diff --git a/kernel/core_hook.c b/kernel/core_hook.c index 59b8633c..c1062c53 100644 --- a/kernel/core_hook.c +++ b/kernel/core_hook.c @@ -66,7 +66,7 @@ static inline bool is_allow_su() return ksu_is_allow_uid(current_uid().val); } -static inline bool is_unsupported_uid(uid_t uid) +static inline bool is_unsupported_app_uid(uid_t uid) { #define LAST_APPLICATION_UID 19999 uid_t appid = uid % 100000; @@ -589,14 +589,13 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3, return 0; } -static bool is_appuid(kuid_t uid) +static bool is_non_appuid(kuid_t uid) { #define PER_USER_RANGE 100000 #define FIRST_APPLICATION_UID 10000 -#define LAST_APPLICATION_UID 19999 uid_t appid = uid.val % PER_USER_RANGE; - return appid >= FIRST_APPLICATION_UID && appid <= LAST_APPLICATION_UID; + return appid < FIRST_APPLICATION_UID; } static bool should_umount(struct path *path) @@ -690,29 +689,33 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old) return 0; } - if (!is_appuid(new_uid) || is_unsupported_uid(new_uid.val)) { - // pr_info("handle setuid ignore non application or isolated uid: %d\n", new_uid.val); + if (is_non_appuid(new_uid)) { +#ifdef CONFIG_KSU_DEBUG + pr_info("handle setuid ignore non application uid: %d\n", new_uid.val); +#endif return 0; } + // isolated process may be directly forked from zygote, always unmount + if (is_unsupported_app_uid(new_uid.val)) { +#ifdef CONFIG_KSU_DEBUG + pr_info("handle umount for unsupported application uid: %d\n", new_uid.val); +#endif + goto do_umount; + } + if (ksu_is_allow_uid(new_uid.val)) { - // pr_info("handle setuid ignore allowed application: %d\n", new_uid.val); - return 0; - } - - if (!ksu_uid_should_umount(new_uid.val)) { - return 0; - } else { #ifdef CONFIG_KSU_DEBUG - pr_info("uid: %d should not umount!\n", current_uid().val); + pr_info("handle setuid ignore allowed application: %d\n", new_uid.val); #endif + return 0; } +do_umount: // check old process's selinux context, if it is not zygote, ignore it! // because some su apps may setuid to untrusted_app but they are in global mount namespace // when we umount for such process, that is a disaster! - bool is_zygote_child = is_zygote(old->security); - if (!is_zygote_child) { + if (!is_zygote(old->security)) { pr_info("handle umount ignore non zygote child: %d\n", current->pid); return 0;