How to Lock and Protect Your Apps – XDA Xposed Tuesday

The smartphone revolution has passed. Everybody has mobile apps. Some of … more

Which OEM Would You Like to Help?

Most manufacturers have moments of greatness and moments of decadence, and in the past few years … more

Root T-Mobile S6/Edge on 5.1.1 Without Tripping Knox

If you purchase phones from a carrier, you may be no stranger to the difficulties … more

IonVR Coming Soon, HTC M9 Dev Edition Gets Android 5.1 – XDA TV

The HTC M9 Developer Edition has received Android 5.1. That and … more

[PROBLEM] Server classes and resource hooks

2,542 posts
Thanks Meter: 3,353
 
Post Reply Subscribe to Thread Email Thread
com.android.server.*
I know that these classes have to be hooked in handleLoadPackage for lpparam.packageName == "android", but sometimes there are several processes ("system:ui" for example) that contain this package and hooks fail even from handleLoadPackage.
Now I'm using this code, is it correct?
Code:
if (lpparam.packageName.equals("android") && lpparam.processName.equals("android")) { ... }
Resource hooks
They are just not working. Well, most of them. Using fwd or DrawableLoader doesn't matter. No errors shown in log. It's not just a problem with some packages. Status bar icons, action bar icons, etc, etc - I can't replace 90% of them, exact same hooks were working on Kit Kat.
For example, png drawable is used only in manifest and in actionbar ( actionbar.setIcon(iconResId) ). With a hook this icon is replaced in launcher, but not in actionbar.

Code:
Starting Xposed binary version 60, compiled for SDK 21
Phone: HTC One (HTC), Android version 5.0.2 (SDK 21)
ROM: LRX22G release-keys
Build fingerprint: htc/htc_europe/m7:5.0.2/LRX22G/482424.2:user/release-keys
Platform: armeabi-v7a, 32-bit binary, system server: yes
SELinux enabled: yes, enforcing: no
The Following User Says Thank You to Mikanoshi For This Useful Post: [ View ]
 
 
2nd March 2015, 04:29 PM |#2  
agentdr8's Avatar
Senior Member
Flag Cowtown, CA
Thanks Meter: 1,418
 
Donate to Me
More
Quote:
Originally Posted by Mikanoshi

Resource hooks
They are just not working. Well, most of them. Using fwd or DrawableLoader doesn't matter. No errors shown in log. It's not just a problem with some packages. Status bar icons, action bar icons, etc, etc - I can't replace 90% of them, exact same hooks were working on Kit Kat.
For example, png drawable is used only in manifest and in actionbar ( actionbar.setIcon(iconResId) ). With a hook this icon is replaced in launcher, but not in actionbar.

Noticed that as well. Some resources can be replaced, others it's like they're just silently ignored. I'm guessing maybe the ART optimizations are the culprit?

There's a thread about it here. I'm sure @rovo89 will chime in when he's had time to take a look. As a workaround, you could always find the method that's setting the original drawable and replace it there; that seems to work for me in most cases.
Last edited by agentdr8; 2nd March 2015 at 04:34 PM.
The Following User Says Thank You to agentdr8 For This Useful Post: [ View ]
2nd March 2015, 07:26 PM |#3  
rovo89's Avatar
Senior Recognized Developer
Thanks Meter: 36,042
 
Donate to Me
More
Quote:
Originally Posted by Mikanoshi

com.android.server.*
I know that these classes have to be hooked in handleLoadPackage for lpparam.packageName == "android", but sometimes there are several processes ("system:ui" for example) that contain this package and hooks fail even from handleLoadPackage.
Now I'm using this code, is it correct?

Code:
if (lpparam.packageName.equals("android") && lpparam.processName.equals("android")) { ... }

So you're saying that there are situations with lpparam.packageName == "android" and lpparam.processName <> "android"? That would explain a couple of other issues. If you could find out a good way to reproduce this, it could be quite helpful.

Depending on the situation, I will have to see how to handle it. Checking for package name "android" is a pretty common pattern to ensure you're in the system server (which I even recommend myself!), so ideally it should stay correct even without the additional checks you suggested.
2nd March 2015, 08:02 PM |#4  
Mikanoshi's Avatar
OP Senior Member
Flag Soviet ☭ Russia
Thanks Meter: 3,353
 
Donate to Me
More
Quote:
Originally Posted by rovo89

So you're saying that there are situations with lpparam.packageName == "android" and lpparam.processName <> "android"? That would explain a couple of other issues. If you could find out a good way to reproduce this, it could be quite helpful.

Depending on the situation, I will have to see how to handle it. Checking for package name "android" is a pretty common pattern to ensure you're in the system server (which I even recommend myself!), so ideally it should stay correct even without the additional checks you suggested.

I've seen only "system:ui" process name, it tries to search for classes in XposedBridge.jar only and of course fails.
Occurrences are very inconsistent, I install modules from Eclipse and then soft reboot like 50 times a day, and this bug happens 2 or 3 times. Not a big problem though, it just clutters Xposed log

I also have a lot of problems with installing apk via adb, it either throws an excpetion and doesn't install
Code:
ActivityManager: java.lang.UnsatisfiedLinkError: No implementation found for java.lang.String android.os.SystemProperties.native_get(java.lang.String) (tried Java_android_os_SystemProperties_native_1get and Java_android_os_SystemProperties_native_1get__Ljava_lang_String_2)
ActivityManager: at android.os.SystemProperties.native_get(Native Method)
ActivityManager: at android.os.SystemProperties.get(SystemProperties.java:52)
ActivityManager: at com.htc.customization.HtcCustomizationManager.<init>(HtcCustomizationManager.java:65)
ActivityManager: at com.htc.customization.HtcCustomizationManager.<clinit>(HtcCustomizationManager.java:60)
ActivityManager: at android.os.Environment$UserEnvironment.getCustomizationReader(Environment.java:523)
ActivityManager: at android.os.Environment$UserEnvironment.isDynamicSwitchSupported(Environment.java:534)
ActivityManager: at android.os.Environment$UserEnvironment.<init>(Environment.java:222)
ActivityManager: at android.os.Environment.initForCurrentUser(Environment.java:142)
ActivityManager: at android.os.Environment.<clinit>(Environment.java:136)
ActivityManager: at android.os.Environment.getLegacyExternalStorageDirectory(Environment.java:726)
ActivityManager: at android.os.Debug.<clinit>(Debug.java:96)
ActivityManager: at android.ddm.DdmHandleHello.handleHELO(DdmHandleHello.java:164)
ActivityManager: at android.ddm.DdmHandleHello.handleChunk(DdmHandleHello.java:91)
ActivityManager: at org.apache.harmony.dalvik.ddmc.DdmServer.dispatch(DdmServer.java:171)
ActivityManager: java.lang.UnsatisfiedLinkError: android.os.Debug
ActivityManager: at android.ddm.DdmHandleHello.handleFEAT(DdmHandleHello.java:176)
ActivityManager: at android.ddm.DdmHandleHello.handleChunk(DdmHandleHello.java:93)
ActivityManager: at org.apache.harmony.dalvik.ddmc.DdmServer.dispatch(DdmServer.java:171)
ActivityManager: java.lang.UnsatisfiedLinkError: android.os.Debug
ActivityManager: at android.ddm.DdmHandleProfiling.handleMPRQ(DdmHandleProfiling.java:215)
ActivityManager: at android.ddm.DdmHandleProfiling.handleChunk(DdmHandleProfiling.java:106)
ActivityManager: at org.apache.harmony.dalvik.ddmc.DdmServer.dispatch(DdmServer.java:171)
or installs but fails to launch until (soft) reboot:
Code:
I/ActivityManager(15637): Process name.mikanoshi.icecontrol (pid 27200) has died
I/ActivityManager(15637): Start proc name.mikanoshi.icecontrol for activity name.mikanoshi.icecontrol/.Settings: pid=27233 uid=10343 gids={50343, 9997} abi=armeabi-v7a
I/art(27233): Late-enabling -Xcheck:jni
W/art(27233): Failed to find OatDexFile for DexFile /data/app/name.mikanoshi.icecontrol-2/base.apk ( canonical path /data/app/name.mikanoshi.icecontrol-2/base.apk) with checksum 0x7991961b in OatFile /data/dalvik-cache/arm/data@app@name.mikanoshi.icecontrol-2@base.apk@classes.dex
D/Process(15637): killProcessQuiet, pid=27233
No idea if Lollipop or Xposed problem
3rd March 2015, 06:28 AM |#5  
C3C076's Avatar
Recognized Contributor
Flag Bratislava
Thanks Meter: 15,822
 
Donate to Me
More
Quote:
Originally Posted by rovo89

So you're saying that there are situations with lpparam.packageName == "android" and lpparam.processName <> "android"? That would explain a couple of other issues. If you could find out a good way to reproduce this, it could be quite helpful.

Depending on the situation, I will have to see how to handle it. Checking for package name "android" is a pretty common pattern to ensure you're in the system server (which I even recommend myself!), so ideally it should stay correct even without the additional checks you suggested.

Yes, I can confirm this seems to be the case. Haven't got a chance to debug which process comes with packageName == "android" apart from "android" process itself, but when that happens, classLoader cannot find classes that are typically available within "android" package, which is logical. The other process that has packageName "android" is something else with no access to those classes.
3rd March 2015, 05:54 PM |#6  
Mikanoshi's Avatar
OP Senior Member
Flag Soviet ☭ Russia
Thanks Meter: 3,353
 
Donate to Me
More
Oh, and rarely soft reboot after module activation ends like this
Code:
E/Xposed(10834): Error -32 while adding app service user.xposed.app
E/Xposed(10822): Zygote service is not running, Xposed cannot work without it
The Following User Says Thank You to Mikanoshi For This Useful Post: [ View ]
4th March 2015, 07:35 PM |#7  
rovo89's Avatar
Senior Recognized Developer
Thanks Meter: 36,042
 
Donate to Me
More
I would like to concentrate on the bigger issues first. Yours can probably be solved by another reboot.

So after some research, grepping the AOSP code and so on, it seems that the "system:ui" process is only used by the PackageManagerService. Maybe more will follow in the future. For some reason, the process seems to be called "android:ui" though once it has been started. It's running with UID 1000, but in the system_app SELinux context.

I would like to understand some more things about this before making a decision. It seems that there can now indeed be processes with package name "android" that aren't the system_server. Without breaking existing modules, I think I could only block handleLoadPackage() for these. Maybe it would also make sense to add a new handleLoadSystemServer() method. That would avoid the need for checks, especially if only system services are hooked. For backward-compatiblity, handleLoadPackage() could still be called for package "android", but modules would produce error messaages if they don't check the process name. Or there could be a compatiblity break at this point, requiring all modules that hook system services to adopt the new API.
4th March 2015, 07:49 PM |#8  
Mikanoshi's Avatar
OP Senior Member
Flag Soviet ☭ Russia
Thanks Meter: 3,353
 
Donate to Me
More
I don't mind checks Almost every module that hooks system classes requires an update for 5.0 anyway.
Huge issues for me now are broken resource hooks and problems with installing apks (sometimes it takes 3-5 tries to install and then soft reboot just to test interface changes).
7th March 2015, 02:45 PM |#9  
rovo89's Avatar
Senior Recognized Developer
Thanks Meter: 36,042
 
Donate to Me
More
Most likely, this is the reason why the ChooserActivity runs in the "android:ui" process now:
https://github.com/android/platform_...a473f8bdfL2798
It used to declare multiprocess=true, which meant that the activity was started in the caller's process. Now it's started in a separate process, where ":ui" is relative to the package name, not the applications's default process name (that would be "system").

There are also other activities with similar attributes defined, even in KitKat. If someone has a bit of time at their hands, they could try to check whether handleLoadPackage() is also called for package == "android" and process != "android" on KitKat ROMs for those other activities. It wouldn't be as noticable as it is on Lollipop because the system services that most modules hook there were available with the boot class path.

Anyway, now we know that there are legitimate usages of the "android" package for other things than the system_server. These usages are very limited though. The activities use the boot classloader, so hooking methods from initZygote() would (still) work for them. What if I set the packageName for these apps to "system" instead? So modules checking for "android" as package name could be sure it's the system_server then. Modules which need to do something for the android:ui process could simply check for "system" as package name. Any complaints?
The Following 2 Users Say Thank You to rovo89 For This Useful Post: [ View ]
7th March 2015, 04:04 PM |#10  
Senior Member
Thanks Meter: 1,018
 
More
Good solution... Ship it

But I believe majority of actively developed modules are already fixed for this specific case.
Last edited by pyler; 7th March 2015 at 04:08 PM.
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes