android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kernel: bump KPM version

Browse Source 
Co-authored-by: AlexLiuDev233 <wzylin11@outlook.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
This commit is contained in:
ShirkNeko
2025-11-08 18:33:36 +08:00
parent f6657fdbfd
commit 2f2d6aeecf
3 changed files with 700 additions and 611 deletions
Download Patch File Download Diff File Expand all files Collapse all files

354
kernel/kpm/kpm.c
View File

@@ -8,13 +8,11 @@
* 集成了 ELF 解析、内存布局、符号处理、重定位(支持 ARM64 重定位类型) * 集成了 ELF 解析、内存布局、符号处理、重定位(支持 ARM64 重定位类型)
* 并参照KernelPatch的标准KPM格式实现加载和控制 * 并参照KernelPatch的标准KPM格式实现加载和控制
*/ */
#include <linux/export.h>
#include <linux/module.h>
#include <linux/kernel.h> #include <linux/kernel.h>
#include <linux/fs.h> #include <linux/fs.h>
#include <linux/kernfs.h> #include <linux/kernfs.h>
#include <linux/file.h> #include <linux/file.h>
#include <linux/slab.h>
#include <linux/vmalloc.h> #include <linux/vmalloc.h>
#include <linux/uaccess.h> #include <linux/uaccess.h>
#include <linux/elf.h> #include <linux/elf.h>
@@ -23,189 +21,261 @@
#include <linux/list.h> #include <linux/list.h>
#include <linux/spinlock.h> #include <linux/spinlock.h>
#include <linux/rcupdate.h> #include <linux/rcupdate.h>
#include <asm/elf.h> /* 包含 ARM64 重定位类型定义 */ #include <asm/elf.h>
#include <linux/vmalloc.h>
#include <linux/mm.h> #include <linux/mm.h>
#include <linux/string.h> #include <linux/string.h>
#include <asm/cacheflush.h> #include <asm/cacheflush.h>
#include <linux/module.h> #include <linux/module.h>
#include <linux/vmalloc.h>
#include <linux/set_memory.h> #include <linux/set_memory.h>
#include <linux/version.h>
#include <linux/export.h> #include <linux/export.h>
#include <linux/slab.h> #include <linux/slab.h>
#include <asm/insn.h> #include <asm/insn.h>
#include <linux/kprobes.h> #include <linux/kprobes.h>
#include <linux/stacktrace.h> #include <linux/stacktrace.h>
#include <linux/kallsyms.h> #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,0,0) && defined(CONFIG_MODULES)
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 0, 0) && defined(CONFIG_MODULES) #include <linux/moduleloader.h>
#include <linux/moduleloader.h> // 需要启用 CONFIG_MODULES
#endif #endif
#include "kpm.h" #include "kpm.h"
#include "compact.h" #include "compact.h"
#define KPM_NAME_LEN 32
#define KPM_ARGS_LEN 1024
#ifndef NO_OPTIMIZE #ifndef NO_OPTIMIZE
#if defined(__GNUC__) && !defined(__clang__) #if defined(__GNUC__) && !defined(__clang__)
#define NO_OPTIMIZE __attribute__((optimize("O0"))) #define NO_OPTIMIZE __attribute__((optimize("O0")))
#elif defined(__clang__) #elif defined(__clang__)
#define NO_OPTIMIZE __attribute__((optnone)) #define NO_OPTIMIZE __attribute__((optnone))
#else #else
#define NO_OPTIMIZE #define NO_OPTIMIZE
#endif #endif
#endif #endif
// ============================================================================================
noinline NO_OPTIMIZE void sukisu_kpm_load_module_path(const char *path, noinline NO_OPTIMIZE void sukisu_kpm_load_module_path(const char *path,
const char *args, const char *args, void *ptr, int *result)
void *ptr,
void __user *result)
{ {
// This is a KPM module stub. pr_info("kpm: Stub function called (sukisu_kpm_load_module_path). "
int res = -1; "path=%s args=%s ptr=%p\n", path, args, ptr);
printk("KPM: Stub function called (sukisu_kpm_load_module_path). path=%s args=%s ptr=%p\n",
path, args, ptr);
__asm__ volatile("nop"); // 精确控制循环不被优化
if (copy_to_user(result, &res, sizeof(res)) < 1)
printk("KPM: Copy to user failed.");
}
noinline NO_OPTIMIZE void sukisu_kpm_unload_module(const char *name, void *ptr, __asm__ volatile("nop");
void __user *result)
{
// This is a KPM module stub.
int res = -1;
printk("KPM: Stub function called (sukisu_kpm_unload_module). name=%s ptr=%p\n",
name, ptr);
__asm__ volatile("nop"); // 精确控制循环不被优化
if (copy_to_user(result, &res, sizeof(res)) < 1)
printk("KPM: Copy to user failed.");
} }
noinline NO_OPTIMIZE void sukisu_kpm_num(void __user *result)
{
// This is a KPM module stub.
int res = 0;
printk("KPM: Stub function called (sukisu_kpm_num).\n");
__asm__ volatile("nop"); // 精确控制循环不被优化
if (copy_to_user(result, &res, sizeof(res)) < 1)
printk("KPM: Copy to user failed.");
}
noinline NO_OPTIMIZE void sukisu_kpm_info(const char *name, void __user *out,
void __user *result)
{
// This is a KPM module stub.
int res = -1;
printk("KPM: Stub function called (sukisu_kpm_info). name=%s buffer=%p\n",
name, out);
__asm__ volatile("nop"); // 精确控制循环不被优化
if (copy_to_user(result, &res, sizeof(res)) < 1)
printk("KPM: Copy to user failed.");
}
noinline NO_OPTIMIZE void
sukisu_kpm_list(void __user *out, unsigned int bufferSize, void __user *result)
{
// This is a KPM module stub.
int res = -1;
printk("KPM: Stub function called (sukisu_kpm_list). buffer=%p size=%d\n",
out, bufferSize);
if (copy_to_user(result, &res, sizeof(res)) < 1)
printk("KPM: Copy to user failed.");
}
noinline NO_OPTIMIZE void
sukisu_kpm_control(void __user *name, void __user *args, void __user *result)
{
// This is a KPM module stub.
int res = -1;
printk("KPM: Stub function called (sukisu_kpm_control). name=%p args=%p\n",
name, args);
__asm__ volatile("nop"); // 精确控制循环不被优化
if (copy_to_user(result, &res, sizeof(res)) < 1)
printk("KPM: Copy to user failed.");
}
noinline NO_OPTIMIZE void sukisu_kpm_version(void __user *out,
unsigned int bufferSize,
void __user *result)
{
int res = -1;
printk("KPM: Stub function called (sukisu_kpm_version). buffer=%p size=%d\n",
out, bufferSize);
if (copy_to_user(result, &res, sizeof(res)) < 1)
printk("KPM: Copy to user failed.");
}
EXPORT_SYMBOL(sukisu_kpm_load_module_path); EXPORT_SYMBOL(sukisu_kpm_load_module_path);
noinline NO_OPTIMIZE void sukisu_kpm_unload_module(const char *name,
void *ptr, int *result)
{
pr_info("kpm: Stub function called (sukisu_kpm_unload_module). "
"name=%s ptr=%p\n", name, ptr);
__asm__ volatile("nop");
}
EXPORT_SYMBOL(sukisu_kpm_unload_module); EXPORT_SYMBOL(sukisu_kpm_unload_module);
noinline NO_OPTIMIZE void sukisu_kpm_num(int *result)
{
pr_info("kpm: Stub function called (sukisu_kpm_num).\n");
__asm__ volatile("nop");
}
EXPORT_SYMBOL(sukisu_kpm_num); EXPORT_SYMBOL(sukisu_kpm_num);
noinline NO_OPTIMIZE void sukisu_kpm_info(const char *name, char *buf, int bufferSize,
int *size)
{
pr_info("kpm: Stub function called (sukisu_kpm_info). "
"name=%s buffer=%p\n", name, buf);
__asm__ volatile("nop");
}
EXPORT_SYMBOL(sukisu_kpm_info); EXPORT_SYMBOL(sukisu_kpm_info);
noinline NO_OPTIMIZE void sukisu_kpm_list(void *out, int bufferSize,
int *result)
{
pr_info("kpm: Stub function called (sukisu_kpm_list). "
"buffer=%p size=%d\n", out, bufferSize);
}
EXPORT_SYMBOL(sukisu_kpm_list); EXPORT_SYMBOL(sukisu_kpm_list);
EXPORT_SYMBOL(sukisu_kpm_version);
noinline NO_OPTIMIZE void sukisu_kpm_control(const char *name, const char *args, long arg_len,
int *result)
{
pr_info("kpm: Stub function called (sukisu_kpm_control). "
"name=%p args=%p arg_len=%ld\n", name, args, arg_len);
__asm__ volatile("nop");
}
EXPORT_SYMBOL(sukisu_kpm_control); EXPORT_SYMBOL(sukisu_kpm_control);
noinline int sukisu_handle_kpm(unsigned long arg2, unsigned long arg3, noinline NO_OPTIMIZE void sukisu_kpm_version(char *buf, int bufferSize)
unsigned long arg4, unsigned long arg5)
{ {
if (arg2 == SUKISU_KPM_LOAD) { pr_info("kpm: Stub function called (sukisu_kpm_version). "
char kernel_load_path[256] = { 0 }; "buffer=%p\n", buf);
char kernel_args_buffer[256] = { 0 }; }
EXPORT_SYMBOL(sukisu_kpm_version);
if (arg3 == 0) { noinline int sukisu_handle_kpm(unsigned long control_code, unsigned long arg1, unsigned long arg2,
return -1; unsigned long result_code)
{
int res = -1;
if (control_code == SUKISU_KPM_LOAD) {
char kernel_load_path[256];
char kernel_args_buffer[256];
if (arg1 == 0) {
res = -EINVAL;
goto exit;
} }
strncpy_from_user((char *)&kernel_load_path, if (!access_ok(arg1, 255)) {
(const char __user *)arg3, 255); goto invalid_arg;
if (arg4 != 0) {
strncpy_from_user((char *)&kernel_args_buffer,
(const char __user *)arg4, 255);
} }
strncpy_from_user((char *)&kernel_load_path, (const char *)arg1, 255);
if (arg2 != 0) {
if (!access_ok(arg2, 255)) {
goto invalid_arg;
}
strncpy_from_user((char *)&kernel_args_buffer, (const char *)arg2, 255);
}
sukisu_kpm_load_module_path((const char *)&kernel_load_path, sukisu_kpm_load_module_path((const char *)&kernel_load_path,
(const char *)&kernel_args_buffer, (const char *)&kernel_args_buffer, NULL, &res);
NULL, (void __user *)arg5); } else if (control_code == SUKISU_KPM_UNLOAD) {
} else if (arg2 == SUKISU_KPM_UNLOAD) { char kernel_name_buffer[256];
char kernel_name_buffer[256] = { 0 };
if (arg3 == 0) { if (arg1 == 0) {
return -1; res = -EINVAL;
goto exit;
} }
strncpy_from_user((char *)&kernel_name_buffer, if (!access_ok(arg1, sizeof(kernel_name_buffer))) {
(const char __user *)arg3, 255); goto invalid_arg;
sukisu_kpm_unload_module((const char *)&kernel_name_buffer,
NULL, (void __user *)arg5);
} else if (arg2 == SUKISU_KPM_NUM) {
sukisu_kpm_num((void __user *)arg5);
} else if (arg2 == SUKISU_KPM_INFO) {
char kernel_name_buffer[256] = { 0 };
if (arg3 == 0 || arg4 == 0) {
return -1;
} }
strncpy_from_user((char *)&kernel_name_buffer, strncpy_from_user((char *)&kernel_name_buffer, (const char *)arg1, sizeof(kernel_name_buffer));
(const char __user *)arg3, 255);
sukisu_kpm_info((const char *)&kernel_name_buffer, sukisu_kpm_unload_module((const char *)&kernel_name_buffer, NULL, &res);
(char __user *)arg4, (void __user *)arg5); } else if (control_code == SUKISU_KPM_NUM) {
} else if (arg2 == SUKISU_KPM_LIST) { sukisu_kpm_num(&res);
sukisu_kpm_list((char __user *)arg3, (unsigned int)arg4, } else if (control_code == SUKISU_KPM_INFO) {
(void __user *)arg5); char kernel_name_buffer[256];
} else if (arg2 == SUKISU_KPM_VERSION) { char buf[256];
sukisu_kpm_version((char __user *)arg3, (unsigned int)arg4, int size;
(void __user *)arg5);
} else if (arg2 == SUKISU_KPM_CONTROL) { if (arg1 == 0 || arg2 == 0) {
sukisu_kpm_control((char __user *)arg3, (char __user *)arg4, res = -EINVAL;
(void __user *)arg5); goto exit;
} }
if (!access_ok(arg1, sizeof(kernel_name_buffer))) {
goto invalid_arg;
}
strncpy_from_user((char *)&kernel_name_buffer, (const char __user *)arg1, sizeof(kernel_name_buffer));
sukisu_kpm_info((const char *)&kernel_name_buffer, (char *)&buf, sizeof(buf), &size);
if (!access_ok(arg2, size)) {
goto invalid_arg;
}
res = copy_to_user(arg2, &buf, size);
} else if (control_code == SUKISU_KPM_LIST) {
char buf[1024];
int len = (int) arg2;
if (len <= 0) {
res = -EINVAL;
goto exit;
}
if (!access_ok(arg2, len)) {
goto invalid_arg;
}
sukisu_kpm_list((char *)&buf, sizeof(buf), &res);
if (res > len) {
res = -ENOBUFS;
goto exit;
}
if (copy_to_user(arg1, &buf, len) != 0)
pr_info("kpm: Copy to user failed.");
} else if (control_code == SUKISU_KPM_CONTROL) {
char kpm_name[KPM_NAME_LEN] = { 0 };
char kpm_args[KPM_ARGS_LEN] = { 0 };
if (!access_ok(arg1, sizeof(kpm_name))) {
goto invalid_arg;
}
if (!access_ok(arg2, sizeof(kpm_args))) {
goto invalid_arg;
}
long name_len = strncpy_from_user((char *)&kpm_name, (const char __user *)arg1, sizeof(kpm_name));
if (name_len <= 0) {
res = -EINVAL;
goto exit;
}
long arg_len = strncpy_from_user((char *)&kpm_args, (const char __user *)arg2, sizeof(kpm_args));
sukisu_kpm_control((const char *)&kpm_name, (const char *)&kpm_args, arg_len, &res);
} else if (control_code == SUKISU_KPM_VERSION) {
char buffer[256] = {0};
sukisu_kpm_version((char*) &buffer, sizeof(buffer));
unsigned int outlen = (unsigned int) arg2;
int len = strlen(buffer);
if (len >= outlen) len = outlen - 1;
res = copy_to_user(arg1, &buffer, len + 1);
}
exit:
if (copy_to_user(result_code, &res, sizeof(res)) != 0)
pr_info("kpm: Copy to user failed.");
return 0; return 0;
invalid_arg:
pr_err("kpm: invalid pointer detected! arg1: %px arg2: %px\n", (void *)arg1, (void *)arg2);
res = -EFAULT;
goto exit;
} }
int sukisu_is_kpm_control_code(unsigned long arg2)
{
return (arg2 >= CMD_KPM_CONTROL && arg2 <= CMD_KPM_CONTROL_MAX) ? 1 : 0;
}
EXPORT_SYMBOL(sukisu_handle_kpm); EXPORT_SYMBOL(sukisu_handle_kpm);
int sukisu_is_kpm_control_code(unsigned long control_code) {
return (control_code >= CMD_KPM_CONTROL &&
control_code <= CMD_KPM_CONTROL_MAX) ? 1 : 0;
}
int do_kpm(void __user *arg)
{
struct ksu_kpm_cmd cmd;
if (copy_from_user(&cmd, arg, sizeof(cmd))) {
pr_err("kpm: copy_from_user failed\n");
return -EFAULT;
}
if (!access_ok(cmd.control_code, sizeof(int))) {
pr_err("kpm: invalid control_code pointer %px\n", (void *)cmd.control_code);
return -EFAULT;
}
if (!access_ok(cmd.result_code, sizeof(int))) {
pr_err("kpm: invalid result_code pointer %px\n", (void *)cmd.result_code);
return -EFAULT;
}
return sukisu_handle_kpm(cmd.control_code, cmd.arg1, cmd.arg2, cmd.result_code);
}

91
kernel/kpm/kpm.h
View File

@@ -1,45 +1,70 @@
#ifndef ___SUKISU_KPM_H #ifndef __SUKISU_KPM_H
#define ___SUKISU_KPM_H #define __SUKISU_KPM_H
int sukisu_handle_kpm(unsigned long arg2, unsigned long arg3, #include <linux/types.h>
unsigned long arg4, unsigned long arg5); #include <linux/ioctl.h>
int sukisu_is_kpm_control_code(unsigned long arg2);
// KPM控制代码 struct ksu_kpm_cmd {
#define CMD_KPM_CONTROL 28 __aligned_u64 __user control_code;
#define CMD_KPM_CONTROL_MAX 35 __aligned_u64 __user arg1;
__aligned_u64 __user arg2;
__aligned_u64 __user result_code;
};
// 控制代码 int sukisu_handle_kpm(unsigned long control_code, unsigned long arg3, unsigned long arg4, unsigned long result_code);
int sukisu_is_kpm_control_code(unsigned long control_code);
int do_kpm(void __user *arg);
// prctl(xxx, 28, "PATH", "ARGS") #define KSU_IOCTL_KPM _IOC(_IOC_READ|_IOC_WRITE, 'K', 200, 0)
// success return 0, error return -N
#define SUKISU_KPM_LOAD 28
// prctl(xxx, 29, "NAME") /* KPM Control Code */
// success return 0, error return -N #define CMD_KPM_CONTROL 1
#define SUKISU_KPM_UNLOAD 29 #define CMD_KPM_CONTROL_MAX 10
// num = prctl(xxx, 30) /* Control Code */
// error return -N /*
// success return +num or 0 * prctl(xxx, 1, "PATH", "ARGS")
#define SUKISU_KPM_NUM 30 * success return 0, error return -N
*/
#define SUKISU_KPM_LOAD 1
// prctl(xxx, 31, Buffer, BufferSize) /*
// success return +out, error return -N * prctl(xxx, 2, "NAME")
#define SUKISU_KPM_LIST 31 * success return 0, error return -N
*/
#define SUKISU_KPM_UNLOAD 2
// prctl(xxx, 32, "NAME", Buffer[256]) /*
// success return +out, error return -N * num = prctl(xxx, 3)
#define SUKISU_KPM_INFO 32 * error return -N
* success return +num or 0
*/
#define SUKISU_KPM_NUM 3
// prctl(xxx, 33, "NAME", "ARGS") /*
// success return KPM's result value * prctl(xxx, 4, Buffer, BufferSize)
// error return -N * success return +out, error return -N
#define SUKISU_KPM_CONTROL 33 */
#define SUKISU_KPM_LIST 4
// prctl(xxx, 34, buffer, bufferSize) /*
// success return KPM's result value * prctl(xxx, 5, "NAME", Buffer[256])
// error return -N * success return +out, error return -N
#define SUKISU_KPM_VERSION 34 */
#define SUKISU_KPM_INFO 5
/*
* prctl(xxx, 6, "NAME", "ARGS")
* success return KPM's result value
* error return -N
*/
#define SUKISU_KPM_CONTROL 6
/*
* prctl(xxx, 7, buffer, bufferSize)
* success return KPM's result value
* error return -N
*/
#define SUKISU_KPM_VERSION 7
#endif #endif

152
kernel/supercalls.c
View File

@@ -13,6 +13,7 @@
#include "allowlist.h" #include "allowlist.h"
#include "feature.h" #include "feature.h"
#include "klog.h" // IWYU pragma: keep #include "klog.h" // IWYU pragma: keep
#include "ksu.h"
#include "ksud.h" #include "ksud.h"
#include "manager.h" #include "manager.h"
#include "selinux/selinux.h" #include "selinux/selinux.h"
@@ -23,13 +24,6 @@
#include "throne_comm.h" #include "throne_comm.h"
#include "dynamic_manager.h" #include "dynamic_manager.h"
// Forward declarations from core_hook.c
extern void escape_to_root(void);
extern void nuke_ext4_sysfs(void);
extern bool ksu_module_mounted;
extern int handle_sepolicy(unsigned long arg3, void __user *arg4);
extern void ksu_sucompat_init(void);
extern void ksu_sucompat_exit(void);
bool ksu_uid_scanner_enabled = false; bool ksu_uid_scanner_enabled = false;
@@ -56,7 +50,7 @@ bool always_allow(void)
bool allowed_for_su(void) bool allowed_for_su(void)
{ {
bool is_allowed = is_manager() || ksu_is_allow_uid(current_uid().val); bool is_allowed = is_manager() || ksu_is_allow_uid_for_current(current_uid().val);
#if __SULOG_GATE #if __SULOG_GATE
ksu_sulog_report_permission_check(current_uid().val, current->comm, is_allowed); ksu_sulog_report_permission_check(current_uid().val, current->comm, is_allowed);
#endif #endif
@@ -231,7 +225,7 @@ static int do_uid_granted_root(void __user *arg)
return -EFAULT; return -EFAULT;
} }
cmd.granted = ksu_is_allow_uid(cmd.uid); cmd.granted = ksu_is_allow_uid_for_current(cmd.uid);
if (copy_to_user(arg, &cmd, sizeof(cmd))) { if (copy_to_user(arg, &cmd, sizeof(cmd))) {
pr_err("uid_granted_root: copy_to_user failed\n"); pr_err("uid_granted_root: copy_to_user failed\n");
@@ -360,6 +354,73 @@ static int do_set_feature(void __user *arg)
return 0; return 0;
} }
static int do_get_wrapper_fd(void __user *arg)
{
if (!ksu_file_sid) {
return -1;
}
struct ksu_get_wrapper_fd_cmd cmd;
int ret;
if (copy_from_user(&cmd, arg, sizeof(cmd))) {
pr_err("get_wrapper_fd: copy_from_user failed\n");
return -EFAULT;
}
struct file *f = fget(cmd.fd);
if (!f) {
return -EBADF;
}
struct ksu_file_wrapper *data = mksu_create_file_wrapper(f);
if (data == NULL) {
ret = -ENOMEM;
goto put_orig_file;
}
struct file *pf = anon_inode_getfile("[mksu_fdwrapper]", &data->ops,
data, f->f_flags);
if (IS_ERR(pf)) {
ret = PTR_ERR(pf);
pr_err("mksu_fdwrapper: anon_inode_getfile failed: %ld\n",
PTR_ERR(pf));
goto put_wrapper_data;
}
struct inode *wrapper_inode = file_inode(pf);
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 1, 0) || \
defined(KSU_OPTIONAL_SELINUX_INODE)
struct inode_security_struct *sec = selinux_inode(wrapper_inode);
#else
struct inode_security_struct *sec =
(struct inode_security_struct *)wrapper_inode->i_security;
#endif
if (sec) {
sec->sid = ksu_file_sid;
}
ret = get_unused_fd_flags(cmd.flags);
if (ret < 0) {
pr_err("mksu_fdwrapper: get unused fd failed: %d\n", ret);
goto put_wrapper_file;
}
// pr_info("mksu_fdwrapper: installed wrapper fd for %p %d (flags=%d, mode=%d) to %p %d (flags=%d, mode=%d)", f, cmd.fd, f->f_flags, f->f_mode, pf, ret, pf->f_flags, pf->f_mode);
// pf->f_mode |= FMODE_READ | FMODE_CAN_READ | FMODE_WRITE | FMODE_CAN_WRITE;
fd_install(ret, pf);
goto put_orig_file;
put_wrapper_file:
fput(pf);
put_wrapper_data:
mksu_delete_file_wrapper(data);
put_orig_file:
fput(f);
return ret;
}
// 100. GET_FULL_VERSION - Get full version string // 100. GET_FULL_VERSION - Get full version string
static int do_get_full_version(void __user *arg) static int do_get_full_version(void __user *arg)
{ {
@@ -383,9 +444,9 @@ static int do_get_full_version(void __user *arg)
static int do_get_hook_type(void __user *arg) static int do_get_hook_type(void __user *arg)
{ {
struct ksu_hook_type_cmd cmd = {0}; struct ksu_hook_type_cmd cmd = {0};
const char *type = "Kprobes"; const char *type = "Unknown";
#if defined(CONFIG_KSU_TRACEPOINT_HOOK) #if defined(KSU_HAVE_SYSCALL_TRACEPOINTS_HOOK)
type = "Tracepoint"; type = "Tracepoint";
#elif defined(KSU_MANUAL_HOOK) #elif defined(KSU_MANUAL_HOOK)
type = "Manual"; type = "Manual";
@@ -518,73 +579,6 @@ static int do_enable_uid_scanner(void __user *arg)
return 0; return 0;
} }
static int do_get_wrapper_fd(void __user *arg)
{
if (!ksu_file_sid) {
return -1;
}
struct ksu_get_wrapper_fd_cmd cmd;
int ret;
if (copy_from_user(&cmd, arg, sizeof(cmd))) {
pr_err("get_wrapper_fd: copy_from_user failed\n");
return -EFAULT;
}
struct file *f = fget(cmd.fd);
if (!f) {
return -EBADF;
}
struct ksu_file_wrapper *data = mksu_create_file_wrapper(f);
if (data == NULL) {
ret = -ENOMEM;
goto put_orig_file;
}
struct file *pf = anon_inode_getfile("[mksu_fdwrapper]", &data->ops,
data, f->f_flags);
if (IS_ERR(pf)) {
ret = PTR_ERR(pf);
pr_err("mksu_fdwrapper: anon_inode_getfile failed: %ld\n",
PTR_ERR(pf));
goto put_wrapper_data;
}
struct inode *wrapper_inode = file_inode(pf);
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 1, 0) || \
defined(KSU_OPTIONAL_SELINUX_INODE)
struct inode_security_struct *sec = selinux_inode(wrapper_inode);
#else
struct inode_security_struct *sec =
(struct inode_security_struct *)wrapper_inode->i_security;
#endif
if (sec) {
sec->sid = ksu_file_sid;
}
ret = get_unused_fd_flags(cmd.flags);
if (ret < 0) {
pr_err("mksu_fdwrapper: get unused fd failed: %d\n", ret);
goto put_wrapper_file;
}
// pr_info("mksu_fdwrapper: installed wrapper fd for %p %d (flags=%d, mode=%d) to %p %d (flags=%d, mode=%d)", f, cmd.fd, f->f_flags, f->f_mode, pf, ret, pf->f_flags, pf->f_mode);
// pf->f_mode |= FMODE_READ | FMODE_CAN_READ | FMODE_WRITE | FMODE_CAN_WRITE;
fd_install(ret, pf);
goto put_orig_file;
put_wrapper_file:
fput(pf);
put_wrapper_data:
mksu_delete_file_wrapper(data);
put_orig_file:
fput(f);
return ret;
}
// IOCTL handlers mapping table // IOCTL handlers mapping table
static const struct ksu_ioctl_cmd_map ksu_ioctl_handlers[] = { static const struct ksu_ioctl_cmd_map ksu_ioctl_handlers[] = {
{ .cmd = KSU_IOCTL_GRANT_ROOT, .name = "GRANT_ROOT", .handler = do_grant_root, .perm_check = allowed_for_su }, { .cmd = KSU_IOCTL_GRANT_ROOT, .name = "GRANT_ROOT", .handler = do_grant_root, .perm_check = allowed_for_su },
@@ -612,7 +606,7 @@ static const struct ksu_ioctl_cmd_map ksu_ioctl_handlers[] = {
{ .cmd = KSU_IOCTL_KPM, .name = "KPM_OPERATION", .handler = do_kpm, .perm_check = manager_or_root}, { .cmd = KSU_IOCTL_KPM, .name = "KPM_OPERATION", .handler = do_kpm, .perm_check = manager_or_root},
#endif #endif
{ .cmd = 0, .name = NULL, .handler = NULL, .perm_check = NULL} // Sentine { .cmd = 0, .name = NULL, .handler = NULL, .perm_check = NULL} // Sentine
} };
void ksu_supercalls_init(void) void ksu_supercalls_init(void)
{ {