Kernel has few information about which isolated process belongs to which
application, so there is actually no good choice if we don't implement a
userspace daemon. One choice is to access cmdline memory from kernel,
but cmdline is __user, and it is likely to trigger detections. Before we
have more good ideas, use this.
This idea is borrowed from simonpunk's susfs4ksu.
What we see here is that, yeah well, lets just have userspace send us
what it
wants unmounted, this is better than hardcoding everything.
This also solves that issue where MNT_DETACH fails, as long as we send
unmountables in proper order.
A small anti-duplicate mechanism is also added.
While in-kernel umount is a bit worse than zygisk-provider-based ones,
this can still
serve as a healthy alternative.
---------
- Remove duplicate checks
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
1) Fix memory leak of callback head in allowlist.c
2) Remove duplicated logic and incorrect log in kernel_umount.c
3) Prevent sleep in kprobe context in ksud.c
4) Remove useless is_unsupported_uid, use euid for security enhance,
add FIXME in setuid_hook.c
5) Remove useless fd argument for execve hook, fix incorrent pointer
usage in syscall_hook_manager.c and sucompat.c
6) Use correct errno in supercalls.c
---------
Co-authored-by: Ylarod <me@ylarod.cn>
