android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: Enable macro protection for sulog

Browse Source 
- Only enabled on kernel versions greater than 5.10.245
This commit is contained in:
ShirkNeko
2025-10-25 00:48:02 +08:00
parent 163424673f
commit 1ea6af52a0
4 changed files with 73 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
kernel/sucompat.c
View File

@@ -81,7 +81,9 @@ int ksu_handle_faccessat(int *dfd, const char __user **filename_user, int *mode,
ksu_strncpy_from_user_nofault(path, *filename_user, sizeof(path));
if (unlikely(!memcmp(path, su, sizeof(su)))) {
#if __SULOG_GATE
ksu_sulog_report_syscall(current_uid().val, NULL, "faccessat", path);
#endif
pr_info("faccessat su->sh!\n");
*filename_user = sh_user_path();
}
@@ -102,7 +104,9 @@ struct filename* susfs_ksu_handle_stat(int *dfd, const char __user **filename_us
}
const char sh[] = SH_PATH;
#if __SULOG_GATE
ksu_sulog_report_syscall(current_uid().val, NULL, "vfs_fstatat", sh);
#endif
pr_info("vfs_fstatat su->sh!\n");
memcpy((void *)name->name, sh, sizeof(sh));
return name;
@@ -151,7 +155,9 @@ int ksu_handle_stat(int *dfd, const char __user **filename_user, int *flags)
ksu_strncpy_from_user_nofault(path, *filename_user, sizeof(path));
if (unlikely(!memcmp(path, su, sizeof(su)))) {
#if __SULOG_GATE
ksu_sulog_report_syscall(current_uid().val, NULL, "newfstatat", path);
#endif
pr_info("newfstatat su->sh!\n");
*filename_user = sh_user_path();
}
@@ -166,7 +172,6 @@ int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
int *__never_use_flags)
{
struct filename *filename;
uid_t current_uid_val = current_uid().val;
#ifndef CONFIG_KSU_KPROBES_HOOK
if (!ksu_sucompat_hook_state) {
@@ -184,21 +189,25 @@ int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
if (likely(memcmp(filename->name, su, sizeof(su))))
return 0;
ksu_sulog_report_syscall(current_uid_val, NULL, "execve", filename->name);
bool is_allowed = ksu_is_allow_uid(current_uid_val);
#ifndef CONFIG_KSU_SUSFS_SUS_SU
if (!is_allowed)
return 0;
#if __SULOG_GATE
ksu_sulog_report_syscall(current_uid().val, NULL, "execve", filename->name);
bool is_allowed = ksu_is_allow_uid(current_uid().val);
#endif
ksu_sulog_report_su_attempt(current_uid_val, NULL, filename->name, is_allowed);
#ifndef CONFIG_KSU_SUSFS_SUS_SU
if (!is_allowed) {
#if __SULOG_GATE
if (!is_allowed)
return 0;
ksu_sulog_report_su_attempt(current_uid().val, NULL, filename->name, is_allowed);
#else
if (!ksu_is_allow_uid(current_uid().val)) {
return 0;
}
#endif
#endif
pr_info("do_execveat_common su found\n");
memcpy((void *)filename->name, ksud_path, sizeof(ksud_path));
@@ -212,7 +221,6 @@ int ksu_handle_execve_sucompat(int *fd, const char __user **filename_user,
void *__never_use_argv, void *__never_use_envp,
int *__never_use_flags)
{
uid_t current_uid_val = current_uid().val;
//const char su[] = SU_PATH;
#ifdef CONFIG_KSU_SUSFS_SUS_SU
char path[sizeof(su) + 1] = {0};
@@ -247,14 +255,18 @@ int ksu_handle_execve_sucompat(int *fd, const char __user **filename_user,
if (likely(memcmp(path, su, sizeof(su))))
return 0;
ksu_sulog_report_syscall(current_uid_val, NULL, "execve", path);
bool is_allowed = ksu_is_allow_uid(current_uid_val);
ksu_sulog_report_su_attempt(current_uid_val, NULL, path, is_allowed);
#if __SULOG_GATE
ksu_sulog_report_syscall(current_uid().val, NULL, "execve", path);
bool is_allowed = ksu_is_allow_uid(current_uid().val);
if (!is_allowed)
return 0;
ksu_sulog_report_su_attempt(current_uid().val, NULL, path, is_allowed);
#else
if (!ksu_is_allow_uid(current_uid().val)) {
return 0;
}
#endif
pr_info("sys_execve su found\n");
*filename_user = ksud_user_path();