We update `LSPosedBridge` to align with upstream API changes, which have replaced annotation-based hooker discovery with a naming convention.
The `doHook` implementation has been refactored to:
- Remove dependencies on the deleted `io.github.libxposed.api.annotations` package (`XposedHooker`, `BeforeInvocation`, `AfterInvocation`).
- Scan for public static methods explicitly named `before` and `after` instead of relying on annotations.
- Enforce validation on these named methods to ensure they match the required signatures.
To adapt to this change, existing Hooker classes are refactored by removing the deprecated annotations and renaming their callback methods to `before` and `after` respectively.
Co-authored-by: frknkrc44 <krc440002@gmail.com>
With inline hook, we no longer need to scan process virtual maps.
Moreover, I can no longer justify the point 3 stated in commit
156c6ae855 by experiments, which is
mysterious given my previous experiments done for the commit
3c020a9cd7.
Currently, only one thing is sure: reading `/proc/self/map` can be
detected by Holmes. Hence, it is always a good practice to not inject
unnecessary codes during the preAppSpecialize API.
* Fix warnings of CMake
To completely remove CMake version warnings, one may need to change the CMakeLists.txt file in the NDK installation.
* Add compiler flag -Wpedantic
Show compilation errors for the core subject, while ignore some of them
Moreover, we may need to abandon PLT hooks in the future.
Currently, there aren't many symbols found in the section .dynsym that
are hooked targets of LSPlant, and more of them are found in the .symtab
section.
In Android 16 DP1, hooked art symbols in .dynsym (thus could be hooked
using the PLT hook) are:
1. _ZN3art6mirror5Class9SetStatusENS_6HandleIS1_EENS_11ClassStatusEPNS_6ThreadE
2. _ZN3art3jit12JitCodeCache12DoCollectionEPNS_6ThreadE
, while symbols in .symtab (must be hooked using inline hook) are:
1. _ZN3art11ClassLinker22FixupStaticTrampolinesEPNS_6ThreadENS_6ObjPtrINS_6mirror5ClassEEE
2. _ZN3art11ClassLinker14RegisterNativeEPNS_6ThreadEPNS_9ArtMethodEPKv
3. _ZN3art11ClassLinker16UnregisterNativeEPNS_6ThreadEPNS_9ArtMethodE
4. _ZN3art11ClassLinker26VisiblyInitializedCallback22MarkVisiblyInitializedEPNS_6ThreadE
Hence, PLT hooks no longer provide sufficient advantages over inline
hooks. Also, we may consider using shadowhook to replace Doddy for the
arm CPU archs.
The previous commit 5da38f60a2 is not
complete since `GetArt(true)` will destroy the static SandHook::ElfImg
object.
Since in the previous two commits we have postponed the initialization
of LSPlant, we can now keep the symbol cache of `libart` for the
InitArtHooker call in method `OnNativeForkSystemServerPost`. Symbol
cache works because we are using local static object in the function
`GetArt`, whose life-cycle is not constraint by the function block.
1. Avoid changing `system.prop`: there is already no need to add
system-wise `dex2oat` flags, since LSPosed provides a wrapper for it,
see https://nullptr.icu/index.php/archives/53/ for detailed
explanation;
2. Postpone initialization of LSPlant: initialization of `initInfo`
during the `onLoad` Zygisk api will change the order of parsed files
in memory, especially bring the item `libart.so` forward;
3. Close opened virtual map file: this should no longer be a problem
after the second point is applied since it is no longer opened during
`onLoad`, but let us close it as a good practice;
4. Remove /data/resource-cache mount: introduced in
https://github.com/LSPosed/LSPosed/pull/1627, most likely designed to
solve problems in early versions of root solutions and being reverted
does not change the function of deamon since we will have to wait
sufficient time in `waitSystemService` of `LSPosedService` manager.
Of course, more tests are neeeded on different devices to see if
parasitic notification manager will work as expected.
Currently, inline_unhooker is not used in the code.
We still fix the logic to avoid confusion.
There is no feasible way to determinate if the parameter original is a
valid function pointer or a `const char` pointer.
We suppose it as a char pointer in the first step.
Note that RS_SUCCESS = 0 is removed in the commit
f4643b8d14d7cc94516b446ca77d952d0b986d50
of https://github.com/jmpews/Dobby
The CMake option DOBBY_GENERATE_SHARED is removed, we use dobby_static
explicitly.
From Android 14 QPR3 and forward, the classloader of injected app (com.android.shell)
does not contain the apk manager, so in hook getClassLoader there is a new check when
it got a negative response the apk manager is injected in classloader, so parasitic
manager can start correctly.
Co-authored-by: mywalk <66966897+mywalkb@users.noreply.github.com>
* Revert "Fix parasitic manager state restore on 8.1 (#1726)"
This reverts commit 97ef900125.
* Fix state loading
Co-authored-by: Howard Wu <40033067+Howard20181@users.noreply.github.com>
JingMatrix
5ec1cff
LoveSy
Nullptr
南宫雪珊
Nullptr