33 Commits

Author SHA1 Message Date
topjohnwu
d2e2847b03 Fix stub 2021-02-23 03:24:51 -08:00
topjohnwu
fba83e2330 Support stub APK loading down to Android 5.0 2021-01-26 07:27:35 -08:00
topjohnwu
2e0f7a82fa More complete stub sources 2021-01-22 20:45:37 -08:00
topjohnwu
41a644afb9 Open source stub APK loader
Close #3537
2020-12-29 01:44:02 -08:00
topjohnwu
6092d7ca88 Minor cleanups 2020-10-11 05:10:02 -07:00
topjohnwu
66cad101c0 Support new canary links 2020-10-11 03:37:03 -07:00
topjohnwu
716f06846b Use GitHub pages URLs for public channel JSONs 2020-10-03 02:51:51 -07:00
topjohnwu
ef0277d10e Properly set themes for dialogs in stub 2020-03-30 04:03:33 -07:00
topjohnwu
c3968a26cf Remove dynamic loading code
All these code are moved into a private repo. The stub is actually
just a stub now; mixing dynamic load and stub is confusing.
2020-03-27 01:25:05 -07:00
topjohnwu
1e7e06d1cc Proper canary version detection 2020-02-17 22:05:32 -08:00
topjohnwu
bce777d7c6 Set stub version in stub 2020-01-03 02:19:10 +08:00
topjohnwu
a2ddf362d8 Make a.a not extend AppComponentFactory
Fix #2053
2019-11-09 16:13:15 -05:00
topjohnwu
0c9feedb37 Support restarting app when obfuscated 2019-11-03 02:55:22 -05:00
topjohnwu
490e4d3180 Target the proper channel in stub 2019-10-30 05:00:52 -04:00
topjohnwu
dc9f69bab0 Minor changes 2019-10-30 04:15:53 -04:00
topjohnwu
fdf04f77f2 Send bitmap to notifications and shortcuts
On API 23+, the platform unifies the way to handle drawable
resources across processes: all drawables can be passed via Icon.
This allows us to send raw bitmap to the system without the need to
specify a resource ID. This means that we are allowed to NOT include
these drawable resources within our stub APK, since our full APK can
draw the images programmatically and send raw bitmaps to the system.
2019-10-30 01:02:53 -04:00
topjohnwu
f7aa451591 Update strings 2019-10-29 07:36:50 -04:00
topjohnwu
321d11c2c6 Move Mapping class 2019-10-29 07:21:14 -04:00
topjohnwu
7693024c29 Replace general resources with platform 2019-10-26 19:23:57 -04:00
topjohnwu
0b87108174 Move things around 2019-10-24 05:21:42 -04:00
topjohnwu
7fc7809cfc More precise channel targeting 2019-10-24 04:25:05 -04:00
topjohnwu
d010cb7e42 Update stub 2019-10-23 05:19:54 -04:00
topjohnwu
40eda05a30 Make main app fully independent from the stub
- Skip 0x7f01XXXX - 0x7f05XXXX resource IDs in the main app; they are
reserved for stub resources
- Support sending additional data from host to guest
- Use resource mapping passed from host when they are being sent
to the system framework (notifications and shortcuts)
2019-10-17 02:55:42 -04:00
topjohnwu
9f9de8c43b Obfuscate WorkManager components
Remove unused components and hack the context sent into WorkManager
2019-10-16 17:03:55 -04:00
topjohnwu
a910c8ccd8 Support stub APK upgrades 2019-10-16 05:07:29 -04:00
topjohnwu
43bda2d4a4 Allow component classname obfuscation 2019-10-16 04:38:31 -04:00
topjohnwu
c7033dd757 Allow injecting custom channel URL for debug 2019-10-16 01:54:59 -04:00
topjohnwu
5ffb9eaa5b Support loading Magisk Manager from stub on 9.0+
In the effort of preventing apps from crawling APK contents across the
whole installed app list to detect Magisk Manager, the solution here
is to NOT install the actual APK into the system, but instead
dynamically load the full app at runtime by a stub app. The full APK
will be stored in the application's private internal data where
non-root processes cannot read or scan.

The basis of this implementation is the class "AppComponentFactory"
that is introduced in API 28. If assigned, the system framework will
delegate app component instantiation to our custom implementation,
which allows us to do all sorts of crazy stuffs, in our case dynamically
load classes and create objects that does not exist in our APK.

There are a few challenges to achieve our goal though. First, Java
ClassLoaders follow the "delegation pattern", which means class loading
resolution will first be delegated to the parent loader before we get
a chance to do anything. This includes DexClassLoader, which is what
we will be using to load DEX files at runtime. This is a problem
because our stub app and full app share quite a lot of class names.
A custom ClassLoader, DynamicClassLoader, is created to overcome this
issue: it will always load classes in its current dex path before
delegating it to the parent.

Second, all app components (with the exception of runtime
BroadcastReceivers) are required to be declared in AndroidManifest.xml.
The full Magisk Manager has quite a lot of components (including
those from WorkManager and Room). The solution is to copy the complete
AndroidManifest.xml from the full app to the stub, and our
AppComponentFactory is responsible to construct the proper objects or
return dummy implementations in case the full APK isn't downloaded yet.

Third, other than classes, all resources required to run the full app
are also not bundled with the stub APK. We have to call an internal API
`AssetManager.addAssetPath(String)` to add our downloaded full APK into
AssetManager in order to access resources within our full app. That
internal API has existed forever, and is whitelisted from restricted
API access on modern Android versions, so it is pretty safe to use.

Fourth, on the subject of resources, some resources are not just being
used by our app at runtime. Resources such as the app icon, app label,
launch theme, basically everything referred in AndroidManifest.xml,
are used by the system to display the app properly. The system get these
resources via resource IDs and direct loading from the installed APK.
This subset of resources would have to be copied into the stub to make
the app work properly.

Fifth, resource IDs are used all over the place in XMLs and Java code.
The resource IDs in the stub and full app cannot missmatch, or
somewhere, either it be the system or AssetManager, will refer to the
incorrect resource. The full app will have to include all resources in
the stub, and all of them have to be assigned to the exact same IDs in
both APKs. To achieve this, we use AAPT2's "--emit-ids" option to dump
the resource ID mapping when building the stub, and "--stable-ids" when
building the full APK to make sure all overlapping resources in full
and stub are always assigned to the same ID.

Finally, both stub and full app have to work properly independently.
On 9.0+, the stub will have to first launch an Activity to download
the full APK before it can relaunch into the full app. On pre-9.0, the
stub should behave as it always did: download and prompt installation
to upgrade itself to full Magisk Manager. In the full app, the goal
is to introduce minimal intrusion to the code base to make sure this
whole thing is maintainable in the future. Fortunately, the solution
ends up pretty slick: all ContextWrappers in the app will be injected
with custom Contexts. The custom Contexts will return our patched
Resources object and the ClassLoader that loads itself, which will be
DynamicClassLoader in the case of running as a delegate app.
By directly patching the base Context of ContextWrappers (which covers
tons of app components) and in the Koin DI, the effect propagates deep
into every aspect of the code, making this change basically fully
transparent to almost every piece of code in full Magisk Manager.

After this commit, the stub app is able to properly download and launch
the full app, with most basic functionalities working just fine.
Do not expect Magisk Manager upgrades and hiding (repackaging) to
work properly, and some other minor issues might pop up.
This feature is still in the early WIP stages.
2019-10-14 03:49:17 -04:00
topjohnwu
b05b688267 Fix issues in stub APK 2019-10-12 03:58:45 -04:00
topjohnwu
8f07747452 Remove net module 2019-08-04 18:33:20 -07:00
topjohnwu
ff95f634f0 Use release canary APK in stub 2019-04-05 21:07:59 -04:00
topjohnwu
6a0b2ddee9 Let stub APK respect canary builds 2019-04-05 07:15:54 -04:00
topjohnwu
cf65169c99 Separate stub Magisk Manager to a module 2019-03-08 10:16:02 -05:00