Commit Graph

58 Commits

Author SHA1 Message Date
JingMatrix cdc536f10b Adapt LSPosedBridge to convention-based hooker discovery (#534)
We update `LSPosedBridge` to align with upstream API changes, which have replaced annotation-based hooker discovery with a naming convention.

The `doHook` implementation has been refactored to:
- Remove dependencies on the deleted `io.github.libxposed.api.annotations` package (`XposedHooker`, `BeforeInvocation`, `AfterInvocation`).
- Scan for public static methods explicitly named `before` and `after` instead of relying on annotations.
- Enforce validation on these named methods to ensure they match the required signatures.

To adapt to this change, existing Hooker classes are refactored by removing the deprecated annotations and renaming their callback methods to `before` and `after` respectively.

Co-authored-by: frknkrc44 <krc440002@gmail.com>
2026-02-14 16:03:50 +01:00
JingMatrix 1d09934523 Remove redundant MapInfo::Scan function
With inline hook, we no longer need to scan process virtual maps.

Moreover, I can no longer justify the point 3 stated in commit
156c6ae855 by experiments, which is
mysterious given my previous experiments done for the commit
3c020a9cd7.

Currently, only one thing is sure: reading `/proc/self/map` can be
detected by Holmes. Hence, it is always a good practice to not inject
unnecessary codes during the preAppSpecialize API.
2024-12-11 17:02:38 +01:00
JingMatrix e7a5835d8f
Clear compilation warnings (#121)
* Fix warnings of CMake

To completely remove CMake version warnings, one may need to change the CMakeLists.txt file in the NDK installation.

* Add compiler flag -Wpedantic

Show compilation errors for the core subject, while ignore some of them
2024-12-09 22:15:18 +01:00
JingMatrix 6eb133b114 Fix incorrect initInfo parameter
Since we are using Dobby inline hook, the field `is_plt_hook` should be
the default value, i.e., false.

Close #113 as fixed.
2024-12-06 22:29:40 +01:00
JingMatrix c5ff4c0e3a Abandon PLT hook for LSPlant
See the previous commit for reasons.
2024-12-04 11:55:28 +01:00
JingMatrix cc26efe6d3 Fix pltHook parameters
Moreover, we may need to abandon PLT hooks in the future.
Currently, there aren't many symbols found in the section .dynsym that
are hooked targets of LSPlant, and more of them are found in the .symtab
section.

In Android 16 DP1, hooked art symbols in .dynsym (thus could be hooked
using the PLT hook) are:
1. _ZN3art6mirror5Class9SetStatusENS_6HandleIS1_EENS_11ClassStatusEPNS_6ThreadE
2. _ZN3art3jit12JitCodeCache12DoCollectionEPNS_6ThreadE
, while symbols in .symtab (must be hooked using inline hook) are:
1. _ZN3art11ClassLinker22FixupStaticTrampolinesEPNS_6ThreadENS_6ObjPtrINS_6mirror5ClassEEE
2. _ZN3art11ClassLinker14RegisterNativeEPNS_6ThreadEPNS_9ArtMethodEPKv
3. _ZN3art11ClassLinker16UnregisterNativeEPNS_6ThreadEPNS_9ArtMethodE
4. _ZN3art11ClassLinker26VisiblyInitializedCallback22MarkVisiblyInitializedEPNS_6ThreadE

Hence, PLT hooks no longer provide sufficient advantages over inline
hooks. Also, we may consider using shadowhook to replace Doddy for the
arm CPU archs.
2024-12-04 10:31:00 +01:00
JingMatrix 46cdc126bd Keep libart.so cache after HookBridge
The previous commit 5da38f60a2 is not
complete since `GetArt(true)` will destroy the static SandHook::ElfImg
object.

Since in the previous two commits we have postponed the initialization
of LSPlant, we can now keep the symbol cache of `libart` for the
InitArtHooker call in method `OnNativeForkSystemServerPost`. Symbol
cache works because we are using local static object in the function
`GetArt`, whose life-cycle is not constraint by the function block.
2024-12-02 17:11:28 +01:00
JingMatrix 156c6ae855 Remove some traces left by LSPosed
1. Avoid changing `system.prop`: there is already no need to add
   system-wise `dex2oat` flags, since LSPosed provides a wrapper for it,
   see https://nullptr.icu/index.php/archives/53/ for detailed
   explanation;
2. Postpone initialization of LSPlant: initialization of `initInfo`
   during the `onLoad` Zygisk api will change the order of parsed files
   in memory, especially bring the item `libart.so` forward;
3. Close opened virtual map file: this should no longer be a problem
   after the second point is applied since it is no longer opened during
   `onLoad`, but let us close it as a good practice;
4. Remove /data/resource-cache mount: introduced in
   https://github.com/LSPosed/LSPosed/pull/1627, most likely designed to
   solve problems in early versions of root solutions and being reverted
   does not change the function of deamon since we will have to wait
   sufficient time in `waitSystemService` of `LSPosedService` manager.
   Of course, more tests are neeeded on different devices to see if
   parasitic notification manager will work as expected.
2024-12-02 10:15:44 +01:00
JingMatrix 466b3a4aee
Strip logs if verbose log is disabled (#101)
When the `Disable verbose log` option is toggled, more logs are stripped to avoid detections based on log entries.
2024-11-25 22:28:34 +01:00
JingMatrix 5da38f60a2 Avoid parsing libart for multiple times
Use GetArt instead of parsing the lib anew.
2024-11-21 09:29:53 +01:00
JingMatrix ff04a68822
Fix CallBooleanMethodV hook of exec_transact (#71)
* Revert "use shared memory"

This reverts commit 44570c5ed0.

* Revert "fix manager not detected"

This reverts commit 9125b4b2f1.

Close #69 as fixed.
2024-10-17 18:46:01 +02:00
JingMatrix bb869eac2d Fix implementation of UnhookPLT
Currently, inline_unhooker is not used in the code.
We still fix the logic to avoid confusion.

There is no feasible way to determinate if the parameter original is a
valid function pointer or a `const char` pointer.
We suppose it as a char pointer in the first step.
2024-09-23 15:58:40 +02:00
JingMatrix 534e3930ae Use PLT hook from Zygisk API(v4) 2024-09-23 11:10:37 +02:00
JingMatrix 4d8e01176f Remove Riru support
The repository RikkaApps/Riru is archived since Jan 8, 2024, which
recommends Zygisk as its alternative.
2024-09-23 11:10:25 +02:00
JingMatrix ea2e1c8518 Update to Zygisk API v4
Skip checking magisk version on KernelSU or APatch
Close #44 as completed
2024-09-23 11:10:03 +02:00
JingMatrix e28e194682 Indicate plt hook explicitly
The file magisk_loader.cpp is reformatted using clangd
2024-09-12 15:19:28 +02:00
JingMatrix 1d7de6c78e Avoid resolving `libart` symbols twice
LSPlt is only used to hook libart symbols.
The file `native_util.h` is reformatted by clangd.
Fallback to Dobby if LSPlt fails.
2024-09-12 11:30:15 +02:00
JingMatrix 42cf1c2fd5 [skip ci] Replace submodule Dobby by LSPlt
It remains to implement HookFunction and UnhookFunction with LSPlt
2024-08-31 05:36:57 +02:00
JingMatrix 16c09cefce Fix LSPosed-Bridge log TAG 2024-08-31 02:43:25 +02:00
5ec1cff 201af3f165 use Theme_DeviceDefault_Settings 2024-08-31 02:43:25 +02:00
5ec1cff 571655dc0a support lower versions and fix activityInfo pollution 2024-08-31 02:43:25 +02:00
5ec1cff 8c0fb4f5eb temporary fix for A14 QPR3 2024-08-31 02:43:25 +02:00
5ec1cff 41eb1c63ad new parasitic manager 2024-08-31 02:43:25 +02:00
5ec1cff 44570c5ed0 use shared memory 2024-08-31 02:43:24 +02:00
5ec1cff c5d7b32cc0 ignore binder transactions flooding 2024-08-31 02:43:08 +02:00
JingMatrix 9df0af313f Update dobby dependency
Note that RS_SUCCESS = 0 is removed in the commit
f4643b8d14d7cc94516b446ca77d952d0b986d50
of https://github.com/jmpews/Dobby

The CMake option DOBBY_GENERATE_SHARED is removed, we use dobby_static
explicitly.
2024-08-27 01:50:17 +02:00
JingMatrix 17625a04d5 Fix CMake syntax error
Update cmake version
2024-07-24 01:23:05 +02:00
JingMatrix 2e0de88eca Apply patch da1daf of mywalkb/LSPosed_mod
From Android 14 QPR3 and forward, the classloader of injected app (com.android.shell)
does not contain the apk manager, so in hook getClassLoader there is a new check when
it got a negative response the apk manager is injected in classloader, so parasitic
manager can start correctly.

Co-authored-by: mywalk <66966897+mywalkb@users.noreply.github.com>
2024-07-24 01:22:43 +02:00
LoveSy 42190f1fb8
Remove symbol cache (#2872)
It only caches one symbol now, and thus is unnecessary to use cache
anymore
2023-12-06 11:54:15 +00:00
LoveSy 50c343d152
No cache setOverrideTable (#2789) 2023-10-06 05:43:59 +00:00
LoveSy 5c85a20601
Fix Service initialization (#2784) 2023-10-04 18:41:45 +00:00
LoveSy 888a7dbeb6
Upgrade cxx (#2780) 2023-10-05 01:06:57 +08:00
Nullptr 134cd71fa0
Wrap whole onTransact (#2740) 2023-09-03 17:18:48 +00:00
LoveSy 6f6c4b67d7
Use correct pkg name for system_server (#2580)
Allow hooking processes of android package besides system_server

system_server: uid=1000 pkg=system  proc=system
ChooserActivity,ResolverActivity: uid=1000 pkg=android proc=android:ui,system:ui

Co-authored-by: 5ec1cff <ewtqyqyewtqyqy@gmail.com>
Co-authored-by: vvb2060 <vvb2060@gmail.com>
2023-07-03 05:40:12 +00:00
LoveSy 5eaec4596a
Refine zygisk api 2023-04-01 20:47:07 +08:00
LoveSy cf0e552715 Upgrade deps 2023-04-01 18:15:15 +08:00
LoveSy 7087c6f752
Support Android 14 DP2 (#2434)
close #2433 

But the notification cannot send broadcast now.
2023-03-09 12:28:34 +08:00
LoveSy 54483ab89b Implement invokeOriginalConstructor 2023-02-26 16:48:49 +08:00
LoveSy 55f1860e71 Fix 2023-02-26 16:48:49 +08:00
LoveSy 7a5f7181a8 Return correct app data dir from zygote params 2023-02-26 16:48:49 +08:00
南宫雪珊 3d11c2f0f7
Make dex2oat wrapper more compatible (#2372) 2023-02-19 21:24:54 +08:00
LoveSy 731eae9f3b
Support Android 14 DP1 (#2377)
Fix #2376
2023-02-09 11:20:28 +08:00
南宫雪珊 10804dfa7f
Clean code (#2335) 2023-01-16 22:04:00 +08:00
vvb2060 323fb7a501 Delete signature verification log 2022-12-03 17:21:57 +08:00
LoveSy d985cf4c63
Update gradle (#2046) 2022-07-23 05:49:05 +00:00
Nullptr d36d284f39
Separate InitArtHooker and InitHooks (#1965) 2022-05-27 14:53:07 +00:00
LoveSy e3b96ebb92
Update AGP (#1941) 2022-05-15 14:08:08 +08:00
LoveSy dce14b953e
Fix name of elf util (#1930) 2022-05-11 16:11:33 +08:00
LoveSy c99c3b1165
Only hook `performDestroyActivity` on Android 8.1- (#1923) 2022-05-07 08:31:32 +00:00
LoveSy 779c178d0a
Fix state loading (#1911)
* Revert "Fix parasitic manager state restore on 8.1 (#1726)"

This reverts commit 97ef900125.

* Fix state loading

Co-authored-by: Howard Wu <40033067+Howard20181@users.noreply.github.com>
2022-05-03 23:15:39 +08:00