0a13055e9b
- A more aggressive prctl side channel is already implemented by cimb octo app and this is found by backslashxx (https://github.com/backslashxx/) - The fix is easy same as the one implemented for sus_su by checking the TIF_PROC_UMOUNTED bit in current->thread_info.flags in the very beginning of ksu_handle_prctl() - Also we need make sure to explicitly check for ksu manager uid in ksu_handle_setuid() before checking for normal user app since ksu maanger app uid is excluded in allow_list_arr which ksu_uid_should_umount(manager_uid) will always return true Co-authored-by: simonpunk <simonpunk2016@gmail.com>