From 4fc369a059ba04951e34a7d34812888743925712 Mon Sep 17 00:00:00 2001 From: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com> Date: Sat, 8 Nov 2025 19:18:20 +0800 Subject: [PATCH] kernel: remove workqueue for allowlist Co-authored-by: weishu --- kernel/allowlist.c | 29 +++++------------------------ kernel/allowlist.h | 2 +- kernel/ksud.c | 20 +++++++++++++++++++- 3 files changed, 25 insertions(+), 26 deletions(-) diff --git a/kernel/allowlist.c b/kernel/allowlist.c index bd32bac2..1b94b05e 100644 --- a/kernel/allowlist.c +++ b/kernel/allowlist.c @@ -92,11 +92,6 @@ static uint8_t allow_list_bitmap[PAGE_SIZE] __read_mostly __aligned(PAGE_SIZE); #define KERNEL_SU_ALLOWLIST "/data/adb/ksu/.allowlist" -static struct work_struct ksu_save_work; -static struct work_struct ksu_load_work; - -bool persistent_allow_list(void); - void ksu_show_allow_list(void) { struct perm_data *p = NULL; @@ -355,7 +350,7 @@ bool ksu_get_allow_list(int *array, int *length, bool allow) return true; } -void do_save_allow_list(struct work_struct *work) +void persistent_allow_list() { u32 magic = FILE_MAGIC; u32 version = FILE_FORMAT_VERSION; @@ -364,7 +359,7 @@ void do_save_allow_list(struct work_struct *work) loff_t off = 0; struct file *fp = - ksu_filp_open_compat(KERNEL_SU_ALLOWLIST, O_WRONLY | O_CREAT | O_TRUNC, 0644); + filp_open(KERNEL_SU_ALLOWLIST, O_WRONLY | O_CREAT | O_TRUNC, 0644); if (IS_ERR(fp)) { pr_err("save_allow_list create file failed: %ld\n", PTR_ERR(fp)); return; @@ -397,7 +392,7 @@ exit: filp_close(fp, 0); } -void do_load_allow_list(struct work_struct *work) +void ksu_load_allow_list() { loff_t off = 0; ssize_t ret = 0; @@ -411,7 +406,7 @@ void do_load_allow_list(struct work_struct *work) #endif // load allowlist now! - fp = ksu_filp_open_compat(KERNEL_SU_ALLOWLIST, O_RDONLY, 0); + fp = filp_open(KERNEL_SU_ALLOWLIST, O_RDONLY, 0); if (IS_ERR(fp)) { pr_err("load_allow_list open file failed: %ld\n", PTR_ERR(fp)); return; @@ -486,17 +481,6 @@ void ksu_prune_allowlist(bool (*is_uid_valid)(uid_t, char *, void *), void *data } } -// make sure allow list works cross boot -bool persistent_allow_list(void) -{ - return ksu_queue_work(&ksu_save_work); -} - -bool ksu_load_allow_list(void) -{ - return ksu_queue_work(&ksu_load_work); -} - void ksu_allowlist_init(void) { int i; @@ -509,9 +493,6 @@ void ksu_allowlist_init(void) INIT_LIST_HEAD(&allow_list); - INIT_WORK(&ksu_save_work, do_save_allow_list); - INIT_WORK(&ksu_load_work, do_load_allow_list); - init_default_profiles(); } @@ -520,7 +501,7 @@ void ksu_allowlist_exit(void) struct perm_data *np = NULL; struct perm_data *n = NULL; - do_save_allow_list(NULL); + persistent_allow_list(); // free allowlist mutex_lock(&allowlist_mutex); diff --git a/kernel/allowlist.h b/kernel/allowlist.h index 35392747..3494d920 100644 --- a/kernel/allowlist.h +++ b/kernel/allowlist.h @@ -8,7 +8,7 @@ void ksu_allowlist_init(void); void ksu_allowlist_exit(void); -bool ksu_load_allow_list(void); +void ksu_load_allow_list(void); void ksu_show_allow_list(void); diff --git a/kernel/ksud.c b/kernel/ksud.c index affdffc4..ef67460a 100644 --- a/kernel/ksud.c +++ b/kernel/ksud.c @@ -1,3 +1,6 @@ +#include +#include +#include #include "manager.h" #include #include @@ -88,6 +91,13 @@ void on_post_fs_data(void) pr_info("ksu_file sid: %d\n", ksu_file_sid); } +static void on_post_fs_data_cbfun(struct callback_head *cb) +{ + on_post_fs_data(); +} + +static struct callback_head on_post_fs_data_cb = { .func = on_post_fs_data_cbfun }; + // since _ksud handler only uses argv and envp for comparisons // this can probably work // adapted from ksu_handle_execveat_ksud @@ -178,7 +188,15 @@ first_app_process: if (first_app_process && !memcmp(filename, app_process, sizeof(app_process) - 1)) { first_app_process = false; pr_info("%s: exec app_process, /data prepared, second_stage: %d\n", __func__, init_second_stage_executed); - on_post_fs_data(); + + struct task_struct *init_task; + rcu_read_lock(); + init_task = rcu_dereference(current->parent); + if (init_task) { + task_work_add(init_task, &on_post_fs_data_cb, TWA_RESUME); + } + rcu_read_unlock(); + stop_execve_hook(); }