From cbc04ff6dfb2ba7b708d70dae286e927534a9d01 Mon Sep 17 00:00:00 2001 From: weishu Date: Fri, 23 Feb 2024 17:57:40 +0800 Subject: [PATCH] ksud: support global mnt for debug su --- userspace/ksud/src/cli.rs | 8 ++++++-- userspace/ksud/src/ksu.rs | 31 ++++++++++++++++++++++++++++--- 2 files changed, 34 insertions(+), 5 deletions(-) diff --git a/userspace/ksud/src/cli.rs b/userspace/ksud/src/cli.rs index cbd53f4005c4..dde5f9865453 100644 --- a/userspace/ksud/src/cli.rs +++ b/userspace/ksud/src/cli.rs @@ -105,7 +105,11 @@ enum Debug { }, /// Root Shell - Su, + Su { + /// switch to gloabl mount namespace + #[arg(short, long, default_value = "false")] + global_mnt: bool, + }, /// Get kernel version Version, @@ -306,7 +310,7 @@ pub fn run() -> Result<()> { println!("Kernel Version: {}", crate::ksu::get_version()); Ok(()) } - Debug::Su => crate::ksu::grant_root(), + Debug::Su { global_mnt } => crate::ksu::grant_root(global_mnt), Debug::Mount => event::mount_systemlessly(defs::MODULE_DIR), Debug::Xcp { src, dst } => { utils::copy_sparse_file(src, dst)?; diff --git a/userspace/ksud/src/ksu.rs b/userspace/ksud/src/ksu.rs index e42ce50bb4e9..30f9aa5533f7 100644 --- a/userspace/ksud/src/ksu.rs +++ b/userspace/ksud/src/ksu.rs @@ -22,9 +22,34 @@ const EVENT_BOOT_COMPLETED: u64 = 2; const EVENT_MODULE_MOUNTED: u64 = 3; #[cfg(any(target_os = "linux", target_os = "android"))] -pub fn grant_root() -> Result<()> { - rustix::process::ksu_grant_root()?; - Ok(()) +pub fn grant_root(global_mnt: bool) -> Result<()> { + const KERNEL_SU_OPTION: u32 = 0xDEAD_BEEF; + const CMD_GRANT_ROOT: u64 = 0; + + let mut result: u32 = 0; + unsafe { + #[allow(clippy::cast_possible_wrap)] + libc::prctl( + KERNEL_SU_OPTION as i32, // supposed to overflow + CMD_GRANT_ROOT, + 0, + 0, + std::ptr::addr_of_mut!(result).cast::(), + ); + } + + anyhow::ensure!(result == KERNEL_SU_OPTION, "grant root failed"); + let mut command = std::process::Command::new("sh"); + let command = unsafe { + command.pre_exec(move || { + if global_mnt { + let _ = utils::switch_mnt_ns(1); + let _ = utils::unshare_mnt_ns(); + } + std::result::Result::Ok(()) + }) + }; + Err(command.exec().into()) } #[cfg(not(any(target_os = "linux", target_os = "android")))]