Kernel: Improved throne communication module for user space UID rescan

kernel/Makefile

@@ -8,6 +8,7 @@ kernelsu-objs += core_hook.o
 kernelsu-objs += ksud.o
 kernelsu-objs += embed_ksud.o
 kernelsu-objs += kernel_compat.o
+kernelsu-objs += throne_comm.o
 
 ifeq ($(CONFIG_KSU_TRACEPOINT_HOOK), y)
 kernelsu-objs += ksu_trace.o

kernel/core_hook.c

@@ -48,6 +48,7 @@
 #include "manager.h"
 #include "selinux/selinux.h"
 #include "throne_tracker.h"
+#include "throne_comm.h"
 #include "kernel_compat.h"
 #include "dynamic_manager.h"
 
@@ -318,6 +319,9 @@ int ksu_handle_rename(struct dentry *old_dentry, struct dentry *new_dentry)
 
 	track_throne();
 	
+	// Also request userspace scan for next time
+	ksu_request_userspace_scan();
+
 	return 0;
 }
 
@@ -497,6 +501,8 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 			susfs_on_post_fs_data();
 #endif
 				on_post_fs_data();
+				// Initialize throne communication
+				ksu_throne_comm_init();
 				// Initializing Dynamic Signatures
         		ksu_dynamic_manager_init();
         		pr_info("Dynamic sign config loaded during post-fs-data\n");
@@ -1648,6 +1654,8 @@ void __init ksu_core_init(void)
 
 void ksu_core_exit(void)
 {
+	ksu_throne_comm_exit();
+	
 #ifdef CONFIG_KSU_KPROBES_HOOK
 	pr_info("ksu_core_kprobe_exit\n");
 	// we dont use this now

kernel/kernel_compat.h

@@ -6,36 +6,6 @@
 #include <linux/cred.h>
 #include "ss/policydb.h"
 #include "linux/key.h"
-#include <linux/list.h>
-
-/**
- * list_count_nodes - count the number of nodes in a list
- * @head: the head of the list
- *
- * This function iterates over the list starting from @head and counts
- * the number of nodes in the list. It does not modify the list.
- *
- * Context: Any context. The function is safe to call in any context,
- *          including interrupt context, as it does not sleep or allocate
- *          memory.
- *
- * Return: the number of nodes in the list (excluding the head)
- */
-#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 6, 0)
-static inline __maybe_unused size_t list_count_nodes(const struct list_head *head)
-{
-    const struct list_head *pos;
-    size_t count = 0;
-
-    if (!head)
-        return 0;
-
-    list_for_each(pos, head)
-        count++;
-
-	return count;
-}
-#endif
 
 /*
  * Adapt to Huawei HISI kernel without affecting other kernels ,

kernel/throne_comm.c

@@ -0,0 +1,136 @@
+#include <linux/fs.h>
+#include <linux/proc_fs.h>
+#include <linux/seq_file.h>
+#include <linux/uaccess.h>
+#include <linux/workqueue.h>
+#include <linux/version.h>
+
+#include "klog.h"
+#include "throne_comm.h"
+
+#define PROC_UID_SCANNER "ksu_uid_scanner"
+
+static struct proc_dir_entry *proc_entry = NULL;
+static struct workqueue_struct *scanner_wq = NULL;
+static struct work_struct scan_work;
+
+// Signal userspace to rescan
+static bool need_rescan = false;
+
+static void rescan_work_fn(struct work_struct *work)
+{
+	// Signal userspace through proc interface
+	need_rescan = true;
+	pr_info("requested userspace uid rescan\n");
+}
+
+void ksu_request_userspace_scan(void)
+{
+	if (scanner_wq) {
+		queue_work(scanner_wq, &scan_work);
+	}
+}
+
+void ksu_handle_userspace_update(void)
+{
+	// Called when userspace notifies update complete
+	need_rescan = false;
+	pr_info("userspace uid list updated\n");
+}
+
+static int uid_scanner_show(struct seq_file *m, void *v)
+{
+	if (need_rescan) {
+		seq_puts(m, "RESCAN\n");
+	} else {
+		seq_puts(m, "OK\n");
+	}
+	return 0;
+}
+
+static int uid_scanner_open(struct inode *inode, struct file *file)
+{
+	return single_open(file, uid_scanner_show, NULL);
+}
+
+static ssize_t uid_scanner_write(struct file *file, const char __user *buffer, 
+                                 size_t count, loff_t *pos)
+{
+	char cmd[16];
+	
+	if (count >= sizeof(cmd))
+		return -EINVAL;
+		
+	if (copy_from_user(cmd, buffer, count))
+		return -EFAULT;
+		
+	cmd[count] = '\0';
+	
+	// Remove newline if present
+	if (count > 0 && cmd[count-1] == '\n')
+		cmd[count-1] = '\0';
+	
+	if (strcmp(cmd, "UPDATED") == 0) {
+		ksu_handle_userspace_update();
+		pr_info("received userspace update notification\n");
+	}
+	
+	return count;
+}
+
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,6,0)
+static const struct proc_ops uid_scanner_proc_ops = {
+	.proc_open = uid_scanner_open,
+	.proc_read = seq_read,
+	.proc_write = uid_scanner_write,
+	.proc_lseek = seq_lseek,
+	.proc_release = single_release,
+};
+#else
+static const struct file_operations uid_scanner_proc_ops = {
+	.owner = THIS_MODULE,
+	.open = uid_scanner_open,
+	.read = seq_read,
+	.write = uid_scanner_write,
+	.llseek = seq_lseek,
+	.release = single_release,
+};
+#endif
+
+int ksu_throne_comm_init(void)
+{
+	// Create workqueue
+	scanner_wq = alloc_workqueue("ksu_scanner", WQ_UNBOUND, 1);
+	if (!scanner_wq) {
+		pr_err("failed to create scanner workqueue\n");
+		return -ENOMEM;
+	}
+	
+	INIT_WORK(&scan_work, rescan_work_fn);
+	
+	// Create proc entry
+	proc_entry = proc_create(PROC_UID_SCANNER, 0600, NULL, &uid_scanner_proc_ops);
+	if (!proc_entry) {
+		pr_err("failed to create proc entry\n");
+		destroy_workqueue(scanner_wq);
+		return -ENOMEM;
+	}
+	
+	pr_info("throne communication initialized\n");
+	return 0;
+}
+
+void ksu_throne_comm_exit(void)
+{
+	if (proc_entry) {
+		proc_remove(proc_entry);
+		proc_entry = NULL;
+	}
+	
+	if (scanner_wq) {
+		destroy_workqueue(scanner_wq);
+		scanner_wq = NULL;
+	}
+	
+	pr_info("throne communication cleaned up\n");
+}

kernel/throne_comm.h

@@ -0,0 +1,12 @@
+#ifndef __KSU_H_THRONE_COMM
+#define __KSU_H_THRONE_COMM
+
+void ksu_request_userspace_scan(void);
+
+void ksu_handle_userspace_update(void);
+
+int ksu_throne_comm_init(void);
+
+void ksu_throne_comm_exit(void);
+
+#endif

kernel/throne_tracker.c

@@ -5,8 +5,6 @@
 #include <linux/string.h>
 #include <linux/types.h>
 #include <linux/version.h>
-#include <linux/stat.h>
-#include <linux/namei.h>
 
 #include "allowlist.h"
 #include "klog.h" // IWYU pragma: keep
@@ -15,12 +13,12 @@
 #include "throne_tracker.h"
 #include "kernel_compat.h"
 #include "dynamic_manager.h"
+#include "throne_comm.h"
 
 uid_t ksu_manager_uid = KSU_INVALID_UID;
 
 #define SYSTEM_PACKAGES_LIST_PATH "/data/system/packages.list.tmp"
-#define USER_DATA_PATH "/data/user_de/0"
-#define USER_DATA_PATH_LEN 256
+#define KSU_UID_LIST_PATH "/data/misc/user_uid/uid_list"
 
 struct uid_data {
 	struct list_head list;
@@ -28,6 +26,111 @@ struct uid_data {
 	char package[KSU_MAX_PACKAGE_NAME];
 };
 
+// Try read whitelist first, fallback if failed
+static int read_uid_whitelist(struct list_head *uid_list)
+{
+	struct file *fp;
+	char *file_content = NULL;
+	char *line, *next_line;
+	loff_t file_size;
+	loff_t pos = 0;
+	int count = 0;
+	ssize_t bytes_read;
+	
+	fp = ksu_filp_open_compat(KSU_UID_LIST_PATH, O_RDONLY, 0);
+	if (IS_ERR(fp)) {
+		pr_info("whitelist not found, fallback needed\n");
+		return -ENOENT;
+	}
+
+	file_size = fp->f_inode->i_size;
+	if (file_size <= 0) {
+		pr_info("whitelist file is empty\n");
+		filp_close(fp, NULL);
+		return -ENODATA;
+	}
+
+	file_content = kzalloc(file_size + 1, GFP_ATOMIC);
+	if (!file_content) {
+		pr_err("failed to allocate memory for whitelist file (%lld bytes)\n", file_size);
+		filp_close(fp, NULL);
+		return -ENOMEM;
+	}
+
+	bytes_read = ksu_kernel_read_compat(fp, file_content, file_size, &pos);
+	if (bytes_read != file_size) {
+		pr_err("failed to read whitelist file: read %zd bytes, expected %lld bytes\n", 
+		       bytes_read, file_size);
+		kfree(file_content);
+		filp_close(fp, NULL);
+		return -EIO;
+	}
+
+	file_content[file_size] = '\0';
+	filp_close(fp, NULL);
+
+	pr_info("successfully read whitelist file (%lld bytes), parsing lines...\n", file_size);
+
+	line = file_content;
+	while (line && *line) {
+		next_line = strchr(line, '\n');
+		if (next_line) {
+			*next_line = '\0';
+			next_line++;
+		}
+
+		char *trimmed_line = line;
+		while (*trimmed_line == ' ' || *trimmed_line == '\t' || *trimmed_line == '\r') {
+			trimmed_line++;
+		}
+
+		if (strlen(trimmed_line) > 0) {
+			char *line_copy = trimmed_line;
+			char *uid_str = strsep(&line_copy, " \t");
+			char *package_name = line_copy;
+			
+			if (package_name) {
+				while (*package_name == ' ' || *package_name == '\t') {
+					package_name++;
+				}
+			}
+			
+			if (uid_str && package_name && strlen(package_name) > 0) {
+				u32 uid;
+				if (!kstrtou32(uid_str, 10, &uid)) {
+					struct uid_data *data = kzalloc(sizeof(struct uid_data), GFP_ATOMIC);
+					if (data) {
+						data->uid = uid;
+						size_t pkg_len = strlen(package_name);
+						size_t copy_len = min(pkg_len, (size_t)(KSU_MAX_PACKAGE_NAME - 1));
+						strncpy(data->package, package_name, copy_len);
+						data->package[copy_len] = '\0';
+						
+						list_add_tail(&data->list, uid_list);
+						count++;
+						
+						if (count % 100 == 0) {
+							pr_info("parsed %d packages so far...\n", count);
+						}
+					} else {
+						pr_err("failed to allocate memory for uid_data\n");
+					}
+				} else {
+					pr_warn("invalid uid format in line: %s\n", trimmed_line);
+				}
+			} else {
+				pr_warn("invalid line format: %s\n", trimmed_line);
+			}
+		}
+
+		line = next_line;
+	}
+	
+	kfree(file_content);
+	pr_info("successfully loaded %d uids from whitelist\n", count);
+	return count > 0 ? 0 : -ENODATA;
+}
+
 static int get_pkg_from_apk_path(char *pkg, const char *path)
 {
 	int len = strlen(path);
@@ -142,138 +245,6 @@ struct my_dir_context {
 #define FILLDIR_ACTOR_CONTINUE 0
 #define FILLDIR_ACTOR_STOP -EINVAL
 #endif
-
-struct uid_scan_stats {
-	size_t total_found;
-	size_t errors_encountered;
-};
-
-struct user_data_context {
-	struct dir_context ctx;
-	struct list_head *uid_list;
-	struct uid_scan_stats *stats;
-};
-
-FILLDIR_RETURN_TYPE user_data_actor(struct dir_context *ctx, const char *name,
-				     int namelen, loff_t off, u64 ino,
-				     unsigned int d_type)
-{
-	struct user_data_context *my_ctx = 
-		container_of(ctx, struct user_data_context, ctx);
-	
-	if (!my_ctx || !my_ctx->uid_list) {
-		return FILLDIR_ACTOR_STOP;
-	}
-
-	if (!strncmp(name, "..", namelen) || !strncmp(name, ".", namelen))
-		return FILLDIR_ACTOR_CONTINUE;
-
-	if (d_type != DT_DIR)
-		return FILLDIR_ACTOR_CONTINUE;
-
-	if (namelen >= KSU_MAX_PACKAGE_NAME) {
-		pr_warn("Package name too long: %.*s\n", namelen, name);
-		if (my_ctx->stats)
-			my_ctx->stats->errors_encountered++;
-		return FILLDIR_ACTOR_CONTINUE;
-	}
-
-	char package_path[USER_DATA_PATH_LEN];
-	if (snprintf(package_path, sizeof(package_path), "%s/%.*s", 
-		     USER_DATA_PATH, namelen, name) >= sizeof(package_path)) {
-		pr_err("Path too long for package: %.*s\n", namelen, name);
-		if (my_ctx->stats)
-			my_ctx->stats->errors_encountered++;
-		return FILLDIR_ACTOR_CONTINUE;
-	}
-
-	struct path path;
-	int err = kern_path(package_path, LOOKUP_FOLLOW, &path);
-	if (err) {
-		pr_debug("Package path lookup failed: %s (err: %d)\n", package_path, err);
-		if (my_ctx->stats)
-			my_ctx->stats->errors_encountered++;
-		return FILLDIR_ACTOR_CONTINUE;
-	}
-
-	struct kstat stat;
-	err = vfs_getattr(&path, &stat, STATX_UID, AT_STATX_SYNC_AS_STAT);
-	path_put(&path);
-	
-	if (err) {
-		pr_debug("Failed to get attributes for: %s (err: %d)\n", package_path, err);
-		if (my_ctx->stats)
-			my_ctx->stats->errors_encountered++;
-		return FILLDIR_ACTOR_CONTINUE;
-	}
-
-	uid_t uid = from_kuid(&init_user_ns, stat.uid);
-	if (uid == (uid_t)-1) {
-		pr_warn("Invalid UID for package: %.*s\n", namelen, name);
-		if (my_ctx->stats)
-			my_ctx->stats->errors_encountered++;
-		return FILLDIR_ACTOR_CONTINUE;
-	}
-
-	struct uid_data *data = kzalloc(sizeof(struct uid_data), GFP_ATOMIC);
-	if (!data) {
-		pr_err("Failed to allocate memory for package: %.*s\n", namelen, name);
-		if (my_ctx->stats)
-			my_ctx->stats->errors_encountered++;
-		return FILLDIR_ACTOR_CONTINUE;
-	}
-
-	data->uid = uid;
-	size_t copy_len = min(namelen, KSU_MAX_PACKAGE_NAME - 1);
-	strncpy(data->package, name, copy_len);
-	data->package[copy_len] = '\0';
-	
-	list_add_tail(&data->list, my_ctx->uid_list);
-	
-	if (my_ctx->stats)
-		my_ctx->stats->total_found++;
-	
-	pr_info("UserDE UID: Found package: %s, uid: %u\n", data->package, data->uid);
-	
-	return FILLDIR_ACTOR_CONTINUE;
-}
-
-int scan_user_data_for_uids(struct list_head *uid_list)
-{
-	struct file *dir_file;
-	struct uid_scan_stats stats = {0};
-	int ret = 0;
-	
-	if (!uid_list) {
-		return -EINVAL;
-	}
-
-	dir_file = ksu_filp_open_compat(USER_DATA_PATH, O_RDONLY, 0);
-	if (IS_ERR(dir_file)) {
-		pr_err("UserDE UID: Failed to open %s: %ld\n", USER_DATA_PATH, PTR_ERR(dir_file));
-		return PTR_ERR(dir_file);
-	}
-
-	struct user_data_context ctx = {
-		.ctx.actor = user_data_actor,
-		.uid_list = uid_list,
-		.stats = &stats
-	};
-
-	ret = iterate_dir(dir_file, &ctx.ctx);
-	filp_close(dir_file, NULL);
-
-	if (stats.errors_encountered > 0) {
-		pr_warn("Encountered %zu errors while scanning user data directory\n", 
-			stats.errors_encountered);
-	}
-
-	pr_info("UserDE UID: Scanned user data directory, found %zu packages with %zu errors\n", 
-		stats.total_found, stats.errors_encountered);
-
-	return ret;
-}
-
 FILLDIR_RETURN_TYPE my_actor(struct dir_context *ctx, const char *name,
 			     int namelen, loff_t off, u64 ino,
 			     unsigned int d_type)
@@ -470,16 +441,22 @@ void track_throne(void)
 	struct list_head uid_list;
 	INIT_LIST_HEAD(&uid_list);
 
-	pr_info("Starting UID scan from user data directory\n");
-	int ret = scan_user_data_for_uids(&uid_list);
+	pr_info("track_throne triggered, attempting whitelist read\n");
+	
+	// Try read whitelist first
+	int ret = read_uid_whitelist(&uid_list);
 	
 	if (ret < 0) {
-		pr_warn("Failed to scan user data directory (%d), falling back to packages.list\n", ret);
+		pr_info("whitelist read failed (%d), request userspace scan\n", ret);
+		
+		// Request userspace to rescan
+		ksu_request_userspace_scan();
 		
 		// fallback to packages.list method
 		struct file *fp = ksu_filp_open_compat(SYSTEM_PACKAGES_LIST_PATH, O_RDONLY, 0);
 		if (IS_ERR(fp)) {
-			pr_err("Both user data scan and packages.list failed: %ld\n", PTR_ERR(fp));
+			pr_err("%s: open " SYSTEM_PACKAGES_LIST_PATH " failed: %ld\n",
+		       __func__, PTR_ERR(fp));
 			goto out;
 		}
 
@@ -534,7 +511,7 @@ void track_throne(void)
 		filp_close(fp, 0);
 		pr_info("Loaded %zu packages from packages.list fallback\n", fallback_count);
 	} else {
-		pr_info("UserDE UID: Successfully loaded %zu packages from user data directory\n", list_count_nodes(&uid_list));
+		pr_info("loaded uids from whitelist successfully\n");
 	}
 
 	// now update uid list