kernel: precise trigger timing of post-fs-data (#118)

* kernel: add report_event cmd * ksud: report event * kernel: trigger on_post_fs_data * ksud: comment unused code * [skip ci] run clang-format Signed-off-by: Ylarod <me@ylarod.cn> * ci: use custom key to sign official bootimgs * format ksud * reject non root * remove Signed-off-by: Ylarod <me@ylarod.cn>
2023-01-26 11:29:02 +08:00
parent 22b66b6672
commit db600d5ea0
19 changed files with 170 additions and 37 deletions
--- a/kernel/ksud.c
+++ b/kernel/ksud.c
@@ -4,6 +4,7 @@
 #include "linux/err.h"
 #include "linux/fs.h"
 #include "linux/kprobes.h"
+#include "linux/printk.h"
 #include "linux/types.h"
 #include "linux/uaccess.h"
 #include "linux/version.h"
@@ -11,8 +12,8 @@

 #include "allowlist.h"
 #include "arch.h"
-#include "selinux/selinux.h"
 #include "klog.h" // IWYU pragma: keep
+#include "selinux/selinux.h"

 static const char KERNEL_SU_RC[] =
 	"\n"
@@ -47,6 +48,18 @@ static bool vfs_read_hook = true;
 static bool execveat_hook = true;
 #endif

+void on_post_fs_data(void)
+{
+	static bool done = false;
+	if (done) {
+		pr_info("on_post_fs_data already done");
+		return;
+	}
+	done = true;
+	pr_info("ksu_load_allow_list");
+	ksu_load_allow_list();
+}
+
 int ksu_handle_execveat_ksud(int *fd, struct filename **filename_ptr,
 			     void *argv, void *envp, int *flags)
 {
@@ -85,7 +98,7 @@ int ksu_handle_execveat_ksud(int *fd, struct filename **filename_ptr,
 	    !memcmp(filename->name, app_process, sizeof(app_process) - 1)) {
 		first_app_process = false;
 		pr_info("exec app_process, /data prepared!\n");
-		ksu_load_allow_list();
+		on_post_fs_data(); // we keep this for old ksud
 		stop_execve_hook();
 	}