manager: unify kernel and user structs

manager/app/src/main/cpp/jni.cc

@@ -125,7 +125,7 @@ Java_me_weishu_kernelsu_Natives_getAppProfile(JNIEnv *env, jobject, jstring pkg,
         // no profile found, so just use default profile:
         // don't allow root and use default profile!
         profile.allow_su = false;
-        profile.non_root_profile.use_default = true;
+        profile.nrp_config.use_default = true;
         LOGD("get app profile for: %s failed, use default profile.", key);
     }
 
@@ -155,36 +155,36 @@ Java_me_weishu_kernelsu_Natives_getAppProfile(JNIEnv *env, jobject, jstring pkg,
     auto allowSu = profile.allow_su;
 
     if (allowSu) {
-        env->SetBooleanField(obj, rootUseDefaultField, (jboolean) profile.root_profile.use_default);
-        if (strlen(profile.root_profile.template_name) > 0) {
+        env->SetBooleanField(obj, rootUseDefaultField, (jboolean) profile.rp_config.use_default);
+        if (strlen(profile.rp_config.template_name) > 0) {
             env->SetObjectField(obj, rootTemplateField,
-                                env->NewStringUTF(profile.root_profile.template_name));
+                                env->NewStringUTF(profile.rp_config.template_name));
         }
 
-        env->SetIntField(obj, uidField, profile.root_profile.uid);
-        env->SetIntField(obj, gidField, profile.root_profile.gid);
+        env->SetIntField(obj, uidField, profile.rp_config.profile.uid);
+        env->SetIntField(obj, gidField, profile.rp_config.profile.gid);
 
         jobject groupList = env->GetObjectField(obj, groupsField);
-        fillIntArray(env, groupList, profile.root_profile.groups,
-                     profile.root_profile.groups_count);
+        fillIntArray(env, groupList, profile.rp_config.profile.groups,
+                     profile.rp_config.profile.groups_count);
 
         jobject capList = env->GetObjectField(obj, capabilitiesField);
         for (int i = 0; i <= CAP_LAST_CAP; i++) {
-            if (profile.root_profile.caps.effective & (1ULL << i)) {
+            if (profile.rp_config.profile.capabilities.effective & (1ULL << i)) {
                 addIntToList(env, capList, i);
             }
         }
 
         env->SetObjectField(obj, domainField,
-                            env->NewStringUTF(profile.root_profile.selinux_domain));
-        env->SetIntField(obj, namespacesField, profile.root_profile.namespaces);
+                            env->NewStringUTF(profile.rp_config.profile.selinux_domain));
+        env->SetIntField(obj, namespacesField, profile.rp_config.profile.namespaces);
         env->SetBooleanField(obj, allowSuField, profile.allow_su);
     } else {
         env->SetBooleanField(obj, nonRootUseDefaultField,
-                             (jboolean) profile.non_root_profile.use_default);
-        env->SetBooleanField(obj, umountModulesField, profile.non_root_profile.umount_modules);
+                             (jboolean) profile.nrp_config.use_default);
+        env->SetBooleanField(obj, umountModulesField, profile.nrp_config.profile.umount_modules);
         LOGD("non root profile: use default: %d, umount modules: %d",
-             profile.non_root_profile.use_default, profile.non_root_profile.umount_modules);
+             profile.nrp_config.use_default, profile.nrp_config.profile.umount_modules);
     }
 
     return obj;
@@ -243,31 +243,31 @@ Java_me_weishu_kernelsu_Natives_setAppProfile(JNIEnv *env, jobject clazz, jobjec
     p.current_uid = currentUid;
 
     if (allowSu) {
-        p.root_profile.use_default = env->GetBooleanField(profile, rootUseDefaultField);
+        p.rp_config.use_default = env->GetBooleanField(profile, rootUseDefaultField);
         auto templateName = env->GetObjectField(profile, rootTemplateField);
         if (templateName) {
             auto ctemplateName = env->GetStringUTFChars((jstring) templateName, nullptr);
-            strcpy(p.root_profile.template_name, ctemplateName);
+            strcpy(p.rp_config.template_name, ctemplateName);
             env->ReleaseStringUTFChars((jstring) templateName, ctemplateName);
         }
 
-        p.root_profile.uid = uid;
-        p.root_profile.gid = gid;
+        p.rp_config.profile.uid = uid;
+        p.rp_config.profile.gid = gid;
 
         int groups_count = getListSize(env, groups);
-        p.root_profile.groups_count = groups_count;
-        fillArrayWithList(env, groups, p.root_profile.groups, groups_count);
+        p.rp_config.profile.groups_count = groups_count;
+        fillArrayWithList(env, groups, p.rp_config.profile.groups, groups_count);
 
-        p.root_profile.caps.effective = capListToBits(env, capabilities);
+        p.rp_config.profile.capabilities.effective = capListToBits(env, capabilities);
 
         auto cdomain = env->GetStringUTFChars((jstring) domain, nullptr);
-        strcpy(p.root_profile.selinux_domain, cdomain);
+        strcpy(p.rp_config.profile.selinux_domain, cdomain);
         env->ReleaseStringUTFChars((jstring) domain, cdomain);
 
-        p.root_profile.namespaces = env->GetIntField(profile, namespacesField);
+        p.rp_config.profile.namespaces = env->GetIntField(profile, namespacesField);
     } else {
-        p.non_root_profile.use_default = env->GetBooleanField(profile, nonRootUseDefaultField);
-        p.non_root_profile.umount_modules = umountModules;
+        p.nrp_config.use_default = env->GetBooleanField(profile, nonRootUseDefaultField);
+        p.nrp_config.profile.umount_modules = umountModules;
     }
 
     return set_app_profile(&p);

manager/app/src/main/cpp/ksu.h

@@ -25,12 +25,35 @@ bool is_safe_mode();
 
 using p_key_t = char[KSU_MAX_PACKAGE_NAME];
 
-struct app_profile {
+struct root_profile {
+    int32_t uid;
+    int32_t gid;
 
-    int32_t version;
+    int32_t groups[KSU_MAX_GROUPS];
+    int32_t groups_count;
+
+    // kernel_cap_t is u32[2] for capabilities v3
+    struct {
+        uint64_t effective;
+        uint64_t permitted;
+        uint64_t inheritable;
+    } capabilities;
+
+    char selinux_domain[KSU_SELINUX_DOMAIN];
+
+    int32_t namespaces;
+};
+
+struct non_root_profile {
+    bool umount_modules;
+};
+
+struct app_profile {
+    // It may be utilized for backward compatibility, although we have never explicitly made any promises regarding this.
+    uint32_t version;
 
     // this is usually the package of the app, but can be other value for special apps
-    p_key_t key;
+    char key[KSU_MAX_PACKAGE_NAME];
     int32_t current_uid;
     bool allow_su;
 
@@ -38,27 +61,15 @@ struct app_profile {
         struct {
             bool use_default;
             char template_name[KSU_MAX_PACKAGE_NAME];
-            int32_t uid;
-            int32_t gid;
 
-            int32_t groups[KSU_MAX_GROUPS];
-            int32_t groups_count;
-
-            struct {
-                // kernel_cap_t is u32[2], we use u64 here to avoid alignment issues.
-                uint64_t effective;
-                uint64_t permitted;
-                uint64_t inheritable;
-            } caps;
-            char selinux_domain[KSU_SELINUX_DOMAIN];
-
-            int32_t namespaces;
-        } root_profile;
+            struct root_profile profile;
+        } rp_config;
 
         struct {
             bool use_default;
-            bool umount_modules;
-        } non_root_profile;
+
+            struct non_root_profile profile;
+        } nrp_config;
     };
 };