android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

ci: bump ddk to 20251104, fix android16-6.12 lkm

Browse Source 
-kernel: Using macros to control manual su operations

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
This commit is contained in:
ShirkNeko
2025-11-04 19:44:43 +08:00
parent c863ff6f49
commit 257f0ca6de
7 changed files with 25 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/ddk-lkm.yml vendored
View File

@@ -18,7 +18,7 @@ jobs:
name: Build kernelsu.ko for ${{ inputs.kmi }} name: Build kernelsu.ko for ${{ inputs.kmi }}
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: ghcr.io/shirkneko/ddk:${{ inputs.kmi }}-${{ inputs.ddk_release }} image: ghcr.io/ylarod/ddk:${{ inputs.kmi }}-${{ inputs.ddk_release }}
options: --privileged options: --privileged
steps: steps:

3
kernel/allowlist.c
View File

@@ -15,7 +15,6 @@
#include "ksu.h" #include "ksu.h"
#include "klog.h" // IWYU pragma: keep #include "klog.h" // IWYU pragma: keep
#include "selinux/selinux.h" #include "selinux/selinux.h"
#include "kernel_compat.h"
#include "allowlist.h" #include "allowlist.h"
#include "manager.h" #include "manager.h"
@@ -527,7 +526,7 @@ void ksu_allowlist_exit(void)
mutex_unlock(&allowlist_mutex); mutex_unlock(&allowlist_mutex);
} }
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
bool ksu_temp_grant_root_once(uid_t uid) bool ksu_temp_grant_root_once(uid_t uid)
{ {
struct app_profile profile = { struct app_profile profile = {

3
kernel/allowlist.h
View File

@@ -3,6 +3,7 @@
#include <linux/types.h> #include <linux/types.h>
#include "ksu.h" #include "ksu.h"
#include "kernel_compat.h"
void ksu_allowlist_init(void); void ksu_allowlist_init(void);
@@ -25,7 +26,7 @@ bool ksu_set_app_profile(struct app_profile *, bool persist);
bool ksu_uid_should_umount(uid_t uid); bool ksu_uid_should_umount(uid_t uid);
struct root_profile *ksu_get_root_profile(uid_t uid); struct root_profile *ksu_get_root_profile(uid_t uid);
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
bool ksu_temp_grant_root_once(uid_t uid); bool ksu_temp_grant_root_once(uid_t uid);
void ksu_temp_revoke_root_once(uid_t uid); void ksu_temp_revoke_root_once(uid_t uid);
#endif #endif

19
kernel/core_hook.c
View File

@@ -37,11 +37,10 @@
#include "ksud.h" #include "ksud.h"
#include "manager.h" #include "manager.h"
#include "selinux/selinux.h" #include "selinux/selinux.h"
#include "kernel_compat.h"
#include "supercalls.h" #include "supercalls.h"
#include "sulog.h" #include "sulog.h"
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
#include "manual_su.h" #include "manual_su.h"
#endif #endif
@@ -57,7 +56,7 @@ bool ksu_is_compat __read_mostly = false;
extern int __ksu_handle_devpts(struct inode *inode); // sucompat.c extern int __ksu_handle_devpts(struct inode *inode); // sucompat.c
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
static void ksu_try_escalate_for_uid(uid_t uid) static void ksu_try_escalate_for_uid(uid_t uid)
{ {
if (!is_pending_root(uid)) if (!is_pending_root(uid))
@@ -241,7 +240,7 @@ void escape_to_root(void)
#endif #endif
} }
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
static void disable_seccomp_for_task(struct task_struct *tsk) static void disable_seccomp_for_task(struct task_struct *tsk)
{ {
@@ -402,7 +401,7 @@ static void sulog_prctl_cmd(uid_t uid, unsigned long cmd)
switch (cmd) { switch (cmd) {
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
case CMD_MANUAL_SU_REQUEST: name = "prctl_manual_su_request"; break; case CMD_MANUAL_SU_REQUEST: name = "prctl_manual_su_request"; break;
#endif #endif
@@ -438,7 +437,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
pr_info("option: 0x%x, cmd: %ld\n", option, arg2); pr_info("option: 0x%x, cmd: %ld\n", option, arg2);
#endif #endif
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
if (arg2 == CMD_MANUAL_SU_REQUEST) { if (arg2 == CMD_MANUAL_SU_REQUEST) {
struct manual_su_request request; struct manual_su_request request;
int su_option = (int)arg3; int su_option = (int)arg3;
@@ -755,7 +754,7 @@ static int ksu_bprm_check_handler_pre(struct kprobe *p, struct pt_regs *regs)
ksu_handle_pre_ksud(filename); ksu_handle_pre_ksud(filename);
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
ksu_try_escalate_for_uid(current_uid().val); ksu_try_escalate_for_uid(current_uid().val);
#endif #endif
@@ -767,7 +766,7 @@ static struct kprobe ksu_bprm_check_kp = {
.pre_handler = ksu_bprm_check_handler_pre, .pre_handler = ksu_bprm_check_handler_pre,
}; };
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
// 6. task_alloc hook for handling manual su escalation // 6. task_alloc hook for handling manual su escalation
static int ksu_task_alloc_handler_pre(struct kprobe *p, struct pt_regs *regs) static int ksu_task_alloc_handler_pre(struct kprobe *p, struct pt_regs *regs)
{ {
@@ -828,7 +827,7 @@ __maybe_unused int ksu_kprobe_init(void)
pr_info("bprm_check_security kprobe registered successfully\n"); pr_info("bprm_check_security kprobe registered successfully\n");
} }
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
// Register task_alloc kprobe // Register task_alloc kprobe
rc = register_kprobe(&ksu_task_alloc_kp); rc = register_kprobe(&ksu_task_alloc_kp);
if (rc) { if (rc) {
@@ -848,7 +847,7 @@ __maybe_unused int ksu_kprobe_exit(void)
unregister_kprobe(&prctl_kp); unregister_kprobe(&prctl_kp);
unregister_kprobe(&ksu_inode_permission_kp); unregister_kprobe(&ksu_inode_permission_kp);
unregister_kprobe(&ksu_bprm_check_kp); unregister_kprobe(&ksu_bprm_check_kp);
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
unregister_kprobe(&ksu_task_alloc_kp); unregister_kprobe(&ksu_task_alloc_kp);
#endif #endif
return 0; return 0;

9
kernel/kernel_compat.h
View File

@@ -14,6 +14,15 @@
#define __KPROBES_HOOK 1 #define __KPROBES_HOOK 1
#endif #endif
#if defined(CONFIG_KPROBES) && !(defined(CONFIG_KSU_MANUAL_SU))
#define __MANUAL_SU 1
#elif defined(CONFIG_KPROBES) && defined(CONFIG_KSU_MANUAL_SU)
#define __MANUAL_SU 1
#elif !defined(CONFIG_KSU_MANUAL_SU)
#define __MANUAL_SU 0
#else
#define __MANUAL_SU 1
#endif
#if defined(CONFIG_ARM) || defined(CONFIG_ARM64) #if defined(CONFIG_ARM) || defined(CONFIG_ARM64)
// arch/arm64/include/asm/barrier.h, adding dsb probably unneeded // arch/arm64/include/asm/barrier.h, adding dsb probably unneeded

3
kernel/ksu.h
View File

@@ -3,13 +3,14 @@
#include <linux/types.h> #include <linux/types.h>
#include <linux/workqueue.h> #include <linux/workqueue.h>
#include "kernel_compat.h"
#define KERNEL_SU_VERSION KSU_VERSION #define KERNEL_SU_VERSION KSU_VERSION
#define KERNEL_SU_OPTION 0xDEADBEEF #define KERNEL_SU_OPTION 0xDEADBEEF
extern bool ksu_uid_scanner_enabled; extern bool ksu_uid_scanner_enabled;
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
#define CMD_MANUAL_SU_REQUEST 50 #define CMD_MANUAL_SU_REQUEST 50
#endif #endif

2
kernel/supercalls.c
View File

@@ -21,7 +21,7 @@
#include "throne_comm.h" #include "throne_comm.h"
#include "dynamic_manager.h" #include "dynamic_manager.h"
#ifdef CONFIG_KSU_MANUAL_SU #ifdef __MANUAL_SU
#include "manual_su.h" #include "manual_su.h"
#endif #endif