- Since official KSU has exposed kernel_umount API and provided meta module for handling mount operations, susfs can finally handover try_umount and auto add_try_umount to KSU and its meta module
- Synced with upstream, see e1e58ed737
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
Kernel has few information about which isolated process belongs to which
application, so there is actually no good choice if we don't implement a
userspace daemon. One choice is to access cmdline memory from kernel,
but cmdline is __user, and it is likely to trigger detections. Before we
have more good ideas, use this.
Reason:
- AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT is also causing a bit more performance overheads and still it cannot catch all the sus mounts in all situations. Actually it can easily be done in boot-completed.sh, and it should be more accurate, see module templates for more details.
- Official KernelSU also allows ksud to add custom path to try_umount list as well, users can use their own way to add only the desired sus mounts to try_umount list, but remember to disable susfs ADD_TRY_UMOUNT in kernel if users want to use the official one.
- There are less use cases for umount_for_zygote_system_process, and sometimes enabling this may cause bootloop with some modules enabled, instead user can use busybox nsenter to umount the sus mounts for specific process later by themmselves.
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
Reason:
- add_try_umount, AUTO_ADD_SUS_KSU_DEFAULT_MOUNT and AUTO_ADD_SUS_BIND_MOUNT are only used to flag the sus_mount bit on target inode, but actually none of the hooks are checking for this bit, so this is why these features should be no longer needed, and we only need to check for sus mnt_id to determine if it is a sus mount. Plus it takes more CPU cycle to check for the path and set the sus_mount flag during boot time
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
This idea is borrowed from simonpunk's susfs4ksu.
What we see here is that, yeah well, lets just have userspace send us
what it
wants unmounted, this is better than hardcoding everything.
This also solves that issue where MNT_DETACH fails, as long as we send
unmountables in proper order.
A small anti-duplicate mechanism is also added.
While in-kernel umount is a bit worse than zygisk-provider-based ones,
this can still
serve as a healthy alternative.
---------
- Remove duplicate checks
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
