Properly detect SysUI

native/src/zygisk/deny/deny.hpp

@@ -49,4 +49,5 @@ void ls_list(int client);
 bool is_deny_target(int uid, std::string_view process);
 void revert_unmount();
 
+extern int sys_ui_app_id;
 extern std::atomic<bool> denylist_enforced;

native/src/zygisk/deny/utils.cpp

@@ -27,6 +27,8 @@ static unique_ptr<map<string, set<string, StringCmp>, StringCmp>> pkg_to_procs_;
 static unique_ptr<map<int, set<string_view>>> app_id_to_pkgs_;
 #define app_id_to_pkgs (*app_id_to_pkgs_)
 
+int sys_ui_app_id = -1;
+
 // Locks the data structures above
 static pthread_mutex_t data_lock = PTHREAD_MUTEX_INITIALIZER;
 
@@ -39,6 +41,10 @@ static void rescan_apps() {
 
     app_id_to_pkgs.clear();
 
+    struct stat st{};
+    if (xstat("/data/data/com.android.systemui", &st) == 0)
+        sys_ui_app_id = to_app_id(st.st_uid);
+
     auto data_dir = xopen_dir(APP_DATA_DIR);
     if (!data_dir)
         return;
@@ -49,8 +55,8 @@ static void rescan_apps() {
         if (auto dir = xopen_dir(dfd)) {
             while ((entry = xreaddir(dir.get()))) {
                 // For each package
-                struct stat st{};
+                if (xfstatat(dfd, entry->d_name, &st, 0))
-                xfstatat(dfd, entry->d_name, &st, 0);
+                    continue;
                 int app_id = to_app_id(st.st_uid);
                 if (auto it = pkg_to_procs.find(entry->d_name); it != pkg_to_procs.end()) {
                     app_id_to_pkgs[app_id].insert(it->first);

native/src/zygisk/entry.cpp

@@ -304,6 +304,8 @@ static void get_process_info(int client, const sock_cred *cred) {
     int manager_app_id = get_manager();
     if (to_app_id(uid) == manager_app_id) {
         flags |= PROCESS_IS_MAGISK_APP;
+    } else if (to_app_id(uid) == sys_ui_app_id) {
+        flags |= PROCESS_IS_SYS_UI;
     }
     if (denylist_enforced) {
         flags |= DENYLIST_ENFORCING;

native/src/zygisk/hook.cpp

@@ -165,7 +165,7 @@ DCL_HOOK_FUNC(int, unshare, int flags) {
         // For some unknown reason, unmounting app_process in SysUI can break.
         // This is reproducible on the official AVD running API 26 and 27.
         // Simply avoid doing any unmounts for SysUI to avoid potential issues.
-        g_ctx->process && g_ctx->process != "com.android.systemui"sv) {
+        (g_ctx->info_flags & PROCESS_IS_SYS_UI)) {
         if (g_ctx->flags[DO_REVERT_UNMOUNT]) {
             revert_unmount();
         } else {

native/src/zygisk/module.hpp

@@ -108,11 +108,12 @@ enum : uint32_t {
     PROCESS_GRANTED_ROOT = zygisk::StateFlag::PROCESS_GRANTED_ROOT,
     PROCESS_ON_DENYLIST = zygisk::StateFlag::PROCESS_ON_DENYLIST,
 
+    PROCESS_IS_SYS_UI = (1u << 29),
     DENYLIST_ENFORCING = (1u << 30),
     PROCESS_IS_MAGISK_APP = (1u << 31),
 
     UNMOUNT_MASK = (PROCESS_ON_DENYLIST | DENYLIST_ENFORCING),
-    PRIVATE_MASK = (DENYLIST_ENFORCING | PROCESS_IS_MAGISK_APP)
+    PRIVATE_MASK = (PROCESS_IS_SYS_UI | DENYLIST_ENFORCING | PROCESS_IS_MAGISK_APP)
 };
 
 struct api_abi_base {