Deprecated ADD_TRY_UMOUNT in favor of official kernel_umount; Synced with the latest commit of official KernelSU main repo
- Since official KSU has exposed kernel_umount API and provided meta module for handling mount operations, susfs can finally handover try_umount and auto add_try_umount to KSU and its meta module
- Synced with upstream, see e1e58ed737
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
This commit is contained in:
ShirkNeko
@@ -93,14 +93,6 @@ config KSU_SUSFS_SUS_KSTAT
|
||||
- Allow spoofing the kstat of user-defined file/directory.
|
||||
- Effective only on zygote spawned user app process.
|
||||
|
||||
config KSU_SUSFS_TRY_UMOUNT
|
||||
bool "Enable to use ksu's try_umount"
|
||||
depends on KSU_SUSFS
|
||||
default y
|
||||
help
|
||||
- Allow using try_umount to umount other user-defined mount paths prior to ksu's default umount paths.
|
||||
- Effective only on zygote spawned umounted user app process.
|
||||
|
||||
config KSU_SUSFS_SPOOF_UNAME
|
||||
bool "Enable to spoof uname"
|
||||
depends on KSU_SUSFS
|
||||
|
||||
@@ -39,6 +39,7 @@ bool ksu_set_app_profile(struct app_profile *, bool persist);
|
||||
bool ksu_uid_should_umount(uid_t uid);
|
||||
struct root_profile *ksu_get_root_profile(uid_t uid);
|
||||
|
||||
#ifndef CONFIG_KSU_SUSFS
|
||||
static inline bool is_appuid(uid_t uid)
|
||||
{
|
||||
uid_t appid = uid % PER_USER_RANGE;
|
||||
@@ -50,6 +51,7 @@ static inline bool is_isolated_process(uid_t uid)
|
||||
uid_t appid = uid % PER_USER_RANGE;
|
||||
return appid >= FIRST_ISOLATED_UID && appid <= LAST_ISOLATED_UID;
|
||||
}
|
||||
#endif // #ifndef CONFIG_KSU_SUSFS
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
bool ksu_temp_grant_root_once(uid_t uid);
|
||||
|
||||
@@ -27,11 +27,7 @@
|
||||
|
||||
#include "sulog.h"
|
||||
|
||||
#ifndef CONFIG_KSU_SUSFS
|
||||
static bool ksu_kernel_umount_enabled = true;
|
||||
#else
|
||||
bool ksu_kernel_umount_enabled = true;
|
||||
#endif
|
||||
|
||||
static int kernel_umount_feature_get(u64 *value)
|
||||
{
|
||||
@@ -93,11 +89,7 @@ static void ksu_sys_umount(const char *mnt, int flags)
|
||||
|
||||
#endif
|
||||
|
||||
#ifndef CONFIG_KSU_SUSFS_TRY_UMOUNT
|
||||
static void try_umount(const char *mnt, int flags)
|
||||
#else
|
||||
void try_umount(const char *mnt, int flags)
|
||||
#endif // #ifndef CONFIG_KSU_SUSFS_TRY_UMOUNT
|
||||
{
|
||||
struct path path;
|
||||
int err = kern_path(mnt, 0, &path);
|
||||
@@ -115,7 +107,6 @@ void try_umount(const char *mnt, int flags)
|
||||
}
|
||||
|
||||
|
||||
#if !defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
|
||||
struct umount_tw {
|
||||
struct callback_head cb;
|
||||
const struct cred *old_cred;
|
||||
@@ -150,7 +141,6 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
|
||||
{
|
||||
struct umount_tw *tw;
|
||||
|
||||
#if defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
|
||||
// if there isn't any module mounted, just ignore it!
|
||||
if (!ksu_module_mounted) {
|
||||
return 0;
|
||||
@@ -160,6 +150,7 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
|
||||
return 0;
|
||||
}
|
||||
|
||||
#ifndef CONFIG_KSU_SUSFS
|
||||
// There are 5 scenarios:
|
||||
// 1. Normal app: zygote -> appuid
|
||||
// 2. Isolated process forked from zygote: zygote -> isolated_process
|
||||
@@ -183,12 +174,14 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
|
||||
pr_info("handle umount ignore non zygote child: %d\n", current->pid);
|
||||
return 0;
|
||||
}
|
||||
#endif // #ifndef CONFIG_KSU_SUSFS
|
||||
|
||||
// umount the target mnt
|
||||
pr_info("handle umount for uid: %d, pid: %d\n", new_uid, current->pid);
|
||||
|
||||
#if __SULOG_GATE
|
||||
ksu_sulog_report_syscall(new_uid, NULL, "setuid", NULL);
|
||||
#endif
|
||||
#endif // #if defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
|
||||
// umount the target mnt
|
||||
pr_info("handle umount for uid: %d, pid: %d\n", new_uid, current->pid);
|
||||
|
||||
tw = kzalloc(sizeof(*tw), GFP_ATOMIC);
|
||||
if (!tw)
|
||||
@@ -208,7 +201,6 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif // #if !defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
|
||||
|
||||
void ksu_kernel_umount_init(void)
|
||||
{
|
||||
|
||||
@@ -8,10 +8,8 @@
|
||||
void ksu_kernel_umount_init(void);
|
||||
void ksu_kernel_umount_exit(void);
|
||||
|
||||
#if !defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
|
||||
// Handler function to be called from setresuid hook
|
||||
int ksu_handle_umount(uid_t old_uid, uid_t new_uid);
|
||||
#endif // #if !defined(CONFIG_KSU_SUSFS) || !defined(CONFIG_KSU_SUSFS_TRY_UMOUNT)
|
||||
|
||||
// for the umount list
|
||||
struct mount_entry {
|
||||
|
||||
@@ -141,7 +141,7 @@ void apply_kernelsu_rules(void)
|
||||
|
||||
#ifdef CONFIG_KSU_SUSFS
|
||||
// Allow umount in zygote process without installing zygisk
|
||||
ksu_allow(db, "zygote", "labeledfs", "filesystem", "unmount");
|
||||
// ksu_allow(db, "zygote", "labeledfs", "filesystem", "unmount");
|
||||
susfs_set_priv_app_sid();
|
||||
susfs_set_init_sid();
|
||||
susfs_set_ksu_sid();
|
||||
|
||||
@@ -68,9 +68,6 @@ extern void susfs_run_sus_path_loop(uid_t uid);
|
||||
extern bool susfs_is_umount_for_zygote_iso_service_enabled;
|
||||
extern void susfs_reorder_mnt_id(void);
|
||||
#endif // #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
|
||||
#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT
|
||||
extern void susfs_try_umount(uid_t uid);
|
||||
#endif
|
||||
#endif // #ifdef CONFIG_KSU_SUSFS
|
||||
|
||||
static bool ksu_enhanced_security_enabled = false;
|
||||
@@ -297,19 +294,9 @@ int ksu_handle_setresuid(uid_t ruid, uid_t euid, uid_t suid){
|
||||
return 0;
|
||||
|
||||
do_umount:
|
||||
#ifndef CONFIG_KSU_SUSFS_TRY_UMOUNT
|
||||
if (!ksu_kernel_umount_enabled || !ksu_module_mounted) {
|
||||
goto skip_ksu_handle_umount;
|
||||
|
||||
}
|
||||
// Handle kernel umount
|
||||
ksu_handle_umount(old_uid, new_uid);
|
||||
|
||||
skip_ksu_handle_umount:
|
||||
#else
|
||||
susfs_try_umount(new_uid);
|
||||
#endif // #ifndef CONFIG_KSU_SUSFS_TRY_UMOUNT
|
||||
|
||||
get_task_struct(current);
|
||||
|
||||
#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
|
||||
|
||||
@@ -470,7 +470,8 @@ static int do_manage_mark(void __user *arg)
|
||||
cmd.result = (u32)ret;
|
||||
break;
|
||||
#else
|
||||
return -EINVAL;
|
||||
cmd.result = 0;
|
||||
break;
|
||||
#endif
|
||||
}
|
||||
case KSU_MARK_MARK: {
|
||||
@@ -486,7 +487,9 @@ static int do_manage_mark(void __user *arg)
|
||||
}
|
||||
}
|
||||
#else
|
||||
pr_info("susfs: cmd: KSU_MARK_MARK => do nothing\n");
|
||||
if (cmd.pid != 0) {
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
@@ -503,7 +506,9 @@ static int do_manage_mark(void __user *arg)
|
||||
}
|
||||
}
|
||||
#else
|
||||
pr_info("susfs: cmd: KSU_MARK_UNMARK => do nothing\n");
|
||||
if (cmd.pid != 0) {
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
@@ -1024,12 +1029,6 @@ int ksu_handle_sys_reboot(int magic1, int magic2, unsigned int cmd, void __user
|
||||
return 0;
|
||||
}
|
||||
#endif //#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
|
||||
#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT
|
||||
if (cmd == CMD_SUSFS_ADD_TRY_UMOUNT) {
|
||||
susfs_add_try_umount(arg);
|
||||
return 0;
|
||||
}
|
||||
#endif //#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT
|
||||
#ifdef CONFIG_KSU_SUSFS_SPOOF_UNAME
|
||||
if (cmd == CMD_SUSFS_SET_UNAME) {
|
||||
susfs_set_uname(arg);
|
||||
|
||||
Reference in New Issue
Block a user