Add global toggle for ptrace monitor

native/jni/magiskhide/hide_policy.cpp

@@ -30,7 +30,7 @@ static const char *late_prop_val[] =
         { "green", nullptr };
 
 void hide_sensitive_props() {
-    LOGI("hide_policy: Hiding sensitive props\n");
+    LOGI("hide: Hiding sensitive props\n");
 
     for (int i = 0; prop_key[i]; ++i) {
         auto value = getprop(prop_key[i]);
@@ -63,7 +63,7 @@ void hide_sensitive_props() {
 }
 
 void hide_late_sensitive_props() {
-    LOGI("hide_policy: Hiding sensitive props (late)\n");
+    LOGI("hide: Hiding sensitive props (late)\n");
 
     for (int i = 0; late_prop_key[i]; ++i) {
         auto value = getprop(late_prop_key[i]);
@@ -74,9 +74,10 @@ void hide_late_sensitive_props() {
 
 static void lazy_unmount(const char* mountpoint) {
     if (umount2(mountpoint, MNT_DETACH) != -1)
-        LOGD("hide_policy: Unmounted (%s)\n", mountpoint);
+        LOGD("hide: Unmounted (%s)\n", mountpoint);
 }
 
+#if ENABLE_PTRACE_MONITOR
 void hide_daemon(int pid) {
     if (fork_dont_care() == 0) {
         hide_unmount(pid);
@@ -85,15 +86,16 @@ void hide_daemon(int pid) {
         _exit(0);
     }
 }
+#endif
 
 #define TMPFS_MNT(dir) (mentry->mnt_type == "tmpfs"sv && \
 strncmp(mentry->mnt_dir, "/" #dir, sizeof("/" #dir) - 1) == 0)
 
 void hide_unmount(int pid) {
-    if (switch_mnt_ns(pid))
+    if (pid > 0 && switch_mnt_ns(pid))
         return;
 
-    LOGD("hide_policy: handling PID=[%d]\n", pid);
+    LOGD("hide: handling PID=[%d]\n", pid);
 
     char val;
     int fd = xopen(SELINUX_ENFORCE, O_RDONLY);

native/jni/magiskhide/hide_utils.cpp

@@ -1,11 +1,9 @@
 #include <sys/types.h>
 #include <sys/stat.h>
-#include <stdio.h>
-#include <stdlib.h>
 #include <unistd.h>
 #include <fcntl.h>
 #include <dirent.h>
-#include <string.h>
+#include <set>
 
 #include <magisk.hpp>
 #include <utils.hpp>
@@ -15,7 +13,6 @@
 
 using namespace std;
 
-static pthread_t monitor_thread;
 static bool hide_state = false;
 static set<pair<string, string>> hide_set;   /* set of <pkg, process> pair */
 map<int, vector<string_view>> uid_proc_map;  /* uid -> list of process */
@@ -23,6 +20,10 @@ map<int, vector<string_view>> uid_proc_map;  /* uid -> list of process */
 // Locks the variables above
 pthread_mutex_t hide_state_lock = PTHREAD_MUTEX_INITIALIZER;
 
+#if ENABLE_PTRACE_MONITOR
+static pthread_t monitor_thread;
+#endif
+
 void update_uid_map() {
     mutex_guard lock(hide_state_lock);
     uid_proc_map.clear();
@@ -82,7 +83,7 @@ static bool proc_name_match(int pid, const char *name) {
     if (auto fp = open_file(buf, "re")) {
         fgets(buf, sizeof(buf), fp.get());
         if (str_op(buf, name)) {
-            LOGD("hide_utils: kill PID=[%d] (%s)\n", pid, buf);
+            LOGD("hide: kill PID=[%d] (%s)\n", pid, buf);
             return true;
         }
     }
@@ -221,7 +222,7 @@ static bool str_ends_safe(string_view s, string_view ss) {
 #define MICROG_PKG   "org.microg.gms.droidguard"
 
 static bool init_list() {
-    LOGD("hide_list: initialize\n");
+    LOGD("hide: initialize\n");
 
     char *err = db_exec("SELECT * FROM hidelist", [](db_row &row) -> bool {
         add_hide_set(row["package_name"].data(), row["process"].data());
@@ -281,7 +282,7 @@ int launch_magiskhide() {
     if (procfp == nullptr && (procfp = opendir("/proc")) == nullptr)
         return DAEMON_ERROR;
 
-    LOGI("* Starting MagiskHide\n");
+    LOGI("* Enable MagiskHide\n");
 
     // Initialize the hide list
     if (!init_list())
@@ -291,9 +292,11 @@ int launch_magiskhide() {
     if (DAEMON_STATE >= STATE_BOOT_COMPLETE || DAEMON_STATE == STATE_NONE)
         hide_late_sensitive_props();
 
+#if ENABLE_PTRACE_MONITOR
     // Start monitoring
     if (new_daemon_thread(&proc_monitor))
         return DAEMON_ERROR;
+#endif
 
     hide_state = true;
     update_hide_config();
@@ -304,10 +307,12 @@ int stop_magiskhide() {
     mutex_guard g(hide_state_lock);
 
     if (hide_state) {
-        LOGI("* Stopping MagiskHide\n");
+        LOGI("* Disable MagiskHide\n");
         uid_proc_map.clear();
         hide_set.clear();
+#if ENABLE_PTRACE_MONITOR
         pthread_kill(monitor_thread, SIGTERMTHRD);
+#endif
     }
 
     hide_state = false;
@@ -317,7 +322,9 @@ int stop_magiskhide() {
 
 void auto_start_magiskhide() {
     if (hide_enabled()) {
+#if ENABLE_PTRACE_MONITOR
         pthread_kill(monitor_thread, SIGALRM);
+#endif
         hide_late_sensitive_props();
     } else if (SDK_INT >= 19) {
         db_settings dbs;
@@ -327,8 +334,10 @@ void auto_start_magiskhide() {
     }
 }
 
+#if ENABLE_PTRACE_MONITOR
 void test_proc_monitor() {
     if (procfp == nullptr && (procfp = opendir("/proc")) == nullptr)
         exit(1);
     proc_monitor();
 }
+#endif

native/jni/magiskhide/magiskhide.cpp

@@ -105,7 +105,7 @@ int magiskhide_main(int argc, char *argv[]) {
         execvp(argv[2], argv + 2);
         exit(1);
     }
-#if 0
+#if 0 && ENABLE_PTRACE_MONITOR
     else if (opt == "test"sv)
         test_proc_monitor();
 #endif

native/jni/magiskhide/magiskhide.hpp

@@ -5,26 +5,30 @@
 #include <pthread.h>
 #include <unistd.h>
 #include <dirent.h>
-#include <string>
+#include <string_view>
 #include <functional>
 #include <map>
-#include <set>
 
 #include <daemon.hpp>
 
 #define SIGTERMTHRD SIGUSR1
 #define ISOLATED_MAGIC "isolated"
 
+// Global toggle for ptrace monitor
+#define ENABLE_PTRACE_MONITOR 1
+
 // CLI entries
 int launch_magiskhide();
 int stop_magiskhide();
 int add_list(int client);
 int rm_list(int client);
 void ls_list(int client);
-[[noreturn]] void test_proc_monitor();
 
+#if ENABLE_PTRACE_MONITOR
 // Process monitoring
 [[noreturn]] void proc_monitor();
+[[noreturn]] void test_proc_monitor();
+#endif
 
 // Utility functions
 void crawl_procfs(const std::function<bool (int)> &fn);
@@ -34,7 +38,7 @@ void update_uid_map();
 
 // Hide policies
 void hide_daemon(int pid);
-void hide_unmount(int pid = getpid());
+void hide_unmount(int pid = -1);
 void hide_sensitive_props();
 void hide_late_sensitive_props();