Make sure that only system_server uses the BinderService

The android:ui process is running with the same UID, but in the system_app
context, so it should be treated like a normal app.

src/de/robv/android/xposed/SELinuxHelper.java

@@ -3,7 +3,6 @@
 import static de.robv.android.xposed.XposedHelpers.callStaticMethod;
 import static de.robv.android.xposed.XposedHelpers.findClass;
 import android.os.Build;
-import android.os.Process;
 import de.robv.android.xposed.XposedHelpers.ClassNotFoundError;
 import de.robv.android.xposed.services.BaseService;
 import de.robv.android.xposed.services.BinderService;
@@ -59,7 +58,7 @@ public static BaseService getAppDataFileService() {
 
 	private static BaseService sServiceAppDataFile = null;
 
-	static void initOnce() {
+	/*package*/ static void initOnce() {
 		if (Build.VERSION.SDK_INT < 17)
 			return;
 
@@ -70,17 +69,16 @@ static void initOnce() {
 		} catch (ClassNotFoundError ignored) {};
 	}
 
-	static void initForProcess() {
+	/*package*/ static void initForProcess(String packageName) {
 		if (sIsSELinuxEnabled)
 			sContext = (String) callStaticMethod(sClassSELinux, "getContext");
 
 		if (sIsSELinuxEnforced) {
-			int uid = Process.myUid();
-			if (uid == 0) {
+			if (packageName == null) {  // Zygote
 				sServiceAppDataFile = new ZygoteService();
-			} else if (uid == Process.SYSTEM_UID) {
+			} else if (packageName.equals("android")) {  //system_server
 				sServiceAppDataFile = BinderService.getService(BinderService.TARGET_APP);
-			} else {
+			} else {  // app
 				sServiceAppDataFile = new DirectAccessService();
 			}
 		} else {

src/de/robv/android/xposed/XposedBridge.java

@@ -93,7 +93,7 @@ protected static void main(String[] args) {
 			log("Initializing XposedBridge version " + XPOSED_BRIDGE_VERSION);
 
 			SELinuxHelper.initOnce();
-			SELinuxHelper.initForProcess();
+			SELinuxHelper.initForProcess(null);
 
 			runtime = getRuntime();
 			if (initNative()) {
@@ -180,10 +180,10 @@ private static void initForZygote() throws Throwable {
 		// normal process initialization (for new Activity, Service, BroadcastReceiver etc.)
 		findAndHookMethod(ActivityThread.class, "handleBindApplication", "android.app.ActivityThread.AppBindData", new XC_MethodHook() {
 			protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
-				SELinuxHelper.initForProcess();
 				ActivityThread activityThread = (ActivityThread) param.thisObject;
 				ApplicationInfo appInfo = (ApplicationInfo) getObjectField(param.args[0], "appInfo");
 				String reportedPackageName = appInfo.packageName.equals("android") ? "system" : appInfo.packageName;
+				SELinuxHelper.initForProcess(reportedPackageName);
 				ComponentName instrumentationName = (ComponentName) getObjectField(param.args[0], "instrumentationName");
 				if (instrumentationName != null) {
 					XposedBridge.log("Instrumentation detected, disabling framework for " + reportedPackageName);
@@ -218,7 +218,7 @@ protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
 					Build.VERSION.SDK_INT < 19 ? "run" : "initAndLoop", new XC_MethodHook() {
 				@Override
 				protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
-					SELinuxHelper.initForProcess();
+					SELinuxHelper.initForProcess("android");
 					loadedPackagesInProcess.add("android");
 
 					LoadPackageParam lpparam = new LoadPackageParam(sLoadedPackageCallbacks);
@@ -238,7 +238,7 @@ protected void afterHookedMethod(MethodHookParam param) throws Throwable {
 					findAndHookMethod("com.android.server.SystemServer", cl, "startBootstrapServices", new XC_MethodHook() {
 						@Override
 						protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
-							SELinuxHelper.initForProcess();
+							SELinuxHelper.initForProcess("android");
 							loadedPackagesInProcess.add("android");
 
 							LoadPackageParam lpparam = new LoadPackageParam(sLoadedPackageCallbacks);