ci: bump ddk to 20251104, fix android16-6.12 lkm
-kernel: Using macros to control manual su operations Co-authored-by: Ylarod <me@ylarod.cn> Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
This commit is contained in:
ShirkNeko
@@ -15,7 +15,6 @@
|
||||
#include "ksu.h"
|
||||
#include "klog.h" // IWYU pragma: keep
|
||||
#include "selinux/selinux.h"
|
||||
#include "kernel_compat.h"
|
||||
#include "allowlist.h"
|
||||
#include "manager.h"
|
||||
|
||||
@@ -527,7 +526,7 @@ void ksu_allowlist_exit(void)
|
||||
mutex_unlock(&allowlist_mutex);
|
||||
}
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
bool ksu_temp_grant_root_once(uid_t uid)
|
||||
{
|
||||
struct app_profile profile = {
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include "ksu.h"
|
||||
#include "kernel_compat.h"
|
||||
|
||||
void ksu_allowlist_init(void);
|
||||
|
||||
@@ -25,7 +26,7 @@ bool ksu_set_app_profile(struct app_profile *, bool persist);
|
||||
bool ksu_uid_should_umount(uid_t uid);
|
||||
struct root_profile *ksu_get_root_profile(uid_t uid);
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
bool ksu_temp_grant_root_once(uid_t uid);
|
||||
void ksu_temp_revoke_root_once(uid_t uid);
|
||||
#endif
|
||||
|
||||
@@ -37,11 +37,10 @@
|
||||
#include "ksud.h"
|
||||
#include "manager.h"
|
||||
#include "selinux/selinux.h"
|
||||
#include "kernel_compat.h"
|
||||
#include "supercalls.h"
|
||||
#include "sulog.h"
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
#include "manual_su.h"
|
||||
#endif
|
||||
|
||||
@@ -57,7 +56,7 @@ bool ksu_is_compat __read_mostly = false;
|
||||
|
||||
extern int __ksu_handle_devpts(struct inode *inode); // sucompat.c
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
static void ksu_try_escalate_for_uid(uid_t uid)
|
||||
{
|
||||
if (!is_pending_root(uid))
|
||||
@@ -241,7 +240,7 @@ void escape_to_root(void)
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
|
||||
static void disable_seccomp_for_task(struct task_struct *tsk)
|
||||
{
|
||||
@@ -402,7 +401,7 @@ static void sulog_prctl_cmd(uid_t uid, unsigned long cmd)
|
||||
|
||||
switch (cmd) {
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
case CMD_MANUAL_SU_REQUEST: name = "prctl_manual_su_request"; break;
|
||||
#endif
|
||||
|
||||
@@ -438,7 +437,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
|
||||
pr_info("option: 0x%x, cmd: %ld\n", option, arg2);
|
||||
#endif
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
if (arg2 == CMD_MANUAL_SU_REQUEST) {
|
||||
struct manual_su_request request;
|
||||
int su_option = (int)arg3;
|
||||
@@ -755,7 +754,7 @@ static int ksu_bprm_check_handler_pre(struct kprobe *p, struct pt_regs *regs)
|
||||
|
||||
ksu_handle_pre_ksud(filename);
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
ksu_try_escalate_for_uid(current_uid().val);
|
||||
#endif
|
||||
|
||||
@@ -767,7 +766,7 @@ static struct kprobe ksu_bprm_check_kp = {
|
||||
.pre_handler = ksu_bprm_check_handler_pre,
|
||||
};
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
// 6. task_alloc hook for handling manual su escalation
|
||||
static int ksu_task_alloc_handler_pre(struct kprobe *p, struct pt_regs *regs)
|
||||
{
|
||||
@@ -828,7 +827,7 @@ __maybe_unused int ksu_kprobe_init(void)
|
||||
pr_info("bprm_check_security kprobe registered successfully\n");
|
||||
}
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
// Register task_alloc kprobe
|
||||
rc = register_kprobe(&ksu_task_alloc_kp);
|
||||
if (rc) {
|
||||
@@ -848,7 +847,7 @@ __maybe_unused int ksu_kprobe_exit(void)
|
||||
unregister_kprobe(&prctl_kp);
|
||||
unregister_kprobe(&ksu_inode_permission_kp);
|
||||
unregister_kprobe(&ksu_bprm_check_kp);
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
unregister_kprobe(&ksu_task_alloc_kp);
|
||||
#endif
|
||||
return 0;
|
||||
|
||||
@@ -14,6 +14,15 @@
|
||||
#define __KPROBES_HOOK 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_KPROBES) && !(defined(CONFIG_KSU_MANUAL_SU))
|
||||
#define __MANUAL_SU 1
|
||||
#elif defined(CONFIG_KPROBES) && defined(CONFIG_KSU_MANUAL_SU)
|
||||
#define __MANUAL_SU 1
|
||||
#elif !defined(CONFIG_KSU_MANUAL_SU)
|
||||
#define __MANUAL_SU 0
|
||||
#else
|
||||
#define __MANUAL_SU 1
|
||||
#endif
|
||||
|
||||
#if defined(CONFIG_ARM) || defined(CONFIG_ARM64)
|
||||
// arch/arm64/include/asm/barrier.h, adding dsb probably unneeded
|
||||
|
||||
@@ -3,13 +3,14 @@
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/workqueue.h>
|
||||
#include "kernel_compat.h"
|
||||
|
||||
#define KERNEL_SU_VERSION KSU_VERSION
|
||||
#define KERNEL_SU_OPTION 0xDEADBEEF
|
||||
|
||||
extern bool ksu_uid_scanner_enabled;
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
#define CMD_MANUAL_SU_REQUEST 50
|
||||
#endif
|
||||
|
||||
|
||||
@@ -21,7 +21,7 @@
|
||||
#include "throne_comm.h"
|
||||
#include "dynamic_manager.h"
|
||||
|
||||
#ifdef CONFIG_KSU_MANUAL_SU
|
||||
#ifdef __MANUAL_SU
|
||||
#include "manual_su.h"
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user