From d2db8b4291c02187092fffea1a319bf6038ace4b Mon Sep 17 00:00:00 2001
From: Wang Han <416810799@qq.com>
Date: Tue, 11 Nov 2025 16:24:55 +0800
Subject: [PATCH] kernel: Fix task flag marking for root and shell UID

Signed-off-by: Wang Han <416810799@qq.com>
Co-authored-by: 5ec1cff <56485584+5ec1cff@users.noreply.github.com>
---
 kernel/allowlist.h     | 12 ++++++++++++
 kernel/kernel_umount.c |  5 +++++
 kernel/setuid_hook.c   | 21 ---------------------
 3 files changed, 17 insertions(+), 21 deletions(-)

diff --git a/kernel/allowlist.h b/kernel/allowlist.h
index bb099b25..4bac8c32 100644
--- a/kernel/allowlist.h
+++ b/kernel/allowlist.h
@@ -2,8 +2,13 @@
 #define __KSU_H_ALLOWLIST
 
 #include <linux/types.h>
+#include <linux/uidgid.h>
 #include "app_profile.h"
 
+#define PER_USER_RANGE 100000
+#define FIRST_APPLICATION_UID 10000
+#define LAST_APPLICATION_UID 19999
+
 void ksu_allowlist_init(void);
 
 void ksu_allowlist_exit(void);
@@ -30,8 +35,15 @@ bool ksu_set_app_profile(struct app_profile *, bool persist);
 bool ksu_uid_should_umount(uid_t uid);
 struct root_profile *ksu_get_root_profile(uid_t uid);
 
+static inline bool is_appuid(uid_t uid)
+{
+    uid_t appid = uid % PER_USER_RANGE;
+    return appid >= FIRST_APPLICATION_UID && appid <= LAST_APPLICATION_UID;
+}
+
 #ifdef CONFIG_KSU_MANUAL_SU
 bool ksu_temp_grant_root_once(uid_t uid);
 void ksu_temp_revoke_root_once(uid_t uid);
 #endif
+
 #endif
diff --git a/kernel/kernel_umount.c b/kernel/kernel_umount.c
index 57da5894..f784e648 100644
--- a/kernel/kernel_umount.c
+++ b/kernel/kernel_umount.c
@@ -179,6 +179,11 @@ int ksu_handle_umount(uid_t old_uid, uid_t new_uid)
         return 0;
     }
 
+    // FIXME: isolated process which directly forks from zygote is not handled
+    if (!is_appuid(new_uid)) {
+        return 0;
+    }
+
     if (!ksu_uid_should_umount(new_uid)) {
         return 0;
     }
diff --git a/kernel/setuid_hook.c b/kernel/setuid_hook.c
index b4713176..426e5059 100644
--- a/kernel/setuid_hook.c
+++ b/kernel/setuid_hook.c
@@ -60,10 +60,6 @@
 
 #include "sulog.h"
 
-#define PER_USER_RANGE 100000
-#define FIRST_APPLICATION_UID 10000
-#define LAST_APPLICATION_UID 19999
-
 static bool ksu_enhanced_security_enabled = false;
 
 static int enhanced_security_feature_get(u64 *value)
@@ -96,12 +92,6 @@ static inline bool is_allow_su(void)
     return ksu_is_allow_uid_for_current(current_uid().val);
 }
 
-static inline bool is_appuid(uid_t uid)
-{
-    uid_t appid = uid % PER_USER_RANGE;
-    return appid >= FIRST_APPLICATION_UID && appid <= LAST_APPLICATION_UID;
-}
-
 int ksu_handle_setresuid(uid_t ruid, uid_t euid, uid_t suid)
 {
     uid_t new_uid = ruid;
@@ -133,17 +123,6 @@ int ksu_handle_setresuid(uid_t ruid, uid_t euid, uid_t suid)
         return 0;
     }
 
-    if (new_uid == 2000) {
-        ksu_set_task_tracepoint_flag(current);
-    }
-
-    // FIXME: isolated process which directly forks from zygote is not handled
-    if (!is_appuid(new_uid)) {
-        pr_info("handle setresuid ignore non application or isolated uid: %d\n", new_uid);
-        ksu_clear_task_tracepoint_flag(current);
-        return 0;
-    }
-
     // if on private space, see if its possibly the manager
     if (new_uid > PER_USER_RANGE && new_uid % PER_USER_RANGE == ksu_get_manager_uid()) {
          ksu_set_manager_uid(new_uid);