From 54584410ce2c066b1afafd1d66c55d9cd068c6b4 Mon Sep 17 00:00:00 2001 From: ThePedroo Date: Fri, 16 May 2025 17:07:42 -0300 Subject: [PATCH] improve: flexibility of modules to modify mounts in `app_specialize_pre` This commit improves the flexibility of modules to modify mounts in "preAppSpecialize" in denylisted apps, which would later be setns to a new namespace, after executing Zygisk modules "preAppSpecialize". --- loader/src/injector/hook.cpp | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/loader/src/injector/hook.cpp b/loader/src/injector/hook.cpp index f419c9c..7fa20b2 100644 --- a/loader/src/injector/hook.cpp +++ b/loader/src/injector/hook.cpp @@ -698,8 +698,6 @@ void ZygiskContext::app_specialize_pre() { identify Zygisk, being it not built-in, as working, we also set it. */ setenv("ZYGISK_ENABLED", "1", 1); } else { - run_modules_pre(); - /* INFO: Modules only have two "start off" points from Zygisk, preSpecialize and postSpecialize. While preSpecialie in fact runs with Zygote (not superuser) privileges, in postSpecialize it will now be with lower permission, in @@ -707,10 +705,15 @@ void ZygiskContext::app_specialize_pre() { executing the modules preSpecialize. */ if ((info_flags & PROCESS_ON_DENYLIST) == PROCESS_ON_DENYLIST) { - flags[DO_REVERT_UNMOUNT] = true; + flags[DO_REVERT_UNMOUNT] = true; - update_mnt_ns(Clean, false); + update_mnt_ns(Clean, false); } + + /* INFO: Executed after setns to ensure a module can update the mounts of an + application without worrying about it being overwritten by setns. + */ + run_modules_pre(); } }