support dalvik runtime

[julianwi]

I wrote a little library to hook methods in dalvik. I didn't got gradle to build my native code. So I added a Makefile for it. just run make TOOL_CHAIN=/home/user/path/to/android-toolchain/bin/arm-linux-androideabi- in the jni folder. Maybe you know how to add it to the main build.

By the way: I managed to hook native methods. With this native hooks, I got a list of files which got accessed by droidguard's so library. I will send you a pull request soon.

[mar-v-in]

First, Thanks for your work.

1. Your code currently requires the hooked method code to be written twice. As you might guess I am not very happy with this for future changes - it might be that we have to change this hooks more than once in case Google changes some bits in DroidGuard, and having to adapt the changes twice, is not very nice, generally duplicate code is not very adorable.

   Would you mind if I use parts of your code as a starting point to add a Dalvik support wrapper to my ArtHook library? It is not part of the microG project, so I'd like to ask in advance. With a proper integration the hooking code would only be required once :)

2. You uncommented the hooks Pattern->matcher and Arrays->asList. What was the reason to do so? I guess that some of the hooks I put in there are not strictly necessary, but it certainly does not hurt to have them in place even if not required.

3. Regarding native methods. I already did some anlysis on this and as far as I can tell, the natively accessed files are not the problem and possibly not even relevant for some parts.

   Currently the main problem is that DroidGuard does not pass on systems running Xposed, so I was investigating this deeper: changes on the file system are not detected as relevant, however replacing the app_process binary with the Xposed modified version will cause DroidGuard to fail on next boot, replacing app_process with the original version keeping the reset of Xposed changes intact does cause it to work after another reboot. Runtime disk changes have no influence and I do not see any open()-calls targeting app_process, so it is not read from the disk, but probably some change caused by the modified app_process is the problem.

   If you want I can provide you with additional details in a less public channel.

Want to join the #microg channel on freenode? I guess we would be able to better coordinate the work there. Again, thanks for investing your time for contributing!

[julianwi]

Would you mind if I use parts of your code as a starting point to add a Dalvik support wrapper to my ArtHook library? It is not part of the microG project, so I'd like to ask in advance. With a proper integration the hooking code would only be required once :)

Yes, you can use my code.

You uncommented the hooks Pattern->matcher and Arrays->asList. What was the reason to do so?

The dalvikhook library is not really stable for now. I disabled this two hooks, because droidguard helper crashes, if they are enabled.

I will join irc now

[ale5000-git]

Once there is a compiled version you can expect I will report back on the same day :) I can test it on an ARMv6 phone with CM11 and on a pc inside an emulator with Android 4.4.4.

[julianwi]

Ok, i can upload a test build once i'm home in 4 hours

[julianwi]

Build is uploaded here: http://julianwi.square7.ch/files/remotedroidguard/remote-droid-guard-debug.apk It is build for arm devices.

[ale5000-git]

Thanks for the build but apparently it doesn't work on my phone: Process com.google.android.gms.unstable (pid 3280) has died. Scheduling restart of crashed service org.microg.gms.droidguard/.RemoteDroidGuardService in 1000ms

Logcat: DroidGuard-log.txt

[julianwi]

I changed something. On my device I now have a success rate nearly 100% and all hooks can be enabled. The new debug build is uploaded here. @ale5000-git, would be nice if you could test it.

[ale5000-git]

@julianwi: Thanks but unfortunately it still doesn't work.

Logcat: DroidGuard-log2.txt