(uid, isSystemServer, seinfo, pkgname); return old_selinux_android_setcontext(uid, isSystemServer, seinfo, pkgname);
} }

4
native/jni/zygisk/inject.hpp
View File

@ -8,6 +8,8 @@
enum : int { enum : int {
ZYGISK_SETUP, ZYGISK_SETUP,
ZYGISK_CHECK_DENYLIST,
ZYGISK_UNMOUNT,
}; };
// Unmap all pages matching the name // Unmap all pages matching the name
@ -22,3 +24,5 @@ uintptr_t get_function_addr(int pid, const char *lib, uintptr_t off);
void self_unload(); void self_unload();
void hook_functions(); void hook_functions();
bool unhook_functions(); bool unhook_functions();
bool remote_check_denylist(int uid, const char *process);
int remote_request_unmount();