On some devices `dex2oat` cannot access files (fd) received from sockets due to SELinux restrictions.
Hence, we add a new rule according to the avc logs, which showed that permissions `open` and `getattr` were needed.
1. The SELinux context label `magisk_file` is widely used by Zygisk implementation modules. It is improper for LSPosed to abuse this label for its own files. We replace it by `xposed_file`.
2. A new rule added according to the SELinux logs, which is needed to write to the mangaer's SharedPreference.
3. `xposed_data` is a new SELinux context label for XSharedPreference files, it is not meant to provide MAC restricted access but to conform with Android's rule: https://developer.android.com/about/versions/pie/android-9.0-changes-28#per-app-selinux.
4. We add attribute `mlstrustedobject` to ignore the `Multi-Level and Multi-Category Security` enforced on Android.
1. Set log buffer size for system
2. Increase buffer size to 128 Kb
3. Record also logs for APatch, KernelSU and SELinux
4. Add installation tasks for APatch
With inline hook, we no longer need to scan process virtual maps.
Moreover, I can no longer justify the point 3 stated in commit
156c6ae855 by experiments, which is
mysterious given my previous experiments done for the commit
3c020a9cd7.
Currently, only one thing is sure: reading `/proc/self/map` can be
detected by Holmes. Hence, it is always a good practice to not inject
unnecessary codes during the preAppSpecialize API.
It is observed that `enableWatchDog` might be called after the manager
activity is resumed without user's interaction, due to some unknown
mechanism of preference refreshing.
* Fix warnings of CMake
To completely remove CMake version warnings, one may need to change the CMakeLists.txt file in the NDK installation.
* Add compiler flag -Wpedantic
Show compilation errors for the core subject, while ignore some of them
Log watchdog is meant to revert changes to the system prop
`persist.log.tag`, which sets global log level, see docs at
https://cs.android.com/android/platform/superproject/main/+/main:system/logging/logd/README.property
Current commit fixes the following:
1. avoid recast size value `-1` to unsigned integer type size_t;
2. allow the `Enable log watchdog` to removed added system prop and
restart the watchdog forcely.
* New translations strings.xml (French, Romanian, Chinese)
* Fix Crowdin CDATA escape problem
The gradle parsing error happens because the character `'` of
`system_prop_incorrect` still needs to be escaped even it has already
been enclosed in CDATA.
Allow users to select all/none and automatically include new applications.
Close#93 as completed.
Co-authored-by: mywalk <66966897+mywalkb@users.noreply.github.com>
Moreover, we may need to abandon PLT hooks in the future.
Currently, there aren't many symbols found in the section .dynsym that
are hooked targets of LSPlant, and more of them are found in the .symtab
section.
In Android 16 DP1, hooked art symbols in .dynsym (thus could be hooked
using the PLT hook) are:
1. _ZN3art6mirror5Class9SetStatusENS_6HandleIS1_EENS_11ClassStatusEPNS_6ThreadE
2. _ZN3art3jit12JitCodeCache12DoCollectionEPNS_6ThreadE
, while symbols in .symtab (must be hooked using inline hook) are:
1. _ZN3art11ClassLinker22FixupStaticTrampolinesEPNS_6ThreadENS_6ObjPtrINS_6mirror5ClassEEE
2. _ZN3art11ClassLinker14RegisterNativeEPNS_6ThreadEPNS_9ArtMethodEPKv
3. _ZN3art11ClassLinker16UnregisterNativeEPNS_6ThreadEPNS_9ArtMethodE
4. _ZN3art11ClassLinker26VisiblyInitializedCallback22MarkVisiblyInitializedEPNS_6ThreadE
Hence, PLT hooks no longer provide sufficient advantages over inline
hooks. Also, we may consider using shadowhook to replace Doddy for the
arm CPU archs.
The previous commit 5da38f60a2 is not
complete since `GetArt(true)` will destroy the static SandHook::ElfImg
object.
Since in the previous two commits we have postponed the initialization
of LSPlant, we can now keep the symbol cache of `libart` for the
InitArtHooker call in method `OnNativeForkSystemServerPost`. Symbol
cache works because we are using local static object in the function
`GetArt`, whose life-cycle is not constraint by the function block.
Current commit will restore the modifications 1,4 in the previous
commit 156c6ae855. Thanks for people in
the community, @privacyguy123, @aviraxp and @HuskyDG, just to name a
few, to notice my sever mistakes.
Those mistakes are mainly caused by my inconsistent usage of testing
environments. I wrongly compared the detecting results with different
`Zygisk` implementations and was too assertive and careless to make those
changes. Here is the explanation for reverting the previous commit:
1. `system.prop` is not extracted for Android 1O+ devices in
`customize.sh`;
2. mounting /data/resource-cache is still needed in some systems
(ColorOS, to be confirmed), and it isn't a detection point.
To verify that modifications 2,3 are effective, I tested them with `Zygisk
Next` 1.2.4 (445-031a64c-release) and `Holmes` V1.5.1 Narcissus on
`Magisk` a34c04f9 280002.
1. Avoid changing `system.prop`: there is already no need to add
system-wise `dex2oat` flags, since LSPosed provides a wrapper for it,
see https://nullptr.icu/index.php/archives/53/ for detailed
explanation;
2. Postpone initialization of LSPlant: initialization of `initInfo`
during the `onLoad` Zygisk api will change the order of parsed files
in memory, especially bring the item `libart.so` forward;
3. Close opened virtual map file: this should no longer be a problem
after the second point is applied since it is no longer opened during
`onLoad`, but let us close it as a good practice;
4. Remove /data/resource-cache mount: introduced in
https://github.com/LSPosed/LSPosed/pull/1627, most likely designed to
solve problems in early versions of root solutions and being reverted
does not change the function of deamon since we will have to wait
sufficient time in `waitSystemService` of `LSPosedService` manager.
Of course, more tests are neeeded on different devices to see if
parasitic notification manager will work as expected.
Close#98#96 as fixed.
In the decomplied smali files, the method `load_overrides_systemui`
of the class `FeatureFlagsImpl` is called only if its field
`systemui_is_cached` is false.
* New translations strings.xml (Japanese)
* New translations strings.xml (Japanese)
* New translations strings.xml (Japanese)
* New translations strings.xml (French)
* New translations strings.xml (Japanese)
* New translations strings.xml (Turkish)
* New translations strings.xml (Japanese)
JingMatrix
dependabot[bot]
RichardLuo
Keeperorowner