android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Deprecated ADD_TRY_UMOUNT in favor of official kernel_umount; Synced with the latest commit of official KernelSU main repo

Browse Source 
- Since official KSU has exposed kernel_umount API and provided meta module for handling mount operations, susfs can finally handover try_umount and auto add_try_umount to KSU and its meta module

- Synced with upstream, see e1e58ed737

Co-authored-by: simonpunk <simonpunk2016@gmail.com>
This commit is contained in:
ShirkNeko
2025-11-23 23:21:26 +08:00
parent 659a6a7e00
commit 85bb10341a
7 changed files with 17 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
kernel/Kconfig
View File

@@ -93,14 +93,6 @@ config KSU_SUSFS_SUS_KSTAT
- Allow spoofing the kstat of user-defined file/directory. - Allow spoofing the kstat of user-defined file/directory.
- Effective only on zygote spawned user app process. - Effective only on zygote spawned user app process.
config KSU_SUSFS_TRY_UMOUNT
bool "Enable to use ksu's try_umount"
depends on KSU_SUSFS
default y
help
- Allow using try_umount to umount other user-defined mount paths prior to ksu's default umount paths.
- Effective only on zygote spawned umounted user app process.
config KSU_SUSFS_SPOOF_UNAME config KSU_SUSFS_SPOOF_UNAME
bool "Enable to spoof uname" bool "Enable to spoof uname"
depends on KSU_SUSFS depends on KSU_SUSFS

2
kernel/allowlist.h
View File

@@ -39,6 +39,7 @@ bool ksu_set_app_profile(struct app_profile *, bool persist);
bool ksu_uid_should_umount(uid_t uid); bool ksu_uid_should_umount(uid_t uid);
struct root_profile *ksu_get_root_profile(uid_t uid); struct root_profile *ksu_get_root_profile(uid_t uid);
#ifndef CONFIG_KSU_SUSFS
static inline bool is_appuid(uid_t uid) static inline bool is_appuid(uid_t uid)
{ {
uid_t appid = uid % PER_USER_RANGE; uid_t appid = uid % PER_USER_RANGE;
@@ -50,6 +51,7 @@ static inline bool is_isolated_process(uid_t uid)
uid_t appid = uid % PER_USER_RANGE; uid_t appid = uid % PER_USER_RANGE;
return appid >= FIRST_ISOLATED_UID && appid <= LAST_ISOLATED_UID; return appid >= FIRST_ISOLATED_UID && appid <= LAST_ISOLATED_UID;
} }
#endif // #ifndef CONFIG_KSU_SUSFS
#ifdef CONFIG_KSU_MANUAL_SU #ifdef CONFIG_KSU_MANUAL_SU
bool ksu_temp_grant_root_once(uid_t uid); bool ksu_temp_grant_root_once(uid_t uid);

20
kernel/kernel_umount.c
View File

@@ -27,11 +27,7 @@
#include "sulog.h" #include "sulog.h"
#ifndef CONFIG_KSU_SUSFS
static bool ksu_kernel_umount_enabled = true; static bool ksu_kernel_umount_enabled = true;
#else
bool ksu_kernel_umount_enabled = true;
#endif
static int kernel_umount_feature_get(u64 *value) static int kernel_umount_feature_get(u64 *value)
{ {
@@ -93,11 +89,7 @@ static void ksu_sys_umount(const char *mnt, int flags)
#endif #endif
#ifndef CONFIG_KSU_SUSFS_TRY_UMOUNT
static void try_umount(const char *mnt, int flags) static void try_umount(const char *mnt, int flags)
#else
void try_umount(const char *mnt, int flags)
#endif // #ifndef CONFIG_KSU_SUSFS_TRY_UMOUNT
{ {
struct path path; struct path path;
int err = kern_path(mnt, 0, &path); int err = kern_path(mnt, 0, &path);
@@ -115,7 +107,6 @@ void try_umount(const char *mnt, int flags)
} }
#if !defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
struct umount_tw { struct umount_tw {
struct callback_head cb; struct callback_head cb;
const struct cred *old_cred; const struct cred *old_cred;
@@ -150,7 +141,6 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
{ {
struct umount_tw *tw; struct umount_tw *tw;
#if defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
// if there isn't any module mounted, just ignore it! // if there isn't any module mounted, just ignore it!
if (!ksu_module_mounted) { if (!ksu_module_mounted) {
return 0; return 0;
@@ -160,6 +150,7 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
return 0; return 0;
} }
#ifndef CONFIG_KSU_SUSFS
// There are 5 scenarios: // There are 5 scenarios:
// 1. Normal app: zygote -> appuid // 1. Normal app: zygote -> appuid
// 2. Isolated process forked from zygote: zygote -> isolated_process // 2. Isolated process forked from zygote: zygote -> isolated_process
@@ -183,12 +174,14 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
pr_info("handle umount ignore non zygote child: %d\n", current->pid); pr_info("handle umount ignore non zygote child: %d\n", current->pid);
return 0; return 0;
} }
#endif // #ifndef CONFIG_KSU_SUSFS
// umount the target mnt
pr_info("handle umount for uid: %d, pid: %d\n", new_uid, current->pid);
#if __SULOG_GATE #if __SULOG_GATE
ksu_sulog_report_syscall(new_uid, NULL, "setuid", NULL); ksu_sulog_report_syscall(new_uid, NULL, "setuid", NULL);
#endif #endif
#endif // #if defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
// umount the target mnt
pr_info("handle umount for uid: %d, pid: %d\n", new_uid, current->pid);
tw = kzalloc(sizeof(*tw), GFP_ATOMIC); tw = kzalloc(sizeof(*tw), GFP_ATOMIC);
if (!tw) if (!tw)
@@ -208,7 +201,6 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
return 0; return 0;
} }
#endif // #if !defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
void ksu_kernel_umount_init(void) void ksu_kernel_umount_init(void)
{ {

2
kernel/kernel_umount.h
View File

@@ -8,10 +8,8 @@
void ksu_kernel_umount_init(void); void ksu_kernel_umount_init(void);
void ksu_kernel_umount_exit(void); void ksu_kernel_umount_exit(void);
#if !defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
// Handler function to be called from setresuid hook // Handler function to be called from setresuid hook
int ksu_handle_umount(uid_t old_uid, uid_t new_uid); int ksu_handle_umount(uid_t old_uid, uid_t new_uid);
#endif // #if !defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
// for the umount list // for the umount list
struct mount_entry { struct mount_entry {

2
kernel/selinux/rules.c
View File

@@ -141,7 +141,7 @@ void apply_kernelsu_rules(void)
#ifdef CONFIG_KSU_SUSFS #ifdef CONFIG_KSU_SUSFS
// Allow umount in zygote process without installing zygisk // Allow umount in zygote process without installing zygisk
ksu_allow(db, "zygote", "labeledfs", "filesystem", "unmount"); // ksu_allow(db, "zygote", "labeledfs", "filesystem", "unmount");
susfs_set_priv_app_sid(); susfs_set_priv_app_sid();
susfs_set_init_sid(); susfs_set_init_sid();
susfs_set_ksu_sid(); susfs_set_ksu_sid();

13
kernel/setuid_hook.c
View File

@@ -68,9 +68,6 @@ extern void susfs_run_sus_path_loop(uid_t uid);
extern bool susfs_is_umount_for_zygote_iso_service_enabled; extern bool susfs_is_umount_for_zygote_iso_service_enabled;
extern void susfs_reorder_mnt_id(void); extern void susfs_reorder_mnt_id(void);
#endif // #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT #endif // #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT
extern void susfs_try_umount(uid_t uid);
#endif
#endif // #ifdef CONFIG_KSU_SUSFS #endif // #ifdef CONFIG_KSU_SUSFS
static bool ksu_enhanced_security_enabled = false; static bool ksu_enhanced_security_enabled = false;
@@ -297,19 +294,9 @@ int ksu_handle_setresuid(uid_t ruid, uid_t euid, uid_t suid){
return 0; return 0;
do_umount: do_umount:
#ifndef CONFIG_KSU_SUSFS_TRY_UMOUNT
if (!ksu_kernel_umount_enabled || !ksu_module_mounted) {
goto skip_ksu_handle_umount;
}
// Handle kernel umount // Handle kernel umount
ksu_handle_umount(old_uid, new_uid); ksu_handle_umount(old_uid, new_uid);
skip_ksu_handle_umount:
#else
susfs_try_umount(new_uid);
#endif // #ifndef CONFIG_KSU_SUSFS_TRY_UMOUNT
get_task_struct(current); get_task_struct(current);
#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT

17
kernel/supercalls.c
View File

@@ -470,7 +470,8 @@ static int do_manage_mark(void __user *arg)
cmd.result = (u32)ret; cmd.result = (u32)ret;
break; break;
#else #else
return -EINVAL; cmd.result = 0;
break;
#endif #endif
} }
case KSU_MARK_MARK: { case KSU_MARK_MARK: {
@@ -486,7 +487,9 @@ static int do_manage_mark(void __user *arg)
} }
} }
#else #else
pr_info("susfs: cmd: KSU_MARK_MARK => do nothing\n"); if (cmd.pid != 0) {
return 0;
}
#endif #endif
break; break;
} }
@@ -503,7 +506,9 @@ static int do_manage_mark(void __user *arg)
} }
} }
#else #else
pr_info("susfs: cmd: KSU_MARK_UNMARK => do nothing\n"); if (cmd.pid != 0) {
return 0;
}
#endif #endif
break; break;
} }
@@ -1024,12 +1029,6 @@ int ksu_handle_sys_reboot(int magic1, int magic2, unsigned int cmd, void __user
return 0; return 0;
} }
#endif //#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT #endif //#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT
if (cmd == CMD_SUSFS_ADD_TRY_UMOUNT) {
susfs_add_try_umount(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT
#ifdef CONFIG_KSU_SUSFS_SPOOF_UNAME #ifdef CONFIG_KSU_SUSFS_SPOOF_UNAME
if (cmd == CMD_SUSFS_SET_UNAME) { if (cmd == CMD_SUSFS_SET_UNAME) {
susfs_set_uname(arg); susfs_set_uname(arg);