core/overreach: reset secure mode on log level changes

Author: ignoramous

intra/backend/netstat.go

@@ -229,6 +229,7 @@ type GoStat struct {
 	NumCgo       int64 // number of cgo calls
 	NumCPU       int64 // number of CPUs
 
+	Trac string // gotraceback
 	Pers string // personality
 	Args string // command line arguments
 	Env  string // environment variables

intra/core/overreach.go

@@ -7,6 +7,7 @@
 package core
 
 import (
+	"runtime/debug"
 	"syscall"
 	_ "unsafe" // for go:linkname
 )
@@ -17,7 +18,6 @@ func RuntimeEnviron() []string {
 }
 
 // github.com/golang/go/issues/69868
-// RuntimeSecureMode reports whether the Go runtime is in secure mode.
 // Unfortunately, Android apps have AT_SECURE set
 // (read bytes in /proc/self/auxv on non-rooted Androids).
 // This means, on Go runtime fatal / throws and a few kinds of panics,
@@ -28,16 +28,37 @@ func RuntimeEnviron() []string {
 // Perhaps, there's security benefits to the Go runtime being this rigid
 // about GOTRACEBACK, but for goos.IsAndroid (and for apps with uid > 10000),
 // using AT_SECURE to determine "setuid-like" protections appears pointless.
-func RuntimeSecureMode() bool {
-	return runtime_iss()
+func init() {
+	// override runtime.secureMode
+	// to make GOTRACEBACK work as expected on Android
+	debug.SetTraceback("all")
+	secureMode = false
+}
+
+func SecureMode(new bool) (prev bool) {
+	prev = secureMode
+	secureMode = new
+	return prev
 }
 
-//go:linkname runtime_iss runtime.isSecureMode
-func runtime_iss() bool
+// RuntimeSecureMode reports whether the Go runtime is in secure mode.
+func RuntimeSecureMode() (them, us bool) {
+	return runtime_isSecureMode(), secureMode
+}
+
+func RuntimeGotraceback() (l int32, all, crash bool) {
+	return runtime_gotraceback()
+}
+
+//go:linkname runtime_isSecureMode runtime.isSecureMode
+func runtime_isSecureMode() bool
+
+//go:linkname runtime_gotraceback runtime.gotraceback
+func runtime_gotraceback() (int32, bool, bool)
 
 // pushing func symbols does not work on go1.24+
 // but pushing vars apparently still works provided
 // -ldflags="checklinkname=0"
 
-//go:linkname iss runtime.secureMode
-var iss bool
+//go:linkname secureMode runtime.secureMode
+var secureMode bool

intra/tun2socks.go

@@ -114,6 +114,7 @@ func LogLevel(gologLevel, consolelogLevel int32) {
 	log.SetConsoleLevel(clvl)
 	dbg := dlvl <= log.DEBUG || clvl <= log.DEBUG
 	settings.Debug = dbg
+	prevsm := core.SecureMode(false /*off*/)
 	// traceback is always set to "crash" for c-shared / c-archive buildmodes
 	// github.com/golang/go/blob/fed3b0a298/src/runtime/runtime1.go#L586
 	// gomobile builds a c-shared gojnilib:
@@ -125,8 +126,8 @@ func LogLevel(gologLevel, consolelogLevel int32) {
 		debug.SetTraceback(usr.s())
 	}
 
-	log.I("tun: new levels; golog: %d, consolelog: %d; debug? %t; traceback: %s",
-		dlvl, clvl, dbg, envtraceback)
+	log.I("tun: new levels; golog: %d, consolelog: %d; debug? %t; traceback: %s; sm? %t",
+		dlvl, clvl, dbg, envtraceback, prevsm)
 }
 
 // FlightRecorder starts Go runtime's flight recorder if y is true,

intra/tunnel.go

@@ -519,9 +519,13 @@ func (t *rtunnel) stat() (*x.NetStat, error) {
 	out.GOSt.NumCgo = int64(runtime.NumCgoCall())
 	out.GOSt.NumCPU = int64(runtime.NumCPU())
 
+	l, all, crash := core.RuntimeGotraceback()
+	out.GOSt.Trac = fmt.Sprintf("%d; all? %t; crash? %t", l, all, crash)
+
+	sm1, sm2 := core.RuntimeSecureMode()
 	uid := fmt.Sprintf("uid=%d", syscall.Getuid())
 	pid := fmt.Sprintf("pid=%d", syscall.Getpid())
-	sec := fmt.Sprintf("sec=%t", core.RuntimeSecureMode())
+	sec := fmt.Sprintf("sec=%t/%t", sm1, sm2)
 	out.GOSt.Args = strings.Join(append(os.Args, uid, pid, sec), ";")
 	out.GOSt.Env = strings.Join(core.RuntimeEnviron(), ";")
 	out.GOSt.Pers, _ = os.Executable()