From d3c37a293d2f0bdf17d8918d526af0704164db88 Mon Sep 17 00:00:00 2001 From: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com> Date: Mon, 21 Jul 2025 16:23:17 +0800 Subject: [PATCH] kernel & KernelSU: Added new ksu_susfs cli add_sus_path_loop - When path is added via add_sus_path_loop, the path will be re-flagged as SUS_PATH on each non-root user app or isolated service starts, this may address some issues that the added path via add_sus_path getting its inode status reset or inode re-created in kernel for whatever reason. - Please also note that only path NOT inside /storage/ and /sdcard/ can be added via add_sus_path_loop. - usage: ksu_susfs add_sus_path_loop Co-authored-by: simonpunk --- kernel/core_hook.c | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) diff --git a/kernel/core_hook.c b/kernel/core_hook.c index 8950ebb2..9268f98b 100644 --- a/kernel/core_hook.c +++ b/kernel/core_hook.c @@ -67,9 +67,12 @@ bool susfs_is_allow_su(void) extern u32 susfs_zygote_sid; extern bool susfs_is_mnt_devname_ksu(struct path *path); +#ifdef CONFIG_KSU_SUSFS_SUS_PATH +extern void susfs_run_sus_path_loop(uid_t uid); +#endif // #ifdef CONFIG_KSU_SUSFS_SUS_PATH #ifdef CONFIG_KSU_SUSFS_ENABLE_LOG extern bool susfs_is_log_enabled __read_mostly; -#endif +#endif // #ifdef CONFIG_KSU_SUSFS_ENABLE_LOG #ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT extern void susfs_run_try_umount_for_current_mnt_ns(void); #endif // #ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT @@ -669,6 +672,22 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3, pr_info("susfs: copy_to_user() failed\n"); return 0; } + if (arg2 == CMD_SUSFS_ADD_SUS_PATH_LOOP) { + int error = 0; + if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_sus_path))) { + pr_err("susfs: CMD_SUSFS_ADD_SUS_PATH_LOOP -> arg3 is not accessible\n"); + return 0; + } + if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { + pr_err("susfs: CMD_SUSFS_ADD_SUS_PATH_LOOP -> arg5 is not accessible\n"); + return 0; + } + error = susfs_add_sus_path_loop((struct st_susfs_sus_path __user*)arg3); + pr_info("susfs: CMD_SUSFS_ADD_SUS_PATH_LOOP -> ret: %d\n", error); + if (copy_to_user((void __user*)arg5, &error, sizeof(error))) + pr_info("susfs: copy_to_user() failed\n"); + return 0; + } if (arg2 == CMD_SUSFS_SET_ANDROID_DATA_ROOT_PATH) { int error = 0; if (!ksu_access_ok((void __user*)arg3, SUSFS_MAX_LEN_PATHNAME)) { @@ -1259,8 +1278,11 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old) susfs_set_current_non_root_user_app_proc(); #ifdef CONFIG_KSU_SUSFS_SUS_SU susfs_set_current_proc_su_not_allowed(); -#endif +#endif // #ifdef CONFIG_KSU_SUSFS_SUS_SU task_unlock(current); +#ifdef CONFIG_KSU_SUSFS_SUS_PATH + susfs_run_sus_path_loop(new_uid.val); +#endif // #ifdef CONFIG_KSU_SUSFS_SUS_PATH #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT if (susfs_is_umount_for_zygote_iso_service_enabled) { goto out_susfs_try_umount_all; @@ -1287,6 +1309,9 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old) susfs_set_current_proc_su_not_allowed(); #endif // #ifdef CONFIG_KSU_SUSFS_SUS_SU task_unlock(current); +#ifdef CONFIG_KSU_SUSFS_SUS_PATH + susfs_run_sus_path_loop(new_uid.val); +#endif // #ifdef CONFIG_KSU_SUSFS_SUS_PATH } #endif // #ifdef CONFIG_KSU_SUSFS