kernel: Unmount all isolated process which forks from zygote
Kernel has few information about which isolated process belongs to which application, so there is actually no good choice if we don't implement a userspace daemon. One choice is to access cmdline memory from kernel, but cmdline is __user, and it is likely to trigger detections. Before we have more good ideas, use this.
This commit is contained in:
Wang Han
ShirkNeko
@@ -8,6 +8,8 @@
|
||||
#define PER_USER_RANGE 100000
|
||||
#define FIRST_APPLICATION_UID 10000
|
||||
#define LAST_APPLICATION_UID 19999
|
||||
#define FIRST_ISOLATED_UID 99000
|
||||
#define LAST_ISOLATED_UID 99999
|
||||
|
||||
void ksu_allowlist_init(void);
|
||||
|
||||
@@ -43,6 +45,12 @@ static inline bool is_appuid(uid_t uid)
|
||||
return appid >= FIRST_APPLICATION_UID && appid <= LAST_APPLICATION_UID;
|
||||
}
|
||||
|
||||
static inline bool is_isolated_process(uid_t uid)
|
||||
{
|
||||
uid_t appid = uid % PER_USER_RANGE;
|
||||
return appid >= FIRST_ISOLATED_UID && appid <= LAST_ISOLATED_UID;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
bool ksu_temp_grant_root_once(uid_t uid);
|
||||
void ksu_temp_revoke_root_once(uid_t uid);
|
||||
|
||||
Reference in New Issue
Block a user