android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: refactor apply_kernelsu_rules to use mutex for synchronization

Browse Source
This commit is contained in:
ShirkNeko
2025-08-15 11:00:34 +08:00
parent f6337e2d52
commit ec6991f98b
2 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
kernel/selinux/rules.c
View File

@@ -24,14 +24,19 @@ static struct policydb *get_policydb(void)
return db; return db;
} }
static DEFINE_MUTEX(ksu_rules);
void apply_kernelsu_rules() void apply_kernelsu_rules()
{ {
struct policydb *db;
if (!getenforce()) { if (!getenforce()) {
pr_info("SELinux permissive or disabled, apply rules!\n"); pr_info("SELinux permissive or disabled, apply rules!\n");
} }
rcu_read_lock(); mutex_lock(&ksu_rules);
struct policydb *db = get_policydb();
db = get_policydb();
ksu_permissive(db, KERNEL_SU_DOMAIN); ksu_permissive(db, KERNEL_SU_DOMAIN);
ksu_typeattribute(db, KERNEL_SU_DOMAIN, "mlstrustedsubject"); ksu_typeattribute(db, KERNEL_SU_DOMAIN, "mlstrustedsubject");
@@ -125,7 +130,7 @@ void apply_kernelsu_rules()
// https://android-review.googlesource.com/c/platform/system/logging/+/3725346 // https://android-review.googlesource.com/c/platform/system/logging/+/3725346
ksu_dontaudit(db, ALL, KERNEL_SU_DOMAIN, "dir", "getattr"); ksu_dontaudit(db, ALL, KERNEL_SU_DOMAIN, "dir", "getattr");
rcu_read_unlock(); mutex_unlock(&ksu_rules);
} }
#define MAX_SEPOL_LEN 128 #define MAX_SEPOL_LEN 128

6
kernel/sucompat.c
View File

@@ -267,9 +267,13 @@ static int execve_handler_pre(struct kprobe *p, struct pt_regs *regs)
static struct kprobe *su_kps[4]; static struct kprobe *su_kps[4];
static int pts_unix98_lookup_pre(struct kprobe *p, struct pt_regs *regs) static int pts_unix98_lookup_pre(struct kprobe *p, struct pt_regs *regs)
{ {
struct inode *inode;) struct inode *inode;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 6, 0)
struct file *file = (struct file *)PT_REGS_PARM2(regs); struct file *file = (struct file *)PT_REGS_PARM2(regs);
inode = file->f_path.dentry->d_inode; inode = file->f_path.dentry->d_inode;
#else
inode = (struct inode *)PT_REGS_PARM2(regs);
#endif
return ksu_inline_handle_devpts(inode); return ksu_inline_handle_devpts(inode);
} }