1.1.0

roothide · Jul 21, 2024 · d566676 · d566676
1 parent 329c71d
commit d566676
Show file tree

Hide file tree

Showing 9 changed files with 124 additions and 23 deletions.
diff --git a/BaseBin/jailbreakd/daemon.plist b/BaseBin/jailbreakd/daemon.plist
@@ -13,7 +13,7 @@
 			<key>HostSpecialPort</key>
 			<integer>16</integer>
 		</dict>
-		<key>com.opa334.jailbreakd.systemwide</key>
+		<key>com.opa334.jailbreakd.systemwide-%JBRAND%</key>
 		<true/>
 	</dict>
 	<key>ProgramArguments</key>

diff --git a/BaseBin/jailbreakd/src/server.m b/BaseBin/jailbreakd/src/server.m
@@ -721,8 +721,11 @@ int main(int argc, char* argv[])
 			return 1;
 		}
 
+		char service_name[128];
+		snprintf(service_name,sizeof(service_name),"com.opa334.jailbreakd.systemwide-%s",JBRAND);
+
 		mach_port_t machPortSystemWide = 0;
-		kr = bootstrap_check_in(bootstrap_port, "com.opa334.jailbreakd.systemwide", &machPortSystemWide);
+		kr = bootstrap_check_in(bootstrap_port, service_name, &machPortSystemWide);
 		if (kr != KERN_SUCCESS) {
 			JBLogError("Failed com.opa334.jailbreakd.systemwide bootstrap check in: %d (%s)", kr, mach_error_string(kr));
 			return 1;

diff --git a/BaseBin/jailbreakd/src/trustcache.m b/BaseBin/jailbreakd/src/trustcache.m
@@ -292,10 +292,10 @@ uint64_t staticTrustCacheUploadFile(trustcache_file *fileToUpload, size_t fileSi
 // 	return mapKaddr;
 // }
 
-uint64_t staticTrustCacheUploadFileAtPath(NSString *filePath, size_t *outMapSize)
-{
-	if (!filePath) return 0;
-	NSData *tcData = [NSData dataWithContentsOfFile:filePath];
-	if (!tcData) return 0;
-	return staticTrustCacheUploadFile((trustcache_file *)tcData.bytes, tcData.length, outMapSize);
-}
+// uint64_t staticTrustCacheUploadFileAtPath(NSString *filePath, size_t *outMapSize)
+// {
+// 	if (!filePath) return 0;
+// 	NSData *tcData = [NSData dataWithContentsOfFile:filePath];
+// 	if (!tcData) return 0;
+// 	return staticTrustCacheUploadFile((trustcache_file *)tcData.bytes, tcData.length, outMapSize);
+// }
diff --git a/BaseBin/jailbreakd/src/update.m b/BaseBin/jailbreakd/src/update.m
@@ -97,6 +97,64 @@ int extract(NSString* fileToExtract, NSString* extractionPath)
 	return [appProxy.bundleURL.path stringByAppendingPathComponent:@"trollstorehelper"];
 }
 
+
+#define CS_CDHASH_LEN 20
+
+typedef uint8_t cdhash_t[CS_CDHASH_LEN];
+
+typedef struct trustcache_entry_v1
+{
+    cdhash_t hash;
+    uint8_t hash_type;
+    uint8_t flags;
+} __attribute__((__packed__)) trustcache_entry_v1;
+
+typedef struct s_trustcache_file_v1
+{
+    uint32_t version;
+    uuid_t uuid;
+    uint32_t length;
+    trustcache_entry_v1 entries[];
+} __attribute__((__packed__)) trustcache_file_v1;
+
+void _trustcache_file_init(trustcache_file_v1 *file)
+{
+    memset(file, 0, sizeof(*file));
+    file->version = 1;
+    uuid_generate(file->uuid);
+}
+int _trustcache_file_sort_entry_comparator_v1(const void * vp1, const void * vp2)
+{
+    trustcache_entry_v1* tc1 = (trustcache_entry_v1*)vp1;
+    trustcache_entry_v1* tc2 = (trustcache_entry_v1*)vp2;
+    return memcmp(tc1->hash, tc2->hash, sizeof(cdhash_t));
+}
+void _trustcache_file_sort(trustcache_file_v1 *file)
+{
+    qsort(file->entries, file->length, sizeof(trustcache_entry_v1), _trustcache_file_sort_entry_comparator_v1);
+}
+int trustcache_file_build_from_cdhashes(cdhash_t *CDHashes, uint32_t CDHashCount, trustcache_file_v1 **tcOut)
+{
+    if (!CDHashes || CDHashCount == 0 || !tcOut) return -1;
+
+    size_t tcSize = sizeof(trustcache_file_v1) + (sizeof(trustcache_entry_v1) * CDHashCount);
+    trustcache_file_v1 *file = malloc(tcSize);
+    _trustcache_file_init(file);
+
+    file->length = CDHashCount;
+    for (uint32_t i = 0; i < CDHashCount; i++) {
+        memcpy(file->entries[i].hash, CDHashes[i], sizeof(cdhash_t));
+        file->entries[i].hash_type = 2;
+        file->entries[i].flags = 0;
+    }
+    _trustcache_file_sort(file);
+
+    *tcOut = file;
+    return 0;
+}
+
+int ensure_randomized_cdhash(const char* inputPath, void* cdhashOut);
+
 int basebinUpdateFromTar(NSString *basebinPath, bool rebootWhenDone)
 {
 	LSApplicationProxy *appProxy = [LSApplicationProxy applicationProxyForIdentifier:@"com.opa334.Dopamine.roothide"];
@@ -128,13 +186,38 @@ int basebinUpdateFromTar(NSString *basebinPath, bool rebootWhenDone)
 		return 2;
 	}
 
-	NSString *newTrustcachePath = [tmpBasebinPath stringByAppendingPathComponent:@"basebin.tc"];
-	if (![[NSFileManager defaultManager] fileExistsAtPath:newTrustcachePath]) {
-		[[NSFileManager defaultManager] removeItemAtPath:tmpExtractionPath error:nil];
-		return 3;
-	}
+	// NSString *newTrustcachePath = [tmpBasebinPath stringByAppendingPathComponent:@"basebin.tc"];
+	// if (![[NSFileManager defaultManager] fileExistsAtPath:newTrustcachePath]) {
+	// 	[[NSFileManager defaultManager] removeItemAtPath:tmpExtractionPath error:nil];
+	// 	return 3;
+	// }
+
+	cdhash_t* basebins_cdhashes=NULL;
+    uint32_t basebins_cdhashesCount=0;
+
+    NSDirectoryEnumerator<NSURL *> *directoryEnumerator = [[NSFileManager defaultManager] enumeratorAtURL:[NSURL fileURLWithPath:tmpBasebinPath] includingPropertiesForKeys:nil options:0 errorHandler:nil];
+
+    for(NSURL* fileURL in directoryEnumerator)
+    {
+        cdhash_t cdhash={0};
+        if(ensure_randomized_cdhash(fileURL.path.fileSystemRepresentation, cdhash) == 0) {
+            basebins_cdhashes = realloc(basebins_cdhashes, (basebins_cdhashesCount+1) * sizeof(cdhash_t));
+            memcpy(&basebins_cdhashes[basebins_cdhashesCount], cdhash, sizeof(cdhash_t));
+            basebins_cdhashesCount++;
+        }
+    }
+
+    trustcache_file_v1 *basebinTcFile = NULL;
+    int r = trustcache_file_build_from_cdhashes(basebins_cdhashes, basebins_cdhashesCount, &basebinTcFile);
+
+    free(basebins_cdhashes);
+
+    NSData* tcData = [NSData dataWithBytes:basebinTcFile length:(sizeof(trustcache_file_v1)+sizeof(trustcache_entry_v1)*basebinTcFile->length)];
+
+    free(basebinTcFile);
 
-	uint64_t newTCKaddr = staticTrustCacheUploadFileAtPath(newTrustcachePath, NULL);
+	// uint64_t newTCKaddr = staticTrustCacheUploadFileAtPath(newTrustcachePath, NULL);
+	uint64_t newTCKaddr = staticTrustCacheUploadFile((trustcache_file *)tcData.bytes, tcData.length, NULL);
 	if (!newTCKaddr) {
 		[[NSFileManager defaultManager] removeItemAtPath:tmpExtractionPath error:nil];
 		return 4;

diff --git a/BaseBin/launchdhook/src/main.m b/BaseBin/launchdhook/src/main.m
@@ -36,13 +36,15 @@
 	char* class = ext ? "com.apple.app-sandbox.read-write" : "com.apple.app-sandbox.read";
 	[extensionString appendString:[NSString stringWithUTF8String:sandbox_extension_issue_file(class, jbrootsecondary, 0)]];
 	[extensionString appendString:@"|"];
-	[extensionString appendString:[NSString stringWithUTF8String:sandbox_extension_issue_file("com.apple.sandbox.executable", jbrootsecondary, 0)]];
-	[extensionString appendString:@"|"];
+	// [extensionString appendString:[NSString stringWithUTF8String:sandbox_extension_issue_file("com.apple.sandbox.executable", jbrootsecondary, 0)]];
+	// [extensionString appendString:@"|"];
 
 	// Ensure the whole system has access to com.opa334.jailbreakd.systemwide
-	[extensionString appendString:[NSString stringWithUTF8String:sandbox_extension_issue_mach("com.apple.app-sandbox.mach", "com.opa334.jailbreakd.systemwide", 0)]];
+	char service_name[128];
+	snprintf(service_name,sizeof(service_name),"com.opa334.jailbreakd.systemwide-%s",JBRAND);
+	[extensionString appendString:[NSString stringWithUTF8String:sandbox_extension_issue_mach("com.apple.app-sandbox.mach", service_name, 0)]];
 	[extensionString appendString:@"|"];
-	[extensionString appendString:[NSString stringWithUTF8String:sandbox_extension_issue_mach("com.apple.security.exception.mach-lookup.global-name", "com.opa334.jailbreakd.systemwide", 0)]];
+	[extensionString appendString:[NSString stringWithUTF8String:sandbox_extension_issue_mach("com.apple.security.exception.mach-lookup.global-name", service_name, 0)]];
 
 	return extensionString;
 }

diff --git a/BaseBin/libjailbreak/src/launchd.m b/BaseBin/libjailbreak/src/launchd.m
@@ -53,6 +53,15 @@ xpc_object_t launchd_xpc_send_message(xpc_object_t xdict)
 
 void patchBaseBinLaunchDaemonPlist(NSString *plistPath)
 {
+	char* JBRAND = getenv("JBRAND");
+	if(JBRAND) {
+		NSString* plistContent = [NSString stringWithContentsOfFile:plistPath encoding:NSUTF8StringEncoding error:nil];
+		if ([plistContent containsString:@"%JBRAND%"]) {
+			plistContent = [plistContent stringByReplacingOccurrencesOfString:@"%JBRAND%" withString:@(JBRAND)];
+			[plistContent writeToFile:plistPath atomically:YES encoding:NSUTF8StringEncoding error:nil];
+		}
+	}
+
 	NSMutableDictionary *plistDict = [NSMutableDictionary dictionaryWithContentsOfFile:plistPath];
 	if (plistDict) {
 		NSMutableArray *programArguments = ((NSArray *)plistDict[@"ProgramArguments"]).mutableCopy;

diff --git a/BaseBin/systemhook/src/common.c b/BaseBin/systemhook/src/common.c
@@ -80,7 +80,9 @@ kern_return_t bootstrap_look_up(mach_port_t port, const char *service, mach_port
 
 bool jbdSystemWideIsReachable(void)
 {
-	int sbc = sandbox_check(getpid(), "mach-lookup", SANDBOX_FILTER_GLOBAL_NAME | SANDBOX_CHECK_NO_REPORT, "com.opa334.jailbreakd.systemwide");
+	char service_name[128];
+	snprintf(service_name,sizeof(service_name),"com.opa334.jailbreakd.systemwide-%s",JBRAND);
+	int sbc = sandbox_check(getpid(), "mach-lookup", SANDBOX_FILTER_GLOBAL_NAME | SANDBOX_CHECK_NO_REPORT, service_name);
 	return sbc == 0;
 }
 
@@ -95,7 +97,9 @@ mach_port_t jbdSystemWideMachPort(void)
 		mach_port_deallocate(mach_task_self(), self_host);
 	}
 	else {
-		kr = bootstrap_look_up(bootstrap_port, "com.opa334.jailbreakd.systemwide", &outPort);
+		char service_name[128];
+		snprintf(service_name,sizeof(service_name),"com.opa334.jailbreakd.systemwide-%s",JBRAND);
+		kr = bootstrap_look_up(bootstrap_port, service_name, &outPort);
 	}
 
 	if (kr != KERN_SUCCESS) return MACH_PORT_NULL;

diff --git a/Dopamine/Dopamine.xcodeproj/project.pbxproj b/Dopamine/Dopamine.xcodeproj/project.pbxproj
@@ -607,7 +607,7 @@
 					"$(PROJECT_DIR)/../BaseBin/libjailbreak/",
 					"$(PROJECT_DIR)/../BaseBin/libfilecom/",
 				);
-				MARKETING_VERSION = 1.0.9;
+				MARKETING_VERSION = 1.1.0;
 				OTHER_LDFLAGS = (
 					"-framework",
 					IOKit,
@@ -653,7 +653,7 @@
 					"$(PROJECT_DIR)/../BaseBin/libjailbreak/",
 					"$(PROJECT_DIR)/../BaseBin/libfilecom/",
 				);
-				MARKETING_VERSION = 1.0.9;
+				MARKETING_VERSION = 1.1.0;
 				OTHER_LDFLAGS = (
 					"-framework",
 					IOKit,

diff --git a/Dopamine/Dopamine/bootstrap/sileo.deb b/Dopamine/Dopamine/bootstrap/sileo.deb