Skip to content

Commit

Permalink
jni: consider /data/app to the fd whitelist if Xposed is detected
Browse files Browse the repository at this point in the history 
Latest security update has added whitelisting routine to the Zygote.

Since Xposed now reads from /data/app,
it's necessary to add /data/app to the whitelist.

Dynamically do this if XposedBridge.jar is detected.

Signed-off-by: Park Ju Hyung <qkrwngud825@gmail.com>
  • Loading branch information
@arter97
arter97 committed Nov 15, 2016
1 parent 80d97ca commit 35724b0
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions core/jni/fd_utils-inl.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -259,6 +259,17 @@ class FileDescriptorInfo {
path.compare(path.size() - kJarSuffix.size(), kJarSuffix.size(), kJarSuffix) == 0) {
return true;
}

if (access("/system/framework/XposedBridge.jar", F_OK ) != -1) {
// Xposed-powered Zygote might read from extensions other than .apk
// so skip extension check
ALOGW("Xposed detected, loosening up Zygote fd check!");
static const std::string kDataAppPrefix = "/data/app/";
if (path.compare(0, kDataAppPrefix.size(), kDataAppPrefix) == 0) {
return true;
}
}

return false;
}

Expand Down

2 comments on commit 35724b0

@OrpheeGT
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,

in case of Magisk use, do I have to change to this ? :

if (access("/system/framework/XposedBridge.jar", F_OK ) != -1 || access("/magisk/xposed/system/framework/XposedBridge.jar", F_OK ) != -1) {

Thank you

@TheComputerGuy96
Copy link

@TheComputerGuy96 TheComputerGuy96 commented on 35724b0 Feb 13, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@OrpheeGT Yes

Please sign in to comment.