kernel: Set the tracepoint flag in a tracepoint manner

2025-11-06 03:57:37 +00:00
parent dece57cacf
commit 9cdf98782d
4 changed files with 41 additions and 13 deletions
--- a/kernel/core_hook.c
+++ b/kernel/core_hook.c
@@ -1,5 +1,5 @@
-#include "linux/compiler.h"
-#include "linux/sched/signal.h"
+#include <linux/compiler.h>
+#include <linux/sched/signal.h>
 #include <linux/slab.h>
 #include <linux/task_work.h>
 #include <linux/thread_info.h>
@@ -42,6 +42,7 @@
 #include "selinux/selinux.h"
 #include "kernel_compat.h"
 #include "supercalls.h"
+#include "sucompat.h"
 #include "sulog.h"

 #ifdef CONFIG_KSU_MANUAL_SU
@@ -261,8 +262,8 @@ void escape_to_root(void)
    ksu_sulog_report_su_grant(current_euid().val, NULL, "escape_to_root");
 #endif

-    for_each_thread(p, t){
-        set_tsk_thread_flag(t, TIF_SYSCALL_TRACEPOINT);
+    for_each_thread (p, t) {
+        ksu_set_task_tracepoint_flag(t);
    }
 }

@@ -380,8 +381,8 @@ void escape_to_root_for_cmd_su(uid_t target_uid, pid_t target_pid)
 #if __SULOG_GATE
    ksu_sulog_report_su_grant(target_uid, "cmd_su", "manual_escalation");
 #endif
-    for_each_thread(p, t){
-        set_tsk_thread_flag(t, TIF_SYSCALL_TRACEPOINT);
+    for_each_thread (p, t) {
+        ksu_set_task_tracepoint_flag(t);
    }
    pr_info("cmd_su: privilege escalation completed for UID: %d, PID: %d\n", target_uid, target_pid);
 }
@@ -558,7 +559,7 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)

    if (new_uid.val == 2000) {
        if (ksu_su_compat_enabled) {
-            set_tsk_thread_flag(current, TIF_SYSCALL_TRACEPOINT);
+            ksu_set_task_tracepoint_flag(current);
        }
    }

@@ -579,7 +580,7 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
        spin_lock_irq(&current->sighand->siglock);
        ksu_seccomp_allow_cache(current->seccomp.filter, __NR_reboot);
        if (ksu_su_compat_enabled) {
-            set_tsk_thread_flag(current, TIF_SYSCALL_TRACEPOINT);
+            ksu_set_task_tracepoint_flag(current);
        }
        spin_unlock_irq(&current->sighand->siglock);
        return 0;
@@ -593,12 +594,12 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
            spin_unlock_irq(&current->sighand->siglock);
        }
        if (ksu_su_compat_enabled) {
-            set_tsk_thread_flag(current, TIF_SYSCALL_TRACEPOINT);
+            ksu_set_task_tracepoint_flag(current);
        }
    } else {
        // Disable syscall tracepoint sucompat for non-allowed processes
        if (ksu_su_compat_enabled) {
-            clear_tsk_thread_flag(current, TIF_SYSCALL_TRACEPOINT);
+            ksu_clear_task_tracepoint_flag(current);
        }
    }