Fix system deadlocks resulting in watchdogd timeout

BaseBin/launchdhook/src/jbserver/jbdomain_systemwide.c

@@ -112,9 +112,14 @@ static int systemwide_process_checkin(audit_token_t *processToken, char **rootPa
 {
 	// Fetch process info
 	pid_t pid = audit_token_to_pid(*processToken);
-	uint64_t proc = proc_find(pid);
 	char procPath[4*MAXPATHLEN];
-	if (proc_pidpath(pid, procPath, sizeof(procPath)) < 0) {
+	if (proc_pidpath(pid, procPath, sizeof(procPath)) <= 0) {
+		return -1;
+	}
+
+	// Find proc in kernelspace
+	uint64_t proc = proc_find(pid);
+	if (!proc) {
 		return -1;
 	}
 
@@ -123,7 +128,6 @@ static int systemwide_process_checkin(audit_token_t *processToken, char **rootPa
 	systemwide_get_boot_uuid(bootUUIDOut);
 
 	// Generate sandbox extensions for the requesting process
-
 	char *sandboxExtensionsArr[] = {
 		// Make /var/jb readable and executable
 		sandbox_extension_issue_file_to_process("com.apple.app-sandbox.read", JBRootPath(""), 0, *processToken),
@@ -138,8 +142,7 @@ static int systemwide_process_checkin(audit_token_t *processToken, char **rootPa
 
 	bool fullyDebugged = false;
 	if (stringStartsWith(procPath, "/private/var/containers/Bundle/Application") || stringStartsWith(procPath, JBRootPath("/Applications"))) {
-		// This is an app
-		// Enable CS_DEBUGGED based on user preference
+		// This is an app, enable CS_DEBUGGED based on user preference
 		if (jbsetting(markAppsAsDebugged)) {
 			fullyDebugged = true;
 		}

BaseBin/libjailbreak/src/kernel.c

@@ -151,34 +151,40 @@ int pmap_cs_allow_invalid(uint64_t pmap)
 
 int cs_allow_invalid(uint64_t proc, bool emulateFully)
 {
-	uint64_t task = proc_task(proc);
-	uint64_t vm_map = kread_ptr(task + koffsetof(task, map));
-	uint64_t pmap = kread_ptr(vm_map + koffsetof(vm_map, pmap));
-
-    // For non-pmap_cs (arm64) devices, this should always be emulated.
+	if (proc) {
+		uint64_t task = proc_task(proc);
+		if (task) {
+			uint64_t vm_map = kread_ptr(task + koffsetof(task, map));
+			if (vm_map) {
+				uint64_t pmap = kread_ptr(vm_map + koffsetof(vm_map, pmap));
+				if (pmap) {
+					// For non-pmap_cs (arm64) devices, this should always be emulated.
 #ifdef __arm64e__
-	if (emulateFully) {
+					if (emulateFully) {
 #endif
-		// Fugu15 Rootful
-		//proc_csflags_clear(proc, CS_EXEC_SET_ENFORCEMENT | CS_EXEC_SET_KILL | CS_EXEC_SET_HARD | CS_REQUIRE_LV | CS_ENFORCEMENT | CS_RESTRICT | CS_KILL | CS_HARD | CS_FORCED_LV);
-		//proc_csflags_set(proc, CS_DEBUGGED | CS_INVALID_ALLOWED | CS_GET_TASK_ALLOW);
-
-		// XNU
-		proc_csflags_clear(proc, CS_KILL | CS_HARD);
-		proc_csflags_set(proc, CS_DEBUGGED);
-
-		task_set_memory_ownership_transfer(task, true);
-		vm_map_flags flags = { 0 };
-		kreadbuf(vm_map + koffsetof(vm_map, flags), &flags, sizeof(flags));
-		flags.switch_protect = false;
-		flags.cs_debugged = true;
-		kwritebuf(vm_map + koffsetof(vm_map, flags), &flags, sizeof(flags));
+						// Fugu15 Rootful
+						//proc_csflags_clear(proc, CS_EXEC_SET_ENFORCEMENT | CS_EXEC_SET_KILL | CS_EXEC_SET_HARD | CS_REQUIRE_LV | CS_ENFORCEMENT | CS_RESTRICT | CS_KILL | CS_HARD | CS_FORCED_LV);
+						//proc_csflags_set(proc, CS_DEBUGGED | CS_INVALID_ALLOWED | CS_GET_TASK_ALLOW);
+
+						// XNU
+						proc_csflags_clear(proc, CS_KILL | CS_HARD);
+						proc_csflags_set(proc, CS_DEBUGGED);
+
+						task_set_memory_ownership_transfer(task, true);
+						vm_map_flags flags = { 0 };
+						kreadbuf(vm_map + koffsetof(vm_map, flags), &flags, sizeof(flags));
+						flags.switch_protect = false;
+						flags.cs_debugged = true;
+						kwritebuf(vm_map + koffsetof(vm_map, flags), &flags, sizeof(flags));
 #ifdef __arm64e__
-	}
-
-	// For pmap_cs (arm64e) devices, this is enough to get unsigned code to run
-	pmap_cs_allow_invalid(pmap);
+					}
+					// For pmap_cs (arm64e) devices, this is enough to get unsigned code to run
+					pmap_cs_allow_invalid(pmap);
 #endif
+				}
+			}
+		}
+	}
 	return 0;
 }