android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Revert "kernel: Handle unmount for isolated process correctly"

Browse Source 
This reverts commit e0da36d9a9.
This commit is contained in:
ShirkNeko
2025-09-25 16:16:39 +08:00
parent a81380c735
commit 45837f6126
1 changed files with 16 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
kernel/core_hook.c
View File

@@ -149,7 +149,7 @@ static inline bool is_allow_su(void)
return ksu_is_allow_uid(current_uid().val); return ksu_is_allow_uid(current_uid().val);
} }
static inline bool is_unsupported_app_uid(uid_t uid) static inline bool is_unsupported_uid(uid_t uid)
{ {
#define LAST_APPLICATION_UID 19999 #define LAST_APPLICATION_UID 19999
uid_t appid = uid % 100000; uid_t appid = uid % 100000;
@@ -1126,13 +1126,14 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
return 0; return 0;
} }
static bool is_non_appuid(kuid_t uid) static bool is_appuid(kuid_t uid)
{ {
#define PER_USER_RANGE 100000 #define PER_USER_RANGE 100000
#define FIRST_APPLICATION_UID 10000 #define FIRST_APPLICATION_UID 10000
#define LAST_APPLICATION_UID 19999
uid_t appid = uid.val % PER_USER_RANGE; uid_t appid = uid.val % PER_USER_RANGE;
return appid < FIRST_APPLICATION_UID; return appid >= FIRST_APPLICATION_UID && appid <= LAST_APPLICATION_UID;
} }
static bool should_umount(struct path *path) static bool should_umount(struct path *path)
@@ -1327,19 +1328,14 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
} }
#endif // #ifdef CONFIG_KSU_SUSFS #endif // #ifdef CONFIG_KSU_SUSFS
if (is_non_appuid(new_uid)) { if (!is_appuid(new_uid) || is_unsupported_uid(new_uid.val)) {
#ifdef CONFIG_KSU_DEBUG // pr_info("handle setuid ignore non application or isolated uid: %d\n", new_uid.val);
pr_info("handle setuid ignore non application uid: %d\n", new_uid.val);
#endif
return 0; return 0;
} }
// isolated process may be directly forked from zygote, always unmount if (ksu_is_allow_uid(new_uid.val)) {
if (is_unsupported_app_uid(new_uid.val)) { // pr_info("handle setuid ignore allowed application: %d\n", new_uid.val);
#ifdef CONFIG_KSU_DEBUG return 0;
pr_info("handle umount for unsupported application uid: %d\n", new_uid.val);
#endif
goto do_umount;
} }
if (ksu_is_allow_uid(new_uid.val)) { if (ksu_is_allow_uid(new_uid.val)) {
@@ -1372,11 +1368,13 @@ out_try_umount:
pr_info("uid: %d should not umount!\n", current_uid().val); pr_info("uid: %d should not umount!\n", current_uid().val);
#endif #endif
} }
do_umount: #ifndef CONFIG_KSU_SUSFS
// check old process's selinux context, if it is not zygote, ignore it! // check old process's selinux context, if it is not zygote, ignore it!
// because some su apps may setuid to untrusted_app but they are in global mount namespace // because some su apps may setuid to untrusted_app but they are in global mount namespace
// when we umount for such process, that is a disaster! // when we umount for such process, that is a disaster!
if (!is_zygote(old->security)) { bool is_zygote_child = ksu_is_zygote(old->security);
#endif
if (!is_zygote_child) {
pr_info("handle umount ignore non zygote child: %d\n", pr_info("handle umount ignore non zygote child: %d\n",
current->pid); current->pid);
return 0; return 0;