From d67b34fd166303663be5a3b96933829d8180525e Mon Sep 17 00:00:00 2001 From: LoveSy Date: Tue, 25 May 2021 16:49:30 +0800 Subject: [PATCH] [core] Remove RiruHook (#677) * First, dex2oat flags are not read by zygote and its child but installd so hooking it with Riru does nothing. * Second, we do not set native flag for methods so we don't need to handle the Oreo special case. --- core/src/main/cpp/main/src/native_hook.cpp | 45 ++---- core/src/main/cpp/main/src/riru_hook.cpp | 143 -------------------- core/src/main/cpp/main/src/riru_hook.h | 40 ------ core/src/main/cpp/main/src/symbol_cache.cpp | 6 - core/src/main/cpp/main/src/symbol_cache.h | 2 - 5 files changed, 15 insertions(+), 221 deletions(-) delete mode 100644 core/src/main/cpp/main/src/riru_hook.cpp delete mode 100644 core/src/main/cpp/main/src/riru_hook.h diff --git a/core/src/main/cpp/main/src/native_hook.cpp b/core/src/main/cpp/main/src/native_hook.cpp index da0caff3..c01f3734 100644 --- a/core/src/main/cpp/main/src/native_hook.cpp +++ b/core/src/main/cpp/main/src/native_hook.cpp @@ -29,7 +29,6 @@ #include "logging.h" #include "native_api.h" #include "native_hook.h" -#include "riru_hook.h" #include "art/runtime/mirror/class.h" #include "art/runtime/art_method.h" #include "art/runtime/class_linker.h" @@ -40,39 +39,25 @@ #include "art/runtime/gc/scoped_gc_critical_section.h" namespace lspd { - static volatile bool installed = false; - static volatile bool art_hooks_installed = false; - - void InstallArtHooks(void *art_handle); + static std::atomic_bool installed = false; void InstallInlineHooks() { - if (installed) { - LOGI("Inline hooks have been installed, skip"); + if (installed.exchange(true)) { + LOGD("Inline hooks have been installed, skip"); return; } - installed = true; - LOGI("Start to install inline hooks"); - InstallRiruHooks(); - InstallArtHooks(handle_libart); - } - - void InstallArtHooks(void *art_handle) { - if (art_hooks_installed) { - return; - } - art::Runtime::Setup(art_handle); - art::hidden_api::DisableHiddenApi(art_handle); - art::art_method::Setup(art_handle); - art::Thread::Setup(art_handle); - art::ClassLinker::Setup(art_handle); - art::mirror::Class::Setup(art_handle); - art::JNIEnvExt::Setup(art_handle); - art::instrumentation::DisableUpdateHookedMethodsCode(art_handle); - art::thread_list::ScopedSuspendAll::Setup(art_handle); - art::gc::ScopedGCCriticalSection::Setup(art_handle); - - art_hooks_installed = true; - LOGI("ART hooks installed"); + LOGD("Start to install inline hooks"); + art::Runtime::Setup(handle_libart); + art::hidden_api::DisableHiddenApi(handle_libart); + art::art_method::Setup(handle_libart); + art::Thread::Setup(handle_libart); + art::ClassLinker::Setup(handle_libart); + art::mirror::Class::Setup(handle_libart); + art::JNIEnvExt::Setup(handle_libart); + art::instrumentation::DisableUpdateHookedMethodsCode(handle_libart); + art::thread_list::ScopedSuspendAll::Setup(handle_libart); + art::gc::ScopedGCCriticalSection::Setup(handle_libart); + LOGD("Inline hooks installed"); } } diff --git a/core/src/main/cpp/main/src/riru_hook.cpp b/core/src/main/cpp/main/src/riru_hook.cpp deleted file mode 100644 index 2f39b503..00000000 --- a/core/src/main/cpp/main/src/riru_hook.cpp +++ /dev/null @@ -1,143 +0,0 @@ -/* - * This file is part of LSPosed. - * - * LSPosed is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * LSPosed is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with LSPosed. If not, see . - * - * Copyright (C) 2020 EdXposed Contributors - * Copyright (C) 2021 LSPosed Contributors - */ - -#include -#include -#include -#include -#include -#include "utils.h" -#include "riru_hook.h" -#include "symbol_cache.h" - -namespace lspd { - - static int api_level = 0; - - //Max length of property values - //Ref https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/os/SystemProperties.java - //static const int PROP_VALUE_MAX = 91; - - CREATE_HOOK_STUB_ENTRIES( - "__system_property_get", - int, __system_property_get, (const char *key, char *value), { - int res = backup(key, value); - if (key) { - if (strcmp(kPropKeyCompilerFilter, key) == 0) { -// strcpy(value, kPropValueCompilerFilter); - LOGI("system_property_get: %s -> %s", key, value); - } - - if (strcmp(kPropKeyCompilerFlags, key) == 0) { - if (strcmp(value, "") == 0) - strcpy(value, kPropValueCompilerFlags); - else if (strstr(value, kPropValueCompilerFlags) == nullptr) { - if (strlen(value) + strlen(kPropValueCompilerFlagsWS) > - PROP_VALUE_MAX) { - //just fallback, why not - LOGI("Cannot add option to disable inline opt! Fall back to replace.."); - strcpy(value, kPropValueCompilerFlags); - } else { - strcat(value, kPropValueCompilerFlagsWS); - } - } - LOGI("system_property_get: %s -> %s", key, value); - } - - - if (api_level == __ANDROID_API_O_MR1__) { - // https://android.googlesource.com/platform/art/+/f5516d38736fb97bfd0435ad03bbab17ddabbe4e - // Android 8.1 add a fatal check for debugging (removed in Android 9.0), - // which will be triggered by LSPosed in cases where target method is hooked - // (native flag set) after it has been called several times(getCounter() return positive number) - if (strcmp(kPropKeyUseJitProfiles, key) == 0) { - strcpy(value, "false"); - } else if (strcmp(kPropKeyPmBgDexopt, key) == 0) { - // use speed as bg-dexopt filter since that speed-profile won't work after - // jit profiles is disabled - strcpy(value, kPropValuePmBgDexopt); - } - LOGD("system_property_get: %s -> %s", key, value); - } - } - return res; - }); - - CREATE_HOOK_STUB_ENTRIES( - "_ZN7android4base11GetPropertyERKNSt3__112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEES9_", - std::string, GetProperty, (const std::string &key, const std::string &default_value), { - std::string res = backup(key, default_value); - if (strcmp(kPropKeyCompilerFilter, key.c_str()) == 0) { -// res = kPropValueCompilerFilter; - LOGI("android::base::GetProperty: %s -> %s", key.c_str(), res.c_str()); - } - - if (strcmp(kPropKeyCompilerFlags, key.c_str()) == 0) { - if (strcmp(res.c_str(), "") == 0) - res = kPropValueCompilerFlags; - else if (strstr(res.c_str(), kPropValueCompilerFlags) == nullptr) { - if (strlen(res.c_str()) + strlen(kPropValueCompilerFlagsWS) > - PROP_VALUE_MAX) { - //just fallback, why not - LOGI("Cannot add option to disable inline opt! Fall back to replace.."); - res = kPropValueCompilerFlags; - } else { - res.append(kPropValueCompilerFlagsWS); - } - } - LOGI("android::base::GetProperty: %s -> %s", key.c_str(), res.c_str()); - } - - if (api_level == __ANDROID_API_O_MR1__) { - // see __system_property_get hook above for explanations - if (strcmp(kPropKeyUseJitProfiles, key.c_str()) == 0) { - res = "false"; - } else if (strcmp(kPropKeyPmBgDexopt, key.c_str()) == 0) { - res = kPropValuePmBgDexopt; - } - LOGD("android::base::GetProperty: %s -> %s", key.c_str(), res.c_str()); - } - return res; - }); - - void InstallRiruHooks() { - - LOGI("Start to install Riru hook"); - - api_level = GetAndroidApiLevel(); - - if (!sym_system_property_get) { - LOGE("Failed to get symbol of __system_property_get"); - return; - } - HookSymNoHandle(sym_system_property_get, __system_property_get); - - if (GetAndroidApiLevel() >= __ANDROID_API_P__) { - if (!sym_get_property) { - LOGE("Failed to get symbol of _ZN7android4base11GetPropertyERKNSt3__112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEES9_"); - return; - } - HookSymNoHandle(sym_get_property, GetProperty); - } - - LOGI("Riru hooks installed"); - } - -} diff --git a/core/src/main/cpp/main/src/riru_hook.h b/core/src/main/cpp/main/src/riru_hook.h deleted file mode 100644 index 82989f40..00000000 --- a/core/src/main/cpp/main/src/riru_hook.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * This file is part of LSPosed. - * - * LSPosed is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * LSPosed is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with LSPosed. If not, see . - * - * Copyright (C) 2020 EdXposed Contributors - * Copyright (C) 2021 LSPosed Contributors - */ - -#pragma once -#include - -namespace lspd { - - // @ApiSensitive(Level.HIGH) - static constexpr const char *kPropKeyCompilerFilter = "dalvik.vm.dex2oat-filter"; - static constexpr const char *kPropKeyCompilerFlags = "dalvik.vm.dex2oat-flags"; - static constexpr const char *kPropKeyUseJitProfiles = "dalvik.vm.usejitprofiles"; - static constexpr const char *kPropKeyPmBgDexopt = "pm.dexopt.bg-dexopt"; - - static constexpr const char *kPropValueCompilerFilter = "quicken"; - static constexpr const char *kPropValuePmBgDexopt = "speed"; - static constexpr const char *kPropValueCompilerFlags = "--inline-max-code-units=0"; - static constexpr const char *kPropValueCompilerFlagsWS = " --inline-max-code-units=0"; - - - void InstallRiruHooks(); - -} diff --git a/core/src/main/cpp/main/src/symbol_cache.cpp b/core/src/main/cpp/main/src/symbol_cache.cpp index f2cf7f66..bb077e60 100644 --- a/core/src/main/cpp/main/src/symbol_cache.cpp +++ b/core/src/main/cpp/main/src/symbol_cache.cpp @@ -33,8 +33,6 @@ namespace lspd { bool sym_initialized = false; void *sym_do_dlopen = nullptr; - void *sym_system_property_get = nullptr; - void *sym_get_property = nullptr; void *handle_libart = nullptr; void *sym_openInMemoryDexFilesNative = nullptr; void *sym_createCookieWithArray = nullptr; @@ -156,10 +154,6 @@ namespace lspd { (somain = getStaticVariable(linker, "__dl__ZL6somain")) && (sym_do_dlopen = reinterpret_cast(linker.getSymbAddress( "__dl__Z9do_dlopenPKciPK17android_dlextinfoPKv"))) && - (sym_system_property_get = reinterpret_cast(libc.getSymbAddress( - "__system_property_get"))) && - (sym_get_property = reinterpret_cast(libbase.getSymbAddress( - "_ZN7android4base11GetPropertyERKNSt3__112basic_stringIcNS1_11char_traitsIcEENS1_9allocatorIcEEEES9_"))) && soinfo::setup(linker) && (handle_libart = findLibArt()); if (UNLIKELY(!sym_initialized)) { LOGE("Init symbol cache failed"); diff --git a/core/src/main/cpp/main/src/symbol_cache.h b/core/src/main/cpp/main/src/symbol_cache.h index c56fba1f..49cc6752 100644 --- a/core/src/main/cpp/main/src/symbol_cache.h +++ b/core/src/main/cpp/main/src/symbol_cache.h @@ -28,8 +28,6 @@ namespace lspd { extern bool sym_initialized; extern void *sym_do_dlopen; - extern void *sym_system_property_get; - extern void *sym_get_property; extern void *handle_libart; extern void *sym_openInMemoryDexFilesNative; extern void *sym_createCookieWithArray;