Monitor app_process
Some stupid Samsung ROMs will spawn multiple zygote daemons. Since we switched to ptrace based process monitoring, we have to know all zygote processes to trace. This is an attempt to fix this issue. Close #1272
This commit is contained in:
parent
6050c4e8ba
commit
515f346dcc
@ -71,7 +71,7 @@ void crawl_procfs(DIR *dir, const function<bool (int)> &fn) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
bool proc_name_match(int pid, const char *name) {
|
static bool proc_name_match(int pid, const char *name) {
|
||||||
char buf[4019];
|
char buf[4019];
|
||||||
FILE *f;
|
FILE *f;
|
||||||
#if 0
|
#if 0
|
||||||
|
@ -19,8 +19,6 @@
|
|||||||
#define SAFETYNET_PKG "com.google.android.gms"
|
#define SAFETYNET_PKG "com.google.android.gms"
|
||||||
#define MICROG_SAFETYNET "org.microg.gms.droidguard"
|
#define MICROG_SAFETYNET "org.microg.gms.droidguard"
|
||||||
|
|
||||||
#define WEVENT(s) (((s) & 0xffff0000) >> 16)
|
|
||||||
|
|
||||||
// CLI entries
|
// CLI entries
|
||||||
void launch_magiskhide(int client);
|
void launch_magiskhide(int client);
|
||||||
int stop_magiskhide();
|
int stop_magiskhide();
|
||||||
@ -29,15 +27,14 @@ int rm_list(int client);
|
|||||||
void ls_list(int client);
|
void ls_list(int client);
|
||||||
|
|
||||||
// Process monitoring
|
// Process monitoring
|
||||||
void *update_uid_map(void * p = nullptr);
|
|
||||||
void proc_monitor();
|
void proc_monitor();
|
||||||
|
void update_uid_map();
|
||||||
|
|
||||||
// Utility functions
|
// Utility functions
|
||||||
void manage_selinux();
|
void manage_selinux();
|
||||||
void clean_magisk_props();
|
void clean_magisk_props();
|
||||||
void crawl_procfs(const std::function<bool (int)> &fn);
|
void crawl_procfs(const std::function<bool (int)> &fn);
|
||||||
void crawl_procfs(DIR *dir, const std::function<bool (int)> &fn);
|
void crawl_procfs(DIR *dir, const std::function<bool (int)> &fn);
|
||||||
bool proc_name_match(int pid, const char *name);
|
|
||||||
|
|
||||||
extern bool hide_enabled;
|
extern bool hide_enabled;
|
||||||
extern pthread_mutex_t monitor_lock;
|
extern pthread_mutex_t monitor_lock;
|
||||||
|
@ -134,18 +134,21 @@ static bool parse_packages_xml(string_view s) {
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void update_uid_map() {
|
||||||
|
MutexGuard lock(monitor_lock);
|
||||||
|
uid_proc_map.clear();
|
||||||
|
file_readline("/data/system/packages.xml", parse_packages_xml, true);
|
||||||
|
}
|
||||||
|
|
||||||
static void check_zygote() {
|
static void check_zygote() {
|
||||||
int min_zyg = 1;
|
int min_zyg = 1;
|
||||||
if (access("/system/bin/app_process64", R_OK) == 0)
|
if (access("/system/bin/app_process64", R_OK) == 0)
|
||||||
min_zyg = 2;
|
min_zyg = 2;
|
||||||
for (bool first = true; zygote_map.size() < min_zyg; first = false) {
|
for (;;) {
|
||||||
if (!first)
|
|
||||||
usleep(10000);
|
|
||||||
crawl_procfs([](int pid) -> bool {
|
crawl_procfs([](int pid) -> bool {
|
||||||
char buf[512];
|
char buf[512];
|
||||||
snprintf(buf, sizeof(buf), "/proc/%d/cmdline", pid);
|
snprintf(buf, sizeof(buf), "/proc/%d/cmdline", pid);
|
||||||
FILE *f = fopen(buf, "re");
|
if (FILE *f = fopen(buf, "re"); f) {
|
||||||
if (f) {
|
|
||||||
fgets(buf, sizeof(buf), f);
|
fgets(buf, sizeof(buf), f);
|
||||||
if (strncmp(buf, "zygote", 6) == 0 && parse_ppid(pid) == 1)
|
if (strncmp(buf, "zygote", 6) == 0 && parse_ppid(pid) == 1)
|
||||||
new_zygote(pid);
|
new_zygote(pid);
|
||||||
@ -153,14 +156,41 @@ static void check_zygote() {
|
|||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
});
|
});
|
||||||
|
if (zygote_map.size() >= min_zyg)
|
||||||
|
break;
|
||||||
|
usleep(10000);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void *update_uid_map(void*) {
|
#define APP_PROC "/system/bin/app_process"
|
||||||
MutexGuard lock(monitor_lock);
|
|
||||||
uid_proc_map.clear();
|
static void setup_inotify() {
|
||||||
file_readline("/data/system/packages.xml", parse_packages_xml, true);
|
inotify_fd = xinotify_init1(IN_CLOEXEC);
|
||||||
return nullptr;
|
if (inotify_fd < 0)
|
||||||
|
term_thread();
|
||||||
|
|
||||||
|
// Setup inotify asynchronous I/O
|
||||||
|
fcntl(inotify_fd, F_SETFL, O_ASYNC);
|
||||||
|
struct f_owner_ex ex = {
|
||||||
|
.type = F_OWNER_TID,
|
||||||
|
.pid = gettid()
|
||||||
|
};
|
||||||
|
fcntl(inotify_fd, F_SETOWN_EX, &ex);
|
||||||
|
|
||||||
|
// Monitor packages.xml
|
||||||
|
inotify_add_watch(inotify_fd, "/data/system", IN_CLOSE_WRITE);
|
||||||
|
|
||||||
|
// Monitor app_process
|
||||||
|
if (access(APP_PROC "32", F_OK) == 0) {
|
||||||
|
inotify_add_watch(inotify_fd, APP_PROC "32", IN_ACCESS);
|
||||||
|
if (access(APP_PROC "64", F_OK) == 0)
|
||||||
|
inotify_add_watch(inotify_fd, APP_PROC "64", IN_ACCESS);
|
||||||
|
} else {
|
||||||
|
inotify_add_watch(inotify_fd, APP_PROC, IN_ACCESS);
|
||||||
|
}
|
||||||
|
|
||||||
|
// First find existing zygotes
|
||||||
|
check_zygote();
|
||||||
}
|
}
|
||||||
|
|
||||||
/*************************
|
/*************************
|
||||||
@ -233,7 +263,10 @@ static void inotify_event(int) {
|
|||||||
read(inotify_fd, buf, sizeof(buf));
|
read(inotify_fd, buf, sizeof(buf));
|
||||||
if ((event->mask & IN_CLOSE_WRITE) && strcmp(event->name, "packages.xml") == 0) {
|
if ((event->mask & IN_CLOSE_WRITE) && strcmp(event->name, "packages.xml") == 0) {
|
||||||
LOGD("proc_monitor: /data/system/packages.xml updated\n");
|
LOGD("proc_monitor: /data/system/packages.xml updated\n");
|
||||||
new_daemon_thread(update_uid_map);
|
uid_proc_map.clear();
|
||||||
|
file_readline("/data/system/packages.xml", parse_packages_xml, true);
|
||||||
|
} else if (event->mask & IN_ACCESS) {
|
||||||
|
check_zygote();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -362,12 +395,10 @@ static void new_zygote(int pid) {
|
|||||||
xptrace(PTRACE_CONT, pid);
|
xptrace(PTRACE_CONT, pid);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define WEVENT(s) (((s) & 0xffff0000) >> 16)
|
||||||
#define DETACH_AND_CONT { detach = true; continue; }
|
#define DETACH_AND_CONT { detach = true; continue; }
|
||||||
void proc_monitor() {
|
|
||||||
inotify_fd = xinotify_init1(IN_CLOEXEC);
|
|
||||||
if (inotify_fd < 0)
|
|
||||||
term_thread();
|
|
||||||
|
|
||||||
|
void proc_monitor() {
|
||||||
// Unblock some signals
|
// Unblock some signals
|
||||||
sigset_t block_set;
|
sigset_t block_set;
|
||||||
sigemptyset(&block_set);
|
sigemptyset(&block_set);
|
||||||
@ -381,19 +412,7 @@ void proc_monitor() {
|
|||||||
act.sa_handler = inotify_event;
|
act.sa_handler = inotify_event;
|
||||||
sigaction(SIGIO, &act, nullptr);
|
sigaction(SIGIO, &act, nullptr);
|
||||||
|
|
||||||
// Setup inotify asynchronous I/O
|
setup_inotify();
|
||||||
fcntl(inotify_fd, F_SETFL, O_ASYNC);
|
|
||||||
struct f_owner_ex ex = {
|
|
||||||
.type = F_OWNER_TID,
|
|
||||||
.pid = gettid()
|
|
||||||
};
|
|
||||||
fcntl(inotify_fd, F_SETOWN_EX, &ex);
|
|
||||||
|
|
||||||
// Start monitoring packages.xml
|
|
||||||
inotify_add_watch(inotify_fd, "/data/system", IN_CLOSE_WRITE);
|
|
||||||
|
|
||||||
// First find existing zygotes
|
|
||||||
check_zygote();
|
|
||||||
|
|
||||||
int status;
|
int status;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user