kernel: nuke creds wrapper

* Little bit complicated, so let's remove it.

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>

kernel/Makefile

@@ -19,7 +19,6 @@ kernelsu-objs += selinux/rules.o
 
 ccflags-y += -I$(srctree)/security/selinux -I$(srctree)/security/selinux/include
 ccflags-y += -I$(objtree)/security/selinux -include $(srctree)/include/uapi/asm-generic/errno.h
-ccflags-y += -include $(srctree)/$(src)/include/ksu_creds.h
 
 obj-$(CONFIG_KSU) += kernelsu.o
 obj-$(CONFIG_KSU_TRACEPOINT_HOOK) += ksu_trace_export.o

kernel/core_hook.c

@@ -70,7 +70,7 @@ static inline bool is_allow_su()
 		// we are manager, allow!
 		return true;
 	}
-	return ksu_is_allow_uid(ksu_current_uid());
+	return ksu_is_allow_uid(current_uid().val);
 }
 
 static inline bool is_unsupported_uid(uid_t uid)
@@ -162,26 +162,24 @@ void escape_to_root(void)
 		return;
 	}
 
-	if (ksu_cred_euid(newcreds) == 0) {
+	if (newcreds->euid.val == 0) {
 		pr_warn("Already root, don't escape!\n");
 		abort_creds(newcreds);
 		return;
 	}
 
 	struct root_profile *profile =
-		ksu_get_root_profile(ksu_cred_uid(newcreds));
+		ksu_get_root_profile(newcreds->uid.val);
 
-	ksu_cred_uid(newcreds) = profile->uid;
+	newcreds->uid.val = profile->uid;
-	ksu_cred_suid(newcreds) = profile->uid;
+	newcreds->suid.val = profile->uid;
-	ksu_cred_euid(newcreds) = profile->uid;
+	newcreds->euid.val = profile->uid;
-	ksu_cred_fsuid(newcreds) = profile->uid;
+	newcreds->fsuid.val = profile->uid;
 
-	ksu_cred_gid(newcreds) = profile->gid;
+	newcreds->gid.val = profile->gid;
-	ksu_cred_fsgid(newcreds) = profile->gid;
+	newcreds->fsgid.val = profile->gid;
-	ksu_cred_sgid(newcreds) = profile->gid;
+	newcreds->sgid.val = profile->gid;
-	ksu_cred_egid(newcreds) = profile->gid;
+	newcreds->egid.val = profile->gid;
-
-	// no wrapper, ignore it.
 	newcreds->securebits = 0;
 
 	BUILD_BUG_ON(sizeof(profile->capabilities.effective) !=
@@ -205,6 +203,7 @@ void escape_to_root(void)
 	spin_lock_irq(&current->sighand->siglock);
 	disable_seccomp(current);
 	spin_unlock_irq(&current->sighand->siglock);
+
 	setup_selinux(profile->selinux_domain);
 }
 
@@ -215,7 +214,7 @@ int ksu_handle_rename(struct dentry *old_dentry, struct dentry *new_dentry)
 		return 0;
 	}
 
-	if (ksu_current_uid() != 1000) {
+	if (current_uid().val != 1000) {
 		// skip non system uid
 		return 0;
 	}
@@ -286,14 +285,14 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 	}
 
 	// TODO: find it in throne tracker!
-	uid_t current_uid_val = ksu_current_uid();
+	uid_t current_uid_val = current_uid().val;
 	uid_t manager_uid = ksu_get_manager_uid();
 	if (current_uid_val != manager_uid &&
 	    current_uid_val % 100000 == manager_uid) {
 		ksu_set_manager_uid(current_uid_val);
 	}
 
-	bool from_root = 0 == ksu_current_uid();
+	bool from_root = 0 == current_uid().val;
 	bool from_manager = is_manager();
 
 	if (!from_root && !from_manager) {
@@ -317,7 +316,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 
 	if (arg2 == CMD_GRANT_ROOT) {
 		if (is_allow_su()) {
-			pr_info("allow root for: %d\n", ksu_current_uid());
+			pr_info("allow root for: %d\n", current_uid().val);
 			escape_to_root();
 			if (copy_to_user(result, &reply_ok, sizeof(reply_ok))) {
 				pr_err("grant_root: prctl reply error\n");
@@ -657,7 +656,7 @@ static bool should_umount(struct path *path)
 
 	if (current->nsproxy->mnt_ns == init_nsproxy.mnt_ns) {
 		pr_info("ignore global mnt namespace process: %d\n",
-			ksu_current_uid());
+			current_uid().val);
 		return false;
 	}
 

kernel/include/ksu_creds.h

@@ -1,39 +0,0 @@
-/*
- * KernelSU creds wrapper
- *
- * Provide a wrapper for a few credentials use (e.g current_uid().val),
- * so it would be easier to maintain
- * some older linux versions.
- */
-
-#ifndef __KSU_H_CREDS
-#define __KSU_H_CREDS
-
-#include <linux/cred.h>
-#include <linux/version.h>
-
-#if (LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) && \
-     defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)) ||    \
-	LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
-#define ksu_cred_uid(x) ((x)->uid.val)
-#define ksu_cred_suid(x) ((x)->suid.val)
-#define ksu_cred_euid(x) ((x)->euid.val)
-#define ksu_cred_fsuid(x) ((x)->fsuid.val)
-#define ksu_cred_gid(x) ((x)->gid.val)
-#define ksu_cred_fsgid(x) ((x)->fsgid.val)
-#define ksu_cred_sgid(x) ((x)->sgid.val)
-#define ksu_cred_egid(x) ((x)->egid.val)
-#define ksu_current_uid() (current_uid().val)
-#else
-#define ksu_cred_uid(x) ((x)->uid)
-#define ksu_cred_suid(x) ((x)->suid)
-#define ksu_cred_euid(x) ((x)->euid)
-#define ksu_cred_fsuid(x) ((x)->fsuid)
-#define ksu_cred_gid(x) ((x)->gid)
-#define ksu_cred_fsgid(x) ((x)->fsgid)
-#define ksu_cred_sgid(x) ((x)->sgid)
-#define ksu_cred_egid(x) ((x)->egid)
-#define ksu_current_uid() (current_uid())
-#endif
-
-#endif

kernel/manager.h

@@ -21,8 +21,8 @@ static inline bool ksu_is_manager_uid_valid()
 
 static inline bool is_manager()
 {
-	return unlikely(ksu_is_any_manager(ksu_current_uid()) ||
+	return unlikely(ksu_is_any_manager(current_uid()) ||
-			ksu_manager_uid == ksu_current_uid());
+			ksu_manager_uid == current_uid());
 }
 
 static inline uid_t ksu_get_manager_uid()

kernel/sucompat.c

@@ -59,7 +59,7 @@ static inline bool __is_su_allowed(const void *ptr_to_check)
 	if (!ksu_sucompat_hook_state)
 		return false;
 #endif
-	if (likely(!ksu_is_allow_uid(ksu_current_uid())))
+	if (likely(!ksu_is_allow_uid(current_uid().val)))
 		return false;
 
 	if (unlikely(!ptr_to_check))
@@ -150,7 +150,7 @@ static int ksu_inline_handle_devpts(struct inode *inode)
 		return 0;
 	}
 
-	uid_t uid = ksu_current_uid();
+	uid_t uid = current_uid().val;
 	if (uid % 100000 < 10000) {
 		// not untrusted_app, ignore it
 		return 0;