.github/workflows/fireasf.yml

@@ -26,9 +26,9 @@ jobs:
         rm -rf setup.sh*
         rm -rf KernelSU*
         curl -LSs "https://raw.githubusercontent.com/rifsxd/KernelSU-Next/next/kernel/setup.sh" | bash -s next
-        cp $(pwd)/patches/Implement-SUSFS-v1.5.4-for-KernelSU-Next.patch $(pwd)/KernelSU-Next/Implement-SUSFS-v1.5.4-for-KernelSU-Next.patch
+        cp $(pwd)/patches/0001-KernelSU-Next-Implement-SUSFS-v1.5.3-plus-GKI.patch $(pwd)/KernelSU-Next/0001-KernelSU-Next-Implement-SUSFS-v1.5.3-plus-GKI.patch
         cd $(pwd)/KernelSU-Next/
-        patch -p1 < Implement-SUSFS-v1.5.4-for-KernelSU-Next.patch
+        patch -p1 < 0001-KernelSU-Next-Implement-SUSFS-v1.5.3-plus-GKI.patch
         cd ..
         echo "Applied susfs4ksu"
         export FIREASF_VANILLA=true

arch/arm64/configs/a53x-ksu_defconfig

@@ -556,6 +556,10 @@ CONFIG_PM_WAKELOCKS_LIMIT=0
 # CONFIG_PM_WAKELOCKS_GC is not set
 CONFIG_PM=y
 # CONFIG_PM_DEBUG is not set
+# CONFIG_PM_ADVANCED_DEBUG is not set
+# CONFIG_PM_TEST_SUSPEND is not set
+CONFIG_PM_SLEEP_DEBUG=y
+# CONFIG_DPM_WATCHDOG is not set
 CONFIG_PM_CLK=y
 CONFIG_PM_GENERIC_DOMAINS=y
 # CONFIG_WQ_POWER_EFFICIENT_DEFAULT is not set
@@ -5479,7 +5483,7 @@ CONFIG_LEDS_TRIGGER_TRANSIENT=y
 # CONFIG_LEDS_TRIGGER_AUDIO is not set
 # CONFIG_ACCESSIBILITY is not set
 # CONFIG_INFINIBAND is not set
-CONFIG_EDAC_SUPPORT=y
+# CONFIG_EDAC_SUPPORT is not set
 # CONFIG_EDAC is not set
 CONFIG_RTC_LIB=y
 CONFIG_RTC_CLASS=y
@@ -5673,6 +5677,7 @@ CONFIG_UIO=y
 CONFIG_VIRTIO=y
 CONFIG_VIRTIO_MENU=y
 # CONFIG_VIRTIO_PCI is not set
+# CONFIG_VIRTIO_PMEM is not set
 # CONFIG_VIRTIO_BALLOON is not set
 # CONFIG_VIRTIO_INPUT is not set
 # CONFIG_VIRTIO_MMIO is not set
@@ -6005,7 +6010,6 @@ CONFIG_CMUCAL=m
 CONFIG_CP_PMUCAL=m
 CONFIG_GNSS_PMUCAL=m
 CONFIG_CHUB_PMUCAL=m
-CONFIG_CMUCAL_DEBUG=m
 CONFIG_CMUCAL_QCH_IGNORE_SUPPORT=m
 CONFIG_PMUCAL=y
 # CONFIG_PMUCAL_DBG is not set
@@ -6069,7 +6073,6 @@ CONFIG_EXYNOS_ACPM_MFD=y
 # CONFIG_EXYNOS_MFD_SPMI is not set
 CONFIG_EXYNOS_MFD_I3C=y
 # CONFIG_EXYNOS_ACPM_S2D is not set
-# CONFIG_EXYNOS_ACPM_PLGDBG is not set
 CONFIG_EXYNOS_DEBUG=y
 CONFIG_DEBUG_SNAPSHOT=m
 # CONFIG_DEBUG_SNAPSHOT_API is not set
@@ -6692,6 +6695,13 @@ CONFIG_ANDROID_VENDOR_OEM_DATA=y
 
 CONFIG_TRACE_GPU_MEM=y
 # CONFIG_LIBNVDIMM is not set
+CONFIG_BLK_DEV_PMEM=y
+# CONFIG_ND_BLK is not set
+CONFIG_ND_CLAIM=y
+CONFIG_ND_BTT=y
+CONFIG_BTT=y
+CONFIG_OF_PMEM=y
+CONFIG_DAX_DRIVER=y
 CONFIG_DAX=y
 # CONFIG_DEV_DAX is not set
 CONFIG_NVMEM=y
@@ -7847,6 +7857,7 @@ CONFIG_GENERIC_GETTIMEOFDAY=y
 CONFIG_GENERIC_COMPAT_VDSO=y
 CONFIG_GENERIC_VDSO_TIME_NS=y
 CONFIG_SG_POOL=y
+CONFIG_MEMREGION=y
 CONFIG_ARCH_STACKWALK=y
 CONFIG_STACKDEPOT=y
 CONFIG_STACK_HASH_ORDER=12
@@ -7912,6 +7923,8 @@ CONFIG_HAVE_ARCH_KGDB=y
 # CONFIG_KGDB is not set
 CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y
 # CONFIG_UBSAN is not set
+CONFIG_CC_HAS_UBSAN_BOUNDS=y
+CONFIG_CC_HAS_UBSAN_ARRAY_BOUNDS=y
 CONFIG_HAVE_KCSAN_COMPILER=y
 # end of Generic Kernel Debugging Instruments
 
@@ -8077,6 +8090,7 @@ CONFIG_BPF_EVENTS=y
 CONFIG_DYNAMIC_EVENTS=y
 CONFIG_PROBE_EVENTS=y
 # CONFIG_BPF_KPROBE_OVERRIDE is not set
+CONFIG_TRACING_MAP=y
 CONFIG_SYNTH_EVENTS=y
 # CONFIG_HIST_TRIGGERS is not set
 # CONFIG_TRACE_EVENT_INJECT is not set
@@ -8087,6 +8101,7 @@ CONFIG_SYNTH_EVENTS=y
 # CONFIG_PREEMPTIRQ_DELAY_TEST is not set
 # CONFIG_SYNTH_EVENT_GEN_TEST is not set
 # CONFIG_KPROBE_EVENT_GEN_TEST is not set
+# CONFIG_HIST_TRIGGERS_DEBUG is not set
 # CONFIG_SAMPLES is not set
 CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y
 # CONFIG_STRICT_DEVMEM is not set

arch/arm64/configs/a53x_defconfig

@@ -556,6 +556,10 @@ CONFIG_PM_WAKELOCKS_LIMIT=0
 # CONFIG_PM_WAKELOCKS_GC is not set
 CONFIG_PM=y
 # CONFIG_PM_DEBUG is not set
+# CONFIG_PM_ADVANCED_DEBUG is not set
+# CONFIG_PM_TEST_SUSPEND is not set
+CONFIG_PM_SLEEP_DEBUG=y
+# CONFIG_DPM_WATCHDOG is not set
 CONFIG_PM_CLK=y
 CONFIG_PM_GENERIC_DOMAINS=y
 # CONFIG_WQ_POWER_EFFICIENT_DEFAULT is not set
@@ -3004,7 +3008,7 @@ CONFIG_SERIAL_MCTRL_GPIO=y
 # CONFIG_NOZOMI is not set
 # CONFIG_NULL_TTY is not set
 # CONFIG_TRACE_SINK is not set
-CONFIG_HVC_DRIVER=y
+# CONFIG_HVC_DRIVER is not set
 # CONFIG_HVC_DCC is not set
 CONFIG_SERIAL_DEV_BUS=y
 CONFIG_SERIAL_DEV_CTRL_TTYPORT=y
@@ -5479,8 +5483,12 @@ CONFIG_LEDS_TRIGGER_TRANSIENT=y
 # CONFIG_LEDS_TRIGGER_AUDIO is not set
 # CONFIG_ACCESSIBILITY is not set
 # CONFIG_INFINIBAND is not set
-CONFIG_EDAC_SUPPORT=y
+# CONFIG_EDAC_SUPPORT is not set
 # CONFIG_EDAC is not set
+# CONFIG_EDAC_DEBUG is not set
+# CONFIG_EDAC_THUNDERX is not set
+# CONFIG_EDAC_XGENE is not set
+# CONFIG_EDAC_DMC520 is not set
 CONFIG_RTC_LIB=y
 CONFIG_RTC_CLASS=y
 CONFIG_RTC_HCTOSYS=y
@@ -5673,6 +5681,7 @@ CONFIG_UIO=y
 CONFIG_VIRTIO=y
 CONFIG_VIRTIO_MENU=y
 # CONFIG_VIRTIO_PCI is not set
+# CONFIG_VIRTIO_PMEM is not set
 # CONFIG_VIRTIO_BALLOON is not set
 # CONFIG_VIRTIO_INPUT is not set
 # CONFIG_VIRTIO_MMIO is not set
@@ -6005,7 +6014,6 @@ CONFIG_CMUCAL=m
 CONFIG_CP_PMUCAL=m
 CONFIG_GNSS_PMUCAL=m
 CONFIG_CHUB_PMUCAL=m
-CONFIG_CMUCAL_DEBUG=m
 CONFIG_CMUCAL_QCH_IGNORE_SUPPORT=m
 CONFIG_PMUCAL=y
 # CONFIG_PMUCAL_DBG is not set
@@ -6069,7 +6077,6 @@ CONFIG_EXYNOS_ACPM_MFD=y
 # CONFIG_EXYNOS_MFD_SPMI is not set
 CONFIG_EXYNOS_MFD_I3C=y
 # CONFIG_EXYNOS_ACPM_S2D is not set
-# CONFIG_EXYNOS_ACPM_PLGDBG is not set
 CONFIG_EXYNOS_DEBUG=y
 CONFIG_DEBUG_SNAPSHOT=m
 # CONFIG_DEBUG_SNAPSHOT_API is not set
@@ -6692,6 +6699,13 @@ CONFIG_ANDROID_VENDOR_OEM_DATA=y
 
 CONFIG_TRACE_GPU_MEM=y
 # CONFIG_LIBNVDIMM is not set
+CONFIG_BLK_DEV_PMEM=y
+# CONFIG_ND_BLK is not set
+CONFIG_ND_CLAIM=y
+CONFIG_ND_BTT=y
+CONFIG_BTT=y
+CONFIG_OF_PMEM=y
+CONFIG_DAX_DRIVER=y
 CONFIG_DAX=y
 # CONFIG_DEV_DAX is not set
 CONFIG_NVMEM=y
@@ -7829,6 +7843,7 @@ CONFIG_GENERIC_GETTIMEOFDAY=y
 CONFIG_GENERIC_COMPAT_VDSO=y
 CONFIG_GENERIC_VDSO_TIME_NS=y
 CONFIG_SG_POOL=y
+CONFIG_MEMREGION=y
 CONFIG_ARCH_STACKWALK=y
 CONFIG_STACKDEPOT=y
 CONFIG_STACK_HASH_ORDER=12
@@ -7894,6 +7909,8 @@ CONFIG_HAVE_ARCH_KGDB=y
 # CONFIG_KGDB is not set
 CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y
 # CONFIG_UBSAN is not set
+CONFIG_CC_HAS_UBSAN_BOUNDS=y
+CONFIG_CC_HAS_UBSAN_ARRAY_BOUNDS=y
 CONFIG_HAVE_KCSAN_COMPILER=y
 # end of Generic Kernel Debugging Instruments
 
@@ -8059,6 +8076,7 @@ CONFIG_BPF_EVENTS=y
 CONFIG_DYNAMIC_EVENTS=y
 CONFIG_PROBE_EVENTS=y
 # CONFIG_BPF_KPROBE_OVERRIDE is not set
+CONFIG_TRACING_MAP=y
 CONFIG_SYNTH_EVENTS=y
 # CONFIG_HIST_TRIGGERS is not set
 # CONFIG_TRACE_EVENT_INJECT is not set
@@ -8069,6 +8087,7 @@ CONFIG_SYNTH_EVENTS=y
 # CONFIG_PREEMPTIRQ_DELAY_TEST is not set
 # CONFIG_SYNTH_EVENT_GEN_TEST is not set
 # CONFIG_KPROBE_EVENT_GEN_TEST is not set
+# CONFIG_HIST_TRIGGERS_DEBUG is not set
 # CONFIG_SAMPLES is not set
 CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y
 # CONFIG_STRICT_DEVMEM is not set

build.sh

@@ -18,11 +18,6 @@ command_three() {
     rm -rf setup.sh*
     rm -rf KernelSU*
     curl -LSs "https://raw.githubusercontent.com/rifsxd/KernelSU-Next/next/kernel/setup.sh" | bash -s next
-    cp $(pwd)/patches/Implement-SUSFS-v1.5.4-for-KernelSU-Next.patch $(pwd)/KernelSU-Next/Implement-SUSFS-v1.5.4-for-KernelSU-Next.patch
-    cd $(pwd)/KernelSU-Next/
-    patch -p1 < Implement-SUSFS-v1.5.4-for-KernelSU-Next.patch
-    cd ..
-    echo "Applied susfs4ksu"
 }
 
 command_four() {

fs/Makefile

@@ -21,6 +21,9 @@ obj-y :=	open.o read_write.o file_table.o super.o \
 obj-$(CONFIG_KSU_SUSFS) += susfs.o
 obj-$(CONFIG_KSU_SUSFS_SUS_SU) += sus_su.o
 
+obj-$(CONFIG_KSU_SUSFS) += susfs.o
+obj-$(CONFIG_KSU_SUSFS_SUS_SU) += sus_su.o
+
 ifeq ($(CONFIG_BLOCK),y)
 obj-y +=	buffer.o block_dev.o direct-io.o mpage.o
 else

fs/dcache.c

@@ -2410,6 +2410,12 @@ struct dentry *__d_lookup(const struct dentry *parent, const struct qstr *name)
 		if (dentry->d_name.hash != hash)
 			continue;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_PATH
+		if (dentry->d_inode && unlikely(dentry->d_inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
+			continue;
+		}
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_PATH
 		if (dentry->d_inode && unlikely(dentry->d_inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
 			continue;

fs/devpts/inode.c

@@ -601,6 +601,11 @@ extern bool ksu_devpts_hook;
 extern int ksu_handle_devpts(struct inode*);
 #endif
 
+#if defined(CONFIG_KSU_SUSFS_SUS_SU)
+extern bool ksu_devpts_hook;
+extern int ksu_handle_devpts(struct inode*);
+#endif
+
 /**
  * devpts_get_priv -- get private data for a slave
  * @pts_inode: inode of the slave

fs/exec.c

@@ -1882,6 +1882,12 @@ extern int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
 				void *envp, int *flags);
 #endif
 
+#ifdef CONFIG_KSU_SUSFS_SUS_SU
+extern bool susfs_is_sus_su_hooks_enabled __read_mostly;
+extern int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr, void *argv,
+				void *envp, int *flags);
+#endif
+
 static int do_execveat_common(int fd, struct filename *filename,
 			      struct user_arg_ptr argv,
 			      struct user_arg_ptr envp,
@@ -1893,6 +1899,11 @@ static int do_execveat_common(int fd, struct filename *filename,
 	if (IS_ERR(filename))
 		return PTR_ERR(filename);
 
+#ifdef CONFIG_KSU_SUSFS_SUS_SU
+	if (susfs_is_sus_su_hooks_enabled)
+		ksu_handle_execveat_sucompat(&fd, &filename, &argv, &envp, &flags);
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_SU
 	if (susfs_is_sus_su_hooks_enabled)
 		ksu_handle_execveat_sucompat(&fd, &filename, &argv, &envp, &flags);

fs/inode.c

@@ -24,6 +24,10 @@
 #include <trace/events/writeback.h>
 #include "internal.h"
 
+#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
+extern bool susfs_is_current_ksu_domain(void);
+#endif
+
 /*
  * Inode locking rules:
  *
@@ -1825,6 +1829,11 @@ int generic_update_time(struct inode *inode, struct timespec64 *time, int flags)
 	int iflags = I_DIRTY_TIME;
 	bool dirty = false;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
+	if (susfs_is_current_ksu_domain()) {
+		return 0;
+	}
+#endif
 	if (flags & S_ATIME)
 		inode->i_atime = *time;
 	if (flags & S_VERSION)
@@ -1850,6 +1859,11 @@ EXPORT_SYMBOL(generic_update_time);
  */
 int inode_update_time(struct inode *inode, struct timespec64 *time, int flags)
 {
+#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
+	if (susfs_is_current_ksu_domain()) {
+		return 0;
+	}
+#endif
 	if (inode->i_op->update_time)
 		return inode->i_op->update_time(inode, time, flags);
 	return generic_update_time(inode, time, flags);
@@ -1906,6 +1920,12 @@ void touch_atime(const struct path *path)
 	struct inode *inode = d_inode(path->dentry);
 	struct timespec64 now;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
+	if (susfs_is_current_ksu_domain()) {
+		return;
+	}
+#endif
+
 	if (!atime_needs_update(path, inode))
 		return;
 

fs/namei.c

@@ -43,6 +43,10 @@
 #include <linux/susfs_def.h>
 #endif
 
+#if defined(CONFIG_KSU_SUSFS_SUS_PATH) || defined(CONFIG_KSU_SUSFS_OPEN_REDIRECT)
+#include <linux/susfs_def.h>
+#endif
+
 #ifdef CONFIG_FSCRYPT_SDP
 #include <linux/fscrypto_sdp_name.h>
 #endif
@@ -1135,6 +1139,12 @@ int may_linkat(struct path *link)
 {
 	struct inode *inode = link->dentry->d_inode;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_PATH
+	if (inode && unlikely(inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
+		return -ENOENT;
+	}
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_PATH
 	if (inode && unlikely(inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
 		return -ENOENT;
@@ -1560,6 +1570,19 @@ static struct dentry *lookup_dcache(const struct qstr *name,
 			return ERR_PTR(error);
 		}
 	}
+#ifdef CONFIG_KSU_SUSFS_SUS_PATH
+	if (!IS_ERR(dentry) && dentry->d_inode && unlikely(dentry->d_inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
+		if ((flags & (LOOKUP_CREATE | LOOKUP_EXCL))) {
+			error = inode_permission(dir, MAY_WRITE | MAY_EXEC);
+			if (error) {
+				dput(dentry);
+				return ERR_PTR(error);
+			}
+		}
+		dput(dentry);
+		return ERR_PTR(-ENOENT);
+	}
+#endif
 	return dentry;
 }
 
@@ -1672,6 +1695,12 @@ static struct dentry *lookup_fast(struct nameidata *nd,
 		dput(dentry);
 		return ERR_PTR(status);
 	}
+#ifdef CONFIG_KSU_SUSFS_SUS_PATH
+	if (!IS_ERR(dentry) && dentry->d_inode && unlikely(dentry->d_inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
+		dput(dentry);
+		return ERR_PTR(-ENOENT);
+	}
+#endif
 	return dentry;
 }
 
@@ -2469,6 +2498,12 @@ static const char *path_init(struct nameidata *nd, unsigned flags)
 			path_get(&nd->root);
 			nd->flags |= LOOKUP_ROOT_GRABBED;
 		}
+#ifdef CONFIG_KSU_SUSFS_SUS_PATH
+		// we deal with sus sub path here
+		if (nd->inode && unlikely(nd->inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
+			return 0;
+		}
+#endif
 	}
 	return s;
 }
@@ -2880,6 +2915,12 @@ static int may_delete(struct inode *dir, struct dentry *victim, bool isdir)
 	if (IS_APPEND(dir))
 		return -EPERM;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_PATH
+	if (unlikely(inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
+		return -ENOENT;
+	}
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_PATH
 	if (unlikely(inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
 		return -ENOENT;
@@ -3093,6 +3134,12 @@ static int may_open(const struct path *path, int acc_mode, int flag)
 	if (!inode)
 		return -ENOENT;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_PATH
+	if (unlikely(inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
+		return -ENOENT;
+	}
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_PATH
 	if (unlikely(inode->i_state & INODE_STATE_SUS_PATH) && likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
 		return -ENOENT;

fs/namespace.c

@@ -45,25 +45,18 @@
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
 extern bool susfs_is_current_ksu_domain(void);
 extern bool susfs_is_current_zygote_domain(void);
-
+#define CL_SUSFS_COPY_MNT_NS 0x1000000
-static DEFINE_IDA(susfs_mnt_id_ida);
+#define DEFAULT_SUS_MNT_GROUP_ID 1000
-static DEFINE_IDA(susfs_mnt_group_ida);
-
-#define CL_ZYGOTE_COPY_MNT_NS BIT(24) /* used by copy_mnt_ns() */
-#define CL_COPY_MNT_NS BIT(25) /* used by copy_mnt_ns() */
 #endif
 
-#ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT
-extern void susfs_auto_add_sus_ksu_default_mount(const char __user *to_pathname);
-bool susfs_is_auto_add_sus_ksu_default_mount_enabled = true;
-#endif
 #ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT
 extern int susfs_auto_add_sus_bind_mount(const char *pathname, struct path *path_target);
-bool susfs_is_auto_add_sus_bind_mount_enabled = true;
 #endif
 #ifdef CONFIG_KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT
 extern void susfs_auto_add_try_umount_for_bind_mount(struct path *path);
-bool susfs_is_auto_add_try_umount_for_bind_mount_enabled = true;
+#endif
+#ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT
+extern void susfs_auto_add_sus_ksu_default_mount(const char __user *to_pathname);
 #endif
 
 /* Maximum number of mounts in a mount namespace */
@@ -222,35 +215,31 @@ static int mnt_alloc_id(struct mount *mnt)
 static void mnt_free_id(struct mount *mnt)
 {
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-	// We should first check the 'mnt->mnt.susfs_mnt_id_backup', see if it is DEFAULT_SUS_MNT_ID_FOR_KSU_PROC_UNSHARE
+	// If mnt->mnt.susfs_orig_mnt_id is not zero, it means mnt->mnt_id is spoofed,
-	// if so, these mnt_id were not assigned by mnt_alloc_id() so we don't need to free it.
+	// so here we return the original mnt_id for being freed.
-	if (unlikely(mnt->mnt.susfs_mnt_id_backup == DEFAULT_SUS_MNT_ID_FOR_KSU_PROC_UNSHARE)) {
+	if (unlikely(mnt->mnt.susfs_orig_mnt_id)) {
-		return;
+		ida_free(&mnt_id_ida, mnt->mnt.susfs_orig_mnt_id);
-	}
-	// Now we can check if its mnt_id is sus
-	if (unlikely(mnt->mnt_id >= DEFAULT_SUS_MNT_ID)) {
-		ida_free(&susfs_mnt_id_ida, mnt->mnt_id);
-		return;
-	}
-	// Lastly if 'mnt->mnt.susfs_mnt_id_backup' is not 0, then it contains a backup origin mnt_id
-	// so we free it in the original way
-	if (likely(mnt->mnt.susfs_mnt_id_backup)) {
-		// If mnt->mnt.susfs_mnt_id_backup is not zero, it means mnt->mnt_id is spoofed,
-		// so here we return the original mnt_id for being freed.
-		ida_free(&mnt_id_ida, mnt->mnt.susfs_mnt_id_backup);
 		return;
 	}
 #endif
 	ida_free(&mnt_id_ida, mnt->mnt_id);
 }
 
+#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
+static void susfs_mnt_alloc_group_id(struct mount *mnt)
+{
+	// Just assign the same default sus mount_group_id to mnt->mnt_group_id
+	mnt->mnt_group_id = DEFAULT_SUS_MNT_GROUP_ID;
+}
+#endif
+
 /*
  * Allocate a new peer group ID
  */
 static int mnt_alloc_group_id(struct mount *mnt)
 {
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-  int res;
+	int res;
 
 	// Check if mnt has sus mnt_id
 	if (mnt->mnt_id >= DEFAULT_SUS_MNT_ID) {
@@ -261,7 +250,7 @@ static int mnt_alloc_group_id(struct mount *mnt)
 	res = ida_alloc_min(&mnt_group_ida, 1, GFP_KERNEL);
 bypass_orig_flow:
 #else
- 	int res = ida_alloc_min(&mnt_group_ida, 1, GFP_KERNEL);
+	int res = ida_alloc_min(&mnt_group_ida, 1, GFP_KERNEL);
 #endif
 
 	if (res < 0)
@@ -276,10 +265,9 @@ bypass_orig_flow:
 void mnt_release_group_id(struct mount *mnt)
 {
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-	// If mnt->mnt_group_id >= DEFAULT_SUS_MNT_GROUP_ID, it means 'mnt' is also sus mount,
+	// If mnt->mnt_group_id >= DEFAULT_SUS_MNT_GROUP_ID, it means 'mnt' is sus mount,
-	// then we free the mnt->mnt_group_id from susfs_mnt_group_ida
+	// here we don't need to free the mnt_group_id and just simply return and do nothing.
-	if (mnt->mnt_group_id >= DEFAULT_SUS_MNT_GROUP_ID) {
+	if (unlikely(mnt->mnt_group_id >= DEFAULT_SUS_MNT_GROUP_ID)) {
-		ida_free(&susfs_mnt_group_ida, mnt->mnt_group_id);
 		mnt->mnt_group_id = 0;
 		return;
 	}
@@ -1187,7 +1175,7 @@ bypass_orig_flow:
 #else
 	mnt = alloc_vfsmnt(fc->source ?: "none");
 #endif
-  if (!mnt)
+	if (!mnt)
 		return ERR_PTR(-ENOMEM);
 
 	if (fc->sb_flags & SB_KERNMOUNT)
@@ -1208,6 +1196,13 @@ bypass_orig_flow:
 #endif
 	mnt->mnt_parent		= mnt;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
+	if (susfs_is_current_zygote_domain()) {
+		mnt->mnt.susfs_orig_mnt_id = mnt->mnt_id;
+		mnt->mnt_id = current->susfs_last_fake_mnt_id++;
+	}
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
 	// If caller process is zygote, then it is a normal mount, so we just reorder the mnt_id
 	if (susfs_is_current_zygote_domain()) {
@@ -1343,7 +1338,7 @@ bypass_orig_flow:
 #else
 	mnt = alloc_vfsmnt(old->mnt_devname);
 #endif
-  if (!mnt)
+	if (!mnt)
 		return ERR_PTR(-ENOMEM);
 
 	if (flag & (CL_SLAVE | CL_PRIVATE | CL_SHARED_TO_SLAVE))
@@ -1377,8 +1372,7 @@ bypass_orig_flow:
 	mnt->mnt_parent = mnt;
 
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-	// If caller process is zygote and not doing unshare, so we just reorder the mnt_id
+	if (susfs_is_current_zygote_domain() && !(flag & CL_SUSFS_COPY_MNT_NS)) {
-	if (likely(is_current_zygote_domain) && !(flag & CL_ZYGOTE_COPY_MNT_NS)) {
 		mnt->mnt.susfs_orig_mnt_id = mnt->mnt_id;
 		mnt->mnt_id = current->susfs_last_fake_mnt_id++;
 	}
@@ -2487,6 +2481,17 @@ static int invent_group_ids(struct mount *mnt, bool recurse)
 {
 	struct mount *p;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
+	if (susfs_is_current_ksu_domain()) {
+		for (p = mnt; p; p = recurse ? next_mnt(p, mnt) : NULL) {
+			if (!p->mnt_group_id && !IS_MNT_SHARED(p)) {
+				susfs_mnt_alloc_group_id(p);
+			}
+		}
+		return 0;
+	}
+#endif
+
 	for (p = mnt; p; p = recurse ? next_mnt(p, mnt) : NULL) {
 		if (!p->mnt_group_id && !IS_MNT_SHARED(p)) {
 			int err = mnt_alloc_group_id(p);
@@ -2709,6 +2714,29 @@ retry:
 		}
 		return mp;
 	}
+#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
+	// current->susfs_last_fake_mnt_id -> to record last valid fake mnt_id to zygote pid
+	// q->mnt.susfs_mnt_id_backup -> original mnt_id
+	// q->mnt_id -> will be modified to the fake mnt_id
+
+	// Here We are only interested in processes of which original mnt namespace belongs to zygote 
+	// Also we just make use of existing 'q' mount pointer, no need to delcare extra mount pointer
+	if (is_zygote_pid) {
+		last_entry_mnt_id = list_first_entry(&new_ns->list, struct mount, mnt_list)->mnt_id;
+		list_for_each_entry(q, &new_ns->list, mnt_list) {
+			if (unlikely(q->mnt.mnt_root->d_inode->i_state & INODE_STATE_SUS_MOUNT)) {
+				continue;
+			}
+			q->mnt.susfs_mnt_id_backup = q->mnt_id;
+			q->mnt_id = last_entry_mnt_id++;
+		}
+	}
+	// Assign the 'last_entry_mnt_id' to 'current->susfs_last_fake_mnt_id' for later use.
+	// should be fine here assuming zygote is forking/unsharing app in one single thread.
+	// Or should we put a lock here?
+	current->susfs_last_fake_mnt_id = last_entry_mnt_id;
+#endif
+
 	namespace_unlock();
 	inode_unlock(path->dentry->d_inode);
 	path_put(path);
@@ -2882,15 +2910,12 @@ static int do_loopback(struct path *path, const char *old_name,
 	// And we target only process with ksu domain.
 	if (susfs_is_current_ksu_domain()) {
 #if defined(CONFIG_KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT)
-		if (susfs_is_auto_add_sus_bind_mount_enabled &&
+		if (susfs_auto_add_sus_bind_mount(old_name, &old_path)) {
-				susfs_auto_add_sus_bind_mount(old_name, &old_path)) {
 			goto orig_flow;
 		}
 #endif
 #if defined(CONFIG_KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT)
-		if (susfs_is_auto_add_try_umount_for_bind_mount_enabled) {
+		susfs_auto_add_try_umount_for_bind_mount(path);
-			susfs_auto_add_try_umount_for_bind_mount(path);
-		}
 #endif
 	}
 #if defined(CONFIG_KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT)
@@ -3921,11 +3946,9 @@ struct mnt_namespace *copy_mnt_ns(unsigned long flags, struct mnt_namespace *ns,
 		copy_flags |= CL_SHARED_TO_SLAVE;
 
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-	// Always let clone_mnt() in copy_tree() know it is from copy_mnt_ns()
-	copy_flags |= CL_COPY_MNT_NS;
 	if (is_zygote_pid) {
-		// Let clone_mnt() in copy_tree() know copy_mnt_ns() is run by zygote process
+		// Let clone_mnt() in copy_tree() know we only interested in function called by copy_mnt_ns()
-		copy_flags |= CL_ZYGOTE_COPY_MNT_NS;
+		copy_flags |= CL_SUSFS_COPY_MNT_NS;
 	}
 #endif
 #ifdef CONFIG_KDP_NS
@@ -3991,7 +4014,7 @@ struct mnt_namespace *copy_mnt_ns(unsigned long flags, struct mnt_namespace *ns,
 	}
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
   // current->susfs_last_fake_mnt_id -> to record last valid fake mnt_id to zygote pid
-	// q->mnt.susfs_mnt_id_backup -> original mnt_id
+	// q->mnt.susfs_orig_mnt_id -> original mnt_id
 	// q->mnt_id -> will be modified to the fake mnt_id
 
 	// Here We are only interested in processes of which original mnt namespace belongs to zygote 
@@ -4002,7 +4025,7 @@ struct mnt_namespace *copy_mnt_ns(unsigned long flags, struct mnt_namespace *ns,
 			if (unlikely(q->mnt.mnt_root->d_inode->i_state & INODE_STATE_SUS_MOUNT)) {
 				continue;
 			}
-			q->mnt.susfs_mnt_id_backup = q->mnt_id;
+			q->mnt.susfs_orig_mnt_id = q->mnt_id;
 			q->mnt_id = last_entry_mnt_id++;
 		}
 	}
@@ -4083,6 +4106,12 @@ SYSCALL_DEFINE5(mount, char __user *, dev_name, char __user *, dir_name,
 		goto out_data;
 
 	ret = do_mount(kernel_dev, dir_name, kernel_type, flags, options);
+#if defined(CONFIG_KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT) && defined(CONFIG_KSU_SUSFS_HAS_MAGIC_MOUNT)
+	// Just for the compatibility of Magic Mount KernelSU
+	if (!ret && susfs_is_current_ksu_domain()) {
+		susfs_auto_add_sus_ksu_default_mount(dir_name);
+	}
+#endif
 
 #if defined(CONFIG_KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT) && defined(CONFIG_KSU_SUSFS_HAS_MAGIC_MOUNT)
 	// Just for the compatibility of Magic Mount KernelSU
@@ -4296,8 +4325,7 @@ out_to:
 out_from:
 	path_put(&from_path);
 #ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT
-	// For Legacy KSU mount scheme
+	if (!ret && susfs_is_current_ksu_domain()) {
-	if (!ret && susfs_is_auto_add_sus_ksu_default_mount_enabled && susfs_is_current_ksu_domain()) {
 		susfs_auto_add_sus_ksu_default_mount(to_pathname);
 	}
 #endif

fs/notify/fdinfo.c

@@ -25,28 +25,17 @@
 
 #if defined(CONFIG_INOTIFY_USER) || defined(CONFIG_FANOTIFY)
 
-#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-static void show_fdinfo(struct seq_file *m, struct file *f,
-			void (*show)(struct seq_file *m,
-				     struct fsnotify_mark *mark,
-					 struct file *file))
-#else
 static void show_fdinfo(struct seq_file *m, struct file *f,
 			void (*show)(struct seq_file *m,
 				     struct fsnotify_mark *mark))
-#endif
 {
 	struct fsnotify_group *group = f->private_data;
 	struct fsnotify_mark *mark;
 
 	fsnotify_group_lock(group);
 	list_for_each_entry(mark, &group->marks_list, g_list) {
-#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
+		show(m, mark);
-		show(m, mark, f);
+		if (seq_has_overflowed(m))
-#else
-    show(m, mark);
-#endif
-    if (seq_has_overflowed(m))
 			break;
 	}
 	fsnotify_group_unlock(group);

fs/open.c

@@ -401,6 +401,12 @@ extern int ksu_handle_faccessat(int *dfd, const char __user **filename_user, int
 			int *flags);
 #endif
 
+#ifdef CONFIG_KSU_SUSFS_SUS_SU
+extern bool susfs_is_sus_su_hooks_enabled __read_mostly;
+extern int ksu_handle_faccessat(int *dfd, const char __user **filename_user, int *mode,
+			int *flags);
+#endif
+
 static long do_faccessat(int dfd, const char __user *filename, int mode, int flags)
 {
 	struct path path;
@@ -409,6 +415,12 @@ static long do_faccessat(int dfd, const char __user *filename, int mode, int fla
 	unsigned int lookup_flags = LOOKUP_FOLLOW;
 	const struct cred *old_cred = NULL;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_SU
+	if (susfs_is_sus_su_hooks_enabled) {
+		ksu_handle_faccessat(&dfd, &filename, &mode, NULL);
+	}
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_SU
 	if (susfs_is_sus_su_hooks_enabled) {
 		ksu_handle_faccessat(&dfd, &filename, &mode, NULL);

fs/overlayfs/inode.c

@@ -168,6 +168,15 @@ int ovl_getattr(const struct path *path, struct kstat *stat,
 
 	metacopy_blocks = ovl_is_metacopy_dentry(dentry);
 
+#ifdef CONFIG_KSU_SUSFS_SUS_OVERLAYFS
+	ovl_path_lowerdata(dentry, &realpath);
+	if (likely(realpath.mnt && realpath.dentry)) {
+		old_cred = ovl_override_creds(dentry->d_sb);
+		err = vfs_getattr(&realpath, stat, request_mask, flags);
+		goto out;
+	}
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_OVERLAYFS
 	ovl_path_lowerdata(dentry, &realpath);
 	if (likely(realpath.mnt && realpath.dentry)) {

fs/overlayfs/super.c

@@ -327,6 +327,18 @@ static int ovl_statfs(struct dentry *dentry, struct kstatfs *buf)
 	struct path path;
 	int err;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_OVERLAYFS
+	ovl_path_lowerdata(root_dentry, &path);
+	if (likely(path.mnt && path.dentry)) {
+		err = vfs_statfs(&path, buf);
+		if (!err) {
+			buf->f_namelen = 255; // 255 for erofs, ext2/4, f2fs
+			buf->f_type = path.dentry->d_sb->s_magic;
+		}
+		return err;
+	}
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_OVERLAYFS
 	ovl_path_lowerdata(root_dentry, &path);
 	if (likely(path.mnt && path.dentry)) {

fs/proc/task_mmu.c

@@ -324,6 +324,10 @@ static void show_vma_header_prefix(struct seq_file *m,
 extern void susfs_sus_ino_for_show_map_vma(unsigned long ino, dev_t *out_dev, unsigned long *out_ino);
 #endif
 
+#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
+extern void susfs_sus_ino_for_show_map_vma(unsigned long ino, dev_t *out_dev, unsigned long *out_ino);
+#endif
+
 static void
 show_map_vma(struct seq_file *m, struct vm_area_struct *vma)
 {

fs/proc_namespace.c

@@ -110,6 +110,11 @@ static int show_vfsmnt(struct seq_file *m, struct vfsmount *mnt)
 	struct super_block *sb = mnt_path.dentry->d_sb;
 	int err;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
+	if (unlikely((r->mnt.mnt_root->d_inode->i_state & INODE_STATE_SUS_MOUNT) && !susfs_is_current_ksu_domain()))
+		return 0;
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
 	if (unlikely((r->mnt.mnt_root->d_inode->i_state & INODE_STATE_SUS_MOUNT) && !susfs_is_current_ksu_domain()))
 		return 0;
@@ -215,6 +220,11 @@ static int show_vfsstat(struct seq_file *m, struct vfsmount *mnt)
 	struct super_block *sb = mnt_path.dentry->d_sb;
 	int err;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
+	if (unlikely((r->mnt.mnt_root->d_inode->i_state & INODE_STATE_SUS_MOUNT) && !susfs_is_current_ksu_domain()))
+		return 0;
+#endif
+
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
 	if (unlikely((r->mnt.mnt_root->d_inode->i_state & INODE_STATE_SUS_MOUNT) && !susfs_is_current_ksu_domain()))
 		return 0;

fs/readdir.c

@@ -498,6 +498,11 @@ static int compat_filldir(struct dir_context *ctx, const char *name, int namlen,
 		namlen + 2, sizeof(compat_long_t));
 	int prev_reclen;
 
+#ifdef CONFIG_KSU_SUSFS_SUS_PATH
+	if (likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC) && susfs_sus_ino_for_filldir64(ino)) {
+		return 0;
+	}
+#endif
 	buf->error = verify_dirent_name(name, namlen);
 	if (unlikely(buf->error))
 		return buf->error;

fs/stat.c

@@ -17,7 +17,7 @@
 #include <linux/syscalls.h>
 #include <linux/pagemap.h>
 #include <linux/compat.h>
-#if defined(CONFIG_KSU_SUSFS_SUS_KSTAT) || defined(CONFIG_KSU_SUSFS_SUS_MOUNT)
+#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
 #include <linux/susfs_def.h>
 #endif
 
@@ -31,6 +31,10 @@
 extern void susfs_sus_ino_for_generic_fillattr(unsigned long ino, struct kstat *stat);
 #endif
 
+#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
+extern void susfs_sus_ino_for_generic_fillattr(unsigned long ino, struct kstat *stat);
+#endif
+
 /**
  * generic_fillattr - Fill in the basic attributes from the inode struct
  * @inode: Inode to use as the source
@@ -43,8 +47,7 @@ extern void susfs_sus_ino_for_generic_fillattr(unsigned long ino, struct kstat *
 void generic_fillattr(struct inode *inode, struct kstat *stat)
 {
 #ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
-	if (likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC) &&
+	if (unlikely(inode->i_state & INODE_STATE_SUS_KSTAT)) {
-			unlikely(inode->i_state & INODE_STATE_SUS_KSTAT)) {
 		susfs_sus_ino_for_generic_fillattr(inode->i_ino, stat);
 		stat->mode = inode->i_mode;
 		stat->rdev = inode->i_rdev;
@@ -139,7 +142,6 @@ EXPORT_SYMBOL(vfs_getattr_nosec);
  *
  * 0 will be returned on success, and a -ve error code if unsuccessful.
  */
-
 int vfs_getattr(const struct path *path, struct kstat *stat,
 		u32 request_mask, unsigned int query_flags)
 {
@@ -202,19 +204,6 @@ static int vfs_statx(int dfd, const char __user *filename, int flags,
 	struct path path;
 	unsigned lookup_flags = 0;
 	int error;
-#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-	struct mount *mnt;
-#endif
-
-#ifdef CONFIG_KSU_SUSFS_SUS_SU
-	if (susfs_is_sus_su_hooks_enabled) {
-		ksu_handle_stat(&dfd, &filename, &flags);
-	}
-#endif
-
-#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-	struct mount *mnt;
-#endif
 
 #ifdef CONFIG_KSU_SUSFS_SUS_SU
 	if (susfs_is_sus_su_hooks_enabled) {
@@ -246,9 +235,9 @@ retry:
 	}
 	stat->mnt_id = mnt->mnt_id;
 #else
-  stat->mnt_id = real_mount(path.mnt)->mnt_id;
+	stat->mnt_id = real_mount(path.mnt)->mnt_id;
 #endif
-  stat->result_mask |= STATX_MNT_ID;
+	stat->result_mask |= STATX_MNT_ID;
 	if (path.mnt->mnt_root == path.dentry)
 		stat->attributes |= STATX_ATTR_MOUNT_ROOT;
 	stat->attributes_mask |= STATX_ATTR_MOUNT_ROOT;

fs/statfs.c

@@ -92,7 +92,7 @@ int vfs_statfs(const struct path *path, struct kstatfs *buf)
 	int error;
 #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
 	struct mount *mnt;
- 
+
 	mnt = real_mount(path->mnt);
 	if (likely(current->susfs_task_state & TASK_STRUCT_NON_ROOT_USER_APP_PROC)) {
 		for (; mnt->mnt_id >= DEFAULT_SUS_MNT_ID; mnt = mnt->mnt_parent) {}

include/linux/mount.h

@@ -77,8 +77,8 @@ struct vfsmount {
 	ANDROID_KABI_RESERVE(1);
 	ANDROID_KABI_RESERVE(2);
 	ANDROID_KABI_RESERVE(3);
-#ifdef CONFIG_KSU_SUSFS
+#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
-	ANDROID_KABI_USE(4, u64 susfs_mnt_id_backup);
+	ANDROID_KABI_USE(4, u64 susfs_orig_mnt_id);
 #else
   ANDROID_KABI_RESERVE(4);
 #endif

include/linux/sched.h

@@ -1398,12 +1398,12 @@ struct task_struct {
 	ANDROID_KABI_RESERVE(4);
 	ANDROID_KABI_RESERVE(5);
 	ANDROID_KABI_RESERVE(6);
-#ifdef CONFIG_KSU_SUSFS
+#ifdef CONFIG_KSU_SUSFS_SUS_PATH
 	ANDROID_KABI_USE(7, u64 susfs_task_state);
 #else
   ANDROID_KABI_RESERVE(7);
 #endif
-#ifdef CONFIG_KSU_SUSFS
+#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
 	ANDROID_KABI_USE(8, u64 susfs_last_fake_mnt_id);
 #else
   ANDROID_KABI_RESERVE(8);

patches/.gitkeep

@@ -1 +0,0 @@
-