search

topjohnwu / Magisk

The Magic Mask for Android
GNU General Public License v3.0
47.59k stars 12.08k forks source link

Samsung Galaxy S6 hide not working at all #1272

Closed notgood closed 5 years ago

notgood commented 5 years ago

Latest Magisk canary build (18.2+, 19+) on Samsung Galaxy S6 SM-G920F zeroflte, latest official firmware, Android 7.0. Booting fine, root works OK, but hide isn't working at all, safetynet check failing as well.

Stable 18.1 has no such problem, hide and safetynet are working just fine.

Canary install log

************************
* Magisk v19.0-3eae9494 Installer
************************
- Mounting /system, /vendor
- Target image: /dev/block/sda5
- Device platform: arm64
- Constructing environment
Exception in thread "main" java.lang.UnsatisfiedLinkError: dlopen failed: library "libsecpkcs11_engine.so" not found
    at java.lang.Runtime.loadLibrary0(Runtime.java:999)
    at java.lang.System.loadLibrary(System.java:1567)
    at com.android.org.conscrypt.NativeCryptoJni.init(NativeCryptoJni.java:25)
    at com.android.org.conscrypt.NativeCrypto.<clinit>(NativeCrypto.java:54)
    at com.android.org.conscrypt.OpenSSLProvider.<init>(OpenSSLProvider.java:203)
    at com.android.org.conscrypt.OpenSSLProvider.<init>(OpenSSLProvider.java:46)
    at java.lang.Class.newInstance(Native Method)
    at sun.security.jca.ProviderConfig.initProvider(ProviderConfig.java:254)
    at sun.security.jca.ProviderConfig.-wrap0(ProviderConfig.java)
    at sun.security.jca.ProviderConfig$2.run(ProviderConfig.java:214)
    at sun.security.jca.ProviderConfig$2.run(ProviderConfig.java:207)
    at java.security.AccessController.doPrivileged(AccessController.java:41)
    at sun.security.jca.ProviderConfig.doLoadProvider(ProviderConfig.java:206)
    at sun.security.jca.ProviderConfig.getProvider(ProviderConfig.java:187)
    at sun.security.jca.ProviderList.loadAll(ProviderList.java:281)
    at sun.security.jca.ProviderList.removeInvalid(ProviderList.java:298)
    at sun.security.jca.Providers.<clinit>(Providers.java:64)
    at java.security.Security.insertProviderAt(Security.java:252)
    at java.security.Security.addProvider(Security.java:300)
    at com.topjohnwu.signing.SignBoot.<clinit>(SignBoot.java:36)
    at com.topjohnwu.signing.SignBoot.verifySignature(SignBoot.java:119)
    at com.topjohnwu.signing.BootSigner.main(BootSigner.java:15)
- Unpacking boot image
Parsing boot image: [/dev/block/sda5]
HEADER_VER      [0]
KERNEL_SZ       [21079932]
RAMDISK_SZ      [3320013]
SECOND_SZ       [0]
EXTRA_SZ        [1648640]
RECOV_DTBO_SZ   [0]
DTB             [0]
OS_VERSION      [7.0.0]
OS_PATCH_LEVEL  [2018-06]
PAGESIZE        [2048]
NAME            [SYSMAGIC002KU]
CMDLINE         []
CHECKSUM        [bcf2187a9ebb53e748c4ecb5482db78ba5bab3ee]
KERNEL_FMT      [raw]
RAMDISK_FMT     [gzip]
- Checking ramdisk status
Loading cpio: [ramdisk.cpio]
- Stock boot image detected
- Backing up stock boot image
- Patching ramdisk
Loading cpio: [ramdisk.cpio]
Add entry [init] (0750)
Patch with flag KEEPVERITY=[false] KEEPFORCEENCRYPT=[false]
Remove pattern [,verify]
Remove pattern [,verify]
Loading cpio: [ramdisk.cpio.orig]
Backup mismatch entry: [fstab.samsungexynos7420] -> [.backup/fstab.samsungexynos7420]
Backup mismatch entry: [fstab.samsungexynos7420.fwup] -> [.backup/fstab.samsungexynos7420.fwup]
Backup mismatch entry: [init] -> [.backup/init]
Create directory [.backup] (0000)
Add entry [.backup/.magisk] (0000)
Dump cpio: [ramdisk.cpio]
Loading dtbs from [extra]
- Repacking boot image
Parsing boot image: [/dev/block/sda5]
HEADER_VER      [0]
KERNEL_SZ       [21079932]
RAMDISK_SZ      [3320013]
SECOND_SZ       [0]
EXTRA_SZ        [1648640]
RECOV_DTBO_SZ   [0]
DTB             [0]
OS_VERSION      [7.0.0]
OS_PATCH_LEVEL  [2018-06]
PAGESIZE        [2048]
NAME            [SYSMAGIC002KU]
CMDLINE         []
CHECKSUM        [bcf2187a9ebb53e748c4ecb5482db78ba5bab3ee]
KERNEL_FMT      [raw]
RAMDISK_FMT     [gzip]
Repack to boot image: [new-boot.img]
HEADER_VER      [0]
KERNEL_SZ       [21079932]
RAMDISK_SZ      [3535851]
SECOND_SZ       [0]
EXTRA_SZ        [1648640]
RECOV_DTBO_SZ   [0]
DTB             [0]
OS_VERSION      [7.0.0]
OS_PATCH_LEVEL  [2018-06]
PAGESIZE        [2048]
NAME            [SYSMAGIC002KU]
CMDLINE         []
CHECKSUM        [b99bfb0f6aded78e2f54860264bbdc1c86d80b9e]
- Flashing new boot image
Cleaning up...
- Unmounting partitions
- Done
I:Updater process ended with RC=0
I:Install took 17 second(s).

Magisk log

--------- beginning of main
--------- beginning of system
03-29 23:41:20.402  3083  3083 I Magisk  : Magisk v19.0-3eae9494(19001) daemon started
03-29 23:41:20.402  3083  3083 I Magisk  : * Device API level: 24
03-29 23:41:20.418  3083  3084 D Magisk  : resetprop: getprop [ro.crypto.state]: [unencrypted]
03-29 23:41:20.445  3083  3084 I Magisk  : ** post-fs-data mode running
03-29 23:41:20.450  3083  3084 I Magisk  : * Initializing Magisk environment
03-29 23:41:20.451  3083  3084 I Magisk  : * Mounting mirrors
03-29 23:41:20.451  3083  3084 I Magisk  : mount: /sbin/.magisk/mirror/system <- /dev/block/platform/15570000.ufs/by-name/SYSTEM
03-29 23:41:20.451  3083  3084 I Magisk  : mount: /sbin/.magisk/mirror/data <- /dev/block/platform/15570000.ufs/by-name/USERDATA
03-29 23:41:20.452  3083  3084 I Magisk  : link: /sbin/.magisk/mirror/vendor <- /sbin/.magisk/mirror/system/vendor
03-29 23:41:20.452  3083  3084 I Magisk  : * Setting up internal busybox
03-29 23:41:20.464  3083  3084 I Magisk  : * Running post-fs-data.d scripts
03-29 23:41:20.472  3083  3084 I Magisk  : * Running module post-fs-data scripts
03-29 23:41:20.472  3083  3084 I Magisk  : * Loading modules
03-29 23:41:20.479  3083  3084 D Magisk  : magiskdb: query magiskhide=[1]
03-29 23:41:20.486  3083  3091 I Magisk  : * Starting MagiskHide
03-29 23:41:20.486  3083  3091 I Magisk  : hide_utils: Hiding sensitive props
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: getprop [ro.boot.warranty_bit]: [1]
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: setprop [ro.boot.warranty_bit]: [0] by modifing prop data structure
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: getprop [ro.warranty_bit]: [1]
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: setprop [ro.warranty_bit]: [0] by modifing prop data structure
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: getprop [ro.debuggable]: [0]
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: getprop [ro.secure]: [1]
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: getprop [ro.build.type]: [user]
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: getprop [ro.build.tags]: [release-keys]
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: getprop [ro.build.selinux]: [1]
03-29 23:41:20.486  3083  3091 D Magisk  : resetprop: setprop [ro.build.selinux]: [0] by modifing prop data structure
03-29 23:41:20.486  3083  3091 D Magisk  : hide_list: initialize
03-29 23:41:20.492  3083  3091 I Magisk  : hide_list init: [com.google.android.gms/com.google.android.gms.unstable]
03-29 23:41:20.499  3083  3091 I Magisk  : hide_list init: [org.microg.gms.droidguard/com.google.android.gms.unstable]
03-29 23:41:21.017  3083  3192 I Magisk  : ** late_start service mode running
03-29 23:41:21.018  3083  3192 D Magisk  : magiskdb: query magiskhide=[1]
03-29 23:41:21.018  3083  3192 I Magisk  : * Running service.d scripts
03-29 23:41:21.019  3083  3192 I Magisk  : * Running module service scripts
03-29 23:41:21.020  3083  3192 D Magisk  : magiskdb: query requester=[com.CI.l.GxEun7dh.zE]
03-29 23:41:22.348  3083  3091 D Magisk  : proc_monitor: ptrace zygote PID=[3123]
03-29 23:41:22.431  3083  3091 D Magisk  : proc_monitor: ptrace zygote PID=[3124]
03-29 23:41:31.475  3083  3091 D Magisk  : proc_monitor: /data/system/packages.xml updated
03-29 23:41:33.258  3083  3091 D Magisk  : proc_monitor: /data/system/packages.xml updated
03-29 23:42:13.921  3083  8275 D Magisk  : su: request from pid=[8262], client=[10]
03-29 23:42:13.922  3083  8275 D Magisk  : su: request from uid=[10264] (#1)
03-29 23:42:13.923  3083  8275 D Magisk  : magiskdb: query magiskhide=[1]
03-29 23:42:13.924  3083  8275 D Magisk  : magiskdb: query requester=[com.CI.l.GxEun7dh.zE]
03-29 23:42:13.928  3083  8275 D Magisk  : su: waiting child pid=[8283]
03-29 23:42:13.928  8283  8283 D Magisk  : su: fork handler
03-29 23:42:13.930  8283  8283 D Magisk  : su: use global namespace
03-29 23:42:16.456  3083  9263 D Magisk  : su: request from pid=[9235], client=[11]
03-29 23:42:16.456  3083  9263 D Magisk  : su: request from uid=[10223] (#1)
03-29 23:42:16.457  3083  9263 D Magisk  : magiskdb: query magiskhide=[1]
03-29 23:42:16.457  3083  9263 D Magisk  : magiskdb: query requester=[com.CI.l.GxEun7dh.zE]
03-29 23:42:16.458  3083  9263 D Magisk  : magiskdb: query policy=[2] log=[1] notify=[0]
03-29 23:42:16.459  3083  9263 D Magisk  : su: waiting child pid=[9266]
03-29 23:42:16.459  9266  9266 D Magisk  : su: fork handler
03-29 23:42:16.461  9266  9266 D Magisk  : su: use global namespace
03-29 23:42:31.818  3083 10798 D Magisk  : su: request from pid=[10792], client=[12]
03-29 23:42:31.818  3083 10798 D Magisk  : su: request from uid=[10223] (#1)
03-29 23:42:31.820  3083 10798 D Magisk  : magiskdb: query magiskhide=[1]
03-29 23:42:31.820  3083 10798 D Magisk  : magiskdb: query requester=[com.CI.l.GxEun7dh.zE]
03-29 23:42:31.820  3083 10798 D Magisk  : magiskdb: query policy=[2] log=[1] notify=[0]
03-29 23:42:31.822  3083 10798 D Magisk  : su: waiting child pid=[10799]
03-29 23:42:31.822 10799 10799 D Magisk  : su: fork handler
03-29 23:42:31.825 10799 10799 D Magisk  : su: use global namespace
03-29 23:45:25.513  3083 12331 I Magisk  : hide_list add: [com.scottyab.rootbeer.sample/com.scottyab.rootbeer.sample]
03-29 23:46:09.980  3083 12436 D Magisk  : su: request from pid=[12435], client=[7]
03-29 23:46:09.981  3083 12436 D Magisk  : su: request from uid=[10235] (#1)
03-29 23:46:09.982  3083 12436 D Magisk  : magiskdb: query magiskhide=[1]
03-29 23:46:09.983  3083 12436 D Magisk  : magiskdb: query requester=[com.CI.l.GxEun7dh.zE]
03-29 23:46:12.321  3083 12436 D Magisk  : su: waiting child pid=[12458]
03-29 23:46:12.321 12458 12458 D Magisk  : su: fork handler
03-29 23:46:12.322 12458 12458 D Magisk  : su: pts_slave=[/dev/pts/1]
03-29 23:46:12.324 12458 12458 D Magisk  : su: use namespace of pid=[12435]
03-29 23:46:22.197  3083 12436 D Magisk  : su: return code=[0]
03-29 23:48:24.788  3083  3091 D Magisk  : proc_monitor: /data/system/packages.xml updated
03-29 23:48:25.023  3083  3091 D Magisk  : proc_monitor: /data/system/packages.xml updated
03-29 23:48:25.155  3083  3091 D Magisk  : proc_monitor: /data/system/packages.xml updated
03-29 23:48:47.762  3083 10798 D Magisk  : su: return code=[0]
03-29 23:48:48.459  3083 14174 D Magisk  : su: request from pid=[14169], client=[13]
03-29 23:48:48.460  3083 14174 D Magisk  : su: request from uid=[10223] (#1)
03-29 23:48:48.461  3083 14174 D Magisk  : magiskdb: query magiskhide=[1]
03-29 23:48:48.461  3083 14174 D Magisk  : magiskdb: query requester=[com.CI.l.GxEun7dh.zE]
03-29 23:48:48.461  3083 14174 D Magisk  : magiskdb: query policy=[2] log=[1] notify=[0]
03-29 23:48:48.462  3083 14174 D Magisk  : su: waiting child pid=[14175]
03-29 23:48:48.462 14175 14175 D Magisk  : su: fork handler
03-29 23:48:48.462 14175 14175 D Magisk  : su: use global namespace
notgood commented 5 years ago

Tested latest canary, after @topjohnwu tweet: Just pushed a new Canary build to fix bugs on some older Samsung devices

Negative, S6 still doesn't hides root, doesn't pass safetynet.

topjohnwu commented 5 years ago

@notgood can you give me the output of this command in either root shell in terminal emulator or adb shell?

ps | grep zygote

notgood commented 5 years ago

@topjohnwu sure, here goes:

zeroflte:/data/data/com.termux/files/home # ps | grep zygote
root 3142 1 2261696 32024 poll_sched 7a1a1e7714 S zygote64
root 3143 1 1680092 24756 poll_sched 00e49a4b00 S zygote
root 4689 1 2261696 31820 poll_sched 748c9f3714 S zygote64
root 4691 1 1680092 24808 poll_sched 00e7e02b00 S zygote
notgood commented 5 years ago

busybox ps output as well:

zeroflte:/data/data/com.termux/files/home # busybox ps | grep zygote
3143 root 0:04 {main} zygote64
3144 root 0:02 {main} zygote
4682 root 0:02 {main} zygote64
4684 root 0:02 {main} zygote
11626 root 0:00 grep zygote
topjohnwu commented 5 years ago

I don't understand why Samsung spawn multiple Zygote processes....

topjohnwu commented 5 years ago

@notgood can you try to disable MagiskHide and re-enable it in Magisk Manager? I think that will make the magisk daemon keep track of all zygote processes

notgood commented 5 years ago

@notgood aye, you are right, manually toggling Hide after each reboot allows Magisk to ptrace both pairs of zygote processes.

Hide is working as expected then (until the next reboot)

04-16 14:13:18.427  3083  3083 I Magisk  : Magisk v19.0-8d4c4072(19004) daemon started
.....
04-16 14:13:20.232  3083  3091 D Magisk  : proc_monitor: ptrace zygote PID=[3122]
04-16 14:13:20.545  3083  3091 D Magisk  : proc_monitor: ptrace zygote PID=[3121]
.....

04-16 14:17:39.910  3083 12168 I Magisk  : * Stopping MagiskHide
04-16 14:17:39.930  3083  3091 D Magisk  : proc_monitor: cleaning up
04-16 14:17:39.930  3083  3091 D Magisk  : proc_monitor: terminate
04-16 14:17:41.628  3083 12197 I Magisk  : * Starting MagiskHide
04-16 14:17:41.629  3083 12197 I Magisk  : hide_utils: Hiding sensitive props
04-16 14:17:41.630  3083 12197 D Magisk  : resetprop: getprop [ro.boot.warranty_bit]: [0]
04-16 14:17:41.630  3083 12197 D Magisk  : resetprop: getprop [ro.warranty_bit]: [0]
04-16 14:17:41.630  3083 12197 D Magisk  : resetprop: getprop [ro.debuggable]: [0]
04-16 14:17:41.630  3083 12197 D Magisk  : resetprop: getprop [ro.secure]: [1]
04-16 14:17:41.630  3083 12197 D Magisk  : resetprop: getprop [ro.build.type]: [user]
04-16 14:17:41.630  3083 12197 D Magisk  : resetprop: getprop [ro.build.tags]: [release-keys]
04-16 14:17:41.630  3083 12197 D Magisk  : resetprop: getprop [ro.build.selinux]: [0]
04-16 14:17:41.630  3083 12197 D Magisk  : hide_list: initialize
04-16 14:17:41.630  3083 12197 I Magisk  : hide_list init: [com.scottyab.rootbeer.sample/com.scottyab.rootbeer.sample]
04-16 14:17:41.676  3083 12197 D Magisk  : hide_utils: killed PID=[11963] (com.scottyab.rootbeer.sample)
04-16 14:17:41.680  3083 12197 I Magisk  : hide_list init: [com.google.android.gms/com.google.android.gms.unstable]
04-16 14:17:41.692  3083 12197 D Magisk  : hide_utils: killed PID=[11024] (com.google.android.gms.unstable)
04-16 14:17:41.692  3083 12197 I Magisk  : hide_list init: [org.microg.gms.droidguard/com.google.android.gms.unstable]
04-16 14:17:41.868  3083 12197 D Magisk  : proc_monitor: ptrace zygote PID=[3121]
04-16 14:17:41.868  3083 12197 D Magisk  : proc_monitor: ptrace zygote PID=[3122]
04-16 14:17:41.871  3083 12197 D Magisk  : proc_monitor: ptrace zygote PID=[4650]
04-16 14:17:41.871  3083 12197 D Magisk  : proc_monitor: ptrace zygote PID=[4651]
04-16 14:17:45.815  3083 12197 I Magisk  : proc_monitor: [com.scottyab.rootbeer.sample] PID=[12254] UID=[10187]
04-16 14:17:45.817 12268 12268 D Magisk  : hide_daemon: handling PID=[12254]
04-16 14:17:45.833 12268 12268 D Magisk  : hide_daemon: Unmounted (/sbin)
04-16 14:17:45.834 12268 12268 D Magisk  : hide_daemon: Unmounted (/system/etc/hosts)

zeroflte:/ $ ps | grep zygote
root      3121  1     2261696 76692 poll_sched 0000000000 S zygote64
root      3122  1     1680092 64708 poll_sched 0000000000 S zygote
root      4650  1     2261696 77236 poll_sched 0000000000 S zygote64
root      4651  1     1680092 64708 poll_sched 0000000000 S zygote