android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: Unmount all isolated process which forks from zygote

Browse Source 
Kernel has few information about which isolated process belongs to which
application, so there is actually no good choice if we don't implement a
userspace daemon. One choice is to access cmdline memory from kernel,
but cmdline is __user, and it is likely to trigger detections. Before we
have more good ideas, use this.
This commit is contained in:
Wang Han
2025-08-24 07:01:18 +08:00
committed by ShirkNeko
parent 455b725248
commit 09a56a98b7
2 changed files with 22 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
kernel/kernel_umount.c
View File

@@ -151,7 +151,7 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
struct umount_tw *tw;
#if defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
// this hook is used for umounting overlayfs for some uid, if there isn't any module mounted, just ignore it!
// if there isn't any module mounted, just ignore it!
if (!ksu_module_mounted) {
return 0;
}
@@ -160,18 +160,24 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
return 0;
}
// FIXME: isolated process which directly forks from zygote is not handled
if (!is_appuid(new_uid)) {
return 0;
}
// There are 5 scenarios:
// 1. Normal app: zygote -> appuid
// 2. Isolated process forked from zygote: zygote -> isolated_process
// 3. App zygote forked from zygote: zygote -> appuid
// 4. Isolated process froked from app zygote: appuid -> isolated_process (already handled by 3)
// 5. Isolated process froked from webview zygote (no need to handle, app cannot run custom code)
if (!is_appuid(new_uid) && !is_isolated_process(new_uid)) {
return 0;
}
if (!ksu_uid_should_umount(new_uid)) {
return 0;
}
if (!ksu_uid_should_umount(new_uid) && !is_isolated_process(new_uid)) {
return 0;
}
// check old process's selinux context, if it is not zygote, ignore it!
// because some su apps may setuid to untrusted_app but they are in global mount namespace
// when we umount for such process, that is a disaster!
// also handle case 4 and 5
bool is_zygote_child = is_zygote(get_current_cred());
if (!is_zygote_child) {
pr_info("handle umount ignore non zygote child: %d\n", current->pid);