You've already forked KernelSU-Next
mirror of
https://github.com/KernelSU-Next/KernelSU-Next.git
synced 2025-08-27 23:46:34 +00:00
kernel: cleaned up remaining susfs code
This commit is contained in:
Rifat Azad
@@ -11,10 +11,6 @@
|
||||
#include "ksu.h"
|
||||
#include "throne_tracker.h"
|
||||
|
||||
#ifdef CONFIG_KSU_SUSFS
|
||||
#include <linux/susfs.h>
|
||||
#endif
|
||||
|
||||
static struct workqueue_struct *ksu_workqueue;
|
||||
|
||||
bool ksu_queue_work(struct work_struct *work)
|
||||
@@ -53,10 +49,6 @@ int __init kernelsu_init(void)
|
||||
pr_alert("*************************************************************");
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_KSU_SUSFS
|
||||
susfs_init();
|
||||
#endif
|
||||
|
||||
ksu_core_init();
|
||||
|
||||
ksu_workqueue = alloc_ordered_workqueue("kernelsu_work_queue", 0);
|
||||
|
||||
@@ -64,10 +64,6 @@ bool ksu_execveat_hook __read_mostly = true;
|
||||
bool ksu_input_hook __read_mostly = true;
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_KSU_SUSFS_SUS_SU
|
||||
bool ksu_devpts_hook = false;
|
||||
#endif
|
||||
|
||||
u32 ksu_devpts_sid;
|
||||
|
||||
void on_post_fs_data(void)
|
||||
|
||||
@@ -134,14 +134,6 @@ void apply_kernelsu_rules()
|
||||
ksu_allow(db, "system_server", KERNEL_SU_DOMAIN, "process", "getpgid");
|
||||
ksu_allow(db, "system_server", KERNEL_SU_DOMAIN, "process", "sigkill");
|
||||
|
||||
#ifdef CONFIG_KSU_SUSFS
|
||||
// Allow umount in zygote process without installing zygisk
|
||||
ksu_allow(db, "zygote", "labeledfs", "filesystem", "unmount");
|
||||
susfs_set_init_sid();
|
||||
susfs_set_ksu_sid();
|
||||
susfs_set_zygote_sid();
|
||||
#endif
|
||||
|
||||
rcu_read_unlock();
|
||||
}
|
||||
|
||||
|
||||
@@ -8,14 +8,6 @@
|
||||
|
||||
#define KERNEL_SU_DOMAIN "u:r:su:s0"
|
||||
|
||||
#ifdef CONFIG_KSU_SUSFS
|
||||
#define KERNEL_INIT_DOMAIN "u:r:init:s0"
|
||||
#define KERNEL_ZYGOTE_DOMAIN "u:r:zygote:s0"
|
||||
u32 susfs_ksu_sid = 0;
|
||||
u32 susfs_init_sid = 0;
|
||||
u32 susfs_zygote_sid = 0;
|
||||
#endif
|
||||
|
||||
static int transive_to_domain(const char *domain)
|
||||
{
|
||||
struct cred *cred;
|
||||
@@ -139,83 +131,6 @@ bool is_zygote(void *sec)
|
||||
return result;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_KSU_SUSFS
|
||||
static inline void susfs_set_sid(const char *secctx_name, u32 *out_sid)
|
||||
{
|
||||
int err;
|
||||
|
||||
if (!secctx_name || !out_sid) {
|
||||
pr_err("secctx_name || out_sid is NULL\n");
|
||||
return;
|
||||
}
|
||||
|
||||
err = security_secctx_to_secid(secctx_name, strlen(secctx_name),
|
||||
out_sid);
|
||||
if (err) {
|
||||
pr_err("failed setting sid for '%s', err: %d\n", secctx_name, err);
|
||||
return;
|
||||
}
|
||||
pr_info("sid '%u' is set for secctx_name '%s'\n", *out_sid, secctx_name);
|
||||
}
|
||||
|
||||
bool susfs_is_sid_equal(void *sec, u32 sid2) {
|
||||
struct task_security_struct *tsec = (struct task_security_struct *)sec;
|
||||
if (!tsec) {
|
||||
return false;
|
||||
}
|
||||
return tsec->sid == sid2;
|
||||
}
|
||||
|
||||
u32 susfs_get_sid_from_name(const char *secctx_name)
|
||||
{
|
||||
u32 out_sid = 0;
|
||||
int err;
|
||||
|
||||
if (!secctx_name) {
|
||||
pr_err("secctx_name is NULL\n");
|
||||
return 0;
|
||||
}
|
||||
err = security_secctx_to_secid(secctx_name, strlen(secctx_name),
|
||||
&out_sid);
|
||||
if (err) {
|
||||
pr_err("failed getting sid from secctx_name: %s, err: %d\n", secctx_name, err);
|
||||
return 0;
|
||||
}
|
||||
return out_sid;
|
||||
}
|
||||
|
||||
u32 susfs_get_current_sid(void) {
|
||||
return current_sid();
|
||||
}
|
||||
|
||||
void susfs_set_zygote_sid(void)
|
||||
{
|
||||
susfs_set_sid(KERNEL_ZYGOTE_DOMAIN, &susfs_zygote_sid);
|
||||
}
|
||||
|
||||
bool susfs_is_current_zygote_domain(void) {
|
||||
return unlikely(current_sid() == susfs_zygote_sid);
|
||||
}
|
||||
|
||||
void susfs_set_ksu_sid(void)
|
||||
{
|
||||
susfs_set_sid(KERNEL_SU_DOMAIN, &susfs_ksu_sid);
|
||||
}
|
||||
|
||||
bool susfs_is_current_ksu_domain(void) {
|
||||
return unlikely(current_sid() == susfs_ksu_sid);
|
||||
}
|
||||
|
||||
void susfs_set_init_sid(void)
|
||||
{
|
||||
susfs_set_sid(KERNEL_INIT_DOMAIN, &susfs_init_sid);
|
||||
}
|
||||
|
||||
bool susfs_is_current_init_domain(void) {
|
||||
return unlikely(current_sid() == susfs_init_sid);
|
||||
}
|
||||
#endif
|
||||
|
||||
#define DEVPTS_DOMAIN "u:object_r:ksu_file:s0"
|
||||
|
||||
u32 ksu_get_devpts_sid()
|
||||
|
||||
@@ -364,23 +364,3 @@ void ksu_sucompat_exit()
|
||||
}
|
||||
|
||||
|
||||
#ifdef CONFIG_KSU_SUSFS_SUS_SU
|
||||
extern bool ksu_devpts_hook;
|
||||
|
||||
void ksu_susfs_disable_sus_su(void) {
|
||||
enable_kprobe(&execve_kp);
|
||||
enable_kprobe(&newfstatat_kp);
|
||||
enable_kprobe(&faccessat_kp);
|
||||
enable_kprobe(&pts_unix98_lookup_kp);
|
||||
ksu_devpts_hook = false;
|
||||
}
|
||||
|
||||
void ksu_susfs_enable_sus_su(void) {
|
||||
disable_kprobe(&execve_kp);
|
||||
disable_kprobe(&newfstatat_kp);
|
||||
disable_kprobe(&faccessat_kp);
|
||||
disable_kprobe(&pts_unix98_lookup_kp);
|
||||
ksu_devpts_hook = true;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user