Skip same mount namespace
This commit is contained in:
parent
c08b0d4974
commit
5b54ef840a
@ -59,9 +59,6 @@ static inline void lazy_unmount(const char* mountpoint) {
|
||||
LOGD("hide_daemon: Unmounted (%s)\n", mountpoint);
|
||||
}
|
||||
|
||||
/* APK monitoring doesn't seem to require checking namespace
|
||||
* separation from PPID. Preserve this function just in case */
|
||||
#if 0
|
||||
static inline int parse_ppid(const int pid) {
|
||||
char path[32];
|
||||
int ppid;
|
||||
@ -77,7 +74,6 @@ static inline int parse_ppid(const int pid) {
|
||||
|
||||
return ppid;
|
||||
}
|
||||
#endif
|
||||
|
||||
static bool is_snet(const int pid) {
|
||||
char path[32];
|
||||
@ -144,11 +140,15 @@ static bool process_pid(int pid) {
|
||||
if (pid <= 1000)
|
||||
return true;
|
||||
|
||||
struct stat ns;
|
||||
struct stat ns, pns;
|
||||
int ppid = parse_ppid(pid);
|
||||
int uid = get_uid(pid);
|
||||
if (hide_uid.count(uid)) {
|
||||
// Make sure we can read mount namespace
|
||||
if (read_ns(pid, &ns))
|
||||
if (read_ns(pid, &ns) || read_ns(ppid, &pns))
|
||||
return true;
|
||||
// mount namespace is not separated, we only unmount once
|
||||
if (ns.st_dev == pns.st_dev && ns.st_ino == pns.st_ino)
|
||||
return true;
|
||||
|
||||
// Check if it's a process we haven't already hijacked
|
||||
|
Loading…
x
Reference in New Issue
Block a user