mirror of
https://github.com/topjohnwu/Magisk.git
synced 2024-11-24 18:45:28 +00:00
0f74e89b44
Usually, the communication between native and the app is done via sending intents to either broadcast or activity. These communication channels are for launching root requests dialogs, sending root request notifications (the toast you see when an app gained root access), and root request logging. Sending intents by am (activity manager) usually requires specifying the component name in the format of <pkg>/<class name>. This means parts of Magisk Manager cannot be randomized or else the native daemon is unable to know where to send data to the app. On modern Android (not sure which API is it introduced), it is possible to send broadcasts to a package, not a specific component. Which component will receive the intent depends on the intent filter declared in AndroidManifest.xml. Since we already have a mechanism in native code to keep track of the package name of Magisk Manager, this makes it perfect to pass intents to Magisk Manager that have components being randomly obfuscated (stub APKs). There are a few caveats though. Although this broadcasting method works perfectly fine on AOSP and most systems, there are OEMs out there shipping ROMs blocking broadcasts unexpectedly. In order to make sure Magisk works in all kinds of scenarios, we run actual tests every boot to determine which communication method should be used. We have 3 methods in total, ordered in preference: 1. Broadcasting to a package 2. Broadcasting to a specific component 3. Starting a specific activity component Method 3 will always work on any device, but the downside is anytime a communication happens, Magisk Manager will steal foreground focus regardless of whether UI is drawn. Method 1 is the only way to support obfuscated stub APKs. The communication test will test method 1 and 2, and if Magisk Manager is able to receive the messages, it will then update the daemon configuration to use whichever is preferable. If none of the broadcasts can be delivered, then the fallback method 3 will be used.
73 lines
1.4 KiB
C++
73 lines
1.4 KiB
C++
#pragma once
|
|
|
|
#include <sys/types.h>
|
|
#include <sys/stat.h>
|
|
#include <memory>
|
|
|
|
#include <db.h>
|
|
#include <utils.h>
|
|
|
|
#define DEFAULT_SHELL "/system/bin/sh"
|
|
|
|
// Constants for atty
|
|
#define ATTY_IN (1 << 0)
|
|
#define ATTY_OUT (1 << 1)
|
|
#define ATTY_ERR (1 << 2)
|
|
|
|
class su_info {
|
|
public:
|
|
/* Unique key */
|
|
const unsigned uid;
|
|
|
|
/* These should be guarded with internal lock */
|
|
db_settings cfg;
|
|
db_strings str;
|
|
su_access access;
|
|
struct stat mgr_st;
|
|
|
|
/* This should be guarded with global cache lock */
|
|
long timestamp;
|
|
|
|
su_info(unsigned uid = 0);
|
|
~su_info();
|
|
mutex_guard lock();
|
|
bool is_fresh();
|
|
void refresh();
|
|
|
|
private:
|
|
pthread_mutex_t _lock; /* Internal lock */
|
|
};
|
|
|
|
struct su_req_base {
|
|
unsigned uid = UID_ROOT;
|
|
bool login = false;
|
|
bool keepenv = false;
|
|
bool mount_master = false;
|
|
} __attribute__((packed));
|
|
|
|
struct su_request : public su_req_base {
|
|
const char *shell = DEFAULT_SHELL;
|
|
const char *command = "";
|
|
su_request(bool dyn = false) : dyn(dyn) {}
|
|
~su_request() {
|
|
if (dyn) {
|
|
free(const_cast<char*>(shell));
|
|
free(const_cast<char*>(command));
|
|
}
|
|
}
|
|
|
|
private:
|
|
bool dyn;
|
|
} __attribute__((packed));
|
|
|
|
struct su_context {
|
|
std::shared_ptr<su_info> info;
|
|
su_request req;
|
|
pid_t pid;
|
|
};
|
|
|
|
void app_log(const su_context &ctx);
|
|
void app_notify(const su_context &ctx);
|
|
void app_socket(const char *socket, const std::shared_ptr<su_info> &info);
|
|
void socket_send_request(int fd, const std::shared_ptr<su_info> &info);
|