From 9cdf98782d8bdcfca677f056ba22d3aedb3163fb Mon Sep 17 00:00:00 2001
From: weishu <twsxtd@gmail.com>
Date: Thu, 6 Nov 2025 03:57:37 +0000
Subject: [PATCH] kernel: Set the tracepoint flag in a tracepoint manner

---
 kernel/core_hook.c | 21 +++++++++++----------
 kernel/ksud.c      |  2 +-
 kernel/sucompat.c  |  5 +++--
 kernel/sucompat.h  | 26 ++++++++++++++++++++++++++
 4 files changed, 41 insertions(+), 13 deletions(-)
 create mode 100644 kernel/sucompat.h

diff --git a/kernel/core_hook.c b/kernel/core_hook.c
index 5a63e8f0..2bf55f27 100644
--- a/kernel/core_hook.c
+++ b/kernel/core_hook.c
@@ -1,5 +1,5 @@
-#include "linux/compiler.h"
-#include "linux/sched/signal.h"
+#include <linux/compiler.h>
+#include <linux/sched/signal.h>
 #include <linux/slab.h>
 #include <linux/task_work.h>
 #include <linux/thread_info.h>
@@ -42,6 +42,7 @@
 #include "selinux/selinux.h"
 #include "kernel_compat.h"
 #include "supercalls.h"
+#include "sucompat.h"
 #include "sulog.h"
 
 #ifdef CONFIG_KSU_MANUAL_SU
@@ -261,8 +262,8 @@ void escape_to_root(void)
     ksu_sulog_report_su_grant(current_euid().val, NULL, "escape_to_root");
 #endif
 
-    for_each_thread(p, t){
-        set_tsk_thread_flag(t, TIF_SYSCALL_TRACEPOINT);
+    for_each_thread (p, t) {
+        ksu_set_task_tracepoint_flag(t);
     }
 }
 
@@ -380,8 +381,8 @@ void escape_to_root_for_cmd_su(uid_t target_uid, pid_t target_pid)
 #if __SULOG_GATE
     ksu_sulog_report_su_grant(target_uid, "cmd_su", "manual_escalation");
 #endif
-    for_each_thread(p, t){
-        set_tsk_thread_flag(t, TIF_SYSCALL_TRACEPOINT);
+    for_each_thread (p, t) {
+        ksu_set_task_tracepoint_flag(t);
     }
     pr_info("cmd_su: privilege escalation completed for UID: %d, PID: %d\n", target_uid, target_pid);
 }
@@ -558,7 +559,7 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
 
     if (new_uid.val == 2000) {
         if (ksu_su_compat_enabled) {
-            set_tsk_thread_flag(current, TIF_SYSCALL_TRACEPOINT);
+            ksu_set_task_tracepoint_flag(current);
         }
     }
 
@@ -579,7 +580,7 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
         spin_lock_irq(&current->sighand->siglock);
         ksu_seccomp_allow_cache(current->seccomp.filter, __NR_reboot);
         if (ksu_su_compat_enabled) {
-            set_tsk_thread_flag(current, TIF_SYSCALL_TRACEPOINT);
+            ksu_set_task_tracepoint_flag(current);
         }
         spin_unlock_irq(&current->sighand->siglock);
         return 0;
@@ -593,12 +594,12 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
             spin_unlock_irq(&current->sighand->siglock);
         }
         if (ksu_su_compat_enabled) {
-            set_tsk_thread_flag(current, TIF_SYSCALL_TRACEPOINT);
+            ksu_set_task_tracepoint_flag(current);
         }
     } else {
         // Disable syscall tracepoint sucompat for non-allowed processes
         if (ksu_su_compat_enabled) {
-            clear_tsk_thread_flag(current, TIF_SYSCALL_TRACEPOINT);
+            ksu_clear_task_tracepoint_flag(current);
         }
     }
 
diff --git a/kernel/ksud.c b/kernel/ksud.c
index ac6897cd..a8bdd1b3 100644
--- a/kernel/ksud.c
+++ b/kernel/ksud.c
@@ -20,6 +20,7 @@
 #include "ksud.h"
 #include "kernel_compat.h"
 #include "selinux/selinux.h"
+#include "sucompat.h"
 
 
 static const char KERNEL_SU_RC[] =
@@ -74,7 +75,6 @@ void on_post_fs_data(void)
     done = true;
     pr_info("on_post_fs_data!\n");
     ksu_load_allow_list();
-    extern void ksu_mark_running_process(void);
     pr_info("mark tif for running process\n");
     ksu_mark_running_process();
     ksu_observer_init();
diff --git a/kernel/sucompat.c b/kernel/sucompat.c
index 88b03272..e909c07f 100644
--- a/kernel/sucompat.c
+++ b/kernel/sucompat.c
@@ -23,6 +23,7 @@
 #include "klog.h" // IWYU pragma: keep
 #include "ksud.h"
 #include "kernel_compat.h"
+#include "sucompat.h"
 #include "sulog.h"
 
 #define SU_PATH "/system/bin/su"
@@ -402,7 +403,7 @@ void ksu_mark_running_process()
         bool ksu_root_process =
             uid == 0 && is_task_ksu_domain(get_task_cred(t));
         if (ksu_root_process || ksu_is_allow_uid(uid)) {
-            set_tsk_thread_flag(t, TIF_SYSCALL_TRACEPOINT);
+            ksu_set_task_tracepoint_flag(t);
             pr_info("sucompat: mark process: pid:%d, uid: %d, comm:%s\n",
                     t->pid, uid, t->comm);
         }
@@ -415,7 +416,7 @@ static void unmark_all_process()
     struct task_struct *p, *t;
     read_lock(&tasklist_lock);
     for_each_process_thread (p, t) {
-        clear_tsk_thread_flag(t, TIF_SYSCALL_TRACEPOINT);
+        ksu_clear_task_tracepoint_flag(t);
     }
     read_unlock(&tasklist_lock);
     pr_info("sucompat: unmark all user process done!\n");
diff --git a/kernel/sucompat.h b/kernel/sucompat.h
new file mode 100644
index 00000000..98e70b47
--- /dev/null
+++ b/kernel/sucompat.h
@@ -0,0 +1,26 @@
+#ifndef __KSU_H_SUCOMPAT
+#define __KSU_H_SUCOMPAT
+#include <linux/sched.h>
+#include <linux/thread_info.h>
+#include <linux/version.h>
+
+void ksu_mark_running_process(void);
+
+static inline void ksu_set_task_tracepoint_flag(struct task_struct *t)
+{
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 11, 0)
+    set_task_syscall_work(t, SYSCALL_TRACEPOINT);
+#else
+    set_tsk_thread_flag(t, TIF_SYSCALL_TRACEPOINT);
+#endif
+}
+
+static inline void ksu_clear_task_tracepoint_flag(struct task_struct *t)
+{
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 11, 0)
+    clear_task_syscall_work(t, SYSCALL_TRACEPOINT);
+#else
+    clear_tsk_thread_flag(t, TIF_SYSCALL_TRACEPOINT);
+#endif
+}
+#endif
\ No newline at end of file