[core] Check sepolicy in backend & try livepatch

2021-03-10 01:11:59 +08:00 · 2021-03-10 01:11:59 +08:00 · 7dd171b2bb
parent ab44c566a0
commit 7dd171b2bb
10 changed files with 48 additions and 38 deletions
--- a/core/src/main/cpp/main/src/context.cpp
+++ b/core/src/main/cpp/main/src/context.cpp
@ -175,21 +175,7 @@ namespace lspd {
        LoadDex(env);
        Service::instance()->HookBridge(*this, env);
        auto binder = Service::instance()->RequestBinderForSystemServer(env);
-        if (binder) {
-            if (void *buf = mmap(nullptr, 1, PROT_READ | PROT_WRITE | PROT_EXEC,
-                                 MAP_ANONYMOUS | MAP_PRIVATE, -1,
-                                 0);
-                    buf == MAP_FAILED) {
-                 skip_ = true;
-                LOGE("skip injecting into android because sepolicy was not loaded properly");
-            } else {
-                munmap(buf, 1);
-            }
-        } else {
-            skip_ = true;
-            LOGD("skip injecting into android because no module is hooking it");
-        }
-        if (!skip_) {
+        if (binder && !skip_) {
            InstallInlineHooks();
            Init(env);
            FindAndCall(env, "forkSystemServerPost", "(Landroid/os/IBinder;)V", binder);
--- a/core/src/main/cpp/main/src/context.h
+++ b/core/src/main/cpp/main/src/context.h
@ -29,12 +29,6 @@
 #include "utils.h"

 namespace lspd {
-    enum Variant {
-        NONE = 0,
-        YAHFA = 1,
-        SANDHOOK = 2,
-    };
-
    class Context {

    public:
--- a/core/src/main/java/io/github/lsposed/lspd/core/yahfa/HookMain.java
+++ b/core/src/main/java/io/github/lsposed/lspd/core/yahfa/HookMain.java
@ -55,7 +55,6 @@ public class HookMain {
        if(!Yahfa.backupAndHookNative(target, hook, backup)){
            throw new RuntimeException("Failed to hook " + target + " with " + hook);
        } else {
-            Logger.e(target.toString());
            Yahfa.recordHooked(target);
        }
    }
--- a/core/src/main/java/io/github/lsposed/lspd/service/ConfigManager.java
+++ b/core/src/main/java/io/github/lsposed/lspd/service/ConfigManager.java
@ -28,6 +28,8 @@ import android.os.Handler;
 import android.os.HandlerThread;
 import android.os.ParcelFileDescriptor;
 import android.os.RemoteException;
+import android.os.SELinux;
+import android.os.SharedMemory;
 import android.os.SystemClock;
 import android.system.ErrnoException;
 import android.system.Os;
@ -56,6 +58,7 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.TimeUnit;

 import io.github.lsposed.lspd.Application;
 import io.github.lsposed.lspd.BuildConfig;
@ -96,11 +99,15 @@ public class ConfigManager {

    private final Handler cacheHandler;

-    long lastModuleCacheTime = 0;
-    long requestModuleCacheTime = 0;
+    private final ConcurrentHashMap<String, SharedMemory> moduleDexes = new ConcurrentHashMap<>();

-    long lastScopeCacheTime = 0;
-    long requestScopeCacheTime = 0;
+    private long lastModuleCacheTime = 0;
+    private long requestModuleCacheTime = 0;
+
+    private long lastScopeCacheTime = 0;
+    private long requestScopeCacheTime = 0;
+
+    private boolean sepolicyLoaded = true;

    static class ProcessScope {
        String processName;
@ -157,8 +164,26 @@ public class ConfigManager {
        }
    }

+    private static boolean checkSepolicy() {
+        return SELinux.checkSELinuxAccess("u:r:system_server:s0", "u:r:system_server:s0", "process", "execmem");
+    }
+
    // for system server, cache is not yet ready, we need to query database for it
    public boolean shouldSkipSystemServer() {
+        if (!checkSepolicy()) {
+            Log.d(TAG, "sepolicy is not loaded, trying livepatch");
+            try {
+                Process p = Runtime.getRuntime().exec(new String[]{"supolicy", "--live",
+                        "allow system_server system_server process execmem"});
+                p.waitFor(5, TimeUnit.SECONDS);
+            } catch (Throwable ignored) {
+            }
+        }
+        if (!checkSepolicy()) {
+            sepolicyLoaded = false;
+            Log.e(TAG, "skip injecting into android because sepolicy was not loaded properly");
+            return true; // skip
+        }
        try (Cursor cursor = db.query("scope INNER JOIN modules ON scope.mid = modules.mid", new String[]{"modules.mid"}, "app_pkg_name=? AND enabled=1", new String[]{"android"}, null, null, null)) {
            return cursor == null || !cursor.moveToNext();
        }
@ -722,4 +747,8 @@ public class ConfigManager {
    public String getManagerPackageName() {
        return manager;
    }
+
+    public boolean isSepolicyLoaded() {
+        return sepolicyLoaded;
+    }
 }
--- a/core/src/main/java/io/github/lsposed/lspd/service/LSPManagerService.java
+++ b/core/src/main/java/io/github/lsposed/lspd/service/LSPManagerService.java
@ -161,4 +161,9 @@ public class LSPManagerService extends ILSPManagerService.Stub {
            return false;
        }
    }
+
+    @Override
+    public boolean isSepolicyLoaded() throws RemoteException {
+        return ConfigManager.getInstance().isSepolicyLoaded();
+    }
 }
--- a/core/template_override/customize.sh
+++ b/core/template_override/customize.sh
@ -210,8 +210,6 @@ fi
 echo "rm -rf /data/misc/$MISC_PATH" >> "${MODPATH}/uninstall.sh" || abortC "! ${LANG_CUST_ERR_CONF_UNINST}"
 echo "[[ -f /data/adb/lspd/new_install ]] || rm -rf /data/adb/lspd" >> "${MODPATH}/uninstall.sh" || abortC "! ${LANG_CUST_ERR_CONF_UNINST}"

-echo "1" > /data/adb/lspd/config/variant
-
 if [[ ! -e /data/adb/lspd/config/verbose_log ]]; then
    echo "0" > /data/adb/lspd/config/verbose_log
 fi
--- a/core/template_override/post-fs-data.sh
+++ b/core/template_override/post-fs-data.sh
@ -57,12 +57,6 @@ RIRU_APICODE=$(cat "${RIRU_PATH}/api_version")
 MAGISK_VERSION=$(magisk -v)
 MAGISK_VERCODE=$(magisk -V)

-livePatch() {
-    # Should be deprecated now. This is for debug only.
-    supolicy --live "allow system_server system_server process execmem" \
-                    "allow system_server system_server memprotect mmap_zero"
-}
-
 MISC_PATH=$(cat /data/adb/lspd/misc_path)
 BASE_PATH="/data/misc/$MISC_PATH"

@ -135,9 +129,6 @@ start_log_catcher () {
    echo "${LOG_PID}">"${LOG_PATH}/${LOG_FILE_NAME}.pid"
 }

-# execute live patch if rule not found
-[[ -f "${MODDIR}/sepolicy.rule" ]] || livePatch
-
 if [[ -f "/data/adb/riru/modules/lspd.prop" ]]; then
    CONFIG=$(cat "/data/adb/riru/modules/lspd.prop")
    [[ -d "${TARGET}/${CONFIG}" ]] || mkdir -p "${TARGET}/${CONFIG}"
--- a/core/template_override/sepolicy.rule
+++ b/core/template_override/sepolicy.rule
@ -1,2 +1 @@
 allow system_server system_server process execmem
-allow system_server system_server memprotect mmap_zero
--- a/hiddenapi-stubs/src/main/java/android/os/SELinux.java
+++ b/hiddenapi-stubs/src/main/java/android/os/SELinux.java
@ -0,0 +1,7 @@
+package android.os;
+
+public class SELinux {
+    public static final boolean checkSELinuxAccess(String scon, String tcon, String tclass, String perm){
+        throw new UnsupportedOperationException("Stub");
+    }
+}
--- a/manager-service/src/main/aidl/io/github/lsposed/lspd/ILSPManagerService.aidl
+++ b/manager-service/src/main/aidl/io/github/lsposed/lspd/ILSPManagerService.aidl
@ -46,4 +46,6 @@ interface ILSPManagerService {
    void reboot(boolean confirm, String reason, boolean wait) = 24;

    boolean uninstallPackage(String packageName) = 25;
+
+    boolean isSepolicyLoaded() = 26;
 }