android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: always disable seccomp

Browse Source
This commit is contained in:
weishu
2022-12-19 17:14:38 +07:00
parent be91d4edaf
commit 223f5588df
2 changed files with 8 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
kernel/ksu.c
View File

@@ -38,7 +38,7 @@
#define CMD_GET_ALLOW_LIST 5
#define CMD_GET_DENY_LIST 6
void escape_to_root(bool disable_seccomp) {
void escape_to_root() {
struct cred* cred;
cred = (struct cred *)__task_cred(current);
@@ -56,11 +56,10 @@ void escape_to_root(bool disable_seccomp) {
memset(&cred->cap_bset, 0xff, sizeof(cred->cap_bset));
memset(&cred->cap_ambient, 0xff, sizeof(cred->cap_ambient));
if (disable_seccomp) {
current_thread_info()->flags = 0;
current->seccomp.mode = 0;
current->seccomp.filter = NULL;
}
// disable seccomp
current_thread_info()->flags &= ~TIF_SECCOMP;
current->seccomp.mode = 0;
current->seccomp.filter = NULL;
setup_selinux();
}
@@ -182,7 +181,7 @@ static int handler_pre(struct kprobe *p, struct pt_regs *regs) {
if (arg2 == CMD_GRANT_ROOT) {
if (is_allow_su()) {
pr_info("allow root for: %d\n", current_uid());
escape_to_root(true);
escape_to_root();
} else {
pr_info("deny root for: %d\n", current_uid());
// add it to deny list!