MarcoBuster/Magisk
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update pre/post hooks implementation

Browse Source
This commit is contained in:
topjohnwu 2021-01-09 17:41:25 -08:00
parent bbef22daf7
commit 540b4b7ea9
4 changed files with 205 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
native/jni/Android.mk
View File

@ -33,8 +33,7 @@ LOCAL_SRC_FILES := \
su/su_daemon.cpp \ su/su_daemon.cpp \
inject/entry.cpp \ inject/entry.cpp \
inject/utils.cpp \ inject/utils.cpp \
inject/hook.cpp \ inject/hook.cpp
inject/jni_hooks.cpp
LOCAL_LDLIBS := -llog LOCAL_LDLIBS := -llog
include $(BUILD_EXECUTABLE) include $(BUILD_EXECUTABLE)

85
native/jni/inject/hook.cpp
View File

@ -13,14 +13,48 @@ static JavaVM *g_jvm;
// For some reason static vector won't work, use a pointer instead // For some reason static vector won't work, use a pointer instead
static vector<tuple<const char *, const char *, void **>> *hook_list; static vector<tuple<const char *, const char *, void **>> *hook_list;
namespace {
struct HookContext {
int pid;
};
}
// JNI method declarations
namespace JNI {
namespace Zygote {
const JNINativeMethod *nativeForkAndSpecialize_orig = nullptr;
const JNINativeMethod *nativeSpecializeAppProcess_orig = nullptr;
const JNINativeMethod *nativeForkSystemServer_orig = nullptr;
extern const JNINativeMethod nativeForkAndSpecialize_methods[];
extern const int nativeForkAndSpecialize_methods_num;
extern const JNINativeMethod nativeSpecializeAppProcess_methods[];
extern const int nativeSpecializeAppProcess_methods_num;
extern const JNINativeMethod nativeForkSystemServer_methods[];
extern const int nativeForkSystemServer_methods_num;
}
namespace SystemProperties {
const JNINativeMethod *native_set_orig = nullptr;
extern const JNINativeMethod native_set_methods[];
constexpr int native_set_methods_num = 1;
}
}
#define DEF_HOOK_FUNC(ret, func, ...) \ #define DEF_HOOK_FUNC(ret, func, ...) \
static ret (*old_##func)(__VA_ARGS__); \ static ret (*old_##func)(__VA_ARGS__); \
static ret new_##func(__VA_ARGS__) static ret new_##func(__VA_ARGS__)
#define HOOK_JNI(clazz, method) \ #define HOOK_JNI(clazz, method) \
if (newMethods[i].name == #method##sv) { \ if (newMethods[i].name == #method##sv) { \
JNI::clazz::method##_orig = new JNINativeMethod(); \ auto orig = new JNINativeMethod(); \
memcpy(JNI::clazz::method##_orig, &newMethods[i], sizeof(JNINativeMethod)); \ memcpy(orig, &newMethods[i], sizeof(JNINativeMethod)); \
JNI::clazz::method##_orig = orig; \
for (int j = 0; j < JNI::clazz::method##_methods_num; ++j) { \ for (int j = 0; j < JNI::clazz::method##_methods_num; ++j) { \
if (strcmp(newMethods[i].signature, JNI::clazz::method##_methods[j].signature) == 0) { \ if (strcmp(newMethods[i].signature, JNI::clazz::method##_methods[j].signature) == 0) { \
newMethods[i] = JNI::clazz::method##_methods[j]; \ newMethods[i] = JNI::clazz::method##_methods[j]; \
@ -65,6 +99,49 @@ DEF_HOOK_FUNC(int, jniRegisterNativeMethods,
return old_jniRegisterNativeMethods(env, className, newMethods.get() ?: methods, numMethods); return old_jniRegisterNativeMethods(env, className, newMethods.get() ?: methods, numMethods);
} }
static void nativeForkAndSpecialize_pre(HookContext *ctx,
JNIEnv *env, jclass clazz, jint &uid, jint &gid, jintArray &gids, jint &runtime_flags,
jobjectArray &rlimits, jint &mount_external, jstring &se_info, jstring &nice_name,
jintArray &fds_to_close, jintArray &fds_to_ignore, jboolean &is_child_zygote,
jstring &instruction_set, jstring &app_data_dir, jboolean &is_top_app, jobjectArray &pkg_data_info_list,
jobjectArray &whitelisted_data_info_list, jboolean &mount_data_dirs, jboolean &mount_storage_dirs) {
LOGD("hook: %s\n", __FUNCTION__);
}
static void nativeForkAndSpecialize_post(HookContext *ctx, JNIEnv *env, jclass clazz) {
LOGD("hook: %s\n", __FUNCTION__);
// Demonstrate self unload in child process
if (ctx->pid == 0)
self_unload();
}
// -----------------------------------------------------------------
static void nativeSpecializeAppProcess_pre(HookContext *ctx,
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir,
jboolean &is_top_app, jobjectArray &pkg_data_info_list, jobjectArray &whitelisted_data_info_list,
jboolean &mount_data_dirs, jboolean &mount_storage_dirs) {
LOGD("hook: %s\n", __FUNCTION__);
}
static void nativeSpecializeAppProcess_post(HookContext *ctx, JNIEnv *env, jclass clazz) {
LOGD("hook: %s\n", __FUNCTION__);
}
// -----------------------------------------------------------------
static void nativeForkSystemServer_pre(HookContext *ctx,
JNIEnv *env, jclass clazz, uid_t &uid, gid_t &gid, jintArray &gids, jint &runtime_flags,
jobjectArray &rlimits, jlong &permitted_capabilities, jlong &effective_capabilities) {
LOGD("hook: %s\n", __FUNCTION__);
}
static void nativeForkSystemServer_post(HookContext *ctx, JNIEnv *env, jclass clazz) {
LOGD("hook: %s\n", __FUNCTION__);
}
static bool hook_refresh() { static bool hook_refresh() {
if (xhook_refresh(0) == 0) { if (xhook_refresh(0) == 0) {
xhook_clear(); xhook_clear();
@ -107,6 +184,7 @@ bool unhook_functions() {
if (g_jvm->GetEnv(reinterpret_cast<void**>(&env), JNI_VERSION_1_6) != JNI_OK) if (g_jvm->GetEnv(reinterpret_cast<void**>(&env), JNI_VERSION_1_6) != JNI_OK)
return false; return false;
// Unhook JNI methods
vector<JNINativeMethod> methods; vector<JNINativeMethod> methods;
push_method(Zygote, nativeForkAndSpecialize); push_method(Zygote, nativeForkAndSpecialize);
@ -130,6 +208,7 @@ bool unhook_functions() {
return false; return false;
} }
// Unhook xhook
for (auto &[path, sym, old_func] : *hook_list) { for (auto &[path, sym, old_func] : *hook_list) {
if (xhook_register(path, sym, *old_func, nullptr) != 0) { if (xhook_register(path, sym, *old_func, nullptr) != 0) {
LOGE("hook: Failed to register hook \"%s\"\n", sym); LOGE("hook: Failed to register hook \"%s\"\n", sym);
@ -139,3 +218,5 @@ bool unhook_functions() {
delete hook_list; delete hook_list;
return hook_refresh(); return hook_refresh();
} }
#include "jni_hooks.hpp"

25
native/jni/inject/inject.hpp
View File

@ -20,28 +20,3 @@ uintptr_t get_remote_lib(int pid, const char *lib);
void self_unload(); void self_unload();
void hook_functions(); void hook_functions();
bool unhook_functions(); bool unhook_functions();
// JNI method declarations
namespace JNI {
namespace Zygote {
extern JNINativeMethod *nativeForkAndSpecialize_orig;
extern JNINativeMethod *nativeSpecializeAppProcess_orig;
extern JNINativeMethod *nativeForkSystemServer_orig;
extern const JNINativeMethod nativeForkAndSpecialize_methods[];
extern const int nativeForkAndSpecialize_methods_num;
extern const JNINativeMethod nativeSpecializeAppProcess_methods[];
extern const int nativeSpecializeAppProcess_methods_num;
extern const JNINativeMethod nativeForkSystemServer_methods[];
extern const int nativeForkSystemServer_methods_num;
}
namespace SystemProperties {
extern JNINativeMethod *native_set_orig;
extern const JNINativeMethod native_set_methods[];
constexpr int native_set_methods_num = 1;
}
}

295
native/jni/inject/jni_hooks.cpp → native/jni/inject/jni_hooks.hpp
View File

@ -6,71 +6,20 @@
* Copyright (c) 2021, John 'topjohnwu' Wu * Copyright (c) 2021, John 'topjohnwu' Wu
*/ */
#include <jni.h> #define ENABLE_LEGACY_DP 1 // Nobody should use outdated developer preview...
#include <utils.hpp>
#include "inject.hpp"
#define ENABLE_LEGACY_DP 0 // Nobody should use outdated developer preview...
static void nativeForkAndSpecialize_pre(
JNIEnv *env, jclass clazz, jint &uid, jint &gid, jintArray &gids, jint &runtime_flags,
jobjectArray &rlimits, jint &mount_external, jstring &se_info, jstring &se_name,
jintArray &fdsToClose, jintArray &fdsToIgnore, jboolean &is_child_zygote,
jstring &instructionSet, jstring &appDataDir, jboolean &isTopApp, jobjectArray &pkgDataInfoList,
jobjectArray &whitelistedDataInfoList, jboolean &bindMountAppDataDirs, jboolean &bindMountAppStorageDirs) {
LOGD("hook: %s\n", __FUNCTION__);
}
static void nativeForkAndSpecialize_post(JNIEnv *env, jclass clazz, jint uid, jint pid) {
LOGD("hook: %s\n", __FUNCTION__);
// Demonstrate self unload in child process
if (pid == 0)
self_unload();
}
// -----------------------------------------------------------------
static void nativeSpecializeAppProcess_pre(
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtimeFlags,
jobjectArray rlimits, jint mountExternal, jstring seInfo, jstring niceName,
jboolean startChildZygote, jstring instructionSet, jstring appDataDir,
jboolean &isTopApp, jobjectArray &pkgDataInfoList, jobjectArray &whitelistedDataInfoList,
jboolean &bindMountAppDataDirs, jboolean &bindMountAppStorageDirs) {
LOGD("hook: %s\n", __FUNCTION__);
}
static void nativeSpecializeAppProcess_post(JNIEnv *env, jclass clazz) {
LOGD("hook: %s\n", __FUNCTION__);
}
// -----------------------------------------------------------------
static void nativeForkSystemServer_pre(
JNIEnv *env, jclass clazz, uid_t &uid, gid_t &gid, jintArray &gids, jint &debug_flags,
jobjectArray &rlimits, jlong &permittedCapabilities, jlong &effectiveCapabilities) {
LOGD("hook: %s\n", __FUNCTION__);
}
static void nativeForkSystemServer_post(JNIEnv *env, jclass clazz, jint res) {
LOGD("hook: %s\n", __FUNCTION__);
}
// -----------------------------------------------------------------
// All possible missing arguments // All possible missing arguments
static union { static union {
struct { struct {
jintArray fdsToIgnore; jintArray fds_to_ignore;
jboolean is_child_zygote; jboolean is_child_zygote;
jboolean isTopApp; jboolean is_top_app;
jobjectArray pkgDataInfoList; jobjectArray pkg_data_info_list;
jobjectArray whitelistedDataInfoList; jobjectArray whitelisted_data_info_list;
jboolean bindMountAppDataDirs; jboolean mount_data_dirs;
jboolean bindMountAppStorageDirs; jboolean mount_storage_dirs;
}; };
size_t missing_arg_buf[8]; // Easy access to wipe all variables at once size_t args_buf[8]; // Easy access to wipe all variables at once
}; };
#define DCL_JNI(ret, name, sig, ...) \ #define DCL_JNI(ret, name, sig, ...) \
@ -80,19 +29,20 @@ static ret name(__VA_ARGS__)
// ----------------------------------------------------------------- // -----------------------------------------------------------------
#define pre_fork() \ #define pre_fork() \
memset(missing_arg_buf, 0, sizeof(missing_arg_buf)); \ HookContext ctx{}; \
nativeForkAndSpecialize_pre( env, clazz, uid, gid, gids, runtime_flags, \ memset(args_buf, 0, sizeof(args_buf)); \
rlimits, mount_external, se_info, se_name, fdsToClose, fdsToIgnore, is_child_zygote, \ nativeForkAndSpecialize_pre(&ctx, env, clazz, uid, gid, gids, runtime_flags, \
instructionSet, appDataDir, isTopApp, pkgDataInfoList, whitelistedDataInfoList, \ rlimits, mount_external, se_info, nice_name, fds_to_close, fds_to_ignore, is_child_zygote, \
bindMountAppDataDirs, bindMountAppStorageDirs) \ instruction_set, app_data_dir, is_top_app, pkg_data_info_list, whitelisted_data_info_list, \
mount_data_dirs, mount_storage_dirs)
#define orig_fork(ver, ...) \ #define orig_fork(ver, ...) \
jint pid = reinterpret_cast<decltype(&nativeForkAndSpecialize_##ver)> \ ctx.pid = reinterpret_cast<decltype(&nativeForkAndSpecialize_##ver)> \
(JNI::Zygote::nativeForkAndSpecialize_orig->fnPtr)(__VA_ARGS__) (JNI::Zygote::nativeForkAndSpecialize_orig->fnPtr)(__VA_ARGS__)
#define post_fork() \ #define post_fork() \
nativeForkAndSpecialize_post(env, clazz, uid, pid); \ nativeForkAndSpecialize_post(&ctx, env, clazz); \
return pid return ctx.pid
#define DCL_FORK_AND_SPECIALIZE(ver, sig, ...) \ #define DCL_FORK_AND_SPECIALIZE(ver, sig, ...) \
DCL_JNI(jint, nativeForkAndSpecialize_##ver, sig, __VA_ARGS__) DCL_JNI(jint, nativeForkAndSpecialize_##ver, sig, __VA_ARGS__)
@ -100,46 +50,46 @@ DCL_JNI(jint, nativeForkAndSpecialize_##ver, sig, __VA_ARGS__)
DCL_FORK_AND_SPECIALIZE(m, DCL_FORK_AND_SPECIALIZE(m,
"(II[II[[IILjava/lang/String;Ljava/lang/String;[ILjava/lang/String;Ljava/lang/String;)I", "(II[II[[IILjava/lang/String;Ljava/lang/String;[ILjava/lang/String;Ljava/lang/String;)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jstring se_name, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jintArray fdsToClose, jstring instructionSet, jstring appDataDir) { jintArray fds_to_close, jstring instruction_set, jstring app_data_dir) {
pre_fork(); pre_fork();
orig_fork(m, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, orig_fork(m, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external,
se_info, se_name, fdsToClose, instructionSet, appDataDir); se_info, nice_name, fds_to_close, instruction_set, app_data_dir);
post_fork(); post_fork();
} }
DCL_FORK_AND_SPECIALIZE(o, DCL_FORK_AND_SPECIALIZE(o,
"(II[II[[IILjava/lang/String;Ljava/lang/String;[I[ILjava/lang/String;Ljava/lang/String;)I", "(II[II[[IILjava/lang/String;Ljava/lang/String;[I[ILjava/lang/String;Ljava/lang/String;)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jstring se_name, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jintArray fdsToClose, jintArray fdsToIgnore, jstring instructionSet, jstring appDataDir) { jintArray fds_to_close, jintArray fds_to_ignore, jstring instruction_set, jstring app_data_dir) {
pre_fork(); pre_fork();
orig_fork(o, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, orig_fork(o, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external,
se_info, se_name, fdsToClose, fdsToIgnore, instructionSet, appDataDir); se_info, nice_name, fds_to_close, fds_to_ignore, instruction_set, app_data_dir);
post_fork(); post_fork();
} }
DCL_FORK_AND_SPECIALIZE(p, DCL_FORK_AND_SPECIALIZE(p,
"(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;)I", "(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jstring se_name, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jintArray fdsToClose, jintArray fdsToIgnore, jboolean is_child_zygote, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote,
jstring instructionSet, jstring appDataDir) { jstring instruction_set, jstring app_data_dir) {
pre_fork(); pre_fork();
orig_fork(p, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, orig_fork(p, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info,
se_name, fdsToClose, fdsToIgnore, is_child_zygote, instructionSet, appDataDir); nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir);
post_fork(); post_fork();
} }
DCL_FORK_AND_SPECIALIZE(q_alt, DCL_FORK_AND_SPECIALIZE(q_alt,
"(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z)I", "(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jstring se_name, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jintArray fdsToClose, jintArray fdsToIgnore, jboolean is_child_zygote, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote,
jstring instructionSet, jstring appDataDir, jboolean isTopApp) { jstring instruction_set, jstring app_data_dir, jboolean is_top_app) {
pre_fork(); pre_fork();
orig_fork(q_alt, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, orig_fork(q_alt, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info,
se_name, fdsToClose, fdsToIgnore, is_child_zygote, instructionSet, appDataDir, isTopApp); nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir, is_top_app);
post_fork(); post_fork();
} }
@ -147,27 +97,27 @@ DCL_FORK_AND_SPECIALIZE(q_alt,
DCL_FORK_AND_SPECIALIZE(r_dp2, DCL_FORK_AND_SPECIALIZE(r_dp2,
"(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;)I", "(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jstring se_name, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jintArray fdsToClose, jintArray fdsToIgnore, jboolean is_child_zygote, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote,
jstring instructionSet, jstring appDataDir, jboolean isTopApp, jobjectArray pkgDataInfoList) { jstring instruction_set, jstring app_data_dir, jboolean is_top_app, jobjectArray pkg_data_info_list) {
pre_fork(); pre_fork();
orig_fork(r_dp2, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, orig_fork(r_dp2, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info,
se_name, fdsToClose, fdsToIgnore, is_child_zygote, instructionSet, appDataDir, nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir,
isTopApp, pkgDataInfoList); is_top_app, pkg_data_info_list);
post_fork(); post_fork();
} }
DCL_FORK_AND_SPECIALIZE(r_dp3, DCL_FORK_AND_SPECIALIZE(r_dp3,
"(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;Z)I", "(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;Z)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jstring se_name, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jintArray fdsToClose, jintArray fdsToIgnore, jboolean is_child_zygote, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote,
jstring instructionSet, jstring appDataDir, jboolean isTopApp, jobjectArray pkgDataInfoList, jstring instruction_set, jstring app_data_dir, jboolean is_top_app, jobjectArray pkg_data_info_list,
jboolean bindMountAppStorageDirs) { jboolean mount_storage_dirs) {
pre_fork(); pre_fork();
orig_fork(r_dp3, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, orig_fork(r_dp3, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external,
se_info, se_name, fdsToClose, fdsToIgnore, is_child_zygote, instructionSet, se_info, nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set,
appDataDir, isTopApp, pkgDataInfoList, bindMountAppStorageDirs); app_data_dir, is_top_app, pkg_data_info_list, mount_storage_dirs);
post_fork(); post_fork();
} }
#endif // ENABLE_LEGACY_DP #endif // ENABLE_LEGACY_DP
@ -175,14 +125,14 @@ DCL_FORK_AND_SPECIALIZE(r_dp3,
DCL_FORK_AND_SPECIALIZE(r, DCL_FORK_AND_SPECIALIZE(r,
"(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;[Ljava/lang/String;ZZ)I", "(II[II[[IILjava/lang/String;Ljava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;[Ljava/lang/String;ZZ)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jstring se_name, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jintArray fdsToClose, jintArray fdsToIgnore, jboolean is_child_zygote, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote,
jstring instructionSet, jstring appDataDir, jboolean isTopApp, jobjectArray pkgDataInfoList, jstring instruction_set, jstring app_data_dir, jboolean is_top_app, jobjectArray pkg_data_info_list,
jobjectArray whitelistedDataInfoList, jboolean bindMountAppDataDirs, jboolean bindMountAppStorageDirs) { jobjectArray whitelisted_data_info_list, jboolean mount_data_dirs, jboolean mount_storage_dirs) {
pre_fork(); pre_fork();
orig_fork(r, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, orig_fork(r, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info,
se_name, fdsToClose, fdsToIgnore, is_child_zygote, instructionSet, appDataDir, isTopApp, nice_name, fds_to_close, fds_to_ignore, is_child_zygote, instruction_set, app_data_dir, is_top_app,
pkgDataInfoList, whitelistedDataInfoList, bindMountAppDataDirs, bindMountAppStorageDirs); pkg_data_info_list, whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs);
post_fork(); post_fork();
} }
@ -190,10 +140,10 @@ DCL_FORK_AND_SPECIALIZE(samsung_m,
"(II[II[[IILjava/lang/String;IILjava/lang/String;[ILjava/lang/String;Ljava/lang/String;)I", "(II[II[[IILjava/lang/String;IILjava/lang/String;[ILjava/lang/String;Ljava/lang/String;)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jint category, jint accessInfo, jobjectArray rlimits, jint mount_external, jstring se_info, jint category, jint accessInfo,
jstring se_name, jintArray fdsToClose, jstring instructionSet, jstring appDataDir) { jstring nice_name, jintArray fds_to_close, jstring instruction_set, jstring app_data_dir) {
pre_fork(); pre_fork();
orig_fork(samsung_m, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, orig_fork(samsung_m, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external,
se_info, category, accessInfo, se_name, fdsToClose, instructionSet, appDataDir); se_info, category, accessInfo, nice_name, fds_to_close, instruction_set, app_data_dir);
post_fork(); post_fork();
} }
@ -201,10 +151,10 @@ DCL_FORK_AND_SPECIALIZE(samsung_n,
"(II[II[[IILjava/lang/String;IILjava/lang/String;[ILjava/lang/String;Ljava/lang/String;I)I", "(II[II[[IILjava/lang/String;IILjava/lang/String;[ILjava/lang/String;Ljava/lang/String;I)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jint category, jint accessInfo, jobjectArray rlimits, jint mount_external, jstring se_info, jint category, jint accessInfo,
jstring se_name, jintArray fdsToClose, jstring instructionSet, jstring appDataDir, jint a1) { jstring nice_name, jintArray fds_to_close, jstring instruction_set, jstring app_data_dir, jint a1) {
pre_fork(); pre_fork();
orig_fork(samsung_n, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, orig_fork(samsung_n, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external,
se_info, category, accessInfo, se_name, fdsToClose, instructionSet, appDataDir, a1); se_info, category, accessInfo, nice_name, fds_to_close, instruction_set, app_data_dir, a1);
post_fork(); post_fork();
} }
@ -212,12 +162,12 @@ DCL_FORK_AND_SPECIALIZE(samsung_o,
"(II[II[[IILjava/lang/String;IILjava/lang/String;[I[ILjava/lang/String;Ljava/lang/String;)I", "(II[II[[IILjava/lang/String;IILjava/lang/String;[I[ILjava/lang/String;Ljava/lang/String;)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jint category, jint accessInfo, jobjectArray rlimits, jint mount_external, jstring se_info, jint category, jint accessInfo,
jstring se_name, jintArray fdsToClose, jintArray fdsToIgnore, jstring instructionSet, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jstring instruction_set,
jstring appDataDir) { jstring app_data_dir) {
pre_fork(); pre_fork();
orig_fork(samsung_o, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, orig_fork(samsung_o, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external,
se_info, category, accessInfo, se_name, fdsToClose, fdsToIgnore, se_info, category, accessInfo, nice_name, fds_to_close, fds_to_ignore,
instructionSet, appDataDir); instruction_set, app_data_dir);
post_fork(); post_fork();
} }
@ -225,12 +175,12 @@ DCL_FORK_AND_SPECIALIZE(samsung_p,
"(II[II[[IILjava/lang/String;IILjava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;)I", "(II[II[[IILjava/lang/String;IILjava/lang/String;[I[IZLjava/lang/String;Ljava/lang/String;)I",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mount_external, jstring se_info, jint category, jint accessInfo, jobjectArray rlimits, jint mount_external, jstring se_info, jint category, jint accessInfo,
jstring se_name, jintArray fdsToClose, jintArray fdsToIgnore, jboolean is_child_zygote, jstring nice_name, jintArray fds_to_close, jintArray fds_to_ignore, jboolean is_child_zygote,
jstring instructionSet, jstring appDataDir) { jstring instruction_set, jstring app_data_dir) {
pre_fork(); pre_fork();
orig_fork(samsung_p, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, orig_fork(samsung_p, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external,
se_info, category, accessInfo, se_name, fdsToClose, fdsToIgnore, is_child_zygote, se_info, category, accessInfo, nice_name, fds_to_close, fds_to_ignore, is_child_zygote,
instructionSet, appDataDir); instruction_set, app_data_dir);
post_fork(); post_fork();
} }
@ -243,93 +193,95 @@ DCL_FORK_AND_SPECIALIZE(samsung_p,
// ----------------------------------------------------------------- // -----------------------------------------------------------------
#define pre_spec() \ #define pre_spec() \
memset(missing_arg_buf, 0, sizeof(missing_arg_buf)); \ HookContext ctx{}; \
nativeSpecializeAppProcess_pre( \ memset(args_buf, 0, sizeof(args_buf)); \
env, clazz, uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, niceName, \ nativeSpecializeAppProcess_pre(&ctx, \
startChildZygote, instructionSet, appDataDir, isTopApp, pkgDataInfoList, \ env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name, \
whitelistedDataInfoList, bindMountAppDataDirs, bindMountAppStorageDirs) is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list, \
whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs)
#define orig_spec(ver, ...) \ #define orig_spec(ver, ...) \
reinterpret_cast<decltype(&nativeSpecializeAppProcess_##ver)> \ reinterpret_cast<decltype(&nativeSpecializeAppProcess_##ver)> \
(JNI::Zygote::nativeSpecializeAppProcess_orig->fnPtr)(__VA_ARGS__) (JNI::Zygote::nativeSpecializeAppProcess_orig->fnPtr)(__VA_ARGS__)
#define post_spec() nativeSpecializeAppProcess_post(env, clazz) #define post_spec() \
nativeSpecializeAppProcess_post(&ctx, env, clazz)
#define DCL_SPECIALIZE_APP(ver, sig, ...) \ #define DCL_SPECIALIZE_APP(ver, sig, ...) \
DCL_JNI(void, nativeSpecializeAppProcess_##ver, sig, __VA_ARGS__) DCL_JNI(void, nativeSpecializeAppProcess_##ver, sig, __VA_ARGS__)
DCL_SPECIALIZE_APP(q, DCL_SPECIALIZE_APP(q,
"(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;)V", "(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;)V",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtimeFlags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mountExternal, jstring seInfo, jstring niceName, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jboolean startChildZygote, jstring instructionSet, jstring appDataDir) { jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir) {
pre_spec(); pre_spec();
orig_spec(q, env, clazz, uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, orig_spec(q, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info,
niceName, startChildZygote, instructionSet, appDataDir); nice_name, is_child_zygote, instruction_set, app_data_dir);
post_spec(); post_spec();
} }
DCL_SPECIALIZE_APP(q_alt, DCL_SPECIALIZE_APP(q_alt,
"(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z)V", "(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z)V",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtimeFlags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mountExternal, jstring seInfo, jstring niceName, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jboolean startChildZygote, jstring instructionSet, jstring appDataDir, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir,
jboolean isTopApp) { jboolean is_top_app) {
pre_spec(); pre_spec();
orig_spec(q_alt, env, clazz, uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, orig_spec(q_alt, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info,
niceName, startChildZygote, instructionSet, appDataDir, isTopApp); nice_name, is_child_zygote, instruction_set, app_data_dir, is_top_app);
post_spec(); post_spec();
} }
#if ENABLE_LEGACY_DP #if ENABLE_LEGACY_DP
DCL_SPECIALIZE_APP(r_dp2, DCL_SPECIALIZE_APP(r_dp2,
"(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;)V", "(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;)V",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtimeFlags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mountExternal, jstring seInfo, jstring niceName, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jboolean startChildZygote, jstring instructionSet, jstring appDataDir, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir,
jboolean isTopApp, jobjectArray pkgDataInfoList) { jboolean is_top_app, jobjectArray pkg_data_info_list) {
pre_spec(); pre_spec();
orig_spec(r_dp2, env, clazz, uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, orig_spec(r_dp2, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info,
niceName, startChildZygote, instructionSet, appDataDir, isTopApp, pkgDataInfoList); nice_name, is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list);
post_spec(); post_spec();
} }
DCL_SPECIALIZE_APP(r_dp3, DCL_SPECIALIZE_APP(r_dp3,
"(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;Z)V", "(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;Z)V",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtimeFlags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mountExternal, jstring seInfo, jstring niceName, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jboolean startChildZygote, jstring instructionSet, jstring appDataDir, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir,
jboolean isTopApp, jobjectArray pkgDataInfoList, jboolean bindMountAppStorageDirs) { jboolean is_top_app, jobjectArray pkg_data_info_list, jboolean mount_storage_dirs) {
pre_spec(); pre_spec();
orig_spec(r_dp3, env, clazz, uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, orig_spec(r_dp3, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info,
niceName, startChildZygote, instructionSet, appDataDir, isTopApp, pkgDataInfoList, nice_name, is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list,
bindMountAppStorageDirs); mount_storage_dirs);
post_spec(); post_spec();
} }
#endif // ENABLE_LEGACY_DP #endif // ENABLE_LEGACY_DP
DCL_SPECIALIZE_APP(r, DCL_SPECIALIZE_APP(r,
"(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;[Ljava/lang/String;ZZ)V", "(II[II[[IILjava/lang/String;Ljava/lang/String;ZLjava/lang/String;Ljava/lang/String;Z[Ljava/lang/String;[Ljava/lang/String;ZZ)V",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtimeFlags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mountExternal, jstring seInfo, jstring niceName, jobjectArray rlimits, jint mount_external, jstring se_info, jstring nice_name,
jboolean startChildZygote, jstring instructionSet, jstring appDataDir, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir,
jboolean isTopApp, jobjectArray pkgDataInfoList, jobjectArray whitelistedDataInfoList, jboolean is_top_app, jobjectArray pkg_data_info_list, jobjectArray whitelisted_data_info_list,
jboolean bindMountAppDataDirs, jboolean bindMountAppStorageDirs) { jboolean mount_data_dirs, jboolean mount_storage_dirs) {
pre_spec(); pre_spec();
orig_spec(r, env, clazz, uid, gid, gids, runtimeFlags, rlimits, mountExternal, seInfo, niceName, orig_spec(r, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external, se_info, nice_name,
startChildZygote, instructionSet, appDataDir, isTopApp, pkgDataInfoList, is_child_zygote, instruction_set, app_data_dir, is_top_app, pkg_data_info_list,
whitelistedDataInfoList, bindMountAppDataDirs, bindMountAppStorageDirs); whitelisted_data_info_list, mount_data_dirs, mount_storage_dirs);
post_spec(); post_spec();
} }
DCL_SPECIALIZE_APP(samsung_q, DCL_SPECIALIZE_APP(samsung_q,
"(II[II[[IILjava/lang/String;IILjava/lang/String;ZLjava/lang/String;Ljava/lang/String;)V", "(II[II[[IILjava/lang/String;IILjava/lang/String;ZLjava/lang/String;Ljava/lang/String;)V",
JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtimeFlags, JNIEnv *env, jclass clazz, jint uid, jint gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jint mountExternal, jstring seInfo, jint space, jint accessInfo, jobjectArray rlimits, jint mount_external, jstring se_info, jint space, jint accessInfo,
jstring niceName, jboolean startChildZygote, jstring instructionSet, jstring appDataDir) { jstring nice_name, jboolean is_child_zygote, jstring instruction_set, jstring app_data_dir) {
pre_spec(); pre_spec();
orig_spec(samsung_q, env, clazz, uid, gid, gids, runtimeFlags, rlimits, mountExternal, orig_spec(samsung_q, env, clazz, uid, gid, gids, runtime_flags, rlimits, mount_external,
seInfo, space, accessInfo, niceName, startChildZygote, instructionSet, appDataDir); se_info, space, accessInfo, nice_name, is_child_zygote, instruction_set, app_data_dir);
post_spec(); post_spec();
} }
@ -342,37 +294,38 @@ DCL_SPECIALIZE_APP(samsung_q,
// ----------------------------------------------------------------- // -----------------------------------------------------------------
#define pre_server() \ #define pre_server() \
memset(missing_arg_buf, 0, sizeof(missing_arg_buf)); \ HookContext ctx{}; \
nativeForkSystemServer_pre(env, clazz, uid, gid, gids, runtimeFlags, \ memset(args_buf, 0, sizeof(args_buf)); \
rlimits, permittedCapabilities, effectiveCapabilities) nativeForkSystemServer_pre(&ctx, env, clazz, uid, gid, gids, runtime_flags, \
rlimits, permitted_capabilities, effective_capabilities)
#define orig_server(ver, ...) \ #define orig_server(ver, ...) \
jint pid = reinterpret_cast<decltype(&nativeForkSystemServer_##ver)> \ ctx.pid = reinterpret_cast<decltype(&nativeForkSystemServer_##ver)> \
(JNI::Zygote::nativeForkSystemServer_orig->fnPtr)(__VA_ARGS__) (JNI::Zygote::nativeForkSystemServer_orig->fnPtr)(__VA_ARGS__)
#define post_server() \ #define post_server() \
nativeForkSystemServer_post(env, clazz, pid); \ nativeForkSystemServer_post(&ctx, env, clazz); \
return pid return ctx.pid
#define DCL_FORK_SERVER(ver, sig, ...) \ #define DCL_FORK_SERVER(ver, sig, ...) \
DCL_JNI(jint, nativeForkSystemServer_##ver, sig, __VA_ARGS__) DCL_JNI(jint, nativeForkSystemServer_##ver, sig, __VA_ARGS__)
DCL_FORK_SERVER(m, "(II[II[[IJJ)I", DCL_FORK_SERVER(m, "(II[II[[IJJ)I",
JNIEnv *env, jclass clazz, uid_t uid, gid_t gid, jintArray gids, jint runtimeFlags, JNIEnv *env, jclass clazz, uid_t uid, gid_t gid, jintArray gids, jint runtime_flags,
jobjectArray rlimits, jlong permittedCapabilities, jlong effectiveCapabilities) { jobjectArray rlimits, jlong permitted_capabilities, jlong effective_capabilities) {
pre_server(); pre_server();
orig_server(m, env, clazz, uid, gid, gids, runtimeFlags, rlimits, permittedCapabilities, orig_server(m, env, clazz, uid, gid, gids, runtime_flags, rlimits, permitted_capabilities,
effectiveCapabilities); effective_capabilities);
post_server(); post_server();
} }
DCL_FORK_SERVER(samsung_q, "(II[IIII[[IJJ)I", DCL_FORK_SERVER(samsung_q, "(II[IIII[[IJJ)I",
JNIEnv *env, jclass clazz, uid_t uid, gid_t gid, jintArray gids, jint runtimeFlags, JNIEnv *env, jclass clazz, uid_t uid, gid_t gid, jintArray gids, jint runtime_flags,
jint space, jint accessInfo, jobjectArray rlimits, jlong permittedCapabilities, jint space, jint accessInfo, jobjectArray rlimits, jlong permitted_capabilities,
jlong effectiveCapabilities) { jlong effective_capabilities) {
pre_server(); pre_server();
orig_server(samsung_q, env, clazz, uid, gid, gids, runtimeFlags, space, accessInfo, rlimits, orig_server(samsung_q, env, clazz, uid, gid, gids, runtime_flags, space, accessInfo, rlimits,
permittedCapabilities, effectiveCapabilities); permitted_capabilities, effective_capabilities);
post_server(); post_server();
} }
@ -410,10 +363,6 @@ static void SystemProperties_set(JNIEnv *env, jobject clazz, jstring keyJ, jstri
namespace JNI { namespace JNI {
namespace Zygote { namespace Zygote {
JNINativeMethod *nativeForkAndSpecialize_orig = nullptr;
JNINativeMethod *nativeSpecializeAppProcess_orig = nullptr;
JNINativeMethod *nativeForkSystemServer_orig = nullptr;
const JNINativeMethod nativeForkAndSpecialize_methods[] = { const JNINativeMethod nativeForkAndSpecialize_methods[] = {
DCL_FORK(m), DCL_FORK(o), DCL_FORK(p), DCL_FORK(m), DCL_FORK(o), DCL_FORK(p),
DCL_FORK(q_alt), DCL_FORK(r), DCL_FORK(q_alt), DCL_FORK(r),
@ -441,8 +390,6 @@ namespace JNI {
} }
namespace SystemProperties { namespace SystemProperties {
JNINativeMethod *native_set_orig = nullptr;
const JNINativeMethod native_set_methods[] = {{ const JNINativeMethod native_set_methods[] = {{
"native_set", "native_set",
"(Ljava/lang/String;Ljava/lang/String;)V", "(Ljava/lang/String;Ljava/lang/String;)V",