tweak code

Author: swift_gan

hooklib/src/main/cpp/art/art_method.cpp

@@ -145,6 +145,15 @@ bool ArtMethod::compile(JNIEnv* env) {
     return compileMethod(this, reinterpret_cast<void *>(threadId)) && isCompiled();
 }
 
+bool ArtMethod::deCompile() {
+    if (!isCompiled())
+        return true;
+    if (CastArtMethod::beAot)
+        return false;
+    setQuickCodeEntry(isNative() ? CastArtMethod::genericJniStub : CastArtMethod::quickToInterpreterBridge);
+    flushCache();
+}
+
 void ArtMethod::flushCache() {
     flushCacheExt(reinterpret_cast<Size>(this), size());
 }

hooklib/src/main/cpp/casts/cast_art_method.cpp

@@ -182,6 +182,11 @@ namespace SandHook {
         jclass neverCallTestClass = env->FindClass("com/swift/sandhook/ClassNeverCall");
         art::mirror::ArtMethod *neverCall = reinterpret_cast<art::mirror::ArtMethod *>(env->GetMethodID(
                 neverCallTestClass, "neverCall", "()V"));
+        art::mirror::ArtMethod *neverCall2 = reinterpret_cast<art::mirror::ArtMethod *>(env->GetMethodID(
+                neverCallTestClass, "neverCall2", "()V"));
+
+        beAot = entryPointQuickCompiled->get(neverCall) != entryPointQuickCompiled->get(neverCall2);
+
         quickToInterpreterBridge = entryPointQuickCompiled->get(neverCall);
 
         art::mirror::ArtMethod *neverCallStatic = reinterpret_cast<art::mirror::ArtMethod *>(env->GetStaticMethodID(
@@ -208,5 +213,6 @@ namespace SandHook {
     void *CastArtMethod::quickToInterpreterBridge = nullptr;
     void *CastArtMethod::genericJniStub = nullptr;
     void *CastArtMethod::staticResolveStub = nullptr;
+    bool CastArtMethod::beAot = false;
 
 }

hooklib/src/main/cpp/includes/art_method.h

@@ -73,6 +73,7 @@ class ArtMethod {
     void* getDeclaringClassPtr();
 
     bool compile(JNIEnv* env);
+    bool deCompile();
     void flushCache();
     void backup(ArtMethod* backup);
 

hooklib/src/main/cpp/includes/cast_art_method.h

@@ -22,6 +22,7 @@ namespace SandHook {
         static void* quickToInterpreterBridge;
         static void* genericJniStub;
         static void* staticResolveStub;
+        static bool beAot;
 
         static void init(JNIEnv *env);
         static void copy(art::mirror::ArtMethod* from, art::mirror::ArtMethod* to);

hooklib/src/main/cpp/includes/dlfcn_nougat.h

@@ -10,6 +10,8 @@ void *fake_dlopen(const char *filename, int flags);
 void *fake_dlsym(void *handle, const char *name);
 
 const char *fake_dlerror();
+
+void *getSymCompat(const char *filename, const char *name);
 }
 
 #endif //DLFCN_NOUGAT_H

hooklib/src/main/cpp/includes/hide_api.h

@@ -31,6 +31,8 @@ extern "C" {
 
     bool disableJitInline(art::CompilerOptions* compilerOptions);
 
+    void* getInterpreterBridge(bool isNative);
+
 }
 
 #endif //SANDHOOK_HIDE_API_H

hooklib/src/main/cpp/sandhook.cpp

@@ -242,6 +242,29 @@ Java_com_swift_sandhook_SandHook_compileMethod(JNIEnv *env, jclass type, jobject
 
 }
 
+extern "C"
+JNIEXPORT jboolean JNICALL
+Java_com_swift_sandhook_SandHook_deCompileMethod(JNIEnv *env, jclass type, jobject member) {
+
+    if (member == NULL)
+        return JNI_FALSE;
+    art::mirror::ArtMethod* method = reinterpret_cast<art::mirror::ArtMethod *>(env->FromReflectedMethod(member));
+
+    if (method == nullptr)
+        return JNI_FALSE;
+
+    if (method->isCompiled()) {
+        SandHook::StopTheWorld stopTheWorld;
+        if (SDK_INT >= ANDROID_N) {
+            method->disableCompilable();
+        }
+        return static_cast<jboolean>(method->deCompile());
+    } else {
+        return JNI_TRUE;
+    }
+
+}
+
 extern "C"
 JNIEXPORT jobject JNICALL
 Java_com_swift_sandhook_SandHook_getObjectNative(JNIEnv *env, jclass type, jlong thread,

hooklib/src/main/cpp/utils/dlfcn_nougat.cpp

@@ -30,6 +30,8 @@
 #include <sys/mman.h>
 #include <elf.h>
 #include <android/log.h>
+#include <dlfcn.h>
+#include "../includes/arch.h"
 
 #define TAG_NAME    "nougat_dlfcn"
 
@@ -52,6 +54,8 @@
 #define Elf_Sym  Elf32_Sym
 #endif
 
+extern int SDK_INT;
+
 
 struct ctx {
     void *load_addr;
@@ -237,4 +241,20 @@ void *fake_dlsym(void *handle, const char *name) {
 const char *fake_dlerror() {
     return NULL;
 }
+
+
+void *getSymCompat(const char *filename, const char *name) {
+    if (SDK_INT >= ANDROID_N) {
+        void* handle = fake_dlopen(filename, RTLD_NOW);
+        if (handle) {
+            return fake_dlsym(handle, name);
+        }
+    } else {
+        void* handle = dlopen(filename, RTLD_LAZY | RTLD_GLOBAL);
+        if (handle) {
+            return dlsym(handle, name);
+        }
+    }
+}
+
 }

hooklib/src/main/cpp/utils/hide_api.cpp

@@ -20,19 +20,30 @@ extern "C" {
 
     art::jit::JitCompiler** globalJitCompileHandlerAddr = nullptr;
 
+    void* (*get)(bool*) = nullptr;
+
+    void* (*getQuickToInterpreterBridge)(void*) = nullptr;
+    void* (*getQuickGenericJniStub)(void*) = nullptr;
+
 
 
     void initHideApi(JNIEnv* env) {
+
+        const char* art_lib_path;
+        const char* jit_lib_path;
+        if (BYTE_POINT == 8) {
+            art_lib_path = "/system/lib64/libart.so";
+            jit_lib_path = "/system/lib64/libart-compiler.so";
+        } else {
+            art_lib_path = "/system/lib/libart.so";
+            jit_lib_path = "/system/lib/libart-compiler.so";
+        }
+
         //init compile
         if (SDK_INT >= ANDROID_N) {
-            void *jit_lib;
-            if (BYTE_POINT == 8) {
-                jit_lib = fake_dlopen("/system/lib64/libart-compiler.so", RTLD_NOW);
-            } else {
-                jit_lib = fake_dlopen("/system/lib/libart-compiler.so", RTLD_NOW);
-            }
-            jitCompileMethod = (bool (*)(void *, void *, void *, bool)) fake_dlsym(jit_lib, "jit_compile_method");
-            jitLoad = reinterpret_cast<void* (*)(bool*)>(fake_dlsym(jit_lib, "jit_load"));
+            jitCompileMethod = reinterpret_cast<bool (*)(void *, void *, void *,
+                                                    bool)>(getSymCompat(jit_lib_path, "jit_compile_method"));
+            jitLoad = reinterpret_cast<void* (*)(bool*)>(getSymCompat(jit_lib_path, "jit_load"));
             bool generate_debug_info = false;
             jitCompilerHandle = (jitLoad)(&generate_debug_info);
 
@@ -43,56 +54,34 @@ extern "C" {
             }
 
         }
+
+
         //init suspend
-        void* art_lib;
-        const char* art_lib_path;
-        if (BYTE_POINT == 8) {
-            art_lib_path = "/system/lib64/libart.so";
-        } else {
-            art_lib_path = "/system/lib/libart.so";
-        }
-        if (SDK_INT >= ANDROID_N) {
-            art_lib = fake_dlopen(art_lib_path, RTLD_NOW);
-            if (art_lib > 0) {
-                innerSuspendVM = reinterpret_cast<void (*)()>(fake_dlsym(art_lib,
-                                                                         "_ZN3art3Dbg9SuspendVMEv"));
-                innerResumeVM = reinterpret_cast<void (*)()>(fake_dlsym(art_lib,
-                                                                        "_ZN3art3Dbg8ResumeVMEv"));
-            }
-        } else {
-            art_lib = dlopen(art_lib_path, RTLD_NOW);
-            if (art_lib > 0) {
-                innerSuspendVM = reinterpret_cast<void (*)()>(dlsym(art_lib,
+        innerSuspendVM = reinterpret_cast<void (*)()>(getSymCompat(art_lib_path,
                                                                          "_ZN3art3Dbg9SuspendVMEv"));
-                innerResumeVM = reinterpret_cast<void (*)()>(dlsym(art_lib,
+        innerResumeVM = reinterpret_cast<void (*)()>(getSymCompat(art_lib_path,
                                                                         "_ZN3art3Dbg8ResumeVMEv"));
-            }
-        }
+
 
         //init for getObject & JitCompiler
+        const char* add_weak_ref_sym;
         if (SDK_INT < ANDROID_M) {
-            void *handle = dlopen("libart.so", RTLD_LAZY | RTLD_GLOBAL);
-            addWeakGlobalRef = (jobject (*)(JavaVM *, void *, void *)) dlsym(handle,
-                                                                                   "_ZN3art9JavaVMExt22AddWeakGlobalReferenceEPNS_6ThreadEPNS_6mirror6ObjectE");
+            add_weak_ref_sym = "_ZN3art9JavaVMExt22AddWeakGlobalReferenceEPNS_6ThreadEPNS_6mirror6ObjectE";
         } else if (SDK_INT < ANDROID_N) {
-            void *handle = dlopen("libart.so", RTLD_LAZY | RTLD_GLOBAL);
-            addWeakGlobalRef = (jobject (*)(JavaVM *, void *, void *)) dlsym(handle,
-                                                                                   "_ZN3art9JavaVMExt16AddWeakGlobalRefEPNS_6ThreadEPNS_6mirror6ObjectE");
-        } else {
-            void *handle;
-            if (BYTE_POINT == 8) {
-                handle = fake_dlopen("/system/lib64/libart.so", RTLD_NOW);
-            } else {
-                handle = fake_dlopen("/system/lib/libart.so", RTLD_NOW);
-            }
-            const char *addWeakGloablReferenceSymbol = SDK_INT <= 25
-                                                       ? "_ZN3art9JavaVMExt16AddWeakGlobalRefEPNS_6ThreadEPNS_6mirror6ObjectE"
-                                                       : "_ZN3art9JavaVMExt16AddWeakGlobalRefEPNS_6ThreadENS_6ObjPtrINS_6mirror6ObjectEEE";
-            addWeakGlobalRef = (jobject (*)(JavaVM *, void *, void *)) fake_dlsym(handle,
-                                                                                  addWeakGloablReferenceSymbol);
-
-            //try disable inline !
-            globalJitCompileHandlerAddr = reinterpret_cast<art::jit::JitCompiler **>(fake_dlsym(handle, "_ZN3art3jit3Jit20jit_compiler_handle_E"));
+            add_weak_ref_sym = "_ZN3art9JavaVMExt16AddWeakGlobalRefEPNS_6ThreadEPNS_6mirror6ObjectE";
+        } else  {
+            add_weak_ref_sym = SDK_INT <= ANDROID_N2
+                                           ? "_ZN3art9JavaVMExt16AddWeakGlobalRefEPNS_6ThreadEPNS_6mirror6ObjectE"
+                                           : "_ZN3art9JavaVMExt16AddWeakGlobalRefEPNS_6ThreadENS_6ObjPtrINS_6mirror6ObjectEEE";
+        }
+
+        addWeakGlobalRef = reinterpret_cast<jobject (*)(JavaVM *, void *,
+                                                   void *)>(getSymCompat(art_lib_path, add_weak_ref_sym));
+
+        if (SDK_INT >= ANDROID_N) {
+            globalJitCompileHandlerAddr = reinterpret_cast<art::jit::JitCompiler **>(getSymCompat(art_lib_path, "_ZN3art3jit3Jit20jit_compiler_handle_E"));
+            getQuickGenericJniStub = reinterpret_cast<void *(*)(void *)>(getSymCompat(art_lib_path, "_ZNK3art11ClassLinker29GetRuntimeQuickGenericJniStubEv"));
+            getQuickToInterpreterBridge = reinterpret_cast<void *(*)(void *)>(getSymCompat(art_lib_path, "_ZNK3art9OatHeader27GetQuickToInterpreterBridgeEv"));
         }
 
     }
@@ -170,5 +159,16 @@ extern "C" {
         }
     }
 
+    void* getInterpreterBridge(bool isNative) {
+        if (isNative) {
+            if (getQuickGenericJniStub == nullptr || getQuickGenericJniStub <= 0)
+                return nullptr;
+            return getQuickGenericJniStub(nullptr);
+        } else {
+            //no implement
+            return nullptr;
+        }
+    }
+
 }
 

hooklib/src/main/java/com/swift/sandhook/ClassNeverCall.java

@@ -1,7 +1,12 @@
 package com.swift.sandhook;
 
+import android.util.Log;
+
 public class ClassNeverCall {
     private void neverCall() {}
+    private void neverCall2() {
+        Log.e("ClassNeverCall", "ClassNeverCall2");
+    }
     private static void neverCallStatic() {}
     private native void neverCallNative();
 }

hooklib/src/main/java/com/swift/sandhook/SandHook.java

@@ -308,6 +308,7 @@ public static long getThreadId() {
     public static native void ensureMethodCached(Method hook, Method backup);
 
     public static native boolean compileMethod(Member member);
+    public static native boolean deCompileMethod(Member member);
 
     public static native boolean canGetObject();
     public static native Object getObjectNative(long thread, long address);