From 58f9fd5ff060e7ed29c5fc0536f6dca9e9f8078f Mon Sep 17 00:00:00 2001 From: bin456789 Date: Wed, 24 Apr 2024 23:18:16 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BD=BF=E7=94=A8=20ksu=20=E5=AE=98=E7=BD=91?= =?UTF-8?q?=E7=9A=84=20path=5Fumount=20backport=20=E8=A1=A5=E4=B8=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/main.yml | 8 +- patches/backport-path-umount.patch | 42 ++++++++++ patches/support-umount-modules-kernel.patch | 49 ------------ patches/support-umount-modules-kernelsu.patch | 79 ------------------- 4 files changed, 47 insertions(+), 131 deletions(-) create mode 100644 patches/backport-path-umount.patch delete mode 100644 patches/support-umount-modules-kernel.patch delete mode 100644 patches/support-umount-modules-kernelsu.patch diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 91b74e0..8f59297 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -10,9 +10,8 @@ env: vendor/xiaomi/dipper.config kernel_patch: | allow-init-exec-ksud-under-nosuid.patch - support-umount-modules-kernel.patch + backport-path-umount.patch kernelsu_patch: | - support-umount-modules-kernelsu.patch on: schedule: @@ -227,7 +226,7 @@ jobs: path: AnyKernel3-master/* - name: Release - uses: softprops/action-gh-release@v1 + uses: softprops/action-gh-release@v2 with: tag_name: ${{ env.kernelsu_remote_version }} body: | @@ -237,6 +236,9 @@ jobs: Kernel: https://github.com/${{ env.kernel_repository }}/tree/${{ env.kernel_commit_id }} + Branch: + ${{ env.kernel_branch }} + KernelSU: https://github.com/tiann/KernelSU/releases/tag/${{ env.kernelsu_remote_version }} files: | diff --git a/patches/backport-path-umount.patch b/patches/backport-path-umount.patch new file mode 100644 index 0000000..c03efb8 --- /dev/null +++ b/patches/backport-path-umount.patch @@ -0,0 +1,42 @@ +--- a/fs/namespace.c ++++ b/fs/namespace.c +@@ -1739,6 +1739,39 @@ static inline bool may_mandlock(void) + } + #endif + ++static int can_umount(const struct path *path, int flags) ++{ ++ struct mount *mnt = real_mount(path->mnt); ++ ++ if (flags & ~(MNT_FORCE | MNT_DETACH | MNT_EXPIRE | UMOUNT_NOFOLLOW)) ++ return -EINVAL; ++ if (!may_mount()) ++ return -EPERM; ++ if (path->dentry != path->mnt->mnt_root) ++ return -EINVAL; ++ if (!check_mnt(mnt)) ++ return -EINVAL; ++ if (mnt->mnt.mnt_flags & MNT_LOCKED) /* Check optimistically */ ++ return -EINVAL; ++ if (flags & MNT_FORCE && !capable(CAP_SYS_ADMIN)) ++ return -EPERM; ++ return 0; ++} ++ ++int path_umount(struct path *path, int flags) ++{ ++ struct mount *mnt = real_mount(path->mnt); ++ int ret; ++ ++ ret = can_umount(path, flags); ++ if (!ret) ++ ret = do_umount(mnt, flags); ++ ++ /* we mustn't call path_put() as that would clear mnt_expiry_mark */ ++ dput(path->dentry); ++ mntput_no_expire(mnt); ++ return ret; ++} + /* + * Now umount can handle mount points as well as block devices. + * This is important for filesystems which use unnamed block devices. diff --git a/patches/support-umount-modules-kernel.patch b/patches/support-umount-modules-kernel.patch deleted file mode 100644 index 0d13047..0000000 --- a/patches/support-umount-modules-kernel.patch +++ /dev/null @@ -1,49 +0,0 @@ -From b365cf69594bfb47a05b9f279a1dbdc00a065b41 Mon Sep 17 00:00:00 2001 -From: wxt1221 <3264117476@qq.com> -Date: Fri, 20 Oct 2023 16:15:35 +0800 -Subject: [PATCH] support umount moduls - ---- - fs/namespace.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/fs/namespace.c b/fs/namespace.c -index 21fd423b1..6f6a0adf4 100644 ---- a/fs/namespace.c -+++ b/fs/namespace.c -@@ -797,7 +797,7 @@ static void put_mountpoint(struct mountpoint *mp) - } - } - --static inline int check_mnt(struct mount *mnt) -+inline int check_mnt(struct mount *mnt) - { - return mnt->mnt_ns == current->nsproxy->mnt_ns; - } -@@ -1170,7 +1170,7 @@ void flush_delayed_mntput_wait(void) - flush_delayed_work(&delayed_mntput_work); - } - --static void mntput_no_expire(struct mount *mnt) -+void mntput_no_expire(struct mount *mnt) - { - rcu_read_lock(); - if (likely(READ_ONCE(mnt->mnt_ns))) { -@@ -1550,7 +1550,7 @@ static void umount_tree(struct mount *mnt, enum umount_tree_flags how) - - static void shrink_submounts(struct mount *mnt); - --static int do_umount(struct mount *mnt, int flags) -+int do_umount(struct mount *mnt, int flags) - { - struct super_block *sb = mnt->mnt.mnt_sb; - int retval; -@@ -1689,7 +1689,7 @@ void __detach_mounts(struct dentry *dentry) - /* - * Is the caller allowed to modify his namespace? - */ --static inline bool may_mount(void) -+inline bool may_mount(void) - { - return ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN); - } diff --git a/patches/support-umount-modules-kernelsu.patch b/patches/support-umount-modules-kernelsu.patch deleted file mode 100644 index 5071bb3..0000000 --- a/patches/support-umount-modules-kernelsu.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 9e24830ccb575e4981b1715dd3971bf3faf19938 Mon Sep 17 00:00:00 2001 -From: wxt1221 <3264117476@qq.com> -Date: Fri, 26 Jan 2024 10:53:36 +0800 -Subject: [PATCH] support umount modules - ---- - kernel/core_hook.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++ - 1 file changed, 52 insertions(+) - -diff --git a/kernel/core_hook.c b/kernel/core_hook.c -index 9c863660dd29..04cea2e89017 100644 ---- a/kernel/core_hook.c -+++ b/kernel/core_hook.c -@@ -29,6 +29,53 @@ - #include "selinux/selinux.h" - #include "uid_observer.h" - #include "kernel_compat.h" -+#include "../../fs/mount.h" -+ -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 9, 0) -+ -+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0) -+extern inline bool may_mount(void); -+extern inline int check_mnt(struct mount *mnt); -+extern void mntput_no_expire(struct mount *mnt); -+extern int do_umount(struct mount *mnt, int flags); -+static inline bool ksu_path_mounted(const struct path *path) -+ { -+ return path->mnt->mnt_root == path->dentry; -+ } -+ static int ksu_can_umount(const struct path *path, int flags) -+ { -+ struct mount *mnt = real_mount(path->mnt); -+ -+ if (!may_mount()) -+ return -EPERM; -+ if (!ksu_path_mounted(path)) -+ return -EINVAL; -+ if (!check_mnt(mnt)) -+ return -EINVAL; -+ if (mnt->mnt.mnt_flags & MNT_LOCKED) /* Check optimistically */ -+ return -EINVAL; -+ if (flags & MNT_FORCE && !capable(CAP_SYS_ADMIN)) -+ return -EPERM; -+ return 0; -+ } -+ int ksu_path_umount(struct path *path, int flags) -+{ -+ struct mount *mnt = real_mount(path->mnt); -+ int ret; -+ -+ ret = ksu_can_umount(path, flags); -+ if (!ret) -+ ret = do_umount(mnt, flags); -+ -+ /* we mustn't call path_put() as that would clear mnt_expiry_mark */ -+ dput(path->dentry); -+ mntput_no_expire(mnt); -+ return ret; -+} -+#else -+ //not tested -+#endif -+ - - static bool ksu_module_mounted = false; - -@@ -501,6 +548,11 @@ static void ksu_umount_mnt(struct path *path, int flags) - if (err) { - pr_info("umount %s failed: %d\n", path->dentry->d_iname, err); - } -+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0) -+ int err = ksu_path_umount(path, flags); -+ if (err) { -+ pr_info("umount %s failed: %d\n", path->dentry->d_iname, err); -+ } - #else - // TODO: umount for non GKI kernel - #endif