From 17905c71b6d79009b7c3de1ac5fcfd75264dbb58 Mon Sep 17 00:00:00 2001 From: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com> Date: Thu, 12 Jun 2025 16:53:34 +0800 Subject: [PATCH] kernel: sucompat: improve error handling and add conditional hooks --- kernel/sucompat.c | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/kernel/sucompat.c b/kernel/sucompat.c index 9e3d1c49..974d0467 100644 --- a/kernel/sucompat.c +++ b/kernel/sucompat.c @@ -129,13 +129,27 @@ int ksu_handle_stat(int *dfd, const char __user **filename_user, int *flags) char path[sizeof(su) + 1]; memset(path, 0, sizeof(path)); - +// Remove this later!! we use syscall hook, so this will never happen!!!!! +#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 18, 0) && 0 + // it becomes a `struct filename *` after 5.18 + // https://elixir.bootlin.com/linux/v5.18/source/fs/stat.c#L216 + const char sh[] = SH_PATH; + struct filename *filename = *((struct filename **)filename_user); + if (IS_ERR(filename)) { + return 0; + } + if (likely(memcmp(filename->name, su, sizeof(su)))) + return 0; + pr_info("vfs_statx su->sh!\n"); + memcpy((void *)filename->name, sh, sizeof(sh)); +#else ksu_strncpy_from_user_nofault(path, *filename_user, sizeof(path)); if (unlikely(!memcmp(path, su, sizeof(su)))) { pr_info("newfstatat su->sh!\n"); *filename_user = sh_user_path(); } +#endif return 0; } @@ -184,6 +198,12 @@ int ksu_handle_execve_sucompat(int *fd, const char __user **filename_user, const char su[] = SU_PATH; char path[sizeof(su) + 1]; +#ifndef CONFIG_KSU_KPROBES_HOOK + if (!ksu_sucompat_hook_state) { + return 0; + } +#endif + if (unlikely(!filename_user)) return 0; @@ -201,7 +221,7 @@ int ksu_handle_execve_sucompat(int *fd, const char __user **filename_user, #endif // success = returns number of bytes and should be less than path long len = strncpy_from_user(path, *filename_user, sizeof(path)); - if (len <= 0) + if (len <= 0 || len > sizeof(path)) return 0; // strncpy_from_user_nofault does this too