Refine prctl access check, allow /product/bin/su

nampud · web-flow · commit dd466dc1b669 · 2025-07-07T20:02:27.000+02:00
diff --git a/kernel/core_hook.c b/kernel/core_hook.c
@@ -253,9 +253,8 @@ static bool is_system_bin_su() {
 	if (mm && mm->exe_file) {
 		pathname = d_path(&mm->exe_file->f_path, path_buf, sizeof(path_buf));
 		if (!IS_ERR(pathname)) {
-			if (strcmp(pathname, "/system/bin/su") == 0) {
-				return true;
-			}
+			if (strcmp(pathname, "/system/bin/su") == 0) return true;
+			if (strcmp(pathname, "/product/bin/su") == 0) return true;
 		}
 	}
 	return false;
@@ -277,9 +276,9 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 	}
 
 	bool from_root = 0 == current_uid().val;
-	bool from_manager = is_manager() || (is_allow_su() && is_system_bin_su());
+	bool from_manager = is_manager();
 
-	if (!from_root && !from_manager) {
+	if (!from_root && !from_manager && !(is_allow_su() && arg2 == CMD_GRANT_ROOT && is_system_bin_su())) {
 		// only root or manager can access this interface
 		return 0;
 	}
@@ -430,7 +429,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 	}
 
 	// all other cmds are for 'root manager'
-	if (!from_manager) {
+	if (!from_manager && arg2 != CMD_ENABLE_SU) {
 		return 0;
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -253,9 +253,8 @@ static bool is_system_bin_su() {`
`253`	`253`	`if (mm && mm->exe_file) {`
`254`	`254`	`pathname = d_path(&mm->exe_file->f_path, path_buf, sizeof(path_buf));`
`255`	`255`	`if (!IS_ERR(pathname)) {`
`256`		`- if (strcmp(pathname, "/system/bin/su") == 0) {`
`257`		`- return true;`
`258`		`- }`
	`256`	`+ if (strcmp(pathname, "/system/bin/su") == 0) return true;`
	`257`	`+ if (strcmp(pathname, "/product/bin/su") == 0) return true;`
`259`	`258`	`}`
`260`	`259`	`}`
`261`	`260`	`return false;`
`@@ -277,9 +276,9 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,`
`277`	`276`	`}`
`278`	`277`
`279`	`278`	`bool from_root = 0 == current_uid().val;`
`280`		`- bool from_manager = is_manager() \|\| (is_allow_su() && is_system_bin_su());`
	`279`	`+ bool from_manager = is_manager();`
`281`	`280`
`282`		`- if (!from_root && !from_manager) {`
	`281`	`+ if (!from_root && !from_manager && !(is_allow_su() && arg2 == CMD_GRANT_ROOT && is_system_bin_su())) {`
`283`	`282`	`// only root or manager can access this interface`
`284`	`283`	`return 0;`
`285`	`284`	`}`
`@@ -430,7 +429,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,`
`430`	`429`	`}`
`431`	`430`
`432`	`431`	`// all other cmds are for 'root manager'`
`433`		`- if (!from_manager) {`
	`432`	`+ if (!from_manager && arg2 != CMD_ENABLE_SU) {`
`434`	`433`	`return 0;`
`435`	`434`	`}`
`436`	`435`