ksud: support global mnt for debug su

userspace/ksud/src/cli.rs

@@ -105,7 +105,11 @@ enum Debug {
     },
 
     /// Root Shell
-    Su,
+    Su {
+        /// switch to gloabl mount namespace
+        #[arg(short, long, default_value = "false")]
+        global_mnt: bool,
+    },
 
     /// Get kernel version
     Version,
@@ -306,7 +310,7 @@ pub fn run() -> Result<()> {
                 println!("Kernel Version: {}", crate::ksu::get_version());
                 Ok(())
             }
-            Debug::Su => crate::ksu::grant_root(),
+            Debug::Su { global_mnt } => crate::ksu::grant_root(global_mnt),
             Debug::Mount => event::mount_systemlessly(defs::MODULE_DIR),
             Debug::Xcp { src, dst } => {
                 utils::copy_sparse_file(src, dst)?;

userspace/ksud/src/ksu.rs

@@ -22,9 +22,34 @@ const EVENT_BOOT_COMPLETED: u64 = 2;
 const EVENT_MODULE_MOUNTED: u64 = 3;
 
 #[cfg(any(target_os = "linux", target_os = "android"))]
-pub fn grant_root() -> Result<()> {
-    rustix::process::ksu_grant_root()?;
-    Ok(())
+pub fn grant_root(global_mnt: bool) -> Result<()> {
+    const KERNEL_SU_OPTION: u32 = 0xDEAD_BEEF;
+    const CMD_GRANT_ROOT: u64 = 0;
+
+    let mut result: u32 = 0;
+    unsafe {
+        #[allow(clippy::cast_possible_wrap)]
+        libc::prctl(
+            KERNEL_SU_OPTION as i32, // supposed to overflow
+            CMD_GRANT_ROOT,
+            0,
+            0,
+            std::ptr::addr_of_mut!(result).cast::<libc::c_void>(),
+        );
+    }
+
+    anyhow::ensure!(result == KERNEL_SU_OPTION, "grant root failed");
+    let mut command = std::process::Command::new("sh");
+    let command = unsafe {
+        command.pre_exec(move || {
+            if global_mnt {
+                let _ = utils::switch_mnt_ns(1);
+                let _ = utils::unshare_mnt_ns();
+            }
+            std::result::Result::Ok(())
+        })
+    };
+    Err(command.exec().into())
 }
 
 #[cfg(not(any(target_os = "linux", target_os = "android")))]