Skip to content

Commit

Permalink
HACK: fs/proc: block access to mounts for "IsolatedService"
Browse files Browse the repository at this point in the history 
Prevents Magisk mount leakage and root detection by apps with unmodified detection code from here:
https://darvincitech.wordpress.com/2019/11/04/detecting-magisk-hide/

Example: https://play.google.com/store/apps/details?id=ua.gov.diia.app

oryginal commit: acroreiser/android_kernel_lenovo_a6010@d17c01f

Signed-off-by: ThunderStorms21th nalas <[email protected]>
  • Loading branch information
@ThunderStorms21th @DozNaka
ThunderStorms21th authored and DozNaka committed Aug 5, 2022
1 parent 7206878 commit 6096dd8
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions fs/proc_namespace.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,12 @@ static int mounts_open_common(struct inode *inode, struct file *file,
if (!task)
goto err;

if(!strncmp("IsolatedService", task->comm, 15))
{
ret = -EINVAL;
goto err;
}

task_lock(task);
nsp = task->nsproxy;
if (!nsp || !nsp->mnt_ns) {
Expand Down

0 comments on commit 6096dd8

Please sign in to comment.