kernel: cleaned up remaining susfs code

kernel/ksu.c

@@ -11,10 +11,6 @@
 #include "ksu.h"
 #include "throne_tracker.h"
 
-#ifdef CONFIG_KSU_SUSFS
-#include <linux/susfs.h>
-#endif
-
 static struct workqueue_struct *ksu_workqueue;
 
 bool ksu_queue_work(struct work_struct *work)
@@ -53,10 +49,6 @@ int __init kernelsu_init(void)
 	pr_alert("*************************************************************");
 #endif
 
-#ifdef CONFIG_KSU_SUSFS
-	susfs_init();
-#endif
-
 	ksu_core_init();
 
 	ksu_workqueue = alloc_ordered_workqueue("kernelsu_work_queue", 0);

kernel/ksud.c

@@ -64,10 +64,6 @@ bool ksu_execveat_hook __read_mostly = true;
 bool ksu_input_hook __read_mostly = true;
 #endif
 
-#ifdef CONFIG_KSU_SUSFS_SUS_SU
-bool ksu_devpts_hook = false;
-#endif
-
 u32 ksu_devpts_sid;
 
 void on_post_fs_data(void)

kernel/selinux/rules.c

@@ -134,14 +134,6 @@ void apply_kernelsu_rules()
     ksu_allow(db, "system_server", KERNEL_SU_DOMAIN, "process", "getpgid");
     ksu_allow(db, "system_server", KERNEL_SU_DOMAIN, "process", "sigkill");
 
-#ifdef CONFIG_KSU_SUSFS
-	// Allow umount in zygote process without installing zygisk
-	ksu_allow(db, "zygote", "labeledfs", "filesystem", "unmount");
-	susfs_set_init_sid();
-	susfs_set_ksu_sid();
-	susfs_set_zygote_sid();
-#endif
-
 	rcu_read_unlock();
 }
 

kernel/selinux/selinux.c

@@ -8,14 +8,6 @@
 
 #define KERNEL_SU_DOMAIN "u:r:su:s0"
 
-#ifdef CONFIG_KSU_SUSFS
-#define KERNEL_INIT_DOMAIN "u:r:init:s0"
-#define KERNEL_ZYGOTE_DOMAIN "u:r:zygote:s0"
-u32 susfs_ksu_sid = 0;
-u32 susfs_init_sid = 0;
-u32 susfs_zygote_sid = 0;
-#endif
-
 static int transive_to_domain(const char *domain)
 {
 	struct cred *cred;
@@ -139,83 +131,6 @@ bool is_zygote(void *sec)
 	return result;
 }
 
-#ifdef CONFIG_KSU_SUSFS
-static inline void susfs_set_sid(const char *secctx_name, u32 *out_sid)
-{
-	int err;
-	
-	if (!secctx_name || !out_sid) {
-		pr_err("secctx_name || out_sid is NULL\n");
-		return;
-	}
-
-	err = security_secctx_to_secid(secctx_name, strlen(secctx_name),
-					   out_sid);
-	if (err) {
-		pr_err("failed setting sid for '%s', err: %d\n", secctx_name, err);
-		return;
-	}
-	pr_info("sid '%u' is set for secctx_name '%s'\n", *out_sid, secctx_name);
-}
-
-bool susfs_is_sid_equal(void *sec, u32 sid2) {
-	struct task_security_struct *tsec = (struct task_security_struct *)sec;
-	if (!tsec) {
-		return false;
-	}
-	return tsec->sid == sid2;
-}
-
-u32 susfs_get_sid_from_name(const char *secctx_name)
-{
-	u32 out_sid = 0;
-	int err;
-	
-	if (!secctx_name) {
-		pr_err("secctx_name is NULL\n");
-		return 0;
-	}
-	err = security_secctx_to_secid(secctx_name, strlen(secctx_name),
-					   &out_sid);
-	if (err) {
-		pr_err("failed getting sid from secctx_name: %s, err: %d\n", secctx_name, err);
-		return 0;
-	}
-	return out_sid;
-}
-
-u32 susfs_get_current_sid(void) {
-	return current_sid();
-}
-
-void susfs_set_zygote_sid(void)
-{
-	susfs_set_sid(KERNEL_ZYGOTE_DOMAIN, &susfs_zygote_sid);
-}
-
-bool susfs_is_current_zygote_domain(void) {
-	return unlikely(current_sid() == susfs_zygote_sid);
-}
-
-void susfs_set_ksu_sid(void)
-{
-	susfs_set_sid(KERNEL_SU_DOMAIN, &susfs_ksu_sid);
-}
-
-bool susfs_is_current_ksu_domain(void) {
-	return unlikely(current_sid() == susfs_ksu_sid);
-}
-
-void susfs_set_init_sid(void)
-{
-	susfs_set_sid(KERNEL_INIT_DOMAIN, &susfs_init_sid);
-}
-
-bool susfs_is_current_init_domain(void) {
-	return unlikely(current_sid() == susfs_init_sid);
-}
-#endif
-
 #define DEVPTS_DOMAIN "u:object_r:ksu_file:s0"
 
 u32 ksu_get_devpts_sid()

kernel/sucompat.c

@@ -364,23 +364,3 @@ void ksu_sucompat_exit()
 }
 
 
-#ifdef CONFIG_KSU_SUSFS_SUS_SU
-extern bool ksu_devpts_hook;
-
-void ksu_susfs_disable_sus_su(void) {
-	enable_kprobe(&execve_kp);
-	enable_kprobe(&newfstatat_kp);
-	enable_kprobe(&faccessat_kp);
-	enable_kprobe(&pts_unix98_lookup_kp);
-	ksu_devpts_hook = false;
-}
-
-void ksu_susfs_enable_sus_su(void) {
-	disable_kprobe(&execve_kp);
-	disable_kprobe(&newfstatat_kp);
-	disable_kprobe(&faccessat_kp);
-	disable_kprobe(&pts_unix98_lookup_kp);
-	ksu_devpts_hook = true;
-}
-#endif
-