From d6e159bff9be42c27f4aeed48cc13fa8a07886aa Mon Sep 17 00:00:00 2001 From: LoveSy Date: Wed, 22 May 2024 21:39:40 +0800 Subject: [PATCH] Use pidfd in more senarios --- native/src/core/deny/logcat.cpp | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/native/src/core/deny/logcat.cpp b/native/src/core/deny/logcat.cpp index fbe97be22..26bda5e29 100644 --- a/native/src/core/deny/logcat.cpp +++ b/native/src/core/deny/logcat.cpp @@ -2,6 +2,7 @@ #include #include #include +#include #include @@ -190,18 +191,27 @@ static void process_events_buffer(struct log_msg *msg) { } char path[16]; + ssprintf(path, sizeof(path), "/proc/%d", pid); struct stat st{}; - sprintf(path, "/proc/%d", pid); + int fd = syscall(__NR_pidfd_open, pid, 0); + if (fd > 0 && setns(fd, CLONE_NEWNS) == 0) { + pid = getpid(); + } else { + close(fd); + fd = -1; + } while (read_ns(pid, &st) == 0 && it->second.st_ino == st.st_ino) { if (stat(path, &st) == 0 && st.st_uid == 0) { usleep(10 * 1000); } else { - LOGW("logcat: skip [%.*s] PID=[%d] UID=[%d]; namespace not isolated\n", + LOGW("logcat: skip [%.*s] PID=[%s] UID=[%d]; namespace not isolated\n", (int) proc.length(), proc.data(), - pid, am_proc_start->uid.data); + path + 6, am_proc_start->uid.data); _exit(0); } + if (fd > 0) setns(fd, CLONE_NEWNS); } + close(fd); LOGI("logcat: revert [%.*s] PID=[%d] UID=[%d]\n", (int) proc.length(), proc.data(), pid, am_proc_start->uid.data);