From 0b118e19b31adde0be7d5a631452d069145fedf8 Mon Sep 17 00:00:00 2001 From: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com> Date: Sat, 8 Nov 2025 19:18:20 +0800 Subject: [PATCH] kernel: remove workqueue for allowlist Co-authored-by: weishu --- kernel/allowlist.c | 29 +++++------------------------ kernel/allowlist.h | 2 +- kernel/ksud.c | 22 +++++++++++++++++++++- 3 files changed, 27 insertions(+), 26 deletions(-) diff --git a/kernel/allowlist.c b/kernel/allowlist.c index 7ad66ccc..2a911f94 100644 --- a/kernel/allowlist.c +++ b/kernel/allowlist.c @@ -92,11 +92,6 @@ static uint8_t allow_list_bitmap[PAGE_SIZE] __read_mostly __aligned(PAGE_SIZE); #define KERNEL_SU_ALLOWLIST "/data/adb/ksu/.allowlist" -static struct work_struct ksu_save_work; -static struct work_struct ksu_load_work; - -bool persistent_allow_list(void); - void ksu_show_allow_list(void) { struct perm_data *p = NULL; @@ -355,7 +350,7 @@ bool ksu_get_allow_list(int *array, int *length, bool allow) return true; } -void do_save_allow_list(struct work_struct *work) +void persistent_allow_list() { u32 magic = FILE_MAGIC; u32 version = FILE_FORMAT_VERSION; @@ -364,7 +359,7 @@ void do_save_allow_list(struct work_struct *work) loff_t off = 0; struct file *fp = - ksu_filp_open_compat(KERNEL_SU_ALLOWLIST, O_WRONLY | O_CREAT | O_TRUNC, 0644); + filp_open(KERNEL_SU_ALLOWLIST, O_WRONLY | O_CREAT | O_TRUNC, 0644); if (IS_ERR(fp)) { pr_err("save_allow_list create file failed: %ld\n", PTR_ERR(fp)); return; @@ -397,7 +392,7 @@ exit: filp_close(fp, 0); } -void do_load_allow_list(struct work_struct *work) +void ksu_load_allow_list() { loff_t off = 0; ssize_t ret = 0; @@ -411,7 +406,7 @@ void do_load_allow_list(struct work_struct *work) #endif // load allowlist now! - fp = ksu_filp_open_compat(KERNEL_SU_ALLOWLIST, O_RDONLY, 0); + fp = filp_open(KERNEL_SU_ALLOWLIST, O_RDONLY, 0); if (IS_ERR(fp)) { pr_err("load_allow_list open file failed: %ld\n", PTR_ERR(fp)); return; @@ -486,17 +481,6 @@ void ksu_prune_allowlist(bool (*is_uid_valid)(uid_t, char *, void *), void *data } } -// make sure allow list works cross boot -bool persistent_allow_list(void) -{ - return ksu_queue_work(&ksu_save_work); -} - -bool ksu_load_allow_list(void) -{ - return ksu_queue_work(&ksu_load_work); -} - void ksu_allowlist_init(void) { int i; @@ -509,9 +493,6 @@ void ksu_allowlist_init(void) INIT_LIST_HEAD(&allow_list); - INIT_WORK(&ksu_save_work, do_save_allow_list); - INIT_WORK(&ksu_load_work, do_load_allow_list); - init_default_profiles(); } @@ -520,7 +501,7 @@ void ksu_allowlist_exit(void) struct perm_data *np = NULL; struct perm_data *n = NULL; - do_save_allow_list(NULL); + persistent_allow_list(); // free allowlist mutex_lock(&allowlist_mutex); diff --git a/kernel/allowlist.h b/kernel/allowlist.h index 35392747..3494d920 100644 --- a/kernel/allowlist.h +++ b/kernel/allowlist.h @@ -8,7 +8,7 @@ void ksu_allowlist_init(void); void ksu_allowlist_exit(void); -bool ksu_load_allow_list(void); +void ksu_load_allow_list(void); void ksu_show_allow_list(void); diff --git a/kernel/ksud.c b/kernel/ksud.c index 49c67ab5..a0946c07 100644 --- a/kernel/ksud.c +++ b/kernel/ksud.c @@ -1,3 +1,8 @@ + +#include +#include +#include +#include "manager.h" #include #include #include @@ -109,6 +114,13 @@ struct user_arg_ptr { } ptr; }; +static void on_post_fs_data_cbfun(struct callback_head *cb) +{ + on_post_fs_data(); +} + +static struct callback_head on_post_fs_data_cb = { .func = on_post_fs_data_cbfun }; + // since _ksud handler only uses argv and envp for comparisons // this can probably work // adapted from ksu_handle_execveat_ksud @@ -199,7 +211,15 @@ first_app_process: if (first_app_process && !memcmp(filename, app_process, sizeof(app_process) - 1)) { first_app_process = false; pr_info("%s: exec app_process, /data prepared, second_stage: %d\n", __func__, init_second_stage_executed); - on_post_fs_data(); + + struct task_struct *init_task; + rcu_read_lock(); + init_task = rcu_dereference(current->parent); + if (init_task) { + task_work_add(init_task, &on_post_fs_data_cb, TWA_RESUME); + } + rcu_read_unlock(); + stop_execve_hook(); }