kernel: fdwrapper: use anon_inode_getfd_secure to make new inode

Signed-off-by: Faris <rissu.ntk@gmail.com>

kernel/supercalls.c

@@ -379,14 +379,18 @@ static int __do_get_wrapper_fd(void __user *arg, const char *anon_name)
 		goto put_orig_file;
 	}
 
-	struct file *pf = anon_inode_getfile(anon_name, &data->ops,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 12, 0)
-					     data, f->f_flags);
+#define getfd_secure anon_inode_create_getfd
-	if (IS_ERR(pf)) {
+#else
-		ret = PTR_ERR(pf);
+#define getfd_secure anon_inode_getfd_secure
-		pr_err("fdwrapper: anon_inode_getfile failed: %ld\n",
+#endif
-		       PTR_ERR(pf));
+
+	ret = getfd_secure(anon_name, &data->ops, data, f->f_flags, NULL);
+	if (ret < 0) {
+		pr_err("ksu_fdwrapper: getfd failed: %d\n", ret);
 		goto put_wrapper_data;
 	}
+	struct file *pf = fget(ret);
 
 	struct inode *wrapper_inode = file_inode(pf);
 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 1, 0) ||                           \
@@ -400,18 +404,6 @@ static int __do_get_wrapper_fd(void __user *arg, const char *anon_name)
 		sec->sid = ksu_file_sid;
 	}
 
-	ret = get_unused_fd_flags(cmd.flags);
-	if (ret < 0) {
-		pr_err("fdwrapper: get unused fd failed: %d\n", ret);
-		goto put_wrapper_file;
-	}
-
-	// pr_info("mksu_fdwrapper: installed wrapper fd for %p %d (flags=%d, mode=%d) to %p %d (flags=%d, mode=%d)", f, cmd.fd, f->f_flags, f->f_mode, pf, ret, pf->f_flags, pf->f_mode);
-	// pf->f_mode |= FMODE_READ | FMODE_CAN_READ | FMODE_WRITE | FMODE_CAN_WRITE;
-	fd_install(ret, pf);
-	goto put_orig_file;
-
-put_wrapper_file:
 	fput(pf);
 put_wrapper_data:
 	mksu_delete_file_wrapper(data);
@@ -421,6 +413,16 @@ put_orig_file:
 	return ret;
 }
 
+static int do_get_wrapper_fd_mksu(void __user *arg)
+{
+	return __do_get_wrapper_fd(arg, "[mksu_fdwrapper]");
+}
+
+static int do_get_wrapper_fd(void __user *arg)
+{
+	return __do_get_wrapper_fd(arg, "[ksu_fdwrapper]");
+}
+
 // 100. GET_FULL_VERSION - Get full version string
 static int do_get_full_version(void __user *arg)
 {
@@ -579,15 +581,6 @@ static int do_enable_uid_scanner(void __user *arg)
     return 0;
 }
 
-static int do_get_wrapper_fd(void __user *arg)
-{
-	return __do_get_wrapper_fd(arg, "[mksu_fdwrapper]");
-}
-
-static int do_proxy_file(void __user *arg)
-{
-	return __do_get_wrapper_fd(arg, "[ksu_file_proxy]");
-}
 
 // IOCTL handlers mapping table
 static const struct ksu_ioctl_cmd_map ksu_ioctl_handlers[] = {
@@ -605,8 +598,8 @@ static const struct ksu_ioctl_cmd_map ksu_ioctl_handlers[] = {
     { .cmd = KSU_IOCTL_SET_APP_PROFILE, .name = "SET_APP_PROFILE", .handler = do_set_app_profile, .perm_check = only_manager },
     { .cmd = KSU_IOCTL_GET_FEATURE, .name = "GET_FEATURE", .handler = do_get_feature, .perm_check = manager_or_root },
     { .cmd = KSU_IOCTL_SET_FEATURE, .name = "SET_FEATURE", .handler = do_set_feature, .perm_check = manager_or_root },
-    { .cmd = KSU_IOCTL_GET_WRAPPER_FD, .name = "GET_WRAPPER_FD", .handler = do_get_wrapper_fd, .perm_check = manager_or_root },
+    { .cmd = KSU_IOCTL_PROXY_FILE, .name = "PROXY_FILE", .handler = do_get_wrapper_fd, .perm_check = manager_or_root },
-    { .cmd = KSU_IOCTL_PROXY_FILE, .name = "PROXY_FILE", .handler = do_proxy_file, .perm_check = manager_or_root },
+    { .cmd = KSU_IOCTL_GET_WRAPPER_FD, .name = "GET_WRAPPER_FD", .handler = do_get_wrapper_fd_mksu, .perm_check = manager_or_root },
     { .cmd = KSU_IOCTL_GET_FULL_VERSION,.name = "GET_FULL_VERSION", .handler = do_get_full_version, .perm_check = always_allow},
     { .cmd = KSU_IOCTL_HOOK_TYPE,.name = "GET_HOOK_TYPE", .handler = do_get_hook_type, .perm_check = manager_or_root},
     { .cmd = KSU_IOCTL_ENABLE_KPM, .name = "GET_ENABLE_KPM", .handler = do_enable_kpm, .perm_check = manager_or_root},