fix: not properly switching mount ns

This commit corrects mount namespace code.

module/build.gradle.kts

@@ -100,7 +100,6 @@ androidComponents.onVariants { variant ->
                 val privKey = kf.generatePrivate(privKeySpec);
                 val sig = Signature.getInstance("ed25519")
                 fun File.sha(realFile: File? = null) {
-                    val path = this.path.replace("\\", "/")
                     sig.update(this.name.toByteArray())
                     sig.update(0) // null-terminated string
                     val real = realFile ?: this

zygiskd/src/main.c

@@ -78,7 +78,11 @@ int main(int argc, char *argv[]) {
     }
   }
 
-  switch_mount_namespace((pid_t)1);
+  if (switch_mount_namespace((pid_t)1) == false) {
+    LOGE("Failed to switch mount namespace\n");
+
+    return 1;
+  }
   root_impls_setup();
   zygiskd_start();
 

zygiskd/src/utils.c

@@ -1,6 +1,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <fcntl.h>
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/un.h>
@@ -15,42 +16,28 @@
 
 #include "utils.h"
 
-void switch_mount_namespace(pid_t pid) {
+bool switch_mount_namespace(pid_t pid) {
-  char current_path[PATH_MAX];
-  if (getcwd(current_path, PATH_MAX) == NULL) {
-    /* TODO: Improve error messages */
-    LOGE("getcwd: %s\n", strerror(errno));
-
-    return;
-  }
-
-  /* INFO: We will NEVER achieve PATH_MAX value, but this is for ensurance. */
   char path[PATH_MAX];
-  snprintf(path, PATH_MAX, "/proc/%d/ns/mnt", pid);
+  snprintf(path, sizeof(path), "/proc/%d/ns/mnt", pid);
 
-  FILE *mnt_ns = fopen(path, "r");
+  int nsfd = open(path, O_RDONLY | O_CLOEXEC);
-  if (mnt_ns == NULL) {
+  if (nsfd == -1) {
-    /* TODO: Improve error messages */
+    LOGE("Failed to open nsfd: %s\n", strerror(errno));
-    LOGE("fopen: %s\n", strerror(errno));
 
-    return;
+    return false;
   }
 
-  if (setns(fileno(mnt_ns), 0) == -1) {
+  if (setns(nsfd, CLONE_NEWNS) == -1) {
-    /* TODO: Improve error messages */
+    LOGE("Failed to setns: %s\n", strerror(errno));
-    LOGE("setns: %s\n", strerror(errno));
 
-    return;
+    close(nsfd);
+
+    return false;
   }
 
-  fclose(mnt_ns);
+  close(nsfd);
 
-  if (chdir(current_path) == -1) {
+  return true;
-    /* TODO: Improve error messages */
-    LOGE("chdir: %s\n", strerror(errno));
-
-    return;
-  }
 }
 
 int __system_property_get(const char *, char *);
@@ -63,35 +50,39 @@ void set_socket_create_context(const char *context) {
   char path[PATH_MAX];
   snprintf(path, PATH_MAX, "/proc/thread-self/attr/sockcreate");
 
-  FILE *sockcreate = fopen(path, "w");
+  int sockcreate = open(path, O_CLOEXEC);
-  if (sockcreate == NULL) {
+  if (sockcreate == -1) {
-    LOGE("fopen: %s\n", strerror(errno));
+    LOGE("Failed to open sockcreate: %s\n", strerror(errno));
+    errno = 0;
 
     return;
   }
 
-  if (fwrite(context, 1, strlen(context), sockcreate) != strlen(context)) {
+  if (write(context, 1, strlen(context), sockcreate) != strlen(context)) {
     LOGE("fwrite: %s\n", strerror(errno));
+    errno = 0;
 
     return;
   }
 
-  fclose(sockcreate);
+  close(sockcreate);
 }
 
 static void get_current_attr(char *output) {
   char path[PATH_MAX];
   snprintf(path, PATH_MAX, "/proc/self/attr/current");
 
-  FILE *current = fopen(path, "r");
+  int current = open(path, O_RDONLY | O_CLOEXEC);
-  if (current == NULL) {
+  if (current == -1) {
-    LOGE("fopen: %s\n", strerror(errno));
+    LOGE("Failed to open current: %s\n", strerror(errno));
+    errno = 0;
 
     return;
   }
 
-  if (fgets(output, PATH_MAX, current) == NULL) {
+  if (fgets(output, PATH_MAX, fileno(current)) == NULL) {
     LOGE("fgets: %s\n", strerror(errno));
+    errno = 0;
 
     return;
   }

zygiskd/src/utils.h

@@ -13,7 +13,7 @@
   __android_log_print(ANDROID_LOG_INFO , lp_select("zygiskd32", "zygiskd64"), __VA_ARGS__); \
   printf(__VA_ARGS__)
 
-void switch_mount_namespace(pid_t pid);
+bool switch_mount_namespace(pid_t pid);
 
 void get_property(const char *name, char *output);