Add source code

.gitignore

@@ -0,0 +1,8 @@
+*.iml
+.gradle
+/local.properties
+/.idea
+.DS_Store
+/build
+/captures
+.externalNativeBuild

app/.gitignore

@@ -0,0 +1 @@
+/build

app/CMakeLists.txt

@@ -0,0 +1,44 @@
+# For more information about using CMake with Android Studio, read the
+# documentation: https://d.android.com/studio/projects/add-native-code.html
+
+# Sets the minimum version of CMake required to build the native library.
+
+cmake_minimum_required(VERSION 3.4.1)
+
+# Creates and names a library, sets it as either STATIC
+# or SHARED, and provides the relative paths to its source code.
+# You can define multiple libraries, and CMake builds them for you.
+# Gradle automatically packages shared libraries with your APK.
+
+add_library( # Sets the name of the library.
+             native-lib
+
+             # Sets the library as a shared library.
+             SHARED
+
+             # Provides a relative path to your source file(s).
+             src/main/cpp/native-lib.cpp )
+
+# Searches for a specified prebuilt library and stores the path as a
+# variable. Because CMake includes system libraries in the search path by
+# default, you only need to specify the name of the public NDK library
+# you want to add. CMake verifies that the library exists before
+# completing its build.
+
+find_library( # Sets the name of the path variable.
+              log-lib
+
+              # Specifies the name of the NDK library that
+              # you want CMake to locate.
+              log )
+
+# Specifies libraries CMake should link to your target library. You
+# can link multiple libraries, such as libraries you define in this
+# build script, prebuilt third-party libraries, or system libraries.
+
+target_link_libraries( # Specifies the target library.
+                       native-lib
+
+                       # Links the target library to the log library
+                       # included in the NDK.
+                       ${log-lib} )

app/build.gradle

@@ -0,0 +1,44 @@
+apply plugin: 'com.android.application'
+
+android {
+    compileSdkVersion 28
+    defaultConfig {
+        applicationId "com.topjohnwu.procgate"
+        minSdkVersion 24
+        targetSdkVersion 26
+        versionCode 1
+        versionName "1.0"
+        externalNativeBuild {
+            cmake {
+                cppFlags "-std=c++11"
+                arguments "-DANDROID_STL=none"
+            }
+        }
+        compileOptions {
+            sourceCompatibility JavaVersion.VERSION_1_8
+            targetCompatibility JavaVersion.VERSION_1_8
+        }
+    }
+    buildTypes {
+        release {
+            minifyEnabled true
+            shrinkResources true
+            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
+        }
+    }
+    externalNativeBuild {
+        cmake {
+            path "CMakeLists.txt"
+        }
+    }
+}
+
+repositories {
+    maven { url 'https://jitpack.io' }
+}
+
+dependencies {
+    implementation fileTree(dir: 'libs', include: ['*.jar'])
+    implementation 'androidx.annotation:annotation:1.0.0'
+    implementation 'com.github.topjohnwu:libsu:2.0.3'
+}

app/proguard-rules.pro

@@ -0,0 +1,21 @@
+# Add project specific ProGuard rules here.
+# You can control the set of applied configuration files using the
+# proguardFiles setting in build.gradle.
+#
+# For more details, see
+#   http://developer.android.com/guide/developing/tools/proguard.html
+
+# If your project uses WebView with JS, uncomment the following
+# and specify the fully qualified class name to the JavaScript interface
+# class:
+#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
+#   public *;
+#}
+
+# Uncomment this to preserve the line number information for
+# debugging stack traces.
+#-keepattributes SourceFile,LineNumberTable
+
+# If you keep the line number information, uncomment this to
+# hide the original source file name.
+#-renamesourcefileattribute SourceFile

app/src/main/AndroidManifest.xml

@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools"
+    package="com.topjohnwu.procgate">
+
+    <application
+        android:name="com.topjohnwu.superuser.ContainerApp"
+        android:allowBackup="true"
+        android:icon="@mipmap/ic_launcher_round"
+        android:label="@string/app_name"
+        android:supportsRtl="true"
+        android:theme="@style/AppTheme"
+        tools:ignore="AllowBackup,GoogleAppIndexingWarning">
+        <activity android:name="com.topjohnwu.procgate.MainActivity">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN" />
+
+                <category android:name="android.intent.category.LAUNCHER" />
+            </intent-filter>
+        </activity>
+    </application>
+
+</manifest>

app/src/main/cpp/native-lib.cpp

@@ -0,0 +1,80 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <dirent.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <libgen.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include <jni.h>
+#include <android/log.h>
+
+#define LOGD(...) __android_log_print(ANDROID_LOG_DEBUG, "POC", __VA_ARGS__)
+
+static JNIEnv *gEnv;
+static jobject gThis;
+static jmethodID jAddText;
+static bool haveLeak;
+
+static void addText(const char *fmt, ...) {
+	char buf[1024];
+	va_list args;
+	va_start(args, fmt);
+	vsprintf(buf, fmt, args);
+	va_end(args);
+	jstring jstr = gEnv->NewStringUTF(buf);
+	gEnv->CallVoidMethod(gThis, jAddText, jstr);
+	gEnv->DeleteLocalRef(jstr);
+}
+
+static bool isDigit(const char *s) {
+	for (const char *c = s; *c; ++c) {
+		if (*c < '0' || *c > '9')
+			return false;
+	}
+	return true;
+}
+
+static void tryOpen(const char *pid) {
+	char buf[128];
+	FILE *f;
+	struct stat st;
+	sprintf(buf, "/proc/%s", pid);
+	if (stat(buf, &st))
+		return;
+	/* Do not print process with same UID */
+	if (st.st_uid == getuid())
+		return;
+	sprintf(buf, "/proc/%s/cmdline", pid);
+	if ((f = fopen(buf, "r"))) {
+		haveLeak = true;
+		if (fgets(buf, sizeof(buf), f) == 0)
+			buf[0] = '\0';
+		addText("Leak PID=[%s] UID=[%d] cmdline=[%s]\n", pid, st.st_uid, buf);
+		fclose(f);
+	}
+}
+
+extern "C"
+JNIEXPORT void JNICALL
+Java_com_topjohnwu_procgate_MainActivity_inspectProcFS(JNIEnv *env, jobject _this) {
+	gEnv = env;
+	gThis = _this;
+	jclass clazz = env->GetObjectClass(_this);
+	jAddText = env->GetMethodID(clazz, "addText", "(Ljava/lang/String;)V");
+
+	pid_t pid = getpid();
+	DIR *procfs = opendir("/proc");
+	struct dirent *dir;
+	haveLeak = false;
+	while ((dir = readdir(procfs))) {
+		if (isDigit(dir->d_name) && atoi(dir->d_name) != pid)
+			tryOpen(dir->d_name);
+	}
+	if (!haveLeak)
+		addText("No leaks detected!\n");
+	closedir(procfs);
+}

app/src/main/java/com/topjohnwu/procgate/MainActivity.java

@@ -0,0 +1,88 @@
+package com.topjohnwu.procgate;
+
+import android.app.Activity;
+import android.os.Bundle;
+import android.text.method.ScrollingMovementMethod;
+import android.view.View;
+import android.widget.TextView;
+import android.widget.Toast;
+
+import com.topjohnwu.superuser.Shell;
+import com.topjohnwu.superuser.io.SuFile;
+import com.topjohnwu.superuser.io.SuFileOutputStream;
+
+import java.io.IOException;
+
+import androidx.annotation.Keep;
+
+public class MainActivity extends Activity {
+
+    // Used to load the 'native-lib' library on application startup.
+    static {
+        System.loadLibrary("native-lib");
+    }
+
+    private TextView text;
+
+    @Override
+    protected void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
+        setContentView(R.layout.main_layout);
+        text = findViewById(R.id.text);
+        text.setMovementMethod(new ScrollingMovementMethod());
+        text.setHorizontallyScrolling(true);
+    }
+
+    @Keep
+    private void addText(String s) {
+        text.append(s);
+    }
+
+    /**
+     * A native method that is implemented by the 'native-lib' native library,
+     * which is packaged with this application.
+     */
+    public native void inspectProcFS();
+
+    public void onClick(View view) {
+        text.setText("");
+        inspectProcFS();
+    }
+
+    public void remount(View view) {
+        if (!Shell.rootAccess()) {
+            Toast.makeText(this, "No root access detected", Toast.LENGTH_SHORT).show();
+        } else {
+            if (Shell.su("mount -o remount,hidepid=2,gid=3009 /proc").exec().isSuccess())
+                Toast.makeText(this, "Remount success", Toast.LENGTH_SHORT).show();
+            else
+                Toast.makeText(this, "Remount failed", Toast.LENGTH_SHORT).show();
+        }
+    }
+
+    public void inject(View view) {
+        if (!Shell.rootAccess())
+            Toast.makeText(this, "No root access detected", Toast.LENGTH_SHORT).show();
+        else {
+            SuFile dir = new SuFile("/sbin/.core/img/.core/post-fs-data.d");
+            if (!dir.exists())
+                dir = new SuFile("/su/su.d");
+            if (!dir.exists())
+                Toast.makeText(this, "Cannot find location to place boot scripts",
+                        Toast.LENGTH_SHORT).show();
+            else {
+                SuFile script = new SuFile(dir.getPath(), "procfix.sh");
+                try (SuFileOutputStream out = new SuFileOutputStream(script)) {
+                    out.write("#!/system/bin/sh\n".getBytes());
+                    out.write("mount -o remount,hidepid=2,gid=3009 /proc\n".getBytes());
+                } catch (IOException e) {
+                    Toast.makeText(this, "Script addition failed", Toast.LENGTH_SHORT).show();
+                    e.printStackTrace();
+                    return;
+                }
+                Toast.makeText(this, "Script added", Toast.LENGTH_SHORT).show();
+                script.setExecutable(true, false);
+            }
+        }
+    }
+}

app/src/main/res/drawable-v24/ic_launcher_foreground.xml

@@ -0,0 +1,34 @@
+<vector xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:aapt="http://schemas.android.com/aapt"
+    android:width="108dp"
+    android:height="108dp"
+    android:viewportWidth="108"
+    android:viewportHeight="108">
+    <path
+        android:fillType="evenOdd"
+        android:pathData="M32,64C32,64 38.39,52.99 44.13,50.95C51.37,48.37 70.14,49.57 70.14,49.57L108.26,87.69L108,109.01L75.97,107.97L32,64Z"
+        android:strokeWidth="1"
+        android:strokeColor="#00000000">
+        <aapt:attr name="android:fillColor">
+            <gradient
+                android:endX="78.5885"
+                android:endY="90.9159"
+                android:startX="48.7653"
+                android:startY="61.0927"
+                android:type="linear">
+                <item
+                    android:color="#44000000"
+                    android:offset="0.0" />
+                <item
+                    android:color="#00000000"
+                    android:offset="1.0" />
+            </gradient>
+        </aapt:attr>
+    </path>
+    <path
+        android:fillColor="#FFFFFF"
+        android:fillType="nonZero"
+        android:pathData="M66.94,46.02L66.94,46.02C72.44,50.07 76,56.61 76,64L32,64C32,56.61 35.56,50.11 40.98,46.06L36.18,41.19C35.45,40.45 35.45,39.3 36.18,38.56C36.91,37.81 38.05,37.81 38.78,38.56L44.25,44.05C47.18,42.57 50.48,41.71 54,41.71C57.48,41.71 60.78,42.57 63.68,44.05L69.11,38.56C69.84,37.81 70.98,37.81 71.71,38.56C72.44,39.3 72.44,40.45 71.71,41.19L66.94,46.02ZM62.94,56.92C64.08,56.92 65,56.01 65,54.88C65,53.76 64.08,52.85 62.94,52.85C61.8,52.85 60.88,53.76 60.88,54.88C60.88,56.01 61.8,56.92 62.94,56.92ZM45.06,56.92C46.2,56.92 47.13,56.01 47.13,54.88C47.13,53.76 46.2,52.85 45.06,52.85C43.92,52.85 43,53.76 43,54.88C43,56.01 43.92,56.92 45.06,56.92Z"
+        android:strokeWidth="1"
+        android:strokeColor="#00000000" />
+</vector>