From e03060eb2242b144ed7d3557f9b202c5cbd8244f Mon Sep 17 00:00:00 2001
From: snake-4 <18491360+snake-4@users.noreply.github.com>
Date: Wed, 24 Apr 2024 07:44:00 +0200
Subject: [PATCH] Added Zygisk hide for 27.0 and renamed unmount.cpp

---
 module/jni/Android.mk                   |  2 +-
 module/jni/include/logging.hpp          |  5 ++-
 module/jni/include/modules.hpp          |  5 +++
 module/jni/main.cpp                     |  7 ++--
 module/jni/{unmount.cpp => modules.cpp} | 50 ++++++++++++++++++++++++-
 5 files changed, 61 insertions(+), 8 deletions(-)
 create mode 100644 module/jni/include/modules.hpp
 rename module/jni/{unmount.cpp => modules.cpp} (72%)

diff --git a/module/jni/Android.mk b/module/jni/Android.mk
index fbf3177..245b2eb 100644
--- a/module/jni/Android.mk
+++ b/module/jni/Android.mk
@@ -3,7 +3,7 @@ LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_C_INCLUDES := $(LOCAL_PATH)/include $(LOCAL_PATH)/elfio
 LOCAL_MODULE := zygisk
-LOCAL_SRC_FILES := utils.cpp map_parser.cpp mount_parser.cpp mountinfo_parser.cpp unmount.cpp main.cpp
+LOCAL_SRC_FILES := utils.cpp map_parser.cpp mount_parser.cpp mountinfo_parser.cpp modules.cpp main.cpp
 LOCAL_STATIC_LIBRARIES := libcxx
 LOCAL_LDLIBS := -llog
 include $(BUILD_SHARED_LIBRARY)
diff --git a/module/jni/include/logging.hpp b/module/jni/include/logging.hpp
index 5d96271..13f4e8c 100644
--- a/module/jni/include/logging.hpp
+++ b/module/jni/include/logging.hpp
@@ -1,7 +1,8 @@
 #pragma once
 #include <android/log.h>
-#include <string.h>
-#include <errno.h>
+#include <cstring>
+#include <cerrno>
+#include <cinttypes>
 
 #ifndef NDEBUG
 static constexpr auto TAG = "ZygiskAssistant/JNI";
diff --git a/module/jni/include/modules.hpp b/module/jni/include/modules.hpp
new file mode 100644
index 0000000..be24108
--- /dev/null
+++ b/module/jni/include/modules.hpp
@@ -0,0 +1,5 @@
+#pragma once
+
+void doUnmount();
+void doRemount();
+void doHideZygisk();
diff --git a/module/jni/main.cpp b/module/jni/main.cpp
index 3a9da58..2f2d274 100644
--- a/module/jni/main.cpp
+++ b/module/jni/main.cpp
@@ -1,7 +1,6 @@
 #include <unistd.h>
 #include <sched.h>
 #include <sys/mount.h>
-#include <grp.h>
 
 #include <cstdint>
 #include <functional>
@@ -9,14 +8,12 @@
 #include "zygisk.hpp"
 #include "logging.hpp"
 #include "utils.hpp"
+#include "modules.hpp"
 
 using zygisk::Api;
 using zygisk::AppSpecializeArgs;
 using zygisk::ServerSpecializeArgs;
 
-void doUnmount();
-void doRemount();
-
 static std::function<void()> callbackFunction = []() {};
 
 /*
@@ -121,6 +118,8 @@ public:
                 doRemount();
             }
 
+            doHideZygisk();
+
             // Call only once per process.
             callbackFunction = []() {};
         };
diff --git a/module/jni/unmount.cpp b/module/jni/modules.cpp
similarity index 72%
rename from module/jni/unmount.cpp
rename to module/jni/modules.cpp
index 0c12777..a781132 100644
--- a/module/jni/unmount.cpp
+++ b/module/jni/modules.cpp
@@ -2,11 +2,13 @@
 #include <vector>
 #include <set>
 #include <unordered_map>
-
+#include <cstdint>
 #include <sys/mount.h>
+#include <elfio/elfio.hpp>
 
 #include "zygisk.hpp"
 #include "logging.hpp"
+#include "map_parser.hpp"
 #include "mount_parser.hpp"
 #include "mountinfo_parser.hpp"
 #include "utils.hpp"
@@ -128,3 +130,49 @@ void doRemount()
         }
     }
 }
+
+/*
+ * Is it guaranteed to work? No.
+ * At least it has lots of error checking so if something goes wrong
+ * the state should remain relatively safe.
+ */
+void doHideZygisk()
+{
+    using namespace ELFIO;
+
+    elfio reader;
+    std::string filePath;
+    uintptr_t startAddress = 0, bssAddress = 0;
+
+    for (const auto &map : parseMapsFromPath("/proc/self/maps"))
+    {
+        if (map.getPathname().ends_with("/libnativebridge.so") && map.getPerms() == "r--p")
+        {
+            // First ro page should be the ELF header
+            filePath = map.getPathname();
+            startAddress = map.getAddressStart();
+            break;
+        }
+    }
+
+    ASSERT_EXIT("doHideZygisk", startAddress != 0, return);
+    ASSERT_EXIT("doHideZygisk", reader.load(filePath), return);
+
+    size_t bssSize = 0;
+    for (const auto &sec : reader.sections)
+    {
+        if (sec->get_name() == ".bss")
+        {
+            bssAddress = startAddress + sec->get_address();
+            bssSize = static_cast<size_t>(sec->get_size());
+            break;
+        }
+    }
+
+    ASSERT_EXIT("doHideZygisk", bssAddress != 0, return);
+    LOGD("Found .bss for \"%s\" at 0x%" PRIxPTR " sized %" PRIuPTR " bytes.", filePath.c_str(), bssAddress, bssSize);
+
+    uint8_t *pHadError = reinterpret_cast<uint8_t *>(memchr(reinterpret_cast<void *>(bssAddress), 0x01, bssSize));
+    ASSERT_EXIT("doHideZygisk", pHadError != nullptr, return);
+    *pHadError = 0;
+}