search

proot-me / proot

chroot, mount --bind, and binfmt_misc without privilege/setup for Linux
https://proot-me.github.io
GNU General Public License v2.0
1.97k stars 372 forks source link

fork a thread attch main process #330

Open w296488320 opened 2 years ago

w296488320 commented 2 years ago 
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG: Build fingerprint: 'Redmi/alioth/alioth:11/RKQ1.200826.002/V12.5.19.0.RKHCNXM:user/release-keys'
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG: Revision: '0'
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG: ABI: 'arm'
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG: Timestamp: 2022-04-30 12:47:41+0800
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG: pid: 19399, tid: 19399, name: example.jnihook  >>> com.example.jnihook <<<
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG: uid: 10407
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG: signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG:     r0  00000000  r1  00004bc7  r2  00000006  r3  ffa171b0
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG:     r4  ffa171c4  r5  ffa171a8  r6  00004bc7  r7  0000016b
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG:     r8  ffa171b0  r9  ffa171c0  r10 ffa171e0  r11 ffa171d0
2022-04-30 12:47:41.203 19404-19404/? A/DEBUG:     ip  00004bc7  sp  ffa17180  lr  f46fa6ed  pc  f46fa700
2022-04-30 12:47:41.341 19404-19404/? A/DEBUG: backtrace:
2022-04-30 12:47:41.341 19404-19404/? A/DEBUG:       #00 pc 00062700  /apex/com.android.runtime/lib/bionic/libc.so!libc.so (offset 0x61000) (abort+172) (BuildId: edc23b5a08cb25fcac190e6392a4d537)
2022-04-30 12:47:41.341 19404-19404/? A/DEBUG:       #01 pc 000714e7  /data/app/~~3SEksvUnlzRRZpfTUpODAg==/com.example.jnihook-QG30dvAOV5XZBY5UyXtUHg==/lib/arm/libcamelnative.so (BuildId: 3f156414c65658b00d8ab5041aec3d696da4e6b4)
2022-04-30 12:47:41.341 19404-19404/? A/DEBUG:       #02 pc 000714b1  /data/app/~~3SEksvUnlzRRZpfTUpODAg==/com.example.jnihook-QG30dvAOV5XZBY5UyXtUHg==/lib/arm/libcamelnative.so (BuildId: 3f156414c65658b00d8ab5041aec3d696da4e6b4)
2022-04-30 12:47:41.341 19404-19404/? A/DEBUG:       #03 pc 0006e31b  /data/app/~~3SEksvUnlzRRZpfTUpODAg==/com.example.jnihook-QG30dvAOV5XZBY5UyXtUHg==/lib/arm/libcamelnative.so (BuildId: 3f156414c65658b00d8ab5041aec3d696da4e6b4)
2022-04-30 12:47:41.341 19404-19404/? A/DEBUG:       #04 pc 0006e401  /data/app/~~3SEksvUnlzRRZpfTUpODAg==/com.example.jnihook-QG30dvAOV5XZBY5UyXtUHg==/lib/arm/libcamelnative.so (_talloc_reference_loc+44) (BuildId: 3f156414c65658b00d8ab5041aec3d696da4e6b4)
2022-04-30 12:47:41.341 19404-19404/? A/DEBUG:       #05 pc 0006da33  /data/app/~~3SEksvUnlzRRZpfTUpODAg==/com.example.jnihook-QG30dvAOV5XZBY5UyXtUHg==/lib/arm/libcamelnative.so (new_child+942) (BuildId: 3f156414c65658b00d8ab5041aec3d696da4e6b4)
2022-04-30 12:47:41.341 19404-19404/? A/DEBUG:       #06 pc 0006bec3  /data/app/~~3SEksvUnlzRRZpfTUpODAg==/com.example.jnihook-QG30dvAOV5XZBY5UyXtUHg==/lib/arm/libcamelnative.so (handle_tracee_event+1590) (BuildId: 3f156414c65658b00d8ab5041aec3d696da4e6b4)
....

I found a BUG that doesn t know what caused it as if it was a talloc problem.Have you ever encountered this problem? I think it should be wrong with my writing method and I want to fork out a process and go to the attch main process.Because the (enable_syscall_filtering) method parameter needs to wear a tracer。

So I (Tracer * first = get_tracee (NULL, 0, true);)

Initialize in the master process.My code is as follows

void trace_current_process() {
    prctl(PR_SET_DUMPABLE, 1, 0, 0, 0);
    pid_t mainPid = getpid();
    pid_t child = fork();
    if (child < 0) {
        ALOGE("ptrace svc  fork() error ")
        return;
    }
    /* Pre-create the first first (pid == 0).  */
    Tracer *first = get_tracee(NULL, mainPid, true);
    if (first == NULL) {
        ALOGE(">>>>>>>>> error: create first first error   ")
        return;
    }
    if (child == 0) {
        // attach main process
        int status = ptrace(PTRACE_ATTACH, mainPid, NULL, NULL);
        if (status != 0) {
            //attch fail
            ALOGE(">>>>>>>>> error: attach target process %d ", status);
            return;
        }

        ALOGE("ptrace main process %d ", child)
        first->wait_sigcont = true;
        first->exe = strdup("zygote");

        upDataForkPid(getpid());

        ALOGE("ptrace attch main sucess ! main pid -> %d  tracer fork pid -> %d", mainPid, getpid())

        exit(event_loop());
    } else {
        //ALOGE("ptrace main process %d ", child)
        //add seccomp by main process
        enable_syscall_filtering(first);
    }
    LOGE("trace_current_process init finsh ")

}

I don't know if I have a problem writing that 。 I wonder if this reason caused the error above

oxr463 commented 2 years ago

That build fingerprint looks like an older version of the Debian package for PRoot. Can you provide me with some steps to try reproducing that error? Have you tried using the latest release?

w296488320 commented 2 years ago

I refer to your code try fork out a process then go to attch main process I don t know if there is a problem if I write so.I m trying to move this proot to android to use for modification of svc parameters and return values but android doesn t have a library for talloc.I downloaded a copy myself through the source code, but it seems to be a problem.If you have time, can help me look at trace_current_process my method, so write code, whether there is a problem.

oxr463 commented 2 years ago

You're trying to port PRoot to Android? Have you tried using the Termux fork?