android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: don't umount for non zygote child process. fixes #1054,#1049,#1045

Browse Source
This commit is contained in:
weishu
2023-10-19 17:29:02 +08:00
parent 1f1d4d454e
commit ce892bc439
3 changed files with 28 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
kernel/core_hook.c
View File

@@ -531,8 +531,6 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
return 0;
}
// todo: check old process's selinux context, if it is not zygote, ignore it!
if (!is_appuid(new_uid) || is_isolated_uid(new_uid.val)) {
// pr_info("handle setuid ignore non application or isolated uid: %d\n", new_uid.val);
return 0;
@@ -551,8 +549,16 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
#endif
}
// check old process's selinux context, if it is not zygote, ignore it!
// because some su apps may setuid to untrusted_app but they are in global mount namespace
// when we umount for such process, that is a disaster!
bool is_zygote_child = is_zygote(old->security);
if (!is_zygote_child) {
pr_info("handle umount ignore non zygote child: %d\n", current->pid);
return 0;
}
// umount the target mnt
pr_info("handle umount for uid: %d\n", new_uid.val);
pr_info("handle umount for uid: %d, pid: %d\n", new_uid.val, current->pid);
// fixme: use `collect_mounts` and `iterate_mount` to iterate all mountpoint and
// filter the mountpoint whose target is `/data/adb`

18
kernel/selinux/selinux.c
View File

@@ -27,7 +27,8 @@ static int transive_to_domain(const char *domain)
error = security_secctx_to_secid(domain, strlen(domain), &sid);
if (error) {
pr_info("security_secctx_to_secid %s -> sid: %d, error: %d\n", domain, sid, error);
pr_info("security_secctx_to_secid %s -> sid: %d, error: %d\n",
domain, sid, error);
}
if (!error) {
if (!ksu_sid)
@@ -107,3 +108,18 @@ bool is_ksu_domain()
{
return ksu_sid && current_sid() == ksu_sid;
}
bool is_zygote(void *sec)
{
struct task_security_struct *tsec = (struct task_security_struct *)sec;
if (!tsec) {
return false;
}
char *domain;
u32 seclen;
int err = security_secid_to_secctx(tsec->sid, &domain, &seclen);
if (err) {
return false;
}
return strncmp("u:r:zygote:s0", domain, seclen) == 0;
}

2
kernel/selinux/selinux.h
View File

@@ -16,6 +16,8 @@ bool getenforce();
bool is_ksu_domain();
bool is_zygote(void *cred);
void apply_kernelsu_rules();
#endif