From d4d52ffb93c56bcec084390a59a20c505d96e606 Mon Sep 17 00:00:00 2001
From: 5ec1cff <ewtqyqyewtqyqy@gmail.com>
Date: Fri, 29 Nov 2024 12:28:55 +0800
Subject: [PATCH] ksud: refine tmpfs

---
 userspace/ksud/src/defs.rs        | 1 +
 userspace/ksud/src/init_event.rs  | 7 +++++++
 userspace/ksud/src/magic_mount.rs | 7 +++++--
 3 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/userspace/ksud/src/defs.rs b/userspace/ksud/src/defs.rs
index 2a965581f3af..5454def17cf7 100644
--- a/userspace/ksud/src/defs.rs
+++ b/userspace/ksud/src/defs.rs
@@ -31,6 +31,7 @@ pub const DISABLE_FILE_NAME: &str = "disable";
 pub const UPDATE_FILE_NAME: &str = "update";
 pub const REMOVE_FILE_NAME: &str = "remove";
 pub const SKIP_MOUNT_FILE_NAME: &str = "skip_mount";
+pub const MAGIC_MOUNT_WORK_DIR: &str = concatcp!(TEMP_DIR, "/workdir");
 
 pub const VERSION_CODE: &str = include_str!(concat!(env!("OUT_DIR"), "/VERSION_CODE"));
 pub const VERSION_NAME: &str = include_str!(concat!(env!("OUT_DIR"), "/VERSION_NAME"));
diff --git a/userspace/ksud/src/init_event.rs b/userspace/ksud/src/init_event.rs
index c332702236fe..f5bb8b871050 100644
--- a/userspace/ksud/src/init_event.rs
+++ b/userspace/ksud/src/init_event.rs
@@ -1,7 +1,9 @@
+use crate::defs::{KSU_MOUNT_SOURCE, TEMP_DIR};
 use crate::module::{handle_updated_modules, prune_modules};
 use crate::{assets, defs, ksucalls, restorecon, utils};
 use anyhow::{Context, Result};
 use log::{info, warn};
+use rustix::fs::{mount, MountFlags};
 use std::path::Path;
 
 pub fn on_post_data_fs() -> Result<()> {
@@ -65,6 +67,11 @@ pub fn on_post_data_fs() -> Result<()> {
         warn!("apply root profile sepolicy failed: {}", e);
     }
 
+    // mount temp dir
+    if let Err(e) = mount(KSU_MOUNT_SOURCE, TEMP_DIR, "tmpfs", MountFlags::empty(), "") {
+        warn!("do temp dir mount failed: {}", e);
+    }
+
     // exec modules post-fs-data scripts
     // TODO: Add timeout
     if let Err(e) = crate::module::exec_stage_script("post-fs-data", true) {
diff --git a/userspace/ksud/src/magic_mount.rs b/userspace/ksud/src/magic_mount.rs
index 51bb6d7388f4..c6bd9f1869d5 100644
--- a/userspace/ksud/src/magic_mount.rs
+++ b/userspace/ksud/src/magic_mount.rs
@@ -1,8 +1,9 @@
 use crate::defs::{
-    DISABLE_FILE_NAME, KSU_MOUNT_SOURCE, MODULE_DIR, SKIP_MOUNT_FILE_NAME, TEMP_DIR,
+    DISABLE_FILE_NAME, KSU_MOUNT_SOURCE, MAGIC_MOUNT_WORK_DIR, MODULE_DIR, SKIP_MOUNT_FILE_NAME,
 };
 use crate::magic_mount::NodeFileType::{Directory, RegularFile, Symlink, Whiteout};
 use crate::restorecon::{lgetfilecon, lsetfilecon};
+use crate::utils::ensure_dir_exists;
 use anyhow::{bail, Context, Result};
 use extattr::lgetxattr;
 use rustix::fs::{
@@ -416,13 +417,15 @@ fn do_magic_mount<P: AsRef<Path>, WP: AsRef<Path>>(
 pub fn magic_mount() -> Result<()> {
     if let Some(root) = collect_module_files()? {
         log::debug!("collected: {:#?}", root);
-        let tmp_dir = PathBuf::from(TEMP_DIR);
+        let tmp_dir = PathBuf::from(MAGIC_MOUNT_WORK_DIR);
+        ensure_dir_exists(&tmp_dir)?;
         mount(KSU_MOUNT_SOURCE, &tmp_dir, "tmpfs", MountFlags::empty(), "").context("mount tmp")?;
         mount_change(&tmp_dir, MountPropagationFlags::PRIVATE).context("make tmp private")?;
         let result = do_magic_mount("/", &tmp_dir, root, false);
         if let Err(e) = unmount(&tmp_dir, UnmountFlags::DETACH) {
             log::error!("failed to unmount tmp {}", e);
         }
+        fs::remove_dir(tmp_dir).ok();
         result
     } else {
         log::info!("no modules to mount, skipping!");