add: KSU ioctl supercall support (ThePedroo#14)

This commit adds support to KernelSU environments that use the new supercall, "ioctl".

Author: frknkrc44

.gitignore

@@ -1,3 +1,4 @@
+apache/build
 apache/local/generated
 .project
 .settings

daemon/src/main/java/org/lsposed/lspd/service/ConfigManager.java

@@ -1228,6 +1228,8 @@ public List<String> getDenyListPackages() {
                     .collect(Collectors.toList());
             } catch (Throwable e) {
                 Log.e(TAG, "get denylist", e);
+            } finally {
+                DenylistManager.clearFd();
             }
         }
         return result;

daemon/src/main/java/org/lsposed/lspd/service/DenylistManager.java

@@ -26,4 +26,5 @@
 public class DenylistManager {
     native static boolean isInDenylist(String processName);
     native static boolean isInDenylistFromClasspathDir(String classpathDir);
+    native static void clearFd();
 }

daemon/src/main/java/org/lsposed/lspd/service/Dex2OatService.java

@@ -25,7 +25,6 @@
 import static org.lsposed.lspd.ILSPManagerService.DEX2OAT_SELINUX_PERMISSIVE;
 import static org.lsposed.lspd.ILSPManagerService.DEX2OAT_SEPOLICY_INCORRECT;
 
-import static org.lsposed.lspd.service.DenylistManager.isInDenylist;
 import static org.lsposed.lspd.service.DenylistManager.isInDenylistFromClasspathDir;
 
 import android.net.LocalServerSocket;
@@ -329,12 +328,14 @@ public void run() {
 
                 client.close();
             }
-        } catch (IOException e) {
+        } catch (Throwable e) {
             Log.e(TAG, "Dex2oat wrapper daemon crashed", e);
             if (compatibility == DEX2OAT_OK) {
                 doMount(false);
                 compatibility = DEX2OAT_CRASHED;
             }
+        } finally {
+            DenylistManager.clearFd();
         }
     }
 

daemon/src/main/jni/denylist.cpp

@@ -26,11 +26,13 @@
 #include <sys/prctl.h>
 #include <sys/wait.h>
 #include <sys/stat.h>
+#include <sys/syscall.h>
 #include <stdlib.h>
 #include <unistd.h>
 
 #include <string>
 
+#include "ksu.h"
 #include "logging.h"
 #include "packagename.h"
 
@@ -78,33 +80,92 @@ bool exec_command(char *buf, size_t len, const char *file, const char *argv[]) {
     return true;
 }
 
-#define KERNEL_SU_OPTION (int)0xdeadbeef
-#define KERNELSU_CMD_GET_VERSION 2
-#define KERNELSU_CMD_UID_SHOULD_UMOUNT 13
-
+/*
+ * Root implementation indicator
+ *
+ * -1 - None
+ *  1 - KernelSU
+ *  2 - Magisk
+ *  3 - APatch
+ */
 static int root_impl = -1;
+
+static int ksu_fd = -1;
+
+static bool prepare_ksu_fd() {
+    if (ksu_fd >= 0) goto ksu_fd_return_success;
+
+    LOGD("Prepare KSU fd: Trying to send ksu option");
+
+    syscall(SYS_reboot, KSU_INSTALL_MAGIC1, KSU_INSTALL_MAGIC2, 0, (void*)&ksu_fd);
+
+    LOGD("Prepare KSU fd: %x", ksu_fd);
+
+    return ksu_fd >= 0;
+
+    ksu_fd_return_success:
+    return true;
+}
+
+static void ksu_close_fd() {
+    if (ksu_fd >= 0) {
+        close(ksu_fd);
+        ksu_fd = -1;
+    }
+}
+
 static bool ksu_get_existence() {
     int version = 0;
     int reply_ok = 0;
 
+    if (prepare_ksu_fd()) {
+        struct ksu_get_info_cmd g_version {};
+
+        syscall(SYS_ioctl, ksu_fd, KSU_IOCTL_GET_INFO, &g_version);
+
+        if (g_version.version > 0) {
+            LOGD("KernelSU version: %d (IOCTL)", g_version.version);
+
+            root_impl = 1;
+
+            goto ksu_exist_return_success;
+        } else {
+            ksu_close_fd();
+        }
+    }
+
     prctl((signed int)KERNEL_SU_OPTION, KERNELSU_CMD_GET_VERSION, &version, 0, &reply_ok);
 
     if (version != 0) {
-        LOGD("KernelSU version: %d", version);
+        LOGD("KernelSU version: %d (PRCTL)", version);
+
         root_impl = 1;
 
-        return true;
+        goto ksu_exist_return_success;
     }
 
     return false;
+
+    ksu_exist_return_success:
+    return true;
 }
 
 static bool ksu_is_in_denylist(uid_t app_uid) {
     bool umount = false;
-
     int reply_ok = 0;
+
+    if (prepare_ksu_fd()) {
+        struct ksu_uid_should_umount_cmd cmd = { app_uid };
+
+        syscall(SYS_ioctl, ksu_fd, KSU_IOCTL_UID_SHOULD_UMOUNT, &cmd);
+
+        umount = !!cmd.should_umount;
+        goto ksu_return_umount;
+    }
+
     prctl((signed int)KERNEL_SU_OPTION, KERNELSU_CMD_UID_SHOULD_UMOUNT, app_uid, &umount, &reply_ok);
 
+    ksu_return_umount:
     return umount;
 }
 
@@ -337,7 +398,7 @@ bool apatch_uid_should_umount(const char *const process) {
 }
 
 extern "C" JNIEXPORT jboolean JNICALL
-Java_org_lsposed_lspd_service_DenylistManager_isInDenylist(JNIEnv *env, jobject, jstring appName) {
+Java_org_lsposed_lspd_service_DenylistManager_isInDenylist(JNIEnv *env, jclass, jstring appName) {
     const char *app_name = env->GetStringUTFChars(appName, nullptr);
     if (app_name == nullptr) {
         LOGE("Failed to get app name string");
@@ -406,7 +467,7 @@ Java_org_lsposed_lspd_service_DenylistManager_isInDenylist(JNIEnv *env, jobject,
 }
 
 extern "C" JNIEXPORT jboolean JNICALL
-Java_org_lsposed_lspd_service_DenylistManager_isInDenylistFromClasspathDir(JNIEnv *env, jobject, jstring classpathDirArg) {
+Java_org_lsposed_lspd_service_DenylistManager_isInDenylistFromClasspathDir(JNIEnv *env, jclass, jstring classpathDirArg) {
     const char *classpath_dir_arg = env->GetStringUTFChars(classpathDirArg, nullptr);
 
     if (classpath_dir_arg == nullptr) {
@@ -478,4 +539,9 @@ Java_org_lsposed_lspd_service_DenylistManager_isInDenylistFromClasspathDir(JNIEn
 
     app_in_denylist:
         return JNI_TRUE;
-}
+}
+
+extern "C" JNIEXPORT void JNICALL
+Java_org_lsposed_lspd_service_DenylistManager_clearFd(JNIEnv *env, jclass) {
+    ksu_close_fd();
+}

daemon/src/main/jni/ksu.h

@@ -0,0 +1,52 @@
+/*
+ * This file is part of ReLSPosed.
+ *
+ * ReLSPosed is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ReLSPosed is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ReLSPosed.  If not, see <https://www.gnu.org/licenses/>.
+ *
+ * Copyright (C) 2023 The PerformanC Organization Contributors
+ */
+// -------------------------------------------------------------------------------------------------------------
+/* INFO: Code below contains parts of the code of the KernelSU's Daemon. It is protected by its GPL-3.0 license.
+           See https://github.com/tiann/KernelSU repository for more details. */
+// -------------------------------------------------------------------------------------------------------------
+
+
+#ifndef RELSPOSED_KSU_H
+#define RELSPOSED_KSU_H
+
+#include <stdint.h>
+#include <sys/ioctl.h>
+
+struct ksu_get_info_cmd {
+    uint32_t version;
+    uint32_t flags;
+    uint32_t features;
+};
+
+struct ksu_uid_should_umount_cmd {
+    uint32_t uid;
+    uint8_t should_umount;
+};
+
+#define KERNEL_SU_OPTION (int)0xdeadbeef
+#define KERNELSU_CMD_GET_VERSION 2
+#define KERNELSU_CMD_UID_SHOULD_UMOUNT 13
+
+#define KSU_INSTALL_MAGIC1 0xDEADBEEF
+#define KSU_INSTALL_MAGIC2 0xCAFEBABE
+
+#define KSU_IOCTL_GET_INFO _IOC(_IOC_READ, 'K', 2, 0)
+#define KSU_IOCTL_UID_SHOULD_UMOUNT _IOC(_IOC_READ | _IOC_WRITE, 'K', 9, 0)
+
+#endif //RELSPOSED_KSU_H