diff --git a/kernel/core_hook.c b/kernel/core_hook.c
index fe38a2af..61097971 100644
--- a/kernel/core_hook.c
+++ b/kernel/core_hook.c
@@ -1007,6 +1007,9 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
 	try_umount("/system_ext", true, 0);
 	try_umount("/data/adb/modules", false, MNT_DETACH);
 
+	// try umount ksu temp path
+	try_umount("/debug_ramdisk", false, MNT_DETACH);
+
 	return 0;
 }
 
diff --git a/userspace/ksud/src/defs.rs b/userspace/ksud/src/defs.rs
index a8b8e100..8033ee26 100644
--- a/userspace/ksud/src/defs.rs
+++ b/userspace/ksud/src/defs.rs
@@ -38,4 +38,5 @@ pub const KSU_BACKUP_DIR: &str = WORKING_DIR;
 pub const KSU_BACKUP_FILE_PREFIX: &str = "ksu_backup_";
 pub const BACKUP_FILENAME: &str = "stock_image.sha1";
 
+pub const NO_TMPFS_PATH: &str = concatcp!(WORKING_DIR, ".notmpfs");
 pub const NO_MOUNT_PATH: &str = concatcp!(WORKING_DIR, ".nomount");
diff --git a/userspace/ksud/src/init_event.rs b/userspace/ksud/src/init_event.rs
index fb7908b1..eee0fcef 100644
--- a/userspace/ksud/src/init_event.rs
+++ b/userspace/ksud/src/init_event.rs
@@ -2,7 +2,7 @@
 use crate::kpm;
 use crate::{
     assets, defs,
-    defs::NO_MOUNT_PATH,
+    defs::{KSU_MOUNT_SOURCE, NO_MOUNT_PATH, NO_TMPFS_PATH},
     ksucalls,
     module::{handle_updated_modules, prune_modules},
     restorecon, uid_scanner, utils,
@@ -10,7 +10,7 @@ use crate::{
 };
 use anyhow::{Context, Result};
 use log::{info, warn};
-use rustix::mount::{MountFlags, mount};
+use rustix::fs::{MountFlags, mount};
 use std::path::Path;
 
 #[cfg(target_os = "android")]
@@ -67,11 +67,11 @@ pub fn on_post_data_fs() -> Result<()> {
     }
 
     if let Err(e) = prune_modules() {
-        warn!("prune modules failed: {}", e);
+        warn!("prune modules failed: {e}");
     }
 
     if let Err(e) = handle_updated_modules() {
-        warn!("handle updated modules failed: {}", e);
+        warn!("handle updated modules failed: {e}");
     }
 
     if let Err(e) = restorecon::restorecon() {
@@ -89,12 +89,31 @@ pub fn on_post_data_fs() -> Result<()> {
 
     #[cfg(target_arch = "aarch64")]
     if let Err(e) = kpm::start_kpm_watcher() {
-        warn!("KPM: Failed to start KPM watcher: {}", e);
+        warn!("KPM: Failed to start KPM watcher: {e}");
     }
 
     #[cfg(target_arch = "aarch64")]
     if let Err(e) = kpm::load_kpm_modules() {
-        warn!("KPM: Failed to load KPM modules: {}", e);
+        warn!("KPM: Failed to load KPM modules: {e}");
+    }
+
+    let tmpfs_path = find_tmp_path();
+    // for compatibility
+    let no_mount = Path::new(NO_TMPFS_PATH).exists() || Path::new(NO_MOUNT_PATH).exists();
+
+    // mount temp dir
+    if !no_mount {
+        if let Err(e) = mount(
+            KSU_MOUNT_SOURCE,
+            &tmpfs_path,
+            "tmpfs",
+            MountFlags::empty(),
+            "",
+        ) {
+            warn!("do temp dir mount failed: {e}");
+        }
+    } else {
+        info!("no tmpfs requested");
     }
 
     // exec modules post-fs-data scripts
@@ -108,10 +127,9 @@ pub fn on_post_data_fs() -> Result<()> {
         warn!("load system.prop failed: {e}");
     }
 
-    let tmpfs_path = find_tmp_path();
     // mount module systemlessly by magic mount
     #[cfg(target_os = "android")]
-    if !Path::new(NO_MOUNT_PATH).exists() {
+    if !no_mount {
         if let Err(e) = crate::magic_mount::magic_mount(&tmpfs_path) {
             warn!("do systemless mount failed: {e}");
         }