diff options
| author | Jay Freeman (saurik) <saurik@saurik.com> | 2014-11-17 00:49:27 -0800 |
|---|---|---|
| committer | Jay Freeman (saurik) <saurik@saurik.com> | 2014-11-17 00:49:27 -0800 |
| commit | 45070d68fd412df7f729a5c8b6fc346d5efba39f (patch) | |
| tree | edce5827e586be7ef6fe4da0158d8681758cfc99 | |
| parent | 9fbe489333adf08bf293f6b08462a2121ca958f5 (diff) | |
Generalize goal of Safe Mode to safify everything.
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | Tweak.xm | 59 |
2 files changed, 41 insertions, 20 deletions
@@ -1,4 +1,4 @@ -TARGET := iphone:7.0:2.0 +TARGET := iphone:7.1:2.0 ARCHS := armv6 arm64 PACKAGE_VERSION := $(shell ./version.sh) @@ -314,25 +314,6 @@ static void AlertIfNeeded() { } %end -// notification widgets ("wee apps" or "bulletin board sections") are capable of crashing SpringBoard -// unfortunately, which ones are in use are stored in SpringBoard's defaults, so we need to turn them off - -%hook BBSectionInfo -- (BOOL) showsInNotificationCenter { - return NO; -} %end - - -// we don't want this state persisted back to disk, however: that is just really really irritating - -%hook BBServer -- (void) _writeBehaviorOverrides {} -- (void) _writeSectionOrder {} -- (void) _writeClearedSections {} -- (void) _writeSectionInfo {} -%end - - // on iOS 6.0, Apple split parts of SpringBoard into a daemon called backboardd, including app launches // in order to allow safe mode to propogate into applications, we need to then tell backboardd here // XXX: (all of this should be replaced, however, with per-process launchd-mediated exception handling) @@ -347,9 +328,49 @@ static void AlertIfNeeded() { return %orig(modified); } %end + +// this highly-general hook replaces all previous attempts to protect SpringBoard from spurious code +// the main purpose is to protect SpringBoard from non-Substrate "away view plug-ins" and "wee apps" + +const char *dylibs_[] = { + "/usr/lib", + "/System/Library/Frameworks", + "/System/Library/PrivateFrameworks", + "/System/Library/CoreServices", + "/System/Library/AccessibilityBundles", + NULL, +}; + +MSHook(void *, dlopen, const char *path, int mode) { + // we probably don't need this whitelist, but it has the nifty benefit of letting Cycript inject + // that said, older versions of iOS (before 3.1) will need a special case due to now shared cache + + for (const char **dylib = dylibs_; *dylib != NULL; ++dylib) { + size_t length(strlen(*dylib)); + if (strncmp(path, *dylib, length) != 0) + continue; + if (path[length] != '/') + continue; + goto load; + } + + // if the file is not on disk, and isn't already loaded (LC_ID_DYLIB), it is in the shared cache + // files loaded from the shared cache are "trusted". ones that don't exist are clearly harmless. + // this allows us to load most of the dynamic functionality of SpringBoard without going nuts ;P + + if (access(path, F_OK) == 0) + mode |= RTLD_NOLOAD; + + load: + return _dlopen(path, mode); +} + + %ctor { NSAutoreleasePool *pool([[NSAutoreleasePool alloc] init]); + MSHookFunction(&dlopen, MSHake(dlopen)); + // on iOS 6, backboardd is in charge of brightness, and freaks out when SpringBoard restarts :( // the result is that the device is super dark until we attempt to update the brightness here. |