syscall

TODO:

  • 【已解决】iOS的app中如何实现syscall函数调用
  • 【已解决】iOS中用syscall调用stat64实现越狱文件检测
  • 【整理】syscall内核系统调用和svc 0x80相关基础知识
    • 【整理】iOS中syscall的系统调用编号number的定义
    • 【整理】iOS中的带函数原型和说明的系统调用system call

SYS_fork

NSString * parseForkResult(int forkRetPid){
    NSString *forkResultStr = NULL;
    if (forkRetPid < 0){
        forkResultStr = @"无法fork->旧版iOS:非越狱, 新版iOS:无法判断";

        // log print erro info
        NSLog(@"errno=%d\n", errno);
        char *errMsg = strerror(errno);
        NSLog(@"errMsg=%s\n", errMsg);
    } else{
        forkResultStr = @"可以fork -> 旧版iOS:越狱手机";
    }

    return forkResultStr;
}

- (IBAction)syscallForkBtnClicked:(UIButton *)sender {
    _curBtnLbl.text = sender.titleLabel.text;
    NSLog(@"syscall(fork) check");
    int retPid = syscall(SYS_fork);

    NSString *forkResultStr = parseForkResult(retPid);
    NSLog(@"syscall(fork) return retPid=%d, forkResultStr=%@", retPid, forkResultStr);
    _detectResultTv.text = [NSString stringWithFormat:@"%@ -> %@", @"syscall(fork)", forkResultStr];
}

SYS_stat

    } else if (FUNC_SYSCALL_STAT == funcType) {
        isUseStatInfo = TRUE;
        //Note: for open normal file, return 0 is OK, but st_mode is abnormal !
        openResult = syscall(SYS_stat, filePathStr, &stat_info);

SYS_stat64

    } else if (FUNC_SYSCALL_STAT64 == funcType){
        isUseStatInfo = TRUE;
        openResult = syscall(SYS_stat64, filePathStr, &stat_info);

SYS_lstat

    } else if (FUNC_SYSCALL_LSTAT == funcType){
        isUseStatInfo = TRUE;
        openResult = syscall(SYS_lstat, filePathStr, &stat_info);

SYS_fstat

    } else if (FUNC_SYSCALL_FSTAT == funcType){
        isUseStatInfo = TRUE;

        int curFd = open(filePathStr, O_RDONLY);
        if (curFd > 0){
            openResult = syscall(SYS_fstat, curFd, &stat_info);
        } else {
            isOpenOk = FALSE;
        }

SYS_fstatat

    } else if (FUNC_SYSCALL_FSTATAT == funcType){
        // NOTE: syscall(SYS_fstatat) not work until 20220316 -> awalys return -1

        // int fstatat(int fd, const char* pathname, struct stat* buf, int flags);
        isUseStatInfo = TRUE;

//        int curFd = open(filePathStr, O_RDONLY);
//        if (curFd > 0){
//            openResult = syscall(SYS_fstatat, curFd, filePathStr, &stat_info, F_DUPFD);
//        } else {
//            isOpenOk = FALSE;
//        }

//        int notUsedDirfd = -1;
//        openResult = syscall(SYS_fstatat, notUsedDirfd, filePathStr, &stat_info, F_DUPFD);
//        openResult = syscall(SYS_fstatat, notUsedDirfd, filePathStr, &stat_info, 0);
        openResult = syscall(SYS_fstatat, AT_FDCWD, filePathStr, &stat_info, 0);

SYS_statfs

    } else if (FUNC_SYSCALL_STATFS == funcType){
        isUseStatInfo = TRUE;
        // int statfs(const char *path, struct statfs *buf);
        openResult = syscall(SYS_statfs, filePathStr, &stat_info);

SYS_fstatfs

    } else if (FUNC_SYSCALL_FSTATFS == funcType){
        isUseStatInfo = TRUE;
        // int fstatfs(int fd, struct statfs *buf);
        int curFd = open(filePathStr, O_RDONLY);
        if (curFd > 0){
            openResult = syscall(SYS_fstatfs, curFd, &stat_info);
        } else {
            isOpenOk = FALSE;
        }
    }

SYS_open

    } else if (FUNC_SYSCALL_OPEN == funcType){
        isUseFd = TRUE;
//        retFd = syscall(SYS_open, filePathStr, O_RDONLY);
        retFd = syscall(SYS_open, filePathStr, O_RDONLY, MODE_NONE);
    }

SYS_access

    } else if (FUNC_SYSCALL_ACCESS == funcType) {
        int retValue = syscall(SYS_access, filePathStr, F_OK);
        NSLog(@"SYS_access %s -> %d", filePathStr, retValue);
        if (retValue != ACCESS_OK){
            isOpenOk = FALSE;
        } else {
            isOpenOk = TRUE;
        }
    }

SYS_faccessat

    } else if (FUNC_SYSCALL_FACCESSAT == funcType) {
        // NOTE: syscall(SYS_faccessat) not work until 20220317 -> awalys return -1

        int curDirFd = 0;
        int retValue = ACCESS_FAILED;

        const int FAKE_FD = 0;
        curDirFd = FAKE_FD;
//        retValue = syscall(SYS_faccessat, curDirFd, filePathStr, F_OK, AT_EACCESS);
        retValue = syscall(SYS_faccessat, curDirFd, filePathStr, F_OK, 0);
        if (retValue != ACCESS_FAILED){
            isOpenOk = TRUE;
        } else {
            isOpenOk = FALSE;
        }
    }

results matching ""

    No results matching ""