Run throne_tracker() in kthread instead of blocking the caller.
Prevents full lockup during installation and removing the manager.
By default, first run remains synchronous for compatibility purposes
(FDE, FBEv1, FBEv2)
Features:
- looks and waits for manager UID in /data/system/packages.list
- run track_throne() in a kthread after the first synchronous run
- prevent duplicate thread creation with a single-instance check
- spinlock-on-d_lock based polling adressing possible race conditions.
Race conditions adressed
- single instance kthread lock, smp_mb()
- track_throne_function, packages.list, spinlock-on-d_lock based polling
- is_manager_apk, apk, spinlock-on-d_lock based polling
This is a squash of:
https://github.com/tiann/KernelSU/pull/2632
Original skeleton based on:
`kernelsu: move throne_tracker() to kthread`
`kernelsu: check locking before accessing files and dirs during searching manager`
`kernelsu: look for manager UID in /data/system/packages.list, not /data/system/packages.list.tmp`
0b05e927...8783badd
Co-Authored-By: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-Authored-By: Yaroslav Zviezda <10716792+acroreiser@users.noreply.github.com>
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
* The coding format is too messy, reformat to improve readability
and get closer to Linux kernel coding style.
* While at it, update .clang-format file to linux-mainline state.
upstream used IS_ERR to check for negative return and that is int,
so correct it.
This is one headache for old compilers.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
* kernel: deny v2 signature blocks with incorrect number
* kernel: reject v1 signature
* kernel: enforce manager package name at compile time
* kernel: don't specific package name in source code, use it in ci
Basic support for the case that init_task.mnt_ns != zygote.mnt_ns(WSA),
just copy nsproxy and fs pointers for solve #276.
Note the copy in `apk_sign.c` is not required but suggested for
secure(ensure the checked mnt_ns is what ns android running, not created
by user, although many distributions does not have user ns.).
Tested with latest release on Win10 19045.3086(with WSAPatch).
Further review required for:
- [x] Security of this operation (without locking).
- [x] The impact of these modifications on other Android distributions.
* Kconfig: add KSU_DEBUG
* print alert on debug mode
* allow shell by default
* store signature to var on debug mode
* format
* export as module_param
* rename apk_sign to kernelsu
