This repository has been archived by the owner on Sep 6, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 527
/
XIoBridge.java
153 lines (129 loc) · 5.53 KB
/
XIoBridge.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
package biz.bokhorst.xprivacy;
import java.io.FileNotFoundException;
import java.net.InetAddress;
import java.net.SocketException;
import java.util.ArrayList;
import java.util.List;
import android.annotation.SuppressLint;
import android.os.Binder;
import android.os.Process;
import android.text.TextUtils;
import android.util.Log;
public class XIoBridge extends XHook {
private Methods mMethod;
private String mFileName;
private static String mExternalStorage = null;
private static String mEmulatedSource = null;
private static String mEmulatedTarget = null;
private static String mMediaStorage = null;
private static String mSecondaryStorage = null;
private XIoBridge(Methods method, String restrictionName) {
super(restrictionName, method.name(), null);
mMethod = method;
mFileName = null;
}
private XIoBridge(Methods method, String restrictionName, String fileName) {
super(restrictionName, method.name(), fileName);
mMethod = method;
mFileName = fileName;
}
public String getClassName() {
return "libcore.io.IoBridge";
}
// @formatter:off
// public static void connect(FileDescriptor fd, InetAddress inetAddress, int port) throws SocketException
// public static void connect(FileDescriptor fd, InetAddress inetAddress, int port, int timeoutMs) throws SocketException, SocketTimeoutException
// public static FileDescriptor open(String path, int flags) throws FileNotFoundException
// public static FileDescriptor socket(boolean stream) throws SocketException
// https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/os/Environment.java
// https://android.googlesource.com/platform/libcore/+/android-5.0.1_r1/luni/src/main/java/libcore/io/IoBridge.java
// @formatter:on
private enum Methods {
open, connect
};
public static List<XHook> getInstances() {
List<XHook> listHook = new ArrayList<XHook>();
listHook.add(new XIoBridge(Methods.connect, PrivacyManager.cInternet));
listHook.add(new XIoBridge(Methods.open, PrivacyManager.cStorage));
listHook.add(new XIoBridge(Methods.open, PrivacyManager.cIdentification, "/proc"));
listHook.add(new XIoBridge(Methods.open, PrivacyManager.cIdentification, "/system/build.prop"));
listHook.add(new XIoBridge(Methods.open, PrivacyManager.cIdentification, "/sys/block/.../cid"));
listHook.add(new XIoBridge(Methods.open, PrivacyManager.cIdentification, "/sys/class/.../cid"));
return listHook;
}
@Override
@SuppressLint("SdCardPath")
protected void before(XParam param) throws Throwable {
if (mMethod == Methods.connect) {
if (param.args.length > 2 && param.args[1] instanceof InetAddress && param.args[2] instanceof Integer) {
InetAddress address = (InetAddress) param.args[1];
int port = (Integer) param.args[2];
String hostName;
int uid = Binder.getCallingUid();
boolean resolve = PrivacyManager.getSettingBool(uid, PrivacyManager.cSettingResolve, false);
boolean noresolve = PrivacyManager.getSettingBool(-uid, PrivacyManager.cSettingNoResolve, false);
if (resolve && !noresolve)
try {
hostName = address.getHostName();
} catch (Throwable ignored) {
hostName = address.toString();
}
else
hostName = address.toString();
if (isRestrictedExtra(param, hostName + ":" + port))
param.setThrowable(new SocketException("XPrivacy"));
}
} else if (mMethod == Methods.open) {
if (param.args.length > 0) {
String fileName = (String) param.args[0];
if (mFileName == null && fileName != null) {
// Get storage folders
if (mExternalStorage == null) {
mExternalStorage = System.getenv("EXTERNAL_STORAGE");
mEmulatedSource = System.getenv("EMULATED_STORAGE_SOURCE");
mEmulatedTarget = System.getenv("EMULATED_STORAGE_TARGET");
mMediaStorage = System.getenv("MEDIA_STORAGE");
mSecondaryStorage = System.getenv("SECONDARY_STORAGE");
if (TextUtils.isEmpty(mMediaStorage))
mMediaStorage = "/data/media";
}
// Check storage folders
if (fileName.startsWith("/sdcard")
|| (mExternalStorage != null && fileName.startsWith(mExternalStorage))
|| (mEmulatedSource != null && fileName.startsWith(mEmulatedSource))
|| (mEmulatedTarget != null && fileName.startsWith(mEmulatedTarget))
|| (mMediaStorage != null && fileName.startsWith(mMediaStorage))
|| (mSecondaryStorage != null && fileName.startsWith(mSecondaryStorage)))
if (isRestrictedExtra(param, fileName))
param.setThrowable(new FileNotFoundException("XPrivacy"));
} else if (fileName.startsWith(mFileName) || mFileName.contains("...")) {
// Zygote, Android
if (Util.getAppId(Process.myUid()) == Process.SYSTEM_UID)
return;
// Proc white list
if (mFileName.equals("/proc"))
if ("/proc/self/cmdline".equals(fileName))
return;
// Check if restricted
if (mFileName.contains("...")) {
String[] component = mFileName.split("\\.\\.\\.");
if (fileName.startsWith(component[0]) && fileName.endsWith(component[1]))
if (isRestricted(param, mFileName))
param.setThrowable(new FileNotFoundException("XPrivacy"));
} else if (mFileName.equals("/proc")) {
if (isRestrictedExtra(param, mFileName, fileName))
param.setThrowable(new FileNotFoundException("XPrivacy"));
} else {
if (isRestricted(param, mFileName))
param.setThrowable(new FileNotFoundException("XPrivacy"));
}
}
}
} else
Util.log(this, Log.WARN, "Unknown method=" + param.method.getName());
}
@Override
protected void after(XParam param) throws Throwable {
// Do nothing
}
}