Bump to 0.6.3

* CI

Signed-off-by: 5ec1cff <ewtqyqyewtqyqy@gmail.com>

* Update gradle.properties

* add rustup targets (#1)

* Update ci.yml

* Update ci.yml

* Update ci.yml

* Use ccache and rust-cache

Signed-off-by: 5ec1cff <ewtqyqyewtqyqy@gmail.com>

---------

Signed-off-by: 5ec1cff <ewtqyqyewtqyqy@gmail.com>
Co-authored-by: Mufanc <47652878+Mufanc@users.noreply.github.com>

.github/workflows/ci.yml

@@ -0,0 +1,88 @@
+name: CI
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [ master ]
+    tags: [ v* ]
+  pull_request:
+  merge_group:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    env:
+      CCACHE_COMPILERCHECK: "%compiler% -dumpmachine; %compiler% -dumpversion"
+      CCACHE_NOHASHDIR: "true"
+      CCACHE_HARDLINK: "true"
+      CCACHE_BASEDIR: "${{ github.workspace }}"
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          submodules: "recursive"
+          fetch-depth: 0
+
+      - name: Setup Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: "temurin"
+          java-version: "17"
+
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
+        with:
+          gradle-home-cache-cleanup: true
+
+      - name: Setup rust-cache
+        uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: zygiskd/src -> ../build/intermediates/rust
+          cache-targets: false
+          
+      - name: Setup Rust
+        run: |
+          rustup target add armv7-linux-androideabi
+          rustup target add aarch64-linux-android
+          rustup target add x86_64-linux-android
+          rustup target add i686-linux-android
+
+      - name: Set up ccache
+        uses: hendrikmuhs/ccache-action@v1.2
+        with:
+          max-size: 2G
+          key: ${{ runner.os }}
+          restore-keys: ${{ runner.os }}
+          save: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
+
+      - name: Build with Gradle
+        run: |
+          echo 'org.gradle.parallel=true' >> gradle.properties
+          echo 'org.gradle.vfs.watch=true' >> gradle.properties
+          echo 'org.gradle.jvmargs=-Xmx2048m' >> gradle.properties
+          echo 'android.native.buildOutput=verbose' >> gradle.properties
+          sed -i 's/org.gradle.unsafe.configuration-cache=true//g' gradle.properties
+          ./gradlew zipRelease
+          ./gradlew zipDebug
+
+      - name: Prepare artifact
+        if: success()
+        id: prepareArtifact
+        run: |
+          releaseName=`ls module/build/outputs/release/Zygisk-on-KernelSU-v*-release.zip | awk -F '(/|.zip)' '{print $5}'` && echo "releaseName=$releaseName" >> $GITHUB_OUTPUT
+          debugName=`ls module/build/outputs/release/Zygisk-on-KernelSU-v*-debug.zip | awk -F '(/|.zip)' '{print $5}'` && echo "debugName=$debugName" >> $GITHUB_OUTPUT
+          unzip module/build/outputs/release/Zygisk-on-KernelSU-v*-release.zip -d zksu-release
+          unzip module/build/outputs/release/Zygisk-on-KernelSU-v*-debug.zip -d zksu-debug
+
+      - name: Upload release
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ steps.prepareArtifact.outputs.releaseName }}
+          path: "./zksu-release/*"
+
+      - name: Upload debug
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ steps.prepareArtifact.outputs.debugName }}
+          path: "./zksu-debug/*"

.gitmodules

@@ -1,9 +1,6 @@
-[submodule "loader/src/external/liblsplt"]
-	path = loader/src/external/liblsplt
-	url = https://github.com/LSPosed/LSPlt
+[submodule "loader/src/external/lsplt"]
+	path = loader/src/external/lsplt
+	url = https://github.com/LSPosed/lsplt
 [submodule "loader/src/external/parallel-hashmap"]
 	path = loader/src/external/parallel-hashmap
 	url = https://github.com/greg7mdp/parallel-hashmap
-[submodule "zygiskd/src/external/binder_rs"]
-	path = zygiskd/src/external/binder_rs
-	url = https://github.com/Kernel-SU/binder_rs

README.md

@@ -6,11 +6,21 @@ Also works as standalone loader for Magisk on purpose of getting rid of LD_PRELO
 
 ## Requirements
 
-+ Minimal KernelSU version: 10654
-+ Minimal ksud version: 10647
-+ Full SELinux patch support (If non-gki kernel)
+### General
+
 + No multiple root implementation installed
 
+### KernelSU
+
++ Minimal KernelSU version: 10654
++ Minimal ksud version: 10670
++ Kernel has full SELinux patch support
+
+### Magisk
+
++ Minimal version: 25208
++ Original Zygisk turned off
+
 ## Compatibility
 
 Should work with everything except those rely on Magisk internal behaviors.

build.gradle.kts

@@ -31,12 +31,12 @@ val gitCommitHash = "git rev-parse --verify --short HEAD".execute()
 
 val moduleId by extra("zygisksu")
 val moduleName by extra("Zygisk on KernelSU")
-val verName by extra("v4-0.5.1")
+val verName by extra("v4-0.6.3")
 val verCode by extra(gitCommitCount)
 val minKsuVersion by extra(10654)
-val minKsudVersion by extra(10647)
+val minKsudVersion by extra(10670)
 val maxKsuVersion by extra(20000)
-val minMagiskVersion by extra(25000)
+val minMagiskVersion by extra(25208)
 
 val androidMinSdkVersion by extra(29)
 val androidTargetSdkVersion by extra(33)

gradle.properties

@@ -20,4 +20,4 @@ kotlin.code.style=official
 # Enables namespacing of each library's R class so that its R class includes only the
 # resources declared in the library itself and none from the library's dependencies,
 # thereby reducing the size of the R class for that library
-android.nonTransitiveRClass=true
+android.nonTransitiveRClass=true

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.0-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.1-bin.zip
 distributionPath=wrapper/dists
 zipStorePath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME

loader/build.gradle.kts

@@ -1,7 +1,26 @@
+import java.nio.file.Paths
+import org.gradle.internal.os.OperatingSystem
+
 plugins {
     id("com.android.library")
 }
 
+fun Project.findInPath(executable: String, property: String): String? {
+    val pathEnv = System.getenv("PATH")
+    return pathEnv.split(File.pathSeparator).map { folder ->
+        Paths.get("${folder}${File.separator}${executable}${if (OperatingSystem.current().isWindows) ".exe" else ""}")
+            .toFile()
+    }.firstOrNull { path ->
+        path.exists()
+    }?.absolutePath ?: properties.getOrDefault(property, null) as? String?
+}
+
+val ccachePatch by lazy {
+    project.findInPath("ccache", "ccache.path")?.also {
+        println("loader: Use ccache: $it")
+    }
+}
+
 android {
     buildFeatures {
         androidResources = false
@@ -12,6 +31,16 @@ android {
     externalNativeBuild.ndkBuild {
         path("src/Android.mk")
     }
+
+    defaultConfig {
+        externalNativeBuild {
+            ndkBuild {
+                ccachePatch?.let {
+                    arguments += "NDK_CCACHE=$it"
+                }
+            }
+        }
+    }
 }
 
 dependencies {

loader/src/Android.mk

@@ -13,7 +13,7 @@ LOCAL_LDLIBS           := -llog
 include $(BUILD_STATIC_LIBRARY)
 
 include $(CLEAR_VARS)
-LOCAL_MODULE           := zygiskloader
+LOCAL_MODULE           := zygisk_loader
 LOCAL_C_INCLUDES       := $(LOCAL_PATH)/include
 FILE_LIST              := $(filter %.cpp, $(call walk, $(LOCAL_PATH)/loader))
 LOCAL_SRC_FILES        := $(FILE_LIST:COMMON_FILE_LIST:$(LOCAL_PATH)/%=%)
@@ -22,7 +22,7 @@ LOCAL_LDLIBS           := -llog
 include $(BUILD_SHARED_LIBRARY)
 
 include $(CLEAR_VARS)
-LOCAL_MODULE           := injector
+LOCAL_MODULE           := zygisk_injector
 LOCAL_C_INCLUDES       := $(LOCAL_PATH)/include
 FILE_LIST              := $(filter %.cpp, $(call walk, $(LOCAL_PATH)/injector))
 LOCAL_SRC_FILES        := $(FILE_LIST:COMMON_FILE_LIST:$(LOCAL_PATH)/%=%)

loader/src/common/daemon.cpp

@@ -8,19 +8,37 @@
 
 namespace zygiskd {
 
+    bool sMagicRead = false;
+    static std::string sSocketName;
+
+    void ReadMagic() {
+        sMagicRead = true;
+        char magic[PATH_MAX]{0};
+        auto fp = fopen(kZygiskMagic, "r");
+        if (fp == nullptr) {
+            PLOGE("Open magic file");
+            return;
+        }
+        fgets(magic, PATH_MAX, fp);
+        fclose(fp);
+        sSocketName.append(LP_SELECT("zygiskd32", "zygiskd64")).append(magic);
+        LOGD("Socket name: %s", sSocketName.data());
+    }
+
     int Connect(uint8_t retry) {
+        if (!sMagicRead) ReadMagic();
         int fd = socket(PF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
         struct sockaddr_un addr{
                 .sun_family = AF_UNIX,
                 .sun_path={0},
         };
-        strncpy(addr.sun_path + 1, kZygiskSocket.data(), kZygiskSocket.size());
+        strcpy(addr.sun_path + 1, sSocketName.data());
         socklen_t socklen = sizeof(sa_family_t) + strlen(addr.sun_path + 1) + 1;
 
         while (retry--) {
             int r = connect(fd, reinterpret_cast<struct sockaddr*>(&addr), socklen);
             if (r == 0) return fd;
-            LOGW("retrying to connect to zygiskd, sleep 1s");
+            LOGW("Retrying to connect to zygiskd, sleep 1s");
             sleep(1);
         }
 

loader/src/external/Android.mk

@@ -3,18 +3,19 @@ LOCAL_PATH := $(call my-dir)
 # liblsplt.a
 include $(CLEAR_VARS)
 LOCAL_MODULE:= liblsplt
-LOCAL_C_INCLUDES := $(LOCAL_PATH)/liblsplt/lsplt/src/main/jni/include
+LOCAL_C_INCLUDES := $(LOCAL_PATH)/lsplt/lsplt/src/main/jni/include
 LOCAL_EXPORT_C_INCLUDES := $(LOCAL_C_INCLUDES)
-LOCAL_CFLAGS := -Wall -Wextra -Werror -fvisibility=hidden
+LOCAL_CFLAGS := -Wall -Wextra -Werror -fvisibility=hidden -DLOG_DISABLED
 LOCAL_CPPFLAGS := -std=c++20
 LOCAL_STATIC_LIBRARIES := libcxx
 LOCAL_SRC_FILES := \
-	liblsplt/lsplt/src/main/jni/elf_util.cc \
-	liblsplt/lsplt/src/main/jni/lsplt.cc
+    lsplt/lsplt/src/main/jni/elf_util.cc \
+    lsplt/lsplt/src/main/jni/lsplt.cc
 include $(BUILD_STATIC_LIBRARY)
 
 # Header only library
 include $(CLEAR_VARS)
 LOCAL_MODULE:= libphmap
+LOCAL_CFLAGS := -Wno-unused-value
 LOCAL_EXPORT_C_INCLUDES := $(LOCAL_PATH)/parallel-hashmap
 include $(BUILD_STATIC_LIBRARY)

loader/src/include/daemon.h

@@ -10,7 +10,8 @@
 #else
 # define LP_SELECT(lp32, lp64) lp32
 #endif
-constexpr std::string_view kZygiskSocket = LP_SELECT("zygiskd32", "zygiskd64") "socket_placeholder";
+
+constexpr auto kZygiskMagic = "/system/zygisk_magic";
 
 class UniqueFd {
     using Fd = int;

loader/src/injector/files.cpp

@@ -0,0 +1,122 @@
+#include <sys/sysmacros.h>
+
+#include "files.hpp"
+#include "misc.hpp"
+
+using namespace std::string_view_literals;
+
+void file_readline(bool trim, FILE *fp, const std::function<bool(std::string_view)> &fn) {
+    size_t len = 1024;
+    char *buf = (char *) malloc(len);
+    char *start;
+    ssize_t read;
+    while ((read = getline(&buf, &len, fp)) >= 0) {
+        start = buf;
+        if (trim) {
+            while (read && "\n\r "sv.find(buf[read - 1]) != std::string::npos)
+                --read;
+            buf[read] = '\0';
+            while (*start == ' ')
+                ++start;
+        }
+        if (!fn(start))
+            break;
+    }
+    free(buf);
+}
+
+void file_readline(bool trim, const char *file, const std::function<bool(std::string_view)> &fn) {
+    if (auto fp = open_file(file, "re"))
+        file_readline(trim, fp.get(), fn);
+}
+void file_readline(const char *file, const std::function<bool(std::string_view)> &fn) {
+    file_readline(false, file, fn);
+}
+
+std::vector<mount_info> parse_mount_info(const char *pid) {
+    char buf[PATH_MAX] = {};
+    snprintf(buf, sizeof(buf), "/proc/%s/mountinfo", pid);
+    std::vector<mount_info> result;
+
+    file_readline(buf, [&result](std::string_view line) -> bool {
+        int root_start = 0, root_end = 0;
+        int target_start = 0, target_end = 0;
+        int vfs_option_start = 0, vfs_option_end = 0;
+        int type_start = 0, type_end = 0;
+        int source_start = 0, source_end = 0;
+        int fs_option_start = 0, fs_option_end = 0;
+        int optional_start = 0, optional_end = 0;
+        unsigned int id, parent, maj, min;
+        sscanf(line.data(),
+               "%u "           // (1) id
+               "%u "           // (2) parent
+               "%u:%u "        // (3) maj:min
+               "%n%*s%n "      // (4) mountroot
+               "%n%*s%n "      // (5) target
+               "%n%*s%n"       // (6) vfs options (fs-independent)
+               "%n%*[^-]%n - " // (7) optional fields
+               "%n%*s%n "      // (8) FS type
+               "%n%*s%n "      // (9) source
+               "%n%*s%n",      // (10) fs options (fs specific)
+               &id, &parent, &maj, &min, &root_start, &root_end, &target_start,
+               &target_end, &vfs_option_start, &vfs_option_end,
+               &optional_start, &optional_end, &type_start, &type_end,
+               &source_start, &source_end, &fs_option_start, &fs_option_end);
+
+        auto root = line.substr(root_start, root_end - root_start);
+        auto target = line.substr(target_start, target_end - target_start);
+        auto vfs_option =
+                line.substr(vfs_option_start, vfs_option_end - vfs_option_start);
+        ++optional_start;
+        --optional_end;
+        auto optional = line.substr(
+                optional_start,
+                optional_end - optional_start > 0 ? optional_end - optional_start : 0);
+
+        auto type = line.substr(type_start, type_end - type_start);
+        auto source = line.substr(source_start, source_end - source_start);
+        auto fs_option =
+                line.substr(fs_option_start, fs_option_end - fs_option_start);
+
+        unsigned int shared = 0;
+        unsigned int master = 0;
+        unsigned int propagate_from = 0;
+        if (auto pos = optional.find("shared:"); pos != std::string_view::npos) {
+            shared = parse_int(optional.substr(pos + 7));
+        }
+        if (auto pos = optional.find("master:"); pos != std::string_view::npos) {
+            master = parse_int(optional.substr(pos + 7));
+        }
+        if (auto pos = optional.find("propagate_from:");
+                pos != std::string_view::npos) {
+            propagate_from = parse_int(optional.substr(pos + 15));
+        }
+
+        result.emplace_back(mount_info {
+                .id = id,
+                .parent = parent,
+                .device = static_cast<dev_t>(makedev(maj, min)),
+                .root {root},
+                .target {target},
+                .vfs_option {vfs_option},
+                .optional {
+                        .shared = shared,
+                        .master = master,
+                        .propagate_from = propagate_from,
+                },
+                .type {type},
+                .source {source},
+                .fs_option {fs_option},
+        });
+        return true;
+    });
+    return result;
+}
+
+sDIR make_dir(DIR *dp) {
+    return sDIR(dp, [](DIR *dp){ return dp ? closedir(dp) : 1; });
+}
+
+sFILE make_file(FILE *fp) {
+    return sFILE(fp, [](FILE *fp){ return fp ? fclose(fp) : 1; });
+}

loader/src/injector/files.hpp

@@ -0,0 +1,56 @@
+#include <dirent.h>
+#include <functional>
+#include <string>
+#include <vector>
+
+struct mount_info {
+    unsigned int id;
+    unsigned int parent;
+    dev_t device;
+    std::string root;
+    std::string target;
+    std::string vfs_option;
+    struct {
+        unsigned int shared;
+        unsigned int master;
+        unsigned int propagate_from;
+    } optional;
+    std::string type;
+    std::string source;
+    std::string fs_option;
+};
+
+void file_readline(bool trim, FILE *fp, const std::function<bool(std::string_view)> &fn);
+void file_readline(bool trim, const char *file, const std::function<bool(std::string_view)> &fn);
+void file_readline(const char *file, const std::function<bool(std::string_view)> &fn);
+
+std::vector<mount_info> parse_mount_info(const char *pid);
+
+using sFILE = std::unique_ptr<FILE, decltype(&fclose)>;
+using sDIR = std::unique_ptr<DIR, decltype(&closedir)>;
+sDIR make_dir(DIR *dp);
+sFILE make_file(FILE *fp);
+
+static inline sDIR open_dir(const char *path) {
+    return make_dir(opendir(path));
+}
+
+static inline sDIR xopen_dir(const char *path) {
+    return make_dir(opendir(path));
+}
+
+static inline sDIR xopen_dir(int dirfd) {
+    return make_dir(fdopendir(dirfd));
+}
+
+static inline sFILE open_file(const char *path, const char *mode) {
+    return make_file(fopen(path, mode));
+}
+
+static inline sFILE xopen_file(const char *path, const char *mode) {
+    return make_file(fopen(path, mode));
+}
+
+static inline sFILE xopen_file(int fd, const char *mode) {
+    return make_file(fdopen(fd, mode));
+}

loader/src/injector/hook.cpp

@@ -17,7 +17,7 @@
 #include "zygisk.hpp"
 #include "memory.hpp"
 #include "module.hpp"
-#include "misc.hpp"
+#include "files.hpp"
 
 using namespace std;
 using jni_hook::hash_map;
@@ -219,7 +219,11 @@ DCL_HOOK_FUNC(int, unshare, int flags) {
         // Simply avoid doing any unmounts for SysUI to avoid potential issues.
         (g_ctx->info_flags & PROCESS_IS_SYS_UI) == 0) {
         if (g_ctx->flags[DO_REVERT_UNMOUNT]) {
-            revert_unmount();
+            if (g_ctx->info_flags & PROCESS_ROOT_IS_KSU) {
+                revert_unmount_ksu();
+            } else if (g_ctx->info_flags & PROCESS_ROOT_IS_MAGISK) {
+                revert_unmount_magisk();
+            }
         }
 
         /* Zygisksu changed: No umount app_process */

loader/src/injector/misc.cpp

@@ -23,18 +23,6 @@ int parse_int(std::string_view s) {
     return val;
 }
 
-void parse_mnt(const char* file, const std::function<bool(mntent*)>& fn) {
-    auto fp = sFILE(setmntent(file, "re"), endmntent);
-    if (fp) {
-        mntent mentry{};
-        char buf[PATH_MAX];
-        while (getmntent_r(fp.get(), &mentry, buf, sizeof(buf))) {
-            if (!fn(&mentry))
-                break;
-        }
-    }
-}
-
 std::list<std::string> split_str(std::string_view s, std::string_view delimiter) {
     std::list<std::string> ret;
     size_t pos = 0;
@@ -59,11 +47,3 @@ std::string join_str(const std::list<std::string>& list, std::string_view delimi
     }
     return ret;
 }
-
-sDIR make_dir(DIR *dp) {
-    return sDIR(dp, [](DIR *dp){ return dp ? closedir(dp) : 1; });
-}
-
-sFILE make_file(FILE *fp) {
-    return sFILE(fp, [](FILE *fp){ return fp ? fclose(fp) : 1; });
-}

loader/src/injector/misc.hpp

@@ -1,12 +1,8 @@
 #pragma once
 
-#include <dirent.h>
-#include <functional>
 #include <list>
 #include <memory>
-#include <mntent.h>
 #include <pthread.h>
-#include <stdio.h>
 #include <string>
 #include <string_view>
 
@@ -39,12 +35,6 @@ int new_daemon_thread(thread_entry entry, void *arg);
 static inline bool str_contains(std::string_view s, std::string_view ss) {
     return s.find(ss) != std::string_view::npos;
 }
-static inline bool str_starts(std::string_view s, std::string_view ss) {
-    return s.size() >= ss.size() && s.compare(0, ss.size(), ss) == 0;
-}
-static inline bool str_ends(std::string_view s, std::string_view ss) {
-    return s.size() >= ss.size() && s.compare(s.size() - ss.size(), std::string_view::npos, ss) == 0;
-}
 
 template<typename T, typename Impl>
 class stateless_allocator {
@@ -61,35 +51,6 @@ public:
     bool operator!=(const stateless_allocator&) { return false; }
 };
 
-using sFILE = std::unique_ptr<FILE, decltype(&fclose)>;
-using sDIR = std::unique_ptr<DIR, decltype(&closedir)>;
-sDIR make_dir(DIR *dp);
-sFILE make_file(FILE *fp);
-
-static inline sDIR open_dir(const char *path) {
-    return make_dir(opendir(path));
-}
-
-static inline sDIR xopen_dir(const char *path) {
-    return make_dir(opendir(path));
-}
-
-static inline sDIR xopen_dir(int dirfd) {
-    return make_dir(fdopendir(dirfd));
-}
-
-static inline sFILE open_file(const char *path, const char *mode) {
-    return make_file(fopen(path, mode));
-}
-
-static inline sFILE xopen_file(const char *path, const char *mode) {
-    return make_file(fopen(path, mode));
-}
-
-static inline sFILE xopen_file(int fd, const char *mode) {
-    return make_file(fdopen(fd, mode));
-}
-
 template <typename T>
 class reversed_container {
 public:
@@ -126,8 +87,6 @@ struct StringCmp {
  */
 int parse_int(std::string_view s);
 
-void parse_mnt(const char* file, const std::function<bool(mntent*)>& fn);
-
 std::list<std::string> split_str(std::string_view s, std::string_view delimiter);
 
 std::string join_str(const std::list<std::string>& list, std::string_view delimiter);

loader/src/injector/module.hpp

@@ -111,6 +111,8 @@ namespace {
         PROCESS_GRANTED_ROOT = zygisk::StateFlag::PROCESS_GRANTED_ROOT,
         PROCESS_ON_DENYLIST = zygisk::StateFlag::PROCESS_ON_DENYLIST,
 
+        PROCESS_ROOT_IS_KSU = (1u << 29),
+        PROCESS_ROOT_IS_MAGISK = (1u << 30),
         PROCESS_IS_SYS_UI = (1u << 31),
 
         PRIVATE_MASK = PROCESS_IS_SYS_UI

loader/src/injector/unmount.cpp

@@ -1,59 +1,93 @@
+#include <mntent.h>
 #include <sys/mount.h>
 
+#include "files.hpp"
 #include "logging.h"
 #include "misc.hpp"
 #include "zygisk.hpp"
 
 using namespace std::string_view_literals;
 
-static void lazy_unmount(const char* mountpoint) {
-    if (umount2(mountpoint, MNT_DETACH) != -1) {
-        LOGD("Unmounted (%s)", mountpoint);
-    } else {
-        LOGW("Failed to unmount: %s (%s)", strerror(errno), mountpoint);
+namespace {
+    constexpr auto MODULE_DIR = "/data/adb/modules";
+
+    struct overlay_backup {
+        std::string target;
+        std::string vfs_option;
+        std::string fs_option;
+    };
+
+    void lazy_unmount(const char* mountpoint) {
+        if (umount2(mountpoint, MNT_DETACH) != -1) {
+            LOGD("Unmounted (%s)", mountpoint);
+        } else {
+            PLOGE("Unmount (%s)", mountpoint);
+        }
     }
 }
 
 #define PARSE_OPT(name, flag)   \
-    if (opt == name) {          \
+    if (opt == (name)) {        \
         flags |= (flag);        \
         return true;            \
     }
 
-void revert_unmount() {
+void revert_unmount_ksu() {
+    std::string ksu_loop;
     std::vector<std::string> targets;
-    std::list<std::pair<std::string, std::string>> backups;
+    std::list<overlay_backup> backups;
 
-    targets.emplace_back("/data/adb/ksu/modules");
-    parse_mnt("/proc/self/mounts", [&](mntent* mentry) {
-        if (str_starts(mentry->mnt_fsname, "/data/adb/")) {
-            targets.emplace_back(mentry->mnt_dir);
+    // Unmount ksu module dir last
+    targets.emplace_back(MODULE_DIR);
+
+    for (auto& info: parse_mount_info("self")) {
+        if (info.target == MODULE_DIR) {
+            ksu_loop = info.source;
+            continue;
         }
-        if (mentry->mnt_type == "overlay"sv) {
-            if (str_contains(mentry->mnt_opts, "/data/adb/ksu/modules")) {
-                targets.emplace_back(mentry->mnt_dir);
+        // Unmount everything on /data/adb except ksu module dir
+        if (info.target.starts_with("/data/adb")) {
+            targets.emplace_back(info.target);
+        }
+        // Unmount ksu overlays
+        if (info.type == "overlay") {
+            if (str_contains(info.fs_option, MODULE_DIR)) {
+                targets.emplace_back(info.target);
             } else {
-                backups.emplace_back(mentry->mnt_dir, mentry->mnt_opts);
+                auto backup = overlay_backup{
+                        .target = info.target,
+                        .vfs_option = info.vfs_option,
+                        .fs_option = info.fs_option,
+                };
+                backups.emplace_back(backup);
             }
         }
-        return true;
-    });
+    }
+    for (auto& info: parse_mount_info("self")) {
+        // Unmount everything from ksu loop except ksu module dir
+        if (info.source == ksu_loop && info.target != MODULE_DIR) {
+            targets.emplace_back(info.target);
+        }
+    }
 
+    // Do unmount
     for (auto& s: reversed(targets)) {
         lazy_unmount(s.data());
     }
 
-    parse_mnt("/proc/self/mounts", [&](mntent* mentry) {
-        if (mentry->mnt_type == "overlay"sv) {
-            backups.remove_if([&](auto& mnt) {
-                return mnt.first == mentry->mnt_dir && mnt.second == mentry->mnt_opts;
+    // Affirm unmounted system overlays
+    for (auto& info: parse_mount_info("self")) {
+        if (info.type == "overlay") {
+            backups.remove_if([&](overlay_backup& mnt) {
+                return mnt.target == info.target && mnt.fs_option == info.fs_option;
             });
         }
-        return true;
-    });
+    }
 
+    // Restore system overlays
     for (auto& mnt: backups) {
-        auto opts = split_str(mnt.second, ",");
+        auto opts = split_str(mnt.vfs_option, ",");
+        opts.splice(opts.end(), split_str(mnt.fs_option, ","));
         unsigned long flags = 0;
         opts.remove_if([&](auto& opt) {
             PARSE_OPT(MNTOPT_RO, MS_RDONLY)
@@ -62,10 +96,27 @@ void revert_unmount() {
             return false;
         });
         auto mnt_data = join_str(opts, ",");
-        if (mount("overlay", mnt.first.data(), "overlay", flags, mnt_data.data()) != -1) {
-            LOGD("Remounted (%s)", mnt.first.data());
+        if (mount("overlay", mnt.target.data(), "overlay", flags, mnt_data.data()) != -1) {
+            LOGD("Remounted (%s)", mnt.target.data());
         } else {
-            LOGW("Failed to remount: %s (%s, %s)", strerror(errno), mnt.first.data(), mnt_data.data());
+            PLOGE("Remount (%s, %s)", mnt.target.data(), mnt.fs_option.data());
         }
     }
 }
+
+void revert_unmount_magisk() {
+    std::vector<std::string> targets;
+
+    // Unmount dummy skeletons and MAGISKTMP
+    // since mirror nodes are always mounted under skeleton, we don't have to specifically unmount
+    for (auto& info: parse_mount_info("self")) {
+        if (info.source == "magisk" || info.source == "worker" || // magisktmp tmpfs
+            info.root.starts_with("/adb/modules")) { // bind mount from data partition
+            targets.push_back(info.target);
+        }
+    }
+
+    for (auto& s: reversed(targets)) {
+        lazy_unmount(s.data());
+    }
+}

loader/src/injector/zygisk.hpp

@@ -8,4 +8,7 @@ extern void *self_handle;
 
 void hook_functions();
 
-void revert_unmount();
+void revert_unmount_ksu();
+
+void revert_unmount_magisk();
+

loader/src/loader/loader.cpp

@@ -13,7 +13,7 @@ uint8_t NativeBridgeItf[sizeof(NativeBridgeCallbacks<__ANDROID_API_R__>) * 2]{0}
 
 namespace {
     constexpr auto kZygoteProcesses = {"zygote", "zygote32", "zygote64", "usap32", "usap64"};
-    constexpr auto kInjector = "/system/" LP_SELECT("lib", "lib64") "/libinjector.so";
+    constexpr auto kInjector = "/system/" LP_SELECT("lib", "lib64") "/libzygisk_injector.so";
 
     void* sOriginalBridge = nullptr;
 }
@@ -70,13 +70,13 @@ void Constructor() {
         LOGI("Load original native bridge: %s", native_bridge.data());
         sOriginalBridge = dlopen(native_bridge.data(), RTLD_NOW);
         if (sOriginalBridge == nullptr) {
-            LOGE("dlopen failed: %s", dlerror());
+            LOGE("%s", dlerror());
             break;
         }
 
         auto* original_native_bridge_itf = dlsym(sOriginalBridge, "NativeBridgeItf");
         if (original_native_bridge_itf == nullptr) {
-            LOGE("dlsym failed: %s", dlerror());
+            LOGE("%s", dlerror());
             break;
         }
 

module/build.gradle.kts

@@ -38,7 +38,7 @@ androidComponents.onVariants { variant ->
         into(moduleDir)
         from("${rootProject.projectDir}/README.md")
         from("$projectDir/src") {
-            exclude("module.prop", "customize.sh", "daemon.sh")
+            exclude("module.prop", "customize.sh", "service.sh")
             filter<FixCrLfFilter>("eol" to FixCrLfFilter.CrLf.newInstance("lf"))
         }
         from("$projectDir/src") {
@@ -51,7 +51,7 @@ androidComponents.onVariants { variant ->
             )
         }
         from("$projectDir/src") {
-            include("customize.sh", "daemon.sh")
+            include("customize.sh", "service.sh")
             val tokens = mapOf(
                 "DEBUG" to if (buildTypeLowered == "debug") "true" else "false",
                 "MIN_KSU_VERSION" to "$minKsuVersion",

module/src/customize.sh

@@ -82,6 +82,10 @@ extract "$ZIPFILE" 'sepolicy.rule' "$TMPDIR"
 
 if [ "$KSU" ]; then
   ui_print "- Checking SELinux patches"
+  if [ "$(getprop ro.product.first_api_level)" -lt 31 ]; then
+    echo "allow zygote appdomain_tmpfs file *" >> "$TMPDIR/sepolicy.rule"
+    echo "allow zygote appdomain_tmpfs dir *"  >> "$TMPDIR/sepolicy.rule"
+  fi
   if ! check_sepolicy "$TMPDIR/sepolicy.rule"; then
     ui_print "*********************************************************"
     ui_print "! Unable to apply SELinux patches!"
@@ -91,11 +95,10 @@ if [ "$KSU" ]; then
 fi
 
 ui_print "- Extracting module files"
-extract "$ZIPFILE" 'daemon.sh'       "$MODPATH"
 extract "$ZIPFILE" 'module.prop'     "$MODPATH"
 extract "$ZIPFILE" 'post-fs-data.sh' "$MODPATH"
-extract "$ZIPFILE" 'sepolicy.rule'   "$MODPATH"
 extract "$ZIPFILE" 'service.sh'      "$MODPATH"
+mv "$TMPDIR/sepolicy.rule" "$MODPATH"
 
 HAS32BIT=false && [ -d "/system/lib" ] && HAS32BIT=true
 HAS64BIT=false && [ -d "/system/lib64" ] && HAS64BIT=true
@@ -110,8 +113,8 @@ if [ "$ARCH" = "x86" ] || [ "$ARCH" = "x64" ]; then
     ui_print "- Extracting x86 libraries"
     extract "$ZIPFILE" 'bin/x86/zygiskd' "$MODPATH/bin" true
     mv "$MODPATH/bin/zygiskd" "$MODPATH/bin/zygiskd32"
-    extract "$ZIPFILE" 'lib/x86/libinjector.so' "$MODPATH/system/lib" true
-    extract "$ZIPFILE" 'lib/x86/libzygiskloader.so' "$MODPATH/system/lib" true
+    extract "$ZIPFILE" 'lib/x86/libzygisk_injector.so' "$MODPATH/system/lib" true
+    extract "$ZIPFILE" 'lib/x86/libzygisk_loader.so' "$MODPATH/system/lib" true
     ln -sf "zygiskd32" "$MODPATH/bin/zygiskwd"
   fi
 
@@ -119,8 +122,8 @@ if [ "$ARCH" = "x86" ] || [ "$ARCH" = "x64" ]; then
     ui_print "- Extracting x64 libraries"
     extract "$ZIPFILE" 'bin/x86_64/zygiskd' "$MODPATH/bin" true
     mv "$MODPATH/bin/zygiskd" "$MODPATH/bin/zygiskd64"
-    extract "$ZIPFILE" 'lib/x86_64/libinjector.so' "$MODPATH/system/lib64" true
-    extract "$ZIPFILE" 'lib/x86_64/libzygiskloader.so' "$MODPATH/system/lib64" true
+    extract "$ZIPFILE" 'lib/x86_64/libzygisk_injector.so' "$MODPATH/system/lib64" true
+    extract "$ZIPFILE" 'lib/x86_64/libzygisk_loader.so' "$MODPATH/system/lib64" true
     ln -sf "zygiskd64" "$MODPATH/bin/zygiskwd"
   fi
 else
@@ -128,8 +131,8 @@ else
     ui_print "- Extracting arm libraries"
     extract "$ZIPFILE" 'bin/armeabi-v7a/zygiskd' "$MODPATH/bin" true
     mv "$MODPATH/bin/zygiskd" "$MODPATH/bin/zygiskd32"
-    extract "$ZIPFILE" 'lib/armeabi-v7a/libinjector.so' "$MODPATH/system/lib" true
-    extract "$ZIPFILE" 'lib/armeabi-v7a/libzygiskloader.so' "$MODPATH/system/lib" true
+    extract "$ZIPFILE" 'lib/armeabi-v7a/libzygisk_injector.so' "$MODPATH/system/lib" true
+    extract "$ZIPFILE" 'lib/armeabi-v7a/libzygisk_loader.so' "$MODPATH/system/lib" true
     ln -sf "zygiskd32" "$MODPATH/bin/zygiskwd"
   fi
 
@@ -137,26 +140,15 @@ else
     ui_print "- Extracting arm64 libraries"
     extract "$ZIPFILE" 'bin/arm64-v8a/zygiskd' "$MODPATH/bin" true
     mv "$MODPATH/bin/zygiskd" "$MODPATH/bin/zygiskd64"
-    extract "$ZIPFILE" 'lib/arm64-v8a/libinjector.so' "$MODPATH/system/lib64" true
-    extract "$ZIPFILE" 'lib/arm64-v8a/libzygiskloader.so' "$MODPATH/system/lib64" true
+    extract "$ZIPFILE" 'lib/arm64-v8a/libzygisk_injector.so' "$MODPATH/system/lib64" true
+    extract "$ZIPFILE" 'lib/arm64-v8a/libzygisk_loader.so' "$MODPATH/system/lib64" true
     ln -sf "zygiskd64" "$MODPATH/bin/zygiskwd"
   fi
 fi
 
-if [ $DEBUG = false ]; then
-  ui_print "- Hex patching"
-  SOCKET_PATCH=$(tr -dc 'a-f0-9' </dev/urandom | head -c 18)
-  if [ "$HAS32BIT" = true ]; then
-    sed -i "s/socket_placeholder/$SOCKET_PATCH/g" "$MODPATH/bin/zygiskd32"
-    sed -i "s/socket_placeholder/$SOCKET_PATCH/g" "$MODPATH/system/lib/libinjector.so"
-    sed -i "s/socket_placeholder/$SOCKET_PATCH/g" "$MODPATH/system/lib/libzygiskloader.so"
-  fi
-  if [ "$HAS64BIT" = true ]; then
-    sed -i "s/socket_placeholder/$SOCKET_PATCH/g" "$MODPATH/bin/zygiskd64"
-    sed -i "s/socket_placeholder/$SOCKET_PATCH/g" "$MODPATH/system/lib64/libinjector.so"
-    sed -i "s/socket_placeholder/$SOCKET_PATCH/g" "$MODPATH/system/lib64/libzygiskloader.so"
-  fi
-fi
+ui_print "- Generating magic"
+MAGIC=$(tr -dc 'a-f0-9' </dev/urandom | head -c 18)
+echo -n "$MAGIC" > "$MODPATH/system/zygisk_magic"
 
 ui_print "- Setting permissions"
 chmod 0744 "$MODPATH/daemon.sh"

module/src/daemon.sh

@@ -1,11 +0,0 @@
-#!/system/bin/sh
-
-DEBUG=@DEBUG@
-
-# shellcheck disable=SC2155
-export NATIVE_BRIDGE=$(getprop ro.dalvik.vm.native.bridge)
-[ "$DEBUG" = true ] && export RUST_BACKTRACE=1
-
-log -p i -t "zygisksu" "Start watchdog"
-resetprop ro.dalvik.vm.native.bridge libzygiskloader.so
-exec "bin/zygiskwd" "watchdog" >/dev/null 2>&1

module/src/post-fs-data.sh

@@ -6,9 +6,10 @@ if [ "$ZYGISK_ENABLED" ]; then
 fi
 
 cd "$MODDIR"
-export NATIVE_BRIDGE=$(getprop ro.dalvik.vm.native.bridge)
+getprop ro.dalvik.vm.native.bridge > /dev/.native_bridge
+resetprop ro.dalvik.vm.native.bridge libzygisk_loader.so
 
-if [ "$(which magisk)" ] && [ ".." -ef "/data/adb/modules" ]; then
+if [ "$(which magisk)" ]; then
   for file in ../*; do
     if [ -d "$file" ] && [ -d "$file/zygisk" ] && ! [ -f "$file/disable" ]; then
       if [ -f "$file/post-fs-data.sh" ]; then
@@ -20,5 +21,3 @@ if [ "$(which magisk)" ] && [ ".." -ef "/data/adb/modules" ]; then
     fi
   done
 fi
-
-sh -c "./daemon.sh $@&"

module/src/sepolicy.rule

@@ -10,6 +10,8 @@ allow * magisk_file lnk_file *
 allow * magisk_file sock_file *
 
 allow system_server system_server process execmem
+allow zygote adb_data_file dir search
 allow zygote mnt_vendor_file dir search
 allow zygote system_file dir mounton
 allow zygote labeledfs filesystem mount
+allow zygote fs_type filesystem unmount

module/src/service.sh

@@ -1,13 +1,17 @@
 #!/system/bin/sh
 
+DEBUG=@DEBUG@
+
 MODDIR=${0%/*}
 if [ "$ZYGISK_ENABLED" ]; then
   exit 0
 fi
 
 cd "$MODDIR"
+export NATIVE_BRIDGE=$(cat /dev/.native_bridge)
+rm /dev/.native_bridge
 
-if [ "$(which magisk)" ] && [ ".." -ef "/data/adb/modules" ]; then
+if [ "$(which magisk)" ]; then
   for file in ../*; do
     if [ -d "$file" ] && [ -d "$file/zygisk" ] && ! [ -f "$file/disable" ]; then
       if [ -f "$file/service.sh" ]; then
@@ -19,3 +23,7 @@ if [ "$(which magisk)" ] && [ ".." -ef "/data/adb/modules" ]; then
     fi
   done
 fi
+
+log -p i -t "zygisksu" "Start watchdog"
+[ "$DEBUG" = true ] && export RUST_BACKTRACE=1
+exec "bin/zygiskwd" "watchdog" >/dev/null 2>&1

settings.gradle.kts

@@ -7,8 +7,8 @@ pluginManagement {
         gradlePluginPortal()
     }
     plugins {
-        id("com.android.library") version "7.4.1"
-        id("com.android.application") version "7.4.1"
+        id("com.android.library") version "7.4.2"
+        id("com.android.application") version "7.4.2"
     }
 }
 

zygiskd/Cargo.toml

@@ -6,7 +6,7 @@ edition = "2021"
 rust-version = "1.67"
 
 [dependencies]
-android_logger = "0.12.0"
+android_logger = "0.13.0"
 anyhow = { version = "1.0.68", features = ["backtrace"] }
 clap = { version = "4.1.4", features = ["derive"] }
 const_format = "0.2.5"
@@ -20,7 +20,7 @@ once_cell = "1.17.1"
 passfd = "0.1.5"
 rand = "0.8.5"
 
-binder = { path = "src/external/binder_rs/binder" }
+binder = { git = "https://github.com/Kernel-SU/binder_rs" }
 
 [profile.release]
 strip = true

zygiskd/src/constants.rs

@@ -16,27 +16,23 @@ pub const MAX_LOG_LEVEL: LevelFilter = LevelFilter::Trace;
 #[cfg(not(debug_assertions))]
 pub const MAX_LOG_LEVEL: LevelFilter = LevelFilter::Info;
 
-#[cfg(target_pointer_width = "64")]
-#[macro_export]
-macro_rules! lp_select {
-    ($lp32:expr, $lp64:expr) => { $lp64 };
-}
-#[cfg(target_pointer_width = "32")]
-#[macro_export]
-macro_rules! lp_select {
-    ($lp32:expr, $lp64:expr) => { $lp32 };
-}
-
 pub const PROP_NATIVE_BRIDGE: &str = "ro.dalvik.vm.native.bridge";
-pub const PROP_SVC_ZYGOTE: &str = "init.svc.zygote";
-pub const ZYGISK_LOADER: &str = "libzygiskloader.so";
+pub const PROP_CTL_RESTART: &str = "ctl.restart";
+pub const ZYGISK_LOADER: &str = "libzygisk_loader.so";
+pub const ZYGISK_MAGIC: &str = "/system/zygisk_magic";
 
-pub const SOCKET_PLACEHOLDER: &str = "socket_placeholder";
-
-pub const PATH_MODULE_DIR: &str = "..";
+pub const PATH_MODULES_DIR: &str = "..";
+pub const PATH_MODULE_PROP: &str = "module.prop";
 pub const PATH_ZYGISKD32: &str = "bin/zygiskd32";
 pub const PATH_ZYGISKD64: &str = "bin/zygiskd64";
 
+pub const STATUS_LOADED: &str = "😋 Zygisksu is loaded";
+pub const STATUS_CRASHED: &str = "❌ Zygiskd has crashed";
+pub const STATUS_ROOT_IMPL_NONE: &str = "❌ Unknown root implementation";
+pub const STATUS_ROOT_IMPL_TOO_OLD: &str = "❌ Root implementation version too old";
+pub const STATUS_ROOT_IMPL_ABNORMAL: &str = "❌ Abnormal root implementation version";
+pub const STATUS_ROOT_IMPL_MULTIPLE: &str = "❌ Multiple root implementations installed";
+
 #[derive(Debug, Eq, PartialEq, TryFromPrimitive)]
 #[repr(u8)]
 pub enum DaemonSocketAction {
@@ -52,4 +48,6 @@ pub enum DaemonSocketAction {
 // Zygisk process flags
 pub const PROCESS_GRANTED_ROOT: u32 = 1 << 0;
 pub const PROCESS_ON_DENYLIST: u32 = 1 << 1;
+pub const PROCESS_ROOT_IS_KSU: u32 = 1 << 29;
+pub const PROCESS_ROOT_IS_MAGISK: u32 = 1 << 30;
 pub const PROCESS_IS_SYSUI: u32 = 1 << 31;

zygiskd/src/dl.rs

@@ -76,7 +76,7 @@ pub unsafe fn dlopen(path: &str, flags: i32) -> Result<*mut c_void> {
     let result = android_dlopen_ext(filename, flags, &info);
     if result.is_null() {
         let e = std::ffi::CStr::from_ptr(libc::dlerror()).to_string_lossy();
-        bail!("dlopen failed: {}", e);
+        bail!(e);
     }
     Ok(result)
 }

zygiskd/src/magic.rs

@@ -0,0 +1,19 @@
+use std::fs;
+use anyhow::Result;
+use crate::constants;
+use crate::utils::LateInit;
+
+pub static MAGIC: LateInit<String> = LateInit::new();
+pub static PATH_TMP_DIR: LateInit<String> = LateInit::new();
+pub static PATH_TMP_PROP: LateInit<String> = LateInit::new();
+
+pub fn setup() -> Result<()> {
+    let name = fs::read_to_string(constants::ZYGISK_MAGIC)?;
+    let path_tmp_dir = format!("/dev/{}", name);
+    let path_tmp_prop = format!("{}/module.prop", path_tmp_dir);
+
+    MAGIC.init(name);
+    PATH_TMP_DIR.init(path_tmp_dir);
+    PATH_TMP_PROP.init(path_tmp_prop);
+    Ok(())
+}

zygiskd/src/main.rs

@@ -3,6 +3,7 @@
 mod companion;
 mod constants;
 mod dl;
+mod magic;
 mod root_impl;
 mod utils;
 mod watchdog;
@@ -38,7 +39,8 @@ fn init_android_logger(tag: &str) {
 }
 
 fn start() -> Result<()> {
-    root_impl::setup()?;
+    root_impl::setup();
+    magic::setup()?;
     let cli = Args::parse();
     match cli.command {
         Commands::Watchdog => watchdog::entry()?,

zygiskd/src/root_impl/kernelsu.rs

@@ -1,4 +1,3 @@
-use anyhow::{bail, Result};
 use nix::libc::prctl;
 use crate::constants::{MIN_KSU_VERSION, MAX_KSU_VERSION};
 
@@ -8,17 +7,24 @@ const CMD_GET_VERSION: usize = 2;
 const CMD_GET_ALLOW_LIST: usize = 5;
 const CMD_GET_DENY_LIST: usize = 6;
 
-pub fn is_kernel_su() -> Result<bool> {
+pub enum Version {
+    Supported,
+    TooOld,
+    Abnormal,
+}
+
+pub fn get_kernel_su() -> Option<Version> {
     let mut version = 0;
     unsafe { prctl(KERNEL_SU_OPTION, CMD_GET_VERSION, &mut version as *mut i32) };
-    return match version {
-        0 => Ok(false),
-        MIN_KSU_VERSION..=MAX_KSU_VERSION => Ok(true),
-        1..=MIN_KSU_VERSION => bail!("KernelSU version too old: {}", version),
-        _ => bail!("KernelSU version abnormal: {}", version)
+    match version {
+        0 => None,
+        MIN_KSU_VERSION..=MAX_KSU_VERSION => Some(Version::Supported),
+        1..=MIN_KSU_VERSION => Some(Version::TooOld),
+        _ => Some(Version::Abnormal)
     }
 }
 
+#[inline(never)]
 pub fn uid_on_allowlist(uid: i32) -> bool {
     let mut size = 1024u32;
     let mut uids = vec![0; size as usize];
@@ -27,6 +33,7 @@ pub fn uid_on_allowlist(uid: i32) -> bool {
     uids.contains(&uid)
 }
 
+#[inline(never)]
 pub fn uid_on_denylist(uid: i32) -> bool {
     let mut size = 1024u32;
     let mut uids = vec![0; size as usize];

zygiskd/src/root_impl/magisk.rs

@@ -1,8 +1,12 @@
-use anyhow::{bail, Result};
 use std::process::{Command, Stdio};
 use crate::constants::MIN_MAGISK_VERSION;
 
-pub fn is_magisk() -> Result<bool> {
+pub enum Version {
+    Supported,
+    TooOld,
+}
+
+pub fn get_magisk() -> Option<Version> {
     let version: Option<i32> = Command::new("magisk")
         .arg("-V")
         .stdout(Stdio::piped())
@@ -10,20 +14,34 @@ pub fn is_magisk() -> Result<bool> {
         .and_then(|child| child.wait_with_output().ok())
         .and_then(|output| String::from_utf8(output.stdout).ok())
         .and_then(|output| output.trim().parse().ok());
-    if let Some(version) = version {
-        if version < MIN_MAGISK_VERSION {
-            bail!("Magisk version too old: {}", version);
+    version.map(|version| {
+        if version >= MIN_MAGISK_VERSION {
+            Version::Supported
+        } else {
+            Version::TooOld
         }
-        return Ok(true);
-    }
-    Ok(false)
+    })
 }
 
+#[inline(never)]
 pub fn uid_on_allowlist(uid: i32) -> bool {
-    // TODO: uid_on_allowlist
-    return false;
+    let output: Option<String> = Command::new("magisk")
+        .arg("--sqlite")
+        .arg("select uid from policies where policy=2")
+        .stdout(Stdio::piped())
+        .spawn().ok()
+        .and_then(|child| child.wait_with_output().ok())
+        .and_then(|output| String::from_utf8(output.stdout).ok());
+    let lines = match &output {
+        Some(output) => output.lines(),
+        None => return false,
+    };
+    lines.into_iter().any(|line| {
+        line.trim().strip_prefix("uid=").and_then(|uid| uid.parse().ok()) == Some(uid)
+    })
 }
 
+#[inline(never)]
 pub fn uid_on_denylist(uid: i32) -> bool {
     // TODO: uid_on_denylist
     return false;

zygiskd/src/root_impl/mod.rs

@@ -1,40 +1,61 @@
 mod kernelsu;
 mod magisk;
 
-use once_cell::sync::OnceCell;
-use anyhow::{bail, Result};
-
-enum RootImpl {
+pub enum RootImpl {
+    None,
+    TooOld,
+    Abnormal,
+    Multiple,
     KernelSU,
     Magisk,
 }
 
-static ROOT_IMPL: OnceCell<RootImpl> = OnceCell::new();
+// FIXME: OnceCell bugs on 32 bit
+static mut ROOT_IMPL: RootImpl = RootImpl::None;
 
-pub fn setup() -> Result<()> {
-    if kernelsu::is_kernel_su()? {
-        if let Ok(true) = magisk::is_magisk() {
-            bail!("Multiple root implementation");
+pub fn setup() {
+    let ksu_version = kernelsu::get_kernel_su();
+    let magisk_version = magisk::get_magisk();
+
+    let impl_ = match (ksu_version, magisk_version) {
+        (None, None) => RootImpl::None,
+        (Some(_), Some(_)) => RootImpl::Multiple,
+        (Some(ksu_version), None) => {
+            match ksu_version {
+                kernelsu::Version::Supported => RootImpl::KernelSU,
+                kernelsu::Version::TooOld => RootImpl::TooOld,
+                kernelsu::Version::Abnormal => RootImpl::Abnormal,
+            }
         }
-        let _ = ROOT_IMPL.set(RootImpl::KernelSU);
-    } else if magisk::is_magisk()? {
-        let _ = ROOT_IMPL.set(RootImpl::Magisk);
-    } else {
-        bail!("Unknown root implementation");
-    }
-    Ok(())
+        (None, Some(magisk_version)) => {
+            match magisk_version {
+                magisk::Version::Supported => RootImpl::Magisk,
+                magisk::Version::TooOld => RootImpl::TooOld,
+            }
+        }
+    };
+    unsafe { ROOT_IMPL = impl_; }
 }
 
+pub fn get_impl() -> &'static RootImpl {
+    unsafe { &ROOT_IMPL }
+}
+
+// FIXME: Without #[inline(never)], this function will lag forever
+#[inline(never)]
 pub fn uid_on_allowlist(uid: i32) -> bool {
-    match ROOT_IMPL.get().unwrap() {
+    match get_impl() {
         RootImpl::KernelSU => kernelsu::uid_on_allowlist(uid),
         RootImpl::Magisk => magisk::uid_on_allowlist(uid),
+        _ => unreachable!(),
     }
 }
 
+#[inline(never)]
 pub fn uid_on_denylist(uid: i32) -> bool {
-    match ROOT_IMPL.get().unwrap() {
+    match get_impl() {
         RootImpl::KernelSU => kernelsu::uid_on_denylist(uid),
         RootImpl::Magisk => magisk::uid_on_denylist(uid),
+        _ => unreachable!(),
     }
 }

zygiskd/src/utils.rs

@@ -1,11 +1,45 @@
 use anyhow::Result;
 use nix::unistd::gettid;
 use std::{fs, io::{Read, Write}, os::unix::net::UnixStream, process::Command};
+use std::ffi::c_char;
 use std::os::fd::FromRawFd;
 use std::os::unix::net::UnixListener;
 use nix::sys::socket::{AddressFamily, SockFlag, SockType, UnixAddr};
+use once_cell::sync::OnceCell;
 use rand::distributions::{Alphanumeric, DistString};
 
+#[cfg(target_pointer_width = "64")]
+#[macro_export]
+macro_rules! lp_select {
+    ($lp32:expr, $lp64:expr) => { $lp64 };
+}
+#[cfg(target_pointer_width = "32")]
+#[macro_export]
+macro_rules! lp_select {
+    ($lp32:expr, $lp64:expr) => { $lp32 };
+}
+
+pub struct LateInit<T> {
+    cell: OnceCell<T>,
+}
+
+impl<T> LateInit<T> {
+    pub const fn new() -> Self {
+        LateInit { cell: OnceCell::new() }
+    }
+
+    pub fn init(&self, value: T) {
+        assert!(self.cell.set(value).is_ok())
+    }
+}
+
+impl<T> std::ops::Deref for LateInit<T> {
+    type Target = T;
+    fn deref(&self) -> &T {
+        self.cell.get().unwrap()
+    }
+}
+
 pub fn random_string() -> String {
     Alphanumeric.sample_string(&mut rand::thread_rng(), 8)
 }
@@ -26,6 +60,24 @@ pub fn get_native_bridge() -> String {
     std::env::var("NATIVE_BRIDGE").unwrap_or_default()
 }
 
+pub fn log_raw(level: i32, tag: &str, message: &str) -> Result<()> {
+    let tag = std::ffi::CString::new(tag)?;
+    let message = std::ffi::CString::new(message)?;
+    unsafe {
+        __android_log_print(level as i32, tag.as_ptr(), message.as_ptr());
+    }
+    Ok(())
+}
+
+pub fn get_property(name: &str) -> Result<String> {
+    let name = std::ffi::CString::new(name)?;
+    let mut buf = vec![0u8; 92];
+    unsafe {
+        __system_property_get(name.as_ptr(), buf.as_mut_ptr() as *mut c_char);
+    }
+    Ok(String::from_utf8(buf)?)
+}
+
 pub fn set_property(name: &str, value: &str) -> Result<()> {
     Command::new("resetprop")
         .arg(name)
@@ -102,3 +154,8 @@ pub fn abstract_namespace_socket(name: &str) -> Result<UnixListener> {
     let listener = unsafe { UnixListener::from_raw_fd(socket) };
     Ok(listener)
 }
+
+extern "C" {
+    fn __android_log_print(prio: i32, tag: *const c_char, fmt: *const c_char, ...) -> i32;
+    fn __system_property_get(name: *const c_char, value: *mut c_char) -> u32;
+}

zygiskd/src/watchdog.rs

@@ -1,21 +1,35 @@
-use crate::{constants, utils};
+use crate::{constants, magic, root_impl, utils};
 use anyhow::{bail, Result};
 use nix::unistd::{getgid, getuid, Pid};
 use std::process::{Child, Command};
 use std::sync::mpsc;
-use std::{fs, thread};
+use std::{fs, io, thread};
+use std::ffi::CString;
+use std::io::{BufRead, Write};
 use std::os::unix::net::UnixListener;
 use std::time::Duration;
 use binder::IBinder;
+use nix::errno::Errno;
+use nix::libc;
 use nix::sys::signal::{kill, Signal};
+use crate::utils::LateInit;
 
-static mut LOCK: Option<UnixListener> = None;
+static LOCK: LateInit<UnixListener> = LateInit::new();
+static PROP_SECTIONS: LateInit<[String; 2]> = LateInit::new();
 
 pub fn entry() -> Result<()> {
     log::info!("Start zygisksu watchdog");
     check_permission()?;
     ensure_single_instance()?;
-    spawn_daemon()
+    mount_prop()?;
+    if check_and_set_hint()? == false {
+        log::warn!("Requirements not met, exiting");
+        utils::set_property(constants::PROP_NATIVE_BRIDGE, &utils::get_native_bridge())?;
+        return Ok(());
+    }
+    let end = spawn_daemon();
+    set_prop_hint(constants::STATUS_CRASHED)?;
+    end
 }
 
 fn check_permission() -> Result<()> {
@@ -41,14 +55,87 @@ fn check_permission() -> Result<()> {
 
 fn ensure_single_instance() -> Result<()> {
     log::info!("Ensure single instance");
-    let name = String::from("zygiskwd") + constants::SOCKET_PLACEHOLDER;
+    let name = format!("zygiskwd{}", magic::MAGIC.as_str());
     match utils::abstract_namespace_socket(&name) {
-        Ok(socket) => unsafe { LOCK = Some(socket) },
+        Ok(socket) => LOCK.init(socket),
         Err(e) => bail!("Failed to acquire lock: {e}. Maybe another instance is running?")
     }
     Ok(())
 }
 
+fn mount_prop() -> Result<()> {
+    let module_prop = if let root_impl::RootImpl::Magisk = root_impl::get_impl() {
+        let magisk_path = Command::new("magisk").arg("--path").output()?;
+        let mut magisk_path = String::from_utf8(magisk_path.stdout)?;
+        magisk_path.pop(); // Removing '\n'
+        let cwd = std::env::current_dir()?;
+        let dir = cwd.file_name().unwrap().to_string_lossy();
+        format!("{magisk_path}/.magisk/modules/{dir}/{}", constants::PATH_MODULE_PROP)
+    } else {
+        constants::PATH_MODULE_PROP.to_string()
+    };
+    log::info!("Mount {module_prop}");
+    let module_prop_file = fs::File::open(&module_prop)?;
+    let mut section = 0;
+    let mut sections: [String; 2] = [String::new(), String::new()];
+    let lines = io::BufReader::new(module_prop_file).lines();
+    for line in lines {
+        let line = line?;
+        if line.starts_with("description=") {
+            sections[0].push_str("description=");
+            sections[1].push_str(line.trim_start_matches("description="));
+            sections[1].push('\n');
+            section = 1;
+        } else {
+            sections[section].push_str(&line);
+            sections[section].push('\n');
+        }
+    }
+    PROP_SECTIONS.init(sections);
+
+    fs::create_dir(magic::PATH_TMP_DIR.as_str())?;
+    fs::File::create(magic::PATH_TMP_PROP.as_str())?;
+
+    // FIXME: sys_mount cannot be compiled on 32 bit
+    unsafe {
+        let r = libc::mount(
+            CString::new(magic::PATH_TMP_PROP.as_str())?.as_ptr(),
+            CString::new(module_prop)?.as_ptr(),
+            std::ptr::null(),
+            libc::MS_BIND,
+            std::ptr::null(),
+        );
+        Errno::result(r)?;
+    }
+
+    Ok(())
+}
+
+fn set_prop_hint(hint: &str) -> Result<()> {
+    let mut file = fs::File::create(magic::PATH_TMP_PROP.as_str())?;
+    file.write_all(PROP_SECTIONS[0].as_bytes())?;
+    file.write_all(b"[")?;
+    file.write_all(hint.as_bytes())?;
+    file.write_all(b"] ")?;
+    file.write_all(PROP_SECTIONS[1].as_bytes())?;
+    Ok(())
+}
+
+fn check_and_set_hint() -> Result<bool> {
+    let root_impl = root_impl::get_impl();
+    match root_impl {
+        root_impl::RootImpl::None => set_prop_hint(constants::STATUS_ROOT_IMPL_NONE)?,
+        root_impl::RootImpl::TooOld => set_prop_hint(constants::STATUS_ROOT_IMPL_TOO_OLD)?,
+        root_impl::RootImpl::Abnormal => set_prop_hint(constants::STATUS_ROOT_IMPL_ABNORMAL)?,
+        root_impl::RootImpl::Multiple => set_prop_hint(constants::STATUS_ROOT_IMPL_MULTIPLE)?,
+        _ => {
+            set_prop_hint(constants::STATUS_LOADED)?;
+            return Ok(true);
+        }
+    }
+    Ok(false)
+}
+
 fn spawn_daemon() -> Result<()> {
     let mut lives = 5;
     loop {
@@ -99,7 +186,6 @@ fn spawn_daemon() -> Result<()> {
 
         log::error!("Restarting zygote...");
         utils::set_property(constants::PROP_NATIVE_BRIDGE, constants::ZYGISK_LOADER)?;
-        utils::set_property(constants::PROP_SVC_ZYGOTE, "restart")?;
-        thread::sleep(Duration::from_secs(2));
+        utils::set_property(constants::PROP_CTL_RESTART, "zygote")?;
     }
 }

zygiskd/src/zygiskd.rs

@@ -1,6 +1,6 @@
 use crate::constants::DaemonSocketAction;
 use crate::utils::UnixStreamExt;
-use crate::{constants, lp_select, root_impl, utils};
+use crate::{constants, lp_select, magic, root_impl, utils};
 use anyhow::{bail, Result};
 use memfd::Memfd;
 use nix::{
@@ -10,7 +10,6 @@ use nix::{
 use passfd::FdPassingExt;
 use std::sync::{Arc, Mutex};
 use std::thread;
-use std::ffi::c_char;
 use std::fs;
 use std::os::unix::{
     net::{UnixListener, UnixStream},
@@ -64,8 +63,7 @@ pub fn entry() -> Result<()> {
 }
 
 fn get_arch() -> Result<&'static str> {
-    let output = Command::new("getprop").arg("ro.product.cpu.abi").output()?;
-    let system_arch = String::from_utf8(output.stdout)?;
+    let system_arch = utils::get_property("ro.product.cpu.abi")?;
     if system_arch.contains("arm") {
         return Ok(lp_select!("armeabi-v7a", "arm64-v8a"));
     }
@@ -77,7 +75,7 @@ fn get_arch() -> Result<&'static str> {
 
 fn load_modules(arch: &str) -> Result<Vec<Module>> {
     let mut modules = Vec::new();
-    let dir = match fs::read_dir(constants::PATH_MODULE_DIR) {
+    let dir = match fs::read_dir(constants::PATH_MODULES_DIR) {
         Ok(dir) => dir,
         Err(e) => {
             log::warn!("Failed reading modules directory: {}", e);
@@ -137,7 +135,7 @@ fn create_memfd(so_path: &PathBuf) -> Result<Memfd> {
 fn create_daemon_socket() -> Result<UnixListener> {
     utils::set_socket_create_context("u:r:zygote:s0")?;
     let prefix = lp_select!("zygiskd32", "zygiskd64");
-    let name = String::from(prefix) + constants::SOCKET_PLACEHOLDER;
+    let name = format!("{}{}", prefix, magic::MAGIC.as_str());
     let listener = utils::abstract_namespace_socket(&name)?;
     log::debug!("Daemon socket: {name}");
     Ok(listener)
@@ -181,12 +179,8 @@ fn handle_daemon_action(mut stream: UnixStream, context: &Context) -> Result<()>
                     Err(_) => break,
                 };
                 let tag = stream.read_string()?;
-                let tag = std::ffi::CString::new(tag)?;
                 let message = stream.read_string()?;
-                let message = std::ffi::CString::new(message)?;
-                unsafe {
-                    __android_log_print(level as i32, tag.as_ptr(), message.as_ptr());
-                }
+                utils::log_raw(level as i32, &tag, &message)?;
             }
         }
         DaemonSocketAction::ReadNativeBridge => {
@@ -201,6 +195,11 @@ fn handle_daemon_action(mut stream: UnixStream, context: &Context) -> Result<()>
             if root_impl::uid_on_denylist(uid) {
                 flags |= constants::PROCESS_ON_DENYLIST;
             }
+            match root_impl::get_impl() {
+                root_impl::RootImpl::KernelSU => flags |= constants::PROCESS_ROOT_IS_KSU,
+                root_impl::RootImpl::Magisk => flags |= constants::PROCESS_ROOT_IS_MAGISK,
+                _ => unreachable!(),
+            }
             // TODO: PROCESS_IS_SYSUI?
             stream.write_u32(flags)?;
         }
@@ -232,14 +231,10 @@ fn handle_daemon_action(mut stream: UnixStream, context: &Context) -> Result<()>
         DaemonSocketAction::GetModuleDir => {
             let index = stream.read_usize()?;
             let module = &context.modules[index];
-            let dir = format!("{}/{}", constants::PATH_MODULE_DIR, module.name);
+            let dir = format!("{}/{}", constants::PATH_MODULES_DIR, module.name);
             let dir = fs::File::open(dir)?;
             stream.send_fd(dir.as_raw_fd())?;
         }
     }
     Ok(())
 }
-
-extern "C" {
-    fn __android_log_print(prio: i32, tag: *const c_char, fmt: *const c_char, ...) -> i32;
-}