diff --git a/.github/workflows/ddk-lkm.yml b/.github/workflows/ddk-lkm.yml
index 34b613cc..33e8f9e7 100644
--- a/.github/workflows/ddk-lkm.yml
+++ b/.github/workflows/ddk-lkm.yml
@@ -18,7 +18,7 @@ jobs:
     name: Build kernelsu.ko for ${{ inputs.kmi }}
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/shirkneko/ddk:${{ inputs.kmi }}-${{ inputs.ddk_release }}
+      image: ghcr.io/ylarod/ddk:${{ inputs.kmi }}-${{ inputs.ddk_release }}
       options: --privileged
 
     steps:
diff --git a/kernel/allowlist.c b/kernel/allowlist.c
index 6db149eb..1af68ac3 100644
--- a/kernel/allowlist.c
+++ b/kernel/allowlist.c
@@ -15,7 +15,6 @@
 #include "ksu.h"
 #include "klog.h" // IWYU pragma: keep
 #include "selinux/selinux.h"
-#include "kernel_compat.h"
 #include "allowlist.h"
 #include "manager.h"
 
@@ -527,7 +526,7 @@ void ksu_allowlist_exit(void)
     mutex_unlock(&allowlist_mutex);
 }
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
 bool ksu_temp_grant_root_once(uid_t uid)
 {
     struct app_profile profile = {
diff --git a/kernel/allowlist.h b/kernel/allowlist.h
index 69297f84..e3c85c05 100644
--- a/kernel/allowlist.h
+++ b/kernel/allowlist.h
@@ -3,6 +3,7 @@
 
 #include <linux/types.h>
 #include "ksu.h"
+#include "kernel_compat.h"
 
 void ksu_allowlist_init(void);
 
@@ -25,7 +26,7 @@ bool ksu_set_app_profile(struct app_profile *, bool persist);
 bool ksu_uid_should_umount(uid_t uid);
 struct root_profile *ksu_get_root_profile(uid_t uid);
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
 bool ksu_temp_grant_root_once(uid_t uid);
 void ksu_temp_revoke_root_once(uid_t uid);
 #endif
diff --git a/kernel/core_hook.c b/kernel/core_hook.c
index dbd1bfb0..a4d7d260 100644
--- a/kernel/core_hook.c
+++ b/kernel/core_hook.c
@@ -37,11 +37,10 @@
 #include "ksud.h"
 #include "manager.h"
 #include "selinux/selinux.h"
-#include "kernel_compat.h"
 #include "supercalls.h"
 #include "sulog.h"
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
 #include "manual_su.h"
 #endif
 
@@ -57,7 +56,7 @@ bool ksu_is_compat __read_mostly = false;
 
 extern int __ksu_handle_devpts(struct inode *inode); // sucompat.c
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
 static void ksu_try_escalate_for_uid(uid_t uid)
 {
     if (!is_pending_root(uid))
@@ -241,7 +240,7 @@ void escape_to_root(void)
 #endif
 }
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
 
 static void disable_seccomp_for_task(struct task_struct *tsk)
 {
@@ -402,7 +401,7 @@ static void sulog_prctl_cmd(uid_t uid, unsigned long cmd)
 
     switch (cmd) {
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
     case CMD_MANUAL_SU_REQUEST:             name = "prctl_manual_su_request"; break;
 #endif
 
@@ -438,7 +437,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
     pr_info("option: 0x%x, cmd: %ld\n", option, arg2);
 #endif
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
     if (arg2 == CMD_MANUAL_SU_REQUEST) {
         struct manual_su_request request;
         int su_option = (int)arg3;
@@ -755,7 +754,7 @@ static int ksu_bprm_check_handler_pre(struct kprobe *p, struct pt_regs *regs)
 
     ksu_handle_pre_ksud(filename);
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
     ksu_try_escalate_for_uid(current_uid().val);
 #endif
 
@@ -767,7 +766,7 @@ static struct kprobe ksu_bprm_check_kp = {
     .pre_handler = ksu_bprm_check_handler_pre,
 };
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
 // 6. task_alloc hook for handling manual su escalation
 static int ksu_task_alloc_handler_pre(struct kprobe *p, struct pt_regs *regs)
 {
@@ -828,7 +827,7 @@ __maybe_unused int ksu_kprobe_init(void)
         pr_info("bprm_check_security kprobe registered successfully\n");
     }
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
     // Register task_alloc kprobe
     rc = register_kprobe(&ksu_task_alloc_kp);
     if (rc) {
@@ -848,7 +847,7 @@ __maybe_unused int ksu_kprobe_exit(void)
     unregister_kprobe(&prctl_kp);
     unregister_kprobe(&ksu_inode_permission_kp);
     unregister_kprobe(&ksu_bprm_check_kp);
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
     unregister_kprobe(&ksu_task_alloc_kp);
 #endif
     return 0;
diff --git a/kernel/kernel_compat.h b/kernel/kernel_compat.h
index 39a0643f..113ecd76 100644
--- a/kernel/kernel_compat.h
+++ b/kernel/kernel_compat.h
@@ -14,6 +14,15 @@
 #define __KPROBES_HOOK 1
 #endif
 
+#if defined(CONFIG_KPROBES) && !(defined(CONFIG_KSU_MANUAL_SU))
+#define __MANUAL_SU 1
+#elif defined(CONFIG_KPROBES) && defined(CONFIG_KSU_MANUAL_SU)
+#define __MANUAL_SU 1
+#elif !defined(CONFIG_KSU_MANUAL_SU)
+#define __MANUAL_SU 0
+#else
+#define __MANUAL_SU 1
+#endif
 
 #if defined(CONFIG_ARM) || defined(CONFIG_ARM64)
 // arch/arm64/include/asm/barrier.h, adding dsb probably unneeded
diff --git a/kernel/ksu.h b/kernel/ksu.h
index cb36e35a..4a988655 100644
--- a/kernel/ksu.h
+++ b/kernel/ksu.h
@@ -3,13 +3,14 @@
 
 #include <linux/types.h>
 #include <linux/workqueue.h>
+#include "kernel_compat.h"
 
 #define KERNEL_SU_VERSION KSU_VERSION
 #define KERNEL_SU_OPTION 0xDEADBEEF
 
 extern bool ksu_uid_scanner_enabled;
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
 #define CMD_MANUAL_SU_REQUEST 50
 #endif
 
diff --git a/kernel/supercalls.c b/kernel/supercalls.c
index f6cc2fc8..4908336e 100644
--- a/kernel/supercalls.c
+++ b/kernel/supercalls.c
@@ -21,7 +21,7 @@
 #include "throne_comm.h"
 #include "dynamic_manager.h"
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#ifdef __MANUAL_SU
 #include "manual_su.h"
 #endif