Isolate root daemon from requests

jni/daemon/daemon.c

@@ -23,7 +23,9 @@
 
 pthread_t sepol_patch;
 
-static void request_handler(int client) {
+static void *request_handler(void *args) {
+	int client = *((int *) args);
+	free(args);
 	client_request req = read_int(client);
 	char *s;
 	int pid, status, code;
@@ -68,6 +70,7 @@ static void request_handler(int client) {
 		close(client);
 		break;
 	}
+	return NULL;
 }
 
 /* Setup the address and return socket fd */
@@ -112,12 +115,12 @@ void start_daemon() {
 	xsetsid();
 	xsetcon("u:r:su:s0");
 
-	// Patch selinux with medium patch, blocking
+	// Patch selinux with medium patch before we do anything
 	load_policydb("/sys/fs/selinux/policy");
 	sepol_med_rules();
 	dump_policydb("/sys/fs/selinux/load");
 
-	// Continue the larger patch in another thread, will join later
+	// Continue the larger patch in another thread, we will need to join later
 	pthread_create(&sepol_patch, NULL, large_sepol_patch, NULL);
 
 	struct sockaddr_un sun;
@@ -144,11 +147,18 @@ void start_daemon() {
 	xmount(NULL, "/", NULL, MS_REMOUNT, NULL);
 	create_links(NULL, "/sbin");
 	chmod("/sbin", 0755);
+	mkdir("/magisk", 0755);
+	chmod("/magisk", 0755);
 	xmount(NULL, "/", NULL, MS_REMOUNT | MS_RDONLY, NULL);
 
 	// Loop forever to listen to requests
 	while(1) {
-		request_handler(xaccept(fd, NULL, NULL));
+		int *client = xmalloc(sizeof(int));
+		*client = xaccept(fd, NULL, NULL);
+		pthread_t thread;
+		xpthread_create(&thread, NULL, request_handler, client);
+		// Detach the thread, we will never join it
+		pthread_detach(thread);
 	}
 }
 

jni/daemon/log_monitor.c

@@ -32,5 +32,6 @@ static void *logger_thread(void *args) {
 /* Start a new thread to monitor logcat and dump to logfile */
 void monitor_logs() {
 	pthread_t log_monitor_thread;
-	pthread_create(&log_monitor_thread, NULL, logger_thread, NULL);
+	xpthread_create(&log_monitor_thread, NULL, logger_thread, NULL);
+	pthread_detach(log_monitor_thread);
 }

jni/magiskhide/list_manager.c

@@ -37,9 +37,9 @@ int add_list(char *proc) {
 	ps_filter_proc_name(proc, kill_proc);
 
 	// Critical region
-	pthread_mutex_lock(&lock);
+	pthread_mutex_lock(&hide_lock);
 	hide_list = new_list;
-	pthread_mutex_unlock(&lock);
+	pthread_mutex_unlock(&hide_lock);
 
 	// Free old list
 	vec_destroy(temp);
@@ -74,9 +74,9 @@ int rm_list(char *proc) {
 		LOGI("hide_list rm: [%s]\n", proc);
 		ps_filter_proc_name(proc, kill_proc);
 		// Critical region
-		pthread_mutex_lock(&lock);
+		pthread_mutex_lock(&hide_lock);
 		hide_list = new_list;
-		pthread_mutex_unlock(&lock);
+		pthread_mutex_unlock(&hide_lock);
 		if (vector_to_file(HIDELIST, hide_list))
 			return 1;
 	}

jni/magiskhide/magiskhide.c

@@ -23,7 +23,7 @@ struct vector *hide_list = NULL;
 
 int hideEnabled = 0;
 static pthread_t proc_monitor_thread;
-pthread_mutex_t lock;
+pthread_mutex_t hide_lock;
 
 void kill_proc(int pid) {
 	kill(pid, SIGTERM);
@@ -43,12 +43,11 @@ static void usage(char *arg0) {
 }
 
 void launch_magiskhide(int client) {
-	if (hideEnabled)
+	if (hideEnabled) {
-		goto success;
+		write_int(client, 0);
-	/*
+		close(client);
-	 * The setns system call do not support multithread processes
+		return;
-	 * We have to fork a new process, and communicate with pipe
+	}
-	 */
 
 	LOGI("* Starting MagiskHide\n");
 
@@ -60,7 +59,11 @@ void launch_magiskhide(int client) {
 	if (socketpair(AF_LOCAL, SOCK_STREAM, 0, sv) == -1)
 		goto error;
 
-	// Launch the hide daemon
+	/*
+	 * The setns system call do not support multithread processes
+	 * We have to fork a new process, and communicate with sockets
+	 */
+
 	if (hide_daemon())
 		goto error;
 
@@ -73,15 +76,18 @@ void launch_magiskhide(int client) {
 	// Add SafetyNet by default
 	add_list(strdup("com.google.android.gms.unstable"));
 
-	// Start a new thread to monitor processes
+	// Initialize the mutex lock
-	pthread_mutex_init(&lock, NULL);
+	pthread_mutex_init(&hide_lock, NULL);
-	if (xpthread_create(&proc_monitor_thread, NULL, proc_monitor, NULL))
-		goto error;
 
-success:
 	write_int(client, 0);
 	close(client);
+
+	// Get thread reference
+	proc_monitor_thread = pthread_self();
+	// Start monitoring
+	proc_monitor();
 	return;
+
 error:
 	hideEnabled = 0;
 	write_int(client, 1);
@@ -98,16 +104,18 @@ error:
 }
 
 void stop_magiskhide(int client) {
-	if (!hideEnabled)
+	if (!hideEnabled) {
+		write_int(client, 0);
+		close(client);
 		return;
+	}
 
 	LOGI("* Stopping MagiskHide\n");
 
-	pthread_kill(proc_monitor_thread, SIGUSR1);
-	pthread_join(proc_monitor_thread, NULL);
-
 	hideEnabled = 0;
 	setprop("persist.magisk.hide", "0");
+	pthread_kill(proc_monitor_thread, SIGUSR1);
+
 	write_int(client, 0);
 	close(client);
 }

jni/magiskhide/magiskhide.h

@@ -15,7 +15,7 @@ void kill_proc(int pid);
 int hide_daemon();
 
 // Process monitor
-void *proc_monitor(void *args);
+void proc_monitor();
 
 // Preprocess
 void manage_selinux();
@@ -30,6 +30,6 @@ int destroy_list();
 
 extern int sv[2], hide_pid, hideEnabled;
 extern struct vector *hide_list;
-extern pthread_mutex_t lock;
+extern pthread_mutex_t hide_lock;
 
 #endif

jni/magiskhide/proc_monitor.c

@@ -44,7 +44,7 @@ static void quit_pthread(int sig) {
 	write(sv[0], &kill, sizeof(kill));
 	close(sv[0]);
 	waitpid(hide_pid, NULL, 0);
-	pthread_mutex_destroy(&lock);
+	pthread_mutex_destroy(&hide_lock);
 	LOGD("proc_monitor: terminating...\n");
 	pthread_exit(NULL);
 }
@@ -63,7 +63,7 @@ static void proc_monitor_err() {
 	quit_pthread(SIGUSR1);
 }
 
-void *proc_monitor(void *args) {
+void proc_monitor() {
 	// Register the cancel signal
 	signal(SIGUSR1, quit_pthread);
 	// The error handler should only exit the thread, not the whole process
@@ -120,7 +120,7 @@ void *proc_monitor(void *args) {
 		ret = 0;
 
 		// Critical region
-		pthread_mutex_lock(&lock);
+		pthread_mutex_lock(&hide_lock);
 		vec_for_each(hide_list, line) {
 			if (strcmp(processName, line) == 0) {
 				read_namespace(pid, buffer, 32);
@@ -152,7 +152,7 @@ void *proc_monitor(void *args) {
 				break;
 			}
 		}
-		pthread_mutex_unlock(&lock);
+		pthread_mutex_unlock(&hide_lock);
 
 		if (ret) {
 			// Wait hide process to kill itself
@@ -163,5 +163,4 @@ void *proc_monitor(void *args) {
 
 	// Should never be here
 	quit_pthread(SIGUSR1);
-	return NULL;
 }