search

topjohnwu / Magisk

The Magic Mask for Android
GNU General Public License v3.0
47.95k stars 12.17k forks source link

Zygisk fails to hook `AndroidRuntime::setArgv0` #5604

Closed jooomoooj closed 2 years ago

jooomoooj commented 2 years ago

Screenshot_20220318-134955_Magisk

Device: Samsung Galaxy J6 Android version: 12 Magisk version name: 2c092ffd Magisk version code: 24301

My samsung used to have working zygisk until this 79620c9 was implemented and it seems my phone doesnt have early zygote property i hope there is a workaround for both existing and to those who dont have

init.rc.txt init.rc.txt magisk-rootdir-init.rc.txt liveboot.log magisk.log

jooomoooj commented 2 years ago

Screenshot_20220318-140332_Magisk

24.1 is working i put logs in case

24.1.liveboot.log 24.1.magisk.log

canyie commented 2 years ago

D/Magisk ( 3277): zygisk32: jniRegisterNativeMethods not hooked, using fallback

Fallback to hook AndroidRuntime::setArgV0(), which is expected on android 12. But the following log is not printing?? setArgV0 hook fails??? https://github.com/topjohnwu/Magisk/blob/69c2f407d6c05b69484007f83722aecba2710a56/native/jni/zygisk/hook.cpp#L218

canyie commented 2 years ago

24.1:

I/Magisk ( 3258): zygisk32: replaced com/android/internal/os/Zygote#nativeForkAndSpecialize I/Magisk ( 3258): zygisk32: replaced com/android/internal/os/Zygote#nativeForkSystemServer I/Magisk ( 3258): zygisk32: replaced com/android/internal/os/Zygote#nativeSpecializeAppProcess

24.2:

D/Magisk ( 3277): zygisk32: jniRegisterNativeMethods not hooked, using fallback

jooomoooj commented 2 years ago

D/Magisk ( 3277): zygisk32: jniRegisterNativeMethods not hooked, using fallback

Fallback to hook AndroidRuntime::setArgV0(), which is expected on android 12. But the following log is not printing?? setArgV0 hook fails???

https://github.com/topjohnwu/Magisk/blob/69c2f407d6c05b69484007f83722aecba2710a56/native/jni/zygisk/hook.cpp#L218

I tried A11 to confirm this and yeah zygisk works in latest canary so meaning this is unrelated to invalidating early zygote it is A12 issue. My friend had this issue in other samsung A12 also.

jooomoooj commented 2 years ago

Screenshot_20220318-181743_Magisk 302-liveboot.log 302.magisk.log

Latest canary not working..

canyie commented 2 years ago 
04-16 13:33:11.910   440   442 D : zygisk: setup files for pid=[491]
04-16 13:33:13.156   491   491 D : zygisk32: inject 2nd stage
04-16 13:33:13.156   491   491 I : zygisk32: Registering xhook path=.*/libandroid_runtime.so$ symbol=fork new_func=0xad0def49 old_func=0xad0ee8b0
04-16 13:33:13.157   491   491 I : zygisk32: Registering xhook path=.*/libandroid_runtime.so$ symbol=unshare new_func=0xad0df091 old_func=0xad0ee8b4
04-16 13:33:13.157   491   491 I : zygisk32: Registering xhook path=.*/libandroid_runtime.so$ symbol=jniRegisterNativeMethods new_func=0xad0df0d9 old_func=0xad0ee8b8
04-16 13:33:13.157   491   491 I : zygisk32: Registering xhook path=.*/libandroid_runtime.so$ symbol=selinux_android_setcontext new_func=0xad0df149 old_func=0xad0ee8bc
04-16 13:33:13.157   491   491 I : zygisk32: Registering xhook path=.*/libandroid_runtime.so$ symbol=__android_log_close new_func=0xad0df2a9 old_func=0xad0ee8c0
04-16 13:33:13.157   491   491 I : xhook: libxhook 1.2.0 (arm)
04-16 13:33:13.158   491   491 I : xhook: init OK: /system/lib/libandroid_runtime.so (REL GNU_HASH PLT:19904 DYN:0 ANDROID:7449)
04-16 13:33:13.158   491   491 I : xhook: hooking fork in /system/lib/libandroid_runtime.so
04-16 13:33:13.158   491   491 I : xhook: found fork at symidx: 2254 (GNU_HASH UNDEF)
04-16 13:33:13.159   491   491 I : xhook: found fork at .rel.plt offset: 0x160014
04-16 13:33:13.159   491   491 I : xhook: XH_HK_OK 0xa95f9014: 0xaaa7be35 -> 0xad0def49 fork /system/lib/libandroid_runtime.so
04-16 13:33:13.159   491   491 I : xhook: hooking unshare in /system/lib/libandroid_runtime.so
04-16 13:33:13.159   491   491 I : xhook: found unshare at symidx: 2285 (GNU_HASH UNDEF)
04-16 13:33:13.160   491   491 I : xhook: found unshare at .rel.plt offset: 0x160070
04-16 13:33:13.160   491   491 I : xhook: XH_HK_OK 0xa95f9070: 0xaaa69b80 -> 0xad0df091 unshare /system/lib/libandroid_runtime.so
04-16 13:33:13.160   491   491 I : xhook: hooking jniRegisterNativeMethods in /system/lib/libandroid_runtime.so
04-16 13:33:13.161   491   491 I : xhook: hooking selinux_android_setcontext in /system/lib/libandroid_runtime.so
04-16 13:33:13.161   491   491 I : xhook: found selinux_android_setcontext at symidx: 2267 (GNU_HASH UNDEF)
04-16 13:33:13.161   491   491 I : xhook: found selinux_android_setcontext at .rel.plt offset: 0x1600fc
04-16 13:33:13.161   491   491 I : xhook: XH_HK_OK 0xa95f90fc: 0xaa2eea71 -> 0xad0df149 selinux_android_setcontext /system/lib/libandroid_runtime.so
04-16 13:33:13.162   491   491 I : xhook: hooking __android_log_close in /system/lib/libandroid_runtime.so
04-16 13:33:13.162   491   491 I : xhook: found __android_log_close at symidx: 2244 (GNU_HASH UNDEF)
04-16 13:33:13.162   491   491 I : xhook: found __android_log_close at .rel.plt offset: 0x160000
04-16 13:33:13.163   491   491 I : xhook: XH_HK_OK 0xa95f9000: 0xabad4645 -> 0xad0df2a9 __android_log_close /system/lib/libandroid_runtime.so
04-16 13:33:13.171   491   491 I : xhook: map refreshed04-16 13:33:13.171   491   491 D : zygisk32: jniRegisterNativeMethods not hooked, using fallback
04-16 13:33:13.171   491   491 I : zygisk32: Registering xhook path=^/system/bin/app_process.* symbol=_ZN7android14AndroidRuntime8setArgv0EPKcb new_func=0xad0df2e5 old_func=0xad0ee8c4
04-16 13:33:13.171   491   491 I : xhook: libxhook 1.2.0 (arm)
04-16 13:33:13.178   491   491 I : xhook: init OK: /system/bin/app_process32 (REL ELF_HASH PLT:1584 DYN:2704 ANDROID:0)
04-16 13:33:13.178   491   491 I : xhook: hooking _ZN7android14AndroidRuntime8setArgv0EPKcb in /system/bin/app_process32
04-16 13:33:13.180   491   491 I : xhook: map refreshed04-16 13:33:13.267   440   442 I : ** late_start service mode running
pndwal commented 2 years ago

Not sure if this is (part of) the issue here, but in all screenshots above the Magisk App has not been updated to match the installed Magisk (mask)...

jooomoooj commented 2 years ago

Not sure if this is (part of) the issue here, but in all screenshots above the Magisk App has not been updated to match the installed Magisk (mask)...

Even i used the matching app or not it still does that its not on the magisk application side..

yujincheng08 commented 2 years ago

So you mean in Android 12, zygisk won't work at any build including the old versions?

If so, send /system/bin/app_process64, /apex/com.android.art/lib64/libart.so and /system/lib64/libandroid_runtime.so.

jooomoooj commented 2 years ago

So you mean in Android 12, zygisk won't work at any build including the old versions?

If so, send /system/bin/app_process64, /apex/com.android.art/lib64/libart.so and /system/lib64/libandroid_runtime.so.

It does work in A12 but zygisk 24.2 and beyond does not work also my device is arm32-64 binder not pure 64bit. This issue doesnt exist if i use A11 these are the libs inside A12.

files.zip

yujincheng08 commented 2 years ago

app-debug.zip Try this

jooomoooj commented 2 years ago

app-debug.zip Try this

Still not working Screenshot_20220320-175534_Magisk liveboot.log magisk.log

yujincheng08 commented 2 years ago

Try #5623