chiteroman · reveny · Sep 6, 2024
diff --git a/app/src/main/cpp/CMakeLists.txt b/app/src/main/cpp/CMakeLists.txt
@@ -10,28 +10,22 @@ elseif (${ANDROID_ABI} STREQUAL "armeabi-v7a")
     set(ARCH "arm")
 endif ()
 
-file(GLOB SHADOWHOOK_SRC
-        shadowhook/*.c
-        shadowhook/arch/${ARCH}/*.c
-        shadowhook/common/*.c
-        shadowhook/third_party/xdl/*.c
+file(GLOB BYTEHOOK_SRC
+        bytehook/*.c
 )
 
 add_library(${CMAKE_PROJECT_NAME} SHARED
         main.cpp
         cJSON/cJSON.c
-        ${SHADOWHOOK_SRC}
+        ${BYTEHOOK_SRC}
 )
 
 target_include_directories(${CMAKE_PROJECT_NAME} PRIVATE
         cJSON
-        shadowhook/.
-        shadowhook/arch/${ARCH}
-        shadowhook/include
-        shadowhook/common
-        shadowhook/third_party/bsd
-        shadowhook/third_party/lss
-        shadowhook/third_party/xdl
+        bytehook/.
+        bytehook/include
+        bytehook/third_party/bsd
+        bytehook/third_party/lss
 )
 
 target_link_libraries(${CMAKE_PROJECT_NAME} PRIVATE log cxx::cxx)
diff --git a/app/src/main/cpp/bytehook/bh_cfi.c b/app/src/main/cpp/bytehook/bh_cfi.c
@@ -0,0 +1,84 @@
+// Copyright (c) 2020-2022 ByteDance, Inc.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
+//
+
+// Created by Li Han ([email protected]) on 2020-11-04.
+
+#include "bh_cfi.h"
+
+#if defined(__aarch64__)
+
+#include <dlfcn.h>
+#include <stdlib.h>
+#include <sys/mman.h>
+#include <unistd.h>
+
+#include "bh_util.h"
+#include "bytesig.h"
+
+#define BH_CFI_LIB_DL         "libdl.so"
+#define BH_CFI_SLOWPATH       "__cfi_slowpath"
+#define BH_CFI_SLOWPATH_DIAG  "__cfi_slowpath_diag"
+#define BH_CFI_ARM64_RET_INST 0xd65f03c0
+
+static void *bh_cfi_slowpath = NULL;
+static void *bh_cfi_slowpath_diag = NULL;
+
+__attribute__((constructor)) static void bh_cfi_ctor(void) {
+  void *handle = dlopen(BH_CFI_LIB_DL, RTLD_NOW);
+  if (NULL != handle) {
+    bh_cfi_slowpath = dlsym(handle, BH_CFI_SLOWPATH);
+    bh_cfi_slowpath_diag = dlsym(handle, BH_CFI_SLOWPATH_DIAG);
+    dlclose(handle);
+  }
+}
+
+int bh_cfi_disable_slowpath(void) {
+  if (bh_util_get_api_level() < __ANDROID_API_O__) return 0;
+
+  if (NULL == bh_cfi_slowpath || NULL == bh_cfi_slowpath_diag) return -1;
+
+  void *start = bh_cfi_slowpath <= bh_cfi_slowpath_diag ? bh_cfi_slowpath : bh_cfi_slowpath_diag;
+  void *end = bh_cfi_slowpath <= bh_cfi_slowpath_diag ? bh_cfi_slowpath_diag : bh_cfi_slowpath;
+  if (0 != bh_util_set_protect(start, (void *)((uintptr_t)end + sizeof(uint32_t)),
+                               PROT_READ | PROT_WRITE | PROT_EXEC))
+    return -1;
+
+  BYTESIG_TRY(SIGSEGV, SIGBUS) {
+    *((uint32_t *)bh_cfi_slowpath) = BH_CFI_ARM64_RET_INST;
+    *((uint32_t *)bh_cfi_slowpath_diag) = BH_CFI_ARM64_RET_INST;
+  }
+  BYTESIG_CATCH() {
+    return -1;
+  }
+  BYTESIG_EXIT
+
+  __builtin___clear_cache(start, (void *)((size_t)end + sizeof(uint32_t)));
+
+  return 0;
+}
+
+#else
+
+int bh_cfi_disable_slowpath(void) {
+  return 0;
+}
+
+#endif
diff --git a/...p/shadowhook/third_party/xdl/xdl_linker.h → app/src/main/cpp/bytehook/bh_cfi.h b/...p/shadowhook/third_party/xdl/xdl_linker.h → app/src/main/cpp/bytehook/bh_cfi.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2020-2024 HexHacking Team
+// Copyright (c) 2020-2022 ByteDance, Inc.
 //
 // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to deal
@@ -19,22 +19,8 @@
 // SOFTWARE.
 //
 
-// Created by caikelun on 2021-02-21.
+// Created by Li Han ([email protected]) on 2020-11-04.
 
-#ifndef IO_GITHUB_HEXHACKING_XDL_LINKER
-#define IO_GITHUB_HEXHACKING_XDL_LINKER
+#pragma once
 
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-void xdl_linker_lock(void);
-void xdl_linker_unlock(void);
-
-void *xdl_linker_force_dlopen(const char *filename);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
+int bh_cfi_disable_slowpath(void);
diff --git a/app/src/main/cpp/bytehook/bh_const.h b/app/src/main/cpp/bytehook/bh_const.h
@@ -0,0 +1,52 @@
+// Copyright (c) 2020-2022 ByteDance, Inc.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files (the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
+//
+
+// Created by Kelun Cai ([email protected]) on 2020-06-02.
+
+#pragma once
+
+#ifndef __LP64__
+#define BH_CONST_PATHNAME_LINKER      "/system/bin/linker"
+#define BH_CONST_BASENAME_LINKER      "linker"
+#define BH_CONST_BASENAME_APP_PROCESS "app_process32"
+#else
+#define BH_CONST_PATHNAME_LINKER      "/system/bin/linker64"
+#define BH_CONST_BASENAME_LINKER      "linker64"
+#define BH_CONST_BASENAME_APP_PROCESS "app_process64"
+#endif
+
+#define BH_CONST_BASENAME_DL       "libdl.so"
+#define BH_CONST_BASENAME_BYTEHOOK "libbytehook.so"
+
+#define BH_CONST_SYM_DLCLOSE                   "dlclose"
+#define BH_CONST_SYM_LOADER_DLCLOSE            "__loader_dlclose"
+#define BH_CONST_SYM_DLOPEN                    "dlopen"
+#define BH_CONST_SYM_ANDROID_DLOPEN_EXT        "android_dlopen_ext"
+#define BH_CONST_SYM_DLOPEN_EXT                "__dl__ZL10dlopen_extPKciPK17android_dlextinfoPv"
+#define BH_CONST_SYM_LOADER_DLOPEN             "__loader_dlopen"
+#define BH_CONST_SYM_LOADER_ANDROID_DLOPEN_EXT "__loader_android_dlopen_ext"
+#define BH_CONST_SYM_DO_DLOPEN                 "__dl__Z9do_dlopenPKciPK17android_dlextinfoPv"
+#define BH_CONST_SYM_G_DL_MUTEX                "__dl__ZL10g_dl_mutex"
+#define BH_CONST_SYM_G_DL_MUTEX_U_QPR2         "__dl_g_dl_mutex"
+#define BH_CONST_SYM_LINKER_GET_ERROR_BUFFER   "__dl__Z23linker_get_error_bufferv"
+#define BH_CONST_SYM_BIONIC_FORMAT_DLERROR     "__dl__ZL23__bionic_format_dlerrorPKcS0_"
+#define BH_CONST_SYM_CFI_SLOWPATH              "__cfi_slowpath"
+#define BH_CONST_SYM_CFI_SLOWPATH_DIAG         "__cfi_slowpath_diag"