diff --git a/loader/src/common/daemon.cpp b/loader/src/common/daemon.cpp
index 22a2607..832f1c9 100644
--- a/loader/src/common/daemon.cpp
+++ b/loader/src/common/daemon.cpp
@@ -61,12 +61,7 @@ namespace zygiskd {
         for (size_t i = 0; i < len; i++) {
             std::string name = socket_utils::read_string(fd);
             int module_fd = socket_utils::recv_fd(fd);
-            auto handle = DlopenMem(module_fd, RTLD_NOW);
-            if (handle == nullptr) {
-                LOGW("Failed to dlopen module %s: %s", name.data(), dlerror());
-                continue;
-            }
-            modules.emplace_back(i, name, handle);
+            modules.emplace_back(name, module_fd);
         }
         return modules;
     }
diff --git a/loader/src/include/daemon.h b/loader/src/include/daemon.h
index bf49a61..3f88677 100644
--- a/loader/src/include/daemon.h
+++ b/loader/src/include/daemon.h
@@ -2,6 +2,7 @@
 
 #include <string_view>
 #include <string>
+#include <unistd.h>
 #include <vector>
 
 #if defined(__LP64__)
@@ -44,11 +45,9 @@ namespace zygiskd {
 
     struct Module {
         std::string name;
-        void* handle;
-        int id;
+        UniqueFd memfd;
 
-        inline explicit Module(int id, std::string name, void* handle)
-                : name(name), handle(handle), id(id) {}
+        inline explicit Module(std::string name, int memfd) : name(name), memfd(memfd) {}
     };
 
     enum class SocketAction {
diff --git a/loader/src/injector/entry.cpp b/loader/src/injector/entry.cpp
index 116469a..ac82b84 100644
--- a/loader/src/injector/entry.cpp
+++ b/loader/src/injector/entry.cpp
@@ -5,6 +5,7 @@
 using namespace std;
 
 void *self_handle = nullptr;
+vector<zygiskd::Module> preloaded_modules;
 
 [[gnu::destructor]] [[maybe_unused]]
 static void zygisk_cleanup_wait() {
@@ -15,9 +16,18 @@ static void zygisk_cleanup_wait() {
     }
 }
 
+void preload_modules() {
+    LOGI("Preload modules");
+    preloaded_modules = zygiskd::ReadModules();
+    for (auto& module : preloaded_modules) {
+        LOGD("  Preloaded `%s`", module.name.data());
+    }
+}
+
 extern "C" __used void entry(void *handle) {
-    LOGD("load success");
+    LOGD("Load injector successful");
     self_handle = handle;
+    preload_modules();
     hook_functions();
 }
 
diff --git a/loader/src/injector/hook.cpp b/loader/src/injector/hook.cpp
index 16b8c9f..f5b7e55 100644
--- a/loader/src/injector/hook.cpp
+++ b/loader/src/injector/hook.cpp
@@ -12,6 +12,7 @@
 #include <daemon.h>
 #include <dirent.h>
 
+#include "dl.h"
 #include "zygisk.hpp"
 #include "memory.hpp"
 #include "module.hpp"
@@ -535,14 +536,17 @@ void HookContext::fork_post() {
 }
 
 void HookContext::run_modules_pre() {
-    auto ms = zygiskd::ReadModules();
-    modules.reserve(ms.size());
-    for (auto &m: ms) {
-        auto h = m.handle;
-        if (void *e = dlsym(h, "zygisk_module_entry")) {
-            modules.emplace_back(m.id, h, e);
+    size_t size = preloaded_modules.size();
+    modules.reserve(size);
+    for (size_t i = 0; i < size; i++) {
+        auto& module = preloaded_modules[i];
+        if (void* handle = DlopenMem(module.memfd, RTLD_NOW);
+            void* entry = handle ? dlsym(handle, "zygisk_module_entry") : nullptr) {
+            modules.emplace_back(i, handle, entry);
         }
     }
+    // memfds will be closed by RTTI
+    preloaded_modules.clear();
 
     for (auto &m : modules) {
         m.onLoad(env);
diff --git a/loader/src/injector/zygisk.hpp b/loader/src/injector/zygisk.hpp
index 4880af9..37c0a2a 100644
--- a/loader/src/injector/zygisk.hpp
+++ b/loader/src/injector/zygisk.hpp
@@ -4,7 +4,9 @@
 #include <jni.h>
 #include <vector>
 
+#include "daemon.h"
+
 extern void *self_handle;
+extern std::vector<zygiskd::Module> preloaded_modules;
 
 void hook_functions();
-
diff --git a/module/src/customize.sh b/module/src/customize.sh
index d9cfd85..5a856aa 100644
--- a/module/src/customize.sh
+++ b/module/src/customize.sh
@@ -49,6 +49,7 @@ ui_print "- Extracting module files"
 extract "$ZIPFILE" 'daemon.sh'       "$MODPATH"
 extract "$ZIPFILE" 'module.prop'     "$MODPATH"
 extract "$ZIPFILE" 'post-fs-data.sh' "$MODPATH"
+extract "$ZIPFILE" 'sepolicy.rule'   "$MODPATH"
 extract "$ZIPFILE" 'service.sh'      "$MODPATH"
 
 HAS32BIT=false && [ -d "/system/lib" ] && HAS32BIT=true
diff --git a/module/src/sepolicy.rule b/module/src/sepolicy.rule
new file mode 100644
index 0000000..671f811
--- /dev/null
+++ b/module/src/sepolicy.rule
@@ -0,0 +1,2 @@
+allow * tmpfs * *
+allow system_server system_server process execmem
diff --git a/zygiskd/src/zygisk.rs b/zygiskd/src/zygisk.rs
index 19a8f32..e9780d0 100644
--- a/zygiskd/src/zygisk.rs
+++ b/zygiskd/src/zygisk.rs
@@ -99,8 +99,8 @@ fn load_modules(arch: &str) -> Result<Vec<Module>> {
     for entry_result in dir.into_iter() {
         let entry = entry_result?;
         let name = entry.file_name().into_string().unwrap();
-        let so_path = entry.path().join(format!("zygisksu/{arch}.so"));
-        let disabled = entry.path().join("disabled");
+        let so_path = entry.path().join(format!("zygisk/{arch}.so"));
+        let disabled = entry.path().join("disable");
         if !so_path.exists() || disabled.exists() {
             continue;
         }