From c3b4678f6e81a0a64d2a8f84711284fffb10c393 Mon Sep 17 00:00:00 2001 From: topjohnwu Date: Mon, 10 Oct 2022 21:28:04 -0700 Subject: [PATCH] Properly detect SysUI --- native/src/zygisk/deny/deny.hpp | 1 + native/src/zygisk/deny/utils.cpp | 10 ++++++++-- native/src/zygisk/entry.cpp | 2 ++ native/src/zygisk/hook.cpp | 2 +- native/src/zygisk/module.hpp | 3 ++- 5 files changed, 14 insertions(+), 4 deletions(-) diff --git a/native/src/zygisk/deny/deny.hpp b/native/src/zygisk/deny/deny.hpp index 656b1dcca..e46e66239 100644 --- a/native/src/zygisk/deny/deny.hpp +++ b/native/src/zygisk/deny/deny.hpp @@ -49,4 +49,5 @@ void ls_list(int client); bool is_deny_target(int uid, std::string_view process); void revert_unmount(); +extern int sys_ui_app_id; extern std::atomic denylist_enforced; diff --git a/native/src/zygisk/deny/utils.cpp b/native/src/zygisk/deny/utils.cpp index dbd8c218a..41ee4752c 100644 --- a/native/src/zygisk/deny/utils.cpp +++ b/native/src/zygisk/deny/utils.cpp @@ -27,6 +27,8 @@ static unique_ptr, StringCmp>> pkg_to_procs_; static unique_ptr>> app_id_to_pkgs_; #define app_id_to_pkgs (*app_id_to_pkgs_) +int sys_ui_app_id = -1; + // Locks the data structures above static pthread_mutex_t data_lock = PTHREAD_MUTEX_INITIALIZER; @@ -39,6 +41,10 @@ static void rescan_apps() { app_id_to_pkgs.clear(); + struct stat st{}; + if (xstat("/data/data/com.android.systemui", &st) == 0) + sys_ui_app_id = to_app_id(st.st_uid); + auto data_dir = xopen_dir(APP_DATA_DIR); if (!data_dir) return; @@ -49,8 +55,8 @@ static void rescan_apps() { if (auto dir = xopen_dir(dfd)) { while ((entry = xreaddir(dir.get()))) { // For each package - struct stat st{}; - xfstatat(dfd, entry->d_name, &st, 0); + if (xfstatat(dfd, entry->d_name, &st, 0)) + continue; int app_id = to_app_id(st.st_uid); if (auto it = pkg_to_procs.find(entry->d_name); it != pkg_to_procs.end()) { app_id_to_pkgs[app_id].insert(it->first); diff --git a/native/src/zygisk/entry.cpp b/native/src/zygisk/entry.cpp index b9c21821c..9a5ddb5e2 100644 --- a/native/src/zygisk/entry.cpp +++ b/native/src/zygisk/entry.cpp @@ -304,6 +304,8 @@ static void get_process_info(int client, const sock_cred *cred) { int manager_app_id = get_manager(); if (to_app_id(uid) == manager_app_id) { flags |= PROCESS_IS_MAGISK_APP; + } else if (to_app_id(uid) == sys_ui_app_id) { + flags |= PROCESS_IS_SYS_UI; } if (denylist_enforced) { flags |= DENYLIST_ENFORCING; diff --git a/native/src/zygisk/hook.cpp b/native/src/zygisk/hook.cpp index 7e3a5710d..812451248 100644 --- a/native/src/zygisk/hook.cpp +++ b/native/src/zygisk/hook.cpp @@ -165,7 +165,7 @@ DCL_HOOK_FUNC(int, unshare, int flags) { // For some unknown reason, unmounting app_process in SysUI can break. // This is reproducible on the official AVD running API 26 and 27. // Simply avoid doing any unmounts for SysUI to avoid potential issues. - g_ctx->process && g_ctx->process != "com.android.systemui"sv) { + (g_ctx->info_flags & PROCESS_IS_SYS_UI)) { if (g_ctx->flags[DO_REVERT_UNMOUNT]) { revert_unmount(); } else { diff --git a/native/src/zygisk/module.hpp b/native/src/zygisk/module.hpp index a5b0bd180..e892b1ed1 100644 --- a/native/src/zygisk/module.hpp +++ b/native/src/zygisk/module.hpp @@ -108,11 +108,12 @@ enum : uint32_t { PROCESS_GRANTED_ROOT = zygisk::StateFlag::PROCESS_GRANTED_ROOT, PROCESS_ON_DENYLIST = zygisk::StateFlag::PROCESS_ON_DENYLIST, + PROCESS_IS_SYS_UI = (1u << 29), DENYLIST_ENFORCING = (1u << 30), PROCESS_IS_MAGISK_APP = (1u << 31), UNMOUNT_MASK = (PROCESS_ON_DENYLIST | DENYLIST_ENFORCING), - PRIVATE_MASK = (DENYLIST_ENFORCING | PROCESS_IS_MAGISK_APP) + PRIVATE_MASK = (PROCESS_IS_SYS_UI | DENYLIST_ENFORCING | PROCESS_IS_MAGISK_APP) }; struct api_abi_base {