From 58782b21f8757a0467c8df6566851ac727791053 Mon Sep 17 00:00:00 2001
From: snake-4 <18491360+snake-4@users.noreply.github.com>
Date: Tue, 26 Mar 2024 18:26:24 +0100
Subject: [PATCH] unshare on parent Zygote only

Calling unshare on child Zygotes crash at a sanity check but they end up inheriting the namespace either way.

closes #1
---
 module/jni/main.cpp | 27 ++++++++++++++++++++-------
 1 file changed, 20 insertions(+), 7 deletions(-)

diff --git a/module/jni/main.cpp b/module/jni/main.cpp
index eae8148..5147549 100644
--- a/module/jni/main.cpp
+++ b/module/jni/main.cpp
@@ -56,13 +56,26 @@ public:
         {
             LOGD("Creating new mount namespace for parent pid=%d uid=%d", getpid(), args->uid);
 
-        /*
-         * Mount the pseudo app mount namespace's root as MS_SLAVE, so every mount/umount from
-         * Zygote shared pre-specialization mountspace is propagated to this one.
-         */
-        if (mount("rootfs", "/", NULL, (MS_SLAVE | MS_REC), NULL) == -1)
-        {
-            LOGE("mount(\"rootfs\", \"/\", NULL, (MS_SLAVE | MS_REC), NULL) returned -1");
+            /*
+             * preAppSpecialize is before ensureInAppMountNamespace.
+             * postAppSpecialize is after seccomp setup.
+             * So we unshare here to create a pseudo app mount namespace
+             */
+            if (unshare(CLONE_NEWNS) == -1)
+            {
+                LOGE("unshare(CLONE_NEWNS) returned -1: %d (%s)", errno, strerror(errno));
+                // Don't unmount anything in global namespace
+                return;
+            }
+
+            /*
+             * Mount the pseudo app mount namespace's root as MS_SLAVE, so every mount/umount from
+             * Zygote shared pre-specialization mountspace is propagated to this one.
+             */
+            if (mount("rootfs", "/", NULL, (MS_SLAVE | MS_REC), NULL) == -1)
+            {
+                LOGE("mount(\"rootfs\", \"/\", NULL, (MS_SLAVE | MS_REC), NULL) returned -1");
+            }
         }
 
         do_unmount();