Merge pull request #703 from khanhduytran0/main

Add an option to open app with JIT (rework)
2024-01-26 16:34:33 +01:00 · 2024-01-26 16:34:33 +01:00 · f21dfff284
parent 0cc5ab1978 b83c53cb46
commit f21dfff284
13 changed files with 165 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -32,9 +32,10 @@ On jailbroken iOS 14 when TrollHelper is used for installation, it is located in

 ## URL Scheme

-As of version 1.3, TrollStore replaces the system URL scheme "apple-magnifier" (this is done so "jailbreak" detections can't detect TrollStore like they could if TrollStore had a unique URL scheme). This URL scheme can be used to install applications right from the browser, the format goes as follows:
+As of version 1.3, TrollStore replaces the system URL scheme "apple-magnifier" (this is done so "jailbreak" detections can't detect TrollStore like they could if TrollStore had a unique URL scheme). This URL scheme can be used to install applications right from the browser, or to enable JIT from the app itself, the format goes as follows:

-`apple-magnifier://install?url=<URL_to_IPA>`
+- `apple-magnifier://install?url=<URL_to_IPA>`
+- `apple-magnifier://enable-jit?bundle-id=<Bundle_ID>`

 On devices that don't have TrollStore (1.3+) installed, this will just open the magnifier app.

--- a/RootHelper/Makefile
+++ b/RootHelper/Makefile
@ -14,6 +14,6 @@ trollstorehelper_CODESIGN_FLAGS = --entitlements entitlements.plist
 trollstorehelper_INSTALL_PATH = /usr/local/bin
 trollstorehelper_LIBRARIES = archive
 trollstorehelper_FRAMEWORKS = CoreTelephony
-trollstorehelper_PRIVATE_FRAMEWORKS = SpringBoardServices BackBoardServices MobileContainerManager FrontBoardServices
+trollstorehelper_PRIVATE_FRAMEWORKS = SpringBoardServices BackBoardServices MobileContainerManager FrontBoardServices RunningBoardServices

 include $(THEOS_MAKE_PATH)/tool.mk
--- a/RootHelper/entitlements.plist
+++ b/RootHelper/entitlements.plist
@ -48,5 +48,7 @@
    <true/>
    <key>com.apple.frontboard.shutdown</key>
    <true/>
+    <key>com.apple.runningboard.process-state</key>
+    <true/>
 </dict>
 </plist>
--- a/RootHelper/jit.h
+++ b/RootHelper/jit.h
@ -0,0 +1,3 @@
+#import <Foundation/Foundation.h>
+
+int enableJIT(NSString *bundleID);
--- a/RootHelper/jit.m
+++ b/RootHelper/jit.m
@ -0,0 +1,45 @@
+@import Foundation;
+@import Darwin;
+
+@interface RBSProcessPredicate
+ (instancetype)predicateMatchingBundleIdentifier:(NSString *)bundleID;
+@end
+
+@interface RBSProcessHandle
+ (instancetype)handleForPredicate:(RBSProcessPredicate *)predicate error:(NSError **)error;
+- (int)rbs_pid;
+@end
+
+#define PT_DETACH       11
+#define PT_ATTACHEXC    14
+int	 ptrace(int request, pid_t pid, caddr_t addr, int data);
+
+int enableJIT(NSString *bundleID) {
+#ifdef EMBEDDED_ROOT_HELPER
+ 	return -1;
+#else
+ 	RBSProcessPredicate *predicate = [RBSProcessPredicate predicateMatchingBundleIdentifier:bundleID];
+	RBSProcessHandle* process = [RBSProcessHandle handleForPredicate:predicate error:nil];
+	int pid = process.rbs_pid;
+
+	if (!pid)
+	{
+		return ESRCH;
+	}
+
+	int ret = ptrace(PT_ATTACHEXC, pid, 0, 0);
+	if (ret == -1)
+	{
+		return errno;
+	}
+
+	usleep(100000);
+	ret = ptrace(PT_DETACH, pid, 0, 0);
+	if (ret == -1)
+	{
+		return errno;
+	}
+	return 0;
+#endif
+}
+
--- a/RootHelper/main.m
+++ b/RootHelper/main.m
@ -11,6 +11,7 @@
 #import <mach-o/loader.h>
 #import <mach-o/fat.h>
 #import "devmode.h"
+#import "jit.h"
 #ifndef EMBEDDED_ROOT_HELPER
 #import "codesign.h"
 #import "coretrust_bug.h"
@ -1573,6 +1574,12 @@ int MAIN_NAME(int argc, char *argv[], char *envp[])
 			// Give the system some time to reboot
 			sleep(1);
 		}
+		else if([cmd isEqualToString:@"enable-jit"])
+		{
+			if(args.count < 2) return -3;
+			NSString* userAppId = args.lastObject;
+			ret = enableJIT(userAppId);
+		}

 		NSLog(@"trollstorehelper returning %d", ret);
 		return ret;
--- a/TrollStore/TSAppInfo.h
+++ b/TrollStore/TSAppInfo.h
@ -50,6 +50,7 @@
 - (NSAttributedString*)detailedInfoTitle;
 - (NSAttributedString*)detailedInfoDescription;
 //- (UIImage*)image;
+- (BOOL)isDebuggable;
 - (void)log;

@end
--- a/TrollStore/TSAppInfo.m
+++ b/TrollStore/TSAppInfo.m
@ -1165,5 +1165,23 @@ extern UIImage* imageWithSize(UIImage* image, CGSize size);
 	}];
 }

+- (BOOL)isDebuggable
+{
+	[self loadEntitlements];
+	__block BOOL debuggable = NO;
+	[self enumerateAllEntitlements:^(NSString *key, NSObject *value, BOOL *stop)
+	{
+		if([key isEqualToString:@"get-task-allow"])
+		{
+			NSNumber* valueNum = (NSNumber*)value;
+			if(valueNum && [valueNum isKindOfClass:NSNumber.class])
+			{
+				debuggable = valueNum.boolValue;
+				*stop = YES;
+			}
+		}
+	}];
+	return debuggable;
+}

@end
--- a/TrollStore/TSAppTableViewController.m
+++ b/TrollStore/TSAppTableViewController.m
@ -187,7 +187,7 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
 	[TSInstallationController presentInstallationAlertIfEnabledForFile:pathToIPA isRemoteInstall:NO completion:nil];
 }

- (void)openAppPressedForRowAtIndexPath:(NSIndexPath*)indexPath
+- (void)openAppPressedForRowAtIndexPath:(NSIndexPath*)indexPath enableJIT:(BOOL)enableJIT
 {
 	TSApplicationsManager* appsManager = [TSApplicationsManager sharedInstance];

@ -211,6 +211,17 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
 		[didFailController addAction:cancelAction];
 		[TSPresentationDelegate presentViewController:didFailController animated:YES completion:nil];
 	}
+	else if (enableJIT)
+	{
+		int ret = [appsManager enableJITForBundleID:appId];
+		if (ret != 0)
+		{
+			UIAlertController* errorAlert = [UIAlertController alertControllerWithTitle:@"Error" message:[NSString stringWithFormat:@"Error enabling JIT: trollstorehelper returned %d", ret] preferredStyle:UIAlertControllerStyleAlert];
+			UIAlertAction* closeAction = [UIAlertAction actionWithTitle:@"Close" style:UIAlertActionStyleDefault handler:nil];
+			[errorAlert addAction:closeAction];
+			[TSPresentationDelegate presentViewController:errorAlert animated:YES completion:nil];
+		}
+	}
 }

 - (void)showDetailsPressedForRowAtIndexPath:(NSIndexPath*)indexPath
@ -424,11 +435,21 @@ UIImage* imageWithSize(UIImage* image, CGSize size)

 	UIAlertAction* openAction = [UIAlertAction actionWithTitle:@"Open" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
 	{
-		[self openAppPressedForRowAtIndexPath:indexPath];
+		[self openAppPressedForRowAtIndexPath:indexPath enableJIT:NO];
 		[self deselectRow];
 	}];
 	[appSelectAlert addAction:openAction];

+	if ([appInfo isDebuggable])
+	{
+		UIAlertAction* openWithJITAction = [UIAlertAction actionWithTitle:@"Open with JIT" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
+		{
+			[self openAppPressedForRowAtIndexPath:indexPath enableJIT:YES];
+			[self deselectRow];
+		}];
+		[appSelectAlert addAction:openWithJITAction];
+	}
+
 	UIAlertAction* showDetailsAction = [UIAlertAction actionWithTitle:@"Show Details" style:UIAlertActionStyleDefault handler:^(UIAlertAction* action)
 	{
 		[self showDetailsPressedForRowAtIndexPath:indexPath];
@ -486,4 +507,4 @@ UIImage* imageWithSize(UIImage* image, CGSize size)
 	[self reloadTable];
 }

-@end
+@end
--- a/TrollStore/TSApplicationsManager.h
+++ b/TrollStore/TSApplicationsManager.h
@ -16,6 +16,7 @@
 - (int)uninstallApp:(NSString*)appId;
 - (int)uninstallAppByPath:(NSString*)path;
 - (BOOL)openApplicationWithBundleID:(NSString *)appID;
+- (int)enableJITForBundleID:(NSString *)appID;
 - (int)changeAppRegistration:(NSString*)appPath toState:(NSString*)newState;

@end
--- a/TrollStore/TSApplicationsManager.m
+++ b/TrollStore/TSApplicationsManager.m
@ -179,6 +179,11 @@ extern NSUserDefaults* trollStoreUserDefaults();
    return [[LSApplicationWorkspace defaultWorkspace] openApplicationWithBundleID:appId];
 }

+- (int)enableJITForBundleID:(NSString *)appId
+{
+    return spawnRoot(rootHelperPath(), @[@"enable-jit", appId], nil, nil);
+}
+
 - (int)changeAppRegistration:(NSString*)appPath toState:(NSString*)newState
 {
    if(!appPath || !newState) return -200;
--- a/TrollStore/TSSceneDelegate.m
+++ b/TrollStore/TSSceneDelegate.m
@ -1,6 +1,7 @@
 #import "TSSceneDelegate.h"
 #import "TSRootViewController.h"
 #import "TSUtil.h"
+#import "TSApplicationsManager.h"
 #import "TSInstallationController.h"
 #import <TSPresentationDelegate.h>

@ -67,11 +68,64 @@
 						[TSInstallationController handleAppInstallFromRemoteURL:URLToInstall completion:nil];
 					}
 				}
+				else if([components.host isEqualToString:@"enable-jit"])
+				{
+					NSString* BundleIDToEnableJIT;
+
+					for(NSURLQueryItem* queryItem in components.queryItems)
+					{
+						if([queryItem.name isEqualToString:@"bundle-id"])
+						{
+							BundleIDToEnableJIT = queryItem.value;
+							break;
+						}
+					}
+
+					if(BundleIDToEnableJIT && [BundleIDToEnableJIT isKindOfClass:NSString.class])
+					{
+						dispatch_async(dispatch_get_main_queue(), ^
+	{
+							[self handleEnableJITForBundleID:BundleIDToEnableJIT];
+						});
+					}
+				}
 			}
 		}
 	}
 }

+- (void)handleEnableJITForBundleID:(NSString *)appId
+{
+	TSApplicationsManager* appsManager = [TSApplicationsManager sharedInstance];
+
+	BOOL didOpen = [appsManager openApplicationWithBundleID:appId];
+
+	// if we failed to open the app, show an alert
+	if(!didOpen)
+	{
+		NSString* failMessage = @"";
+		// we don't have TSAppInfo here so we cannot check the registration state
+
+		NSString* failTitle = [NSString stringWithFormat:@"Failed to open %@", appId];
+		UIAlertController* didFailController = [UIAlertController alertControllerWithTitle:failTitle message:failMessage preferredStyle:UIAlertControllerStyleAlert];
+		UIAlertAction* cancelAction = [UIAlertAction actionWithTitle:@"Cancel" style:UIAlertActionStyleCancel handler:nil];
+
+		[didFailController addAction:cancelAction];
+		[TSPresentationDelegate presentViewController:didFailController animated:YES completion:nil];
+	}
+	else
+	{
+		int ret = [appsManager enableJITForBundleID:appId];
+		if (ret != 0)
+		{
+			UIAlertController* errorAlert = [UIAlertController alertControllerWithTitle:@"Error" message:[NSString stringWithFormat:@"Error enabling JIT: trollstorehelper returned %d", ret] preferredStyle:UIAlertControllerStyleAlert];
+			UIAlertAction* closeAction = [UIAlertAction actionWithTitle:@"Close" style:UIAlertActionStyleDefault handler:nil];
+			[errorAlert addAction:closeAction];
+			[TSPresentationDelegate presentViewController:errorAlert animated:YES completion:nil];
+		}
+	}
+}
+
 // We want to auto install ldid if either it doesn't exist
 // or if it's the one from an old TrollStore version that's no longer supported
 - (void)handleLdidCheck
--- a/TrollStore/TSSettingsListController.m
+++ b/TrollStore/TSSettingsListController.m
@ -291,7 +291,7 @@ extern NSUserDefaults* trollStoreUserDefaults(void);

 		PSSpecifier* installationSettingsGroupSpecifier = [PSSpecifier emptyGroupSpecifier];
 		installationSettingsGroupSpecifier.name = @"Security";
-		[installationSettingsGroupSpecifier setProperty:@"The URL Scheme, when enabled, will allow apps and websites to trigger TrollStore installations through the apple-magnifier://install?url=<IPA_URL> URL scheme." forKey:@"footerText"];
+		[installationSettingsGroupSpecifier setProperty:@"The URL Scheme, when enabled, will allow apps and websites to trigger TrollStore installations through the apple-magnifier://install?url=<IPA_URL> URL scheme and enable JIT through the apple-magnifier://enable-jit?bundle-id=<BUNDLE_ID> URL scheme." forKey:@"footerText"];

 		[_specifiers addObject:installationSettingsGroupSpecifier];