mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-06-26 14:42:13 +00:00
5e1521700f
Some patches were ported from 12 to 10/11 Some patches from 11 were ported to 10 This 10/11 port should be very close to 12 BOUNS: 16.0 patches, disabled Signed-off-by: Tad <tad@spotco.us>
32 lines
1.4 KiB
Diff
32 lines
1.4 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Pratyush <codelab@pratyush.dev>
|
|
Date: Thu, 12 Aug 2021 00:15:25 +0530
|
|
Subject: [PATCH] use uid instead of app id for tracking INTERNET permission
|
|
|
|
Change-Id: Ibec846480f3b440b5a323c86efa95c2fd1d81284
|
|
---
|
|
bpf_progs/netd.c | 10 ++--------
|
|
1 file changed, 2 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/bpf_progs/netd.c b/bpf_progs/netd.c
|
|
index 1362be25..69b618f8 100644
|
|
--- a/bpf_progs/netd.c
|
|
+++ b/bpf_progs/netd.c
|
|
@@ -74,14 +74,8 @@ DEFINE_BPF_MAP(uid_permission_map, HASH, uint32_t, uint8_t, UID_OWNER_MAP_SIZE)
|
|
SEC("cgroupsock/inet/create")
|
|
int inet_socket_create(struct bpf_sock* sk) {
|
|
uint64_t gid_uid = bpf_get_current_uid_gid();
|
|
- /*
|
|
- * A given app is guaranteed to have the same app ID in all the profiles in
|
|
- * which it is installed, and install permission is granted to app for all
|
|
- * user at install time so we only check the appId part of a request uid at
|
|
- * run time. See UserHandle#isSameApp for detail.
|
|
- */
|
|
- uint32_t appId = (gid_uid & 0xffffffff) % PER_USER_RANGE;
|
|
- uint8_t* permissions = bpf_uid_permission_map_lookup_elem(&appId);
|
|
+ uint32_t uid = (gid_uid & 0xffffffff);
|
|
+ uint8_t* permissions = bpf_uid_permission_map_lookup_elem(&uid);
|
|
if (!permissions) {
|
|
// UID not in map. Default to just INTERNET permission.
|
|
return 1;
|