From a1c4ed08ab23540e5960a18980a5eab36a83ed93 Mon Sep 17 00:00:00 2001
From: Jiu <99115192+JiuGeFaCai@users.noreply.github.com>
Date: Wed, 26 Nov 2025 20:33:04 +0800
Subject: [PATCH] Susfs main (#627)

* Update rules.c

* Update selinux.c

* Rename susfs_set_kernel_sid to susfs_set_priv_app_sid

* Update UID range for zygote isolated services

* Update supercalls.c
---
 kernel/setuid_hook.c | 7 +++----
 kernel/supercalls.c  | 4 ----
 2 files changed, 3 insertions(+), 8 deletions(-)

diff --git a/kernel/setuid_hook.c b/kernel/setuid_hook.c
index 85e62caf..e0eed599 100644
--- a/kernel/setuid_hook.c
+++ b/kernel/setuid_hook.c
@@ -51,7 +51,7 @@
 static inline bool is_zygote_isolated_service_uid(uid_t uid)
 {
 	uid %= 100000;
-	return (uid >= 90000 && uid < 100000);
+	return (uid >= 99000 && uid < 100000);
 }
 
 static inline bool is_zygote_normal_app_uid(uid_t uid)
@@ -65,7 +65,6 @@ extern u32 susfs_zygote_sid;
 extern void susfs_run_sus_path_loop(uid_t uid);
 #endif // #ifdef CONFIG_KSU_SUSFS_SUS_PATH
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-extern bool susfs_is_umount_for_zygote_iso_service_enabled;
 extern void susfs_reorder_mnt_id(void);
 #endif // #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
 #endif // #ifdef CONFIG_KSU_SUSFS
@@ -239,7 +238,7 @@ int ksu_handle_setresuid(uid_t ruid, uid_t euid, uid_t suid){
 
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
 	// Check if spawned process is isolated service first, and force to do umount if so  
-	if (is_zygote_isolated_service_uid(new_uid) && susfs_is_umount_for_zygote_iso_service_enabled) {
+	if (is_zygote_isolated_service_uid(new_uid)) {
 		goto do_umount;
 	}
 #endif // #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
@@ -326,4 +325,4 @@ void ksu_setuid_hook_exit(void)
 	pr_info("ksu_core_exit\n");
 	ksu_kernel_umount_exit();
 	ksu_unregister_feature_handler(KSU_FEATURE_ENHANCED_SECURITY);
-}
\ No newline at end of file
+}
diff --git a/kernel/supercalls.c b/kernel/supercalls.c
index 1cdaec82..10c71ddf 100644
--- a/kernel/supercalls.c
+++ b/kernel/supercalls.c
@@ -1043,10 +1043,6 @@ int ksu_handle_sys_reboot(int magic1, int magic2, unsigned int cmd, void __user
 			susfs_set_hide_sus_mnts_for_all_procs(arg);
 			return 0;
 		}
-		if (cmd == CMD_SUSFS_UMOUNT_FOR_ZYGOTE_ISO_SERVICE) {
-			susfs_set_umount_for_zygote_iso_service(arg);
-			return 0;
-		}
 #endif //#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
 #ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
 		if (cmd == CMD_SUSFS_ADD_SUS_KSTAT) {