Skip to content

Commit

Permalink
Correctly handle is_ksu_domain, close #972 (#1246)
Browse files Browse the repository at this point in the history 
fix #972
  • Loading branch information
@Ylarod
Ylarod authored Jan 4, 2024
1 parent 5f31571 commit f37cc16
Showing 1 changed file with 7 additions and 6 deletions.
13 changes: 7 additions & 6 deletions kernel/selinux/selinux.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,6 @@

#define KERNEL_SU_DOMAIN "u:r:su:s0"

static u32 ksu_sid;

static int transive_to_domain(const char *domain)
{
struct cred *cred;
Expand All @@ -31,9 +29,6 @@ static int transive_to_domain(const char *domain)
domain, sid, error);
}
if (!error) {
if (!ksu_sid)
ksu_sid = sid;

tsec->sid = sid;
tsec->create_sid = 0;
tsec->keycreate_sid = 0;
Expand Down Expand Up @@ -106,7 +101,13 @@ static inline u32 current_sid(void)

bool is_ksu_domain()
{
return ksu_sid && current_sid() == ksu_sid;
char *domain;
u32 seclen;
int err = security_secid_to_secctx(current_sid(), &domain, &seclen);
if (err) {
return false;
}
return strncmp(KERNEL_SU_DOMAIN, domain, seclen) == 0;
}

bool is_zygote(void *sec)
Expand Down

0 comments on commit f37cc16

Please sign in to comment.