Skip to content

kernel: no need to remark process on post-fs-data and boot-completed #2935

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
aviraxp merged 3 commits into from
Nov 15, 2025
Merged

kernel: no need to remark process on post-fs-data and boot-completed #2935

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
cfcdd5c
kernel: no need to remark process on post-fs-data and boot-completed
5ec1cff Nov 15, 2025
b69297e
Remove ksu_set_task_tracepoint_flag call
5ec1cff Nov 15, 2025
def9a2a
mark ksud
5ec1cff Nov 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 1 addition & 8 deletions kernel/ksud.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@
#include "klog.h" // IWYU pragma: keep
#include "ksud.h"
#include "selinux/selinux.h"
#include "syscall_hook_manager.h"
#include "throne_tracker.h"

bool ksu_module_mounted __read_mostly = false;
Expand Down Expand Up @@ -77,8 +76,6 @@ void on_post_fs_data(void)
done = true;
pr_info("on_post_fs_data!\n");
ksu_load_allow_list();
pr_info("mark tif for running process\n");
ksu_mark_running_process();
ksu_observer_init();
// sanity check, this may influence the performance
stop_input_hook();
Expand Down Expand Up @@ -119,9 +116,6 @@ void on_boot_completed(void){
ksu_boot_completed = true;
pr_info("on_boot_completed!\n");
track_throne(true);
// remark process, we don't want to mark other init
// forked process excepte zygote and adbd
ksu_mark_running_process();
}

#define MAX_ARG_STRINGS 0x7FFFFFFF
Expand Down Expand Up @@ -318,7 +312,6 @@ int ksu_handle_execveat_ksud(int *fd, struct filename **filename_ptr,
task_work_add(init_task, &on_post_fs_data_cb, TWA_RESUME);
}
rcu_read_unlock();
ksu_set_task_tracepoint_flag(current); // we are zygote!

stop_execve_hook();
}
Expand Down Expand Up @@ -653,4 +646,4 @@ void ksu_ksud_exit()
// unregister_kprobe(&vfs_read_kp);
unregister_kprobe(&input_event_kp);
#endif
}
}
5 changes: 3 additions & 2 deletions kernel/syscall_hook_manager.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -239,7 +239,7 @@ static inline bool check_syscall_fastpath(int nr)
}
}

// Unmark init's child that are not zygote or adbd
// Unmark init's child that are not zygote, adbd or ksud
int ksu_handle_init_mark_tracker(const char __user **filename_user)
{
char path[64];
Expand All @@ -250,7 +250,8 @@ int ksu_handle_init_mark_tracker(const char __user **filename_user)
memset(path, 0, sizeof(path));
strncpy_from_user_nofault(path, *filename_user, sizeof(path));

if (likely(strstr(path, "/app_process") == NULL && strstr(path, "/adbd") == NULL)) {
if (likely(strstr(path, "/app_process") == NULL && strstr(path, "/adbd") == NULL && strstr(path, "/ksud") == NULL)) {
pr_info("hook_manager: unmark %d exec %s", current->pid, path);
ksu_clear_task_tracepoint_flag_if_needed(current);
}

Expand Down