From a545a3e81c020b7203163ad77ac60e676d5941f1 Mon Sep 17 00:00:00 2001
From: Rifat Azad <rifat.44.azad.rifs@gmail.com>
Date: Mon, 16 Dec 2024 02:42:33 +0600
Subject: [PATCH] kernel: slightly polish up code

---
 kernel/core_hook.c | 4 +++-
 kernel/sucompat.c  | 2 --
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/kernel/core_hook.c b/kernel/core_hook.c
index 43056e46..e3ffa820 100644
--- a/kernel/core_hook.c
+++ b/kernel/core_hook.c
@@ -521,13 +521,15 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
 #endif
 	}
 
+	// check old process's selinux context, if it is not zygote, ignore it!
+	// because some su apps may setuid to untrusted_app but they are in global mount namespace
+	// when we umount for such process, that is a disaster!
 	bool is_zygote_child = is_zygote(old->security);
 	if (!is_zygote_child) {
 		pr_info("handle umount ignore non zygote child: %d\n",
 			current->pid);
 		return 0;
 	}
-
 #ifdef CONFIG_KSU_DEBUG
 	// umount the target mnt
 	pr_info("handle umount for uid: %d, pid: %d\n", new_uid.val,
diff --git a/kernel/sucompat.c b/kernel/sucompat.c
index ca1d379d..5849aaf3 100644
--- a/kernel/sucompat.c
+++ b/kernel/sucompat.c
@@ -362,5 +362,3 @@ void ksu_sucompat_exit()
 	unregister_kprobe(&pts_unix98_lookup_kp);
 #endif
 }
-
-