process tagging bullshit

for: tiann#3378

ref: https://elixir.bootlin.com/linux/v4.14.1/source/kernel/signal.c#L1974
https://elixir.bootlin.com/linux/v4.14.1/source/include/linux/sched/signal.h#L231

[   38.584868] KernelSU: sys_execve su->ksud!
[   38.591293] KernelSU: ksu_bprm_check: ksu managed task found with pid: 4681 comm: ksud
[   38.811241] KernelSU: sys_execve su->ksud!
[   38.816113] KernelSU: ksu_bprm_check: ksu managed task found with pid: 4707 comm: ksud
[   38.972612] KernelSU: sys_execve su->ksud!
[   38.998849] KernelSU: ksu_bprm_check: ksu managed task found with pid: 4724 comm: ksud
[   39.513940] KernelSU: sys_execve su->ksud!
[   39.530293] KernelSU: ksu_bprm_check: ksu managed task found with pid: 4774 comm: ksud
[   39.534300] KernelSU: sys_execve su->ksud!
[   39.539604] KernelSU: ksu_bprm_check: ksu managed task found with pid: 4779 comm: ksud
[   51.405629] KernelSU: newfstatat su->sh!

Author: backslashxx

kernel/hook/core_hook.c

@@ -44,6 +44,21 @@ LSM_HANDLER_TYPE ksu_handle_rename(struct dentry *old_dentry, struct dentry *new
 	return 0;
 }
 
+// https://elixir.bootlin.com/linux/v7.0-rc6/source/include/linux/sched/signal.h#L94
+// its free real estate
+#define SIGNAL_KSU_MANAGED	0x01000000
+#define SIGNAL_KSU_BIT25	0x02000000
+#define SIGNAL_KSU_BIT26	0x04000000
+#define SIGNAL_KSU_BIT27	0x08000000
+#define SIGNAL_KSU_BIT28	0x10000000
+#define SIGNAL_KSU_BIT29	0x20000000
+#define SIGNAL_KSU_BIT30	0x40000000
+#define SIGNAL_KSU_BIT31	0x80000000
+
+// so we can clear everything all at once
+// FF XX XX XX
+#define SIGNAL_KSU_MASK		(0xFF000000)
+
 LSM_HANDLER_TYPE ksu_handle_setuid(struct cred *new, const struct cred *old)
 {
 	if (!new || !old) {
@@ -63,10 +78,20 @@ LSM_HANDLER_TYPE ksu_handle_setuid(struct cred *new, const struct cred *old)
 		disable_seccomp();
 		pr_info("install fd for: %d\n", new_uid);
 		ksu_install_fd(); // install fd for ksu manager
+
+		spin_lock_irq(&current->sighand->siglock);
+		current->signal->flags |= SIGNAL_KSU_MANAGED;
+		spin_unlock_irq(&current->sighand->siglock);
+
 	}
 
 	if (unlikely(ksu_is_allow_uid_for_current(new_uid))) {
 		disable_seccomp();
+
+		spin_lock_irq(&current->sighand->siglock);
+		current->signal->flags |= SIGNAL_KSU_MANAGED;
+		spin_unlock_irq(&current->sighand->siglock);
+
 		return 0;
 	}
 
@@ -80,6 +105,21 @@ LSM_HANDLER_TYPE ksu_bprm_check(struct linux_binprm *bprm)
 		ksu_sulog_emit_bprm((const char *)bprm->filename);
 #endif
 
+	if (unlikely(current->signal->flags & SIGNAL_KSU_MANAGED)) {
+		pr_info("%s: ksu managed task found with pid: %d comm: %s \n", __func__, current->pid, current->comm);
+
+		// untag if needed
+		// actually not needed, when process dies, this shit is freed anyway
+		// atleast if we need to wipe shit we can do this
+		// TODO: might actually be better to use this check in sucompat's gate?
+		// depending on what upstream does
+		spin_lock_irq(&current->sighand->siglock);
+		current->signal->flags &= ~SIGNAL_KSU_MASK;
+		spin_unlock_irq(&current->sighand->siglock);
+
+		return 0; 
+	}
+
 	if (likely(!ksu_execveat_hook))
 		return 0;