From c975722795473941abe4888528b158e348ca28b0 Mon Sep 17 00:00:00 2001
From: ThePedroo <pedroolimpioguerra@gmail.com>
Date: Sun, 1 Jun 2025 23:21:43 -0300
Subject: [PATCH] update: PLT hooks unload

This commit changes how PLT hooks are unloaded, so that we're able to bypass detections caused by page faulting libandroid_runtime.so.
---
 loader/src/injector/hook.cpp | 34 ++++++++++++++++++----------------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/loader/src/injector/hook.cpp b/loader/src/injector/hook.cpp
index cd88f25..d135aa0 100644
--- a/loader/src/injector/hook.cpp
+++ b/loader/src/injector/hook.cpp
@@ -31,7 +31,6 @@
 using namespace std;
 
 static void hook_unloader();
-static void unhook_functions();
 
 namespace {
 
@@ -220,8 +219,14 @@ DCL_HOOK_FUNC(int, pthread_attr_setstacksize, void *target, size_t size) {
     if (gettid() != getpid())
         return res;
 
+    delete plt_hook_list;
+
     if (should_unmap_zygisk) {
-        unhook_functions();
+        if (!lsplt::InvalidateBackup()) {
+            LOGE("Failed to invalidate backup for plt_hook");
+
+            should_unmap_zygisk = false;
+        }
         cached_map_infos.clear();
 
         if (should_unmap_zygisk) {
@@ -232,6 +237,17 @@ DCL_HOOK_FUNC(int, pthread_attr_setstacksize, void *target, size_t size) {
 
             [[clang::musttail]] return munmap(start_addr, block_size);
         }
+    } else {
+        for (const auto &[dev, inode, sym, old_func] : *plt_hook_list) {
+            if (!lsplt::RegisterHook(dev, inode, sym, *old_func, nullptr)) {
+                LOGE("Failed to register plt_hook [%s]", sym);
+            }
+        }
+
+        if (!lsplt::CommitHook(cached_map_infos)) {
+            LOGE("Failed to restore plt_hook");
+            should_unmap_zygisk = false;
+        }
     }
 
     return res;
@@ -950,17 +966,3 @@ static void hook_unloader() {
     PLT_HOOK_REGISTER(art_dev, art_inode, pthread_attr_setstacksize);
     hook_commit();
 }
-
-static void unhook_functions() {
-    // Unhook plt_hook
-    for (const auto &[dev, inode, sym, old_func] : *plt_hook_list) {
-        if (!lsplt::RegisterHook(dev, inode, sym, *old_func, nullptr)) {
-            LOGE("Failed to register plt_hook [%s]", sym);
-        }
-    }
-    delete plt_hook_list;
-    if (!hook_commit()) {
-        LOGE("Failed to restore plt_hook");
-        should_unmap_zygisk = false;
-    }
-}