Isolated processes might still be hide-able

native/jni/magiskhide/hide_utils.cpp

@@ -337,6 +337,32 @@ void auto_start_magiskhide(bool late_props) {
     }
 }
 
+bool is_hide_target(int uid, string_view process) {
+    mutex_guard lock(hide_state_lock);
+
+    if (uid % 100000 >= 90000) {
+        // Isolated processes
+        auto it = uid_proc_map.find(-1);
+        if (it == uid_proc_map.end())
+            return false;
+
+        for (auto &s : it->second) {
+            if (str_starts(process, s))
+                return true;
+        }
+    } else {
+        auto it = uid_proc_map.find(uid);
+        if (it == uid_proc_map.end())
+            return false;
+
+        for (auto &s : it->second) {
+            if (s == process)
+                return true;
+        }
+    }
+    return false;
+}
+
 #if !ENABLE_INJECT
 void test_proc_monitor() {
     if (procfp == nullptr && (procfp = opendir("/proc")) == nullptr)
@@ -347,35 +373,11 @@ void test_proc_monitor() {
 
 #if ENABLE_INJECT
 int check_uid_map(int client) {
-    mutex_guard lock(hide_state_lock);
+    if (!hide_enabled())
-
-    if (!hide_state)
         return 0;
 
     int uid = read_int(client);
     string process = read_string(client);
-
+    return is_hide_target(uid, process) ? 1 : 0;
-    if (uid % 100000 > 90000) {
-        // Isolated process
-        auto it = uid_proc_map.find(-1);
-        if (it == uid_proc_map.end())
-            return 0;
-
-        for (auto &s : it->second) {
-            if (str_starts(process, s))
-                return 1;
-        }
-    } else {
-        auto it = uid_proc_map.find(uid);
-        if (it == uid_proc_map.end())
-            return 0;
-
-        for (auto &s : it->second) {
-            if (process == s)
-                return 1;
-        }
-    }
-
-    return 0;
 }
 #endif

native/jni/magiskhide/magiskhide.hpp

@@ -35,6 +35,7 @@ void crawl_procfs(const std::function<bool (int)> &fn);
 void crawl_procfs(DIR *dir, const std::function<bool (int)> &fn);
 bool hide_enabled();
 void update_uid_map();
+bool is_hide_target(int uid, std::string_view process);
 
 // Hide policies
 void hide_daemon(int pid);

native/jni/magiskhide/proc_monitor.cpp

@@ -183,8 +183,10 @@ static bool check_pid(int pid) {
         return true;
     }
 
+    int uid = st.st_uid;
+
     // UID hasn't changed
-    if (st.st_uid == 0)
+    if (uid == 0)
         return false;
 
     sprintf(path, "/proc/%d/cmdline", pid);
@@ -200,25 +202,10 @@ static bool check_pid(int pid) {
         cmdline == "usap32"sv || cmdline == "usap64"sv)
         return false;
 
-    int uid = st.st_uid;
+    if (!is_hide_target(uid, cmdline))
-
-    // Start accessing uid_proc_map
-    mutex_guard lock(hide_state_lock);
-    auto it = uid_proc_map.end();
-
-    if (uid % 100000 > 90000) {
-        // No way to handle isolated process
         goto not_target;
-    }
 
-    it = uid_proc_map.find(uid);
+    // Ensure ns is separated
-    if (it == uid_proc_map.end())
-        goto not_target;
-    for (auto &s : it->second) {
-        if (s != cmdline)
-            continue;
-
-        // Check if ns is separated (could be app zygote)
     read_ns(pid, &st);
     for (auto &zit : zygote_map) {
         if (zit.second.st_ino == st.st_ino &&
@@ -228,14 +215,12 @@ static bool check_pid(int pid) {
         }
     }
 
-        // Finally this is our target!
+    // Detach but the process should still remain stopped
-        // Detach from ptrace but should still remain stopped.
+    // The hide daemon will resume the process after hiding it
-        // The hide daemon will resume the process.
     LOGI("proc_monitor: [%s] PID=[%d] UID=[%d]\n", cmdline, pid, uid);
     detach_pid(pid, SIGSTOP);
     hide_daemon(pid);
     return true;
-    }
 
 not_target:
     PTRACE_LOG("[%s] is not our target\n", cmdline);