diff --git a/kernel/Kconfig b/kernel/Kconfig
index 48bf19ae..f3280a5a 100644
--- a/kernel/Kconfig
+++ b/kernel/Kconfig
@@ -22,21 +22,6 @@ config KSU_MULTI_MANAGER_SUPPORT
     help
         Enable multi KernelSU manager support
 
-config KSU_THRONE_TRACKER_LEGACY
-    bool "Use legacy throne tracker (packages.list scanning)"
-    depends on KSU
-    default n
-    help
-      Use legacy throne tracker that scans packages.list for app UIDs.
-      This is kept for Ultra-Legacy Linux 4.4-3.X kernels which are prone to deadlocks.
-      Enable this if default scanning deadlocks/crashes on you.
-
-config KSU_MANUAL_SU
-    bool "Use manual su"
-    depends on KSU
-    default y
-    help
-      Use manual su and authorize the corresponding command line and application via prctl
 
 config KSU_ALLOWLIST_WORKAROUND
     bool "KernelSU Session Keyring Init workaround"
@@ -46,14 +31,6 @@ config KSU_ALLOWLIST_WORKAROUND
       Enable session keyring init workaround for problematic devices.
       Useful for situations where the SU allowlist is not kept after a reboot
 
-config KSU_CMDLINE
-      bool "Enable KernelSU cmdline"
-      depends on KSU && KSU != m
-      default n
-      help
-        Enable a cmdline called kernelsu.enabled
-        Value 1 means enabled, value 0 means disabled.
-
 config KPM
       bool "Enable SukiSU KPM"
       depends on KSU && 64BIT
@@ -65,25 +42,12 @@ config KPM
         This option is suitable for scenarios where you need to force KPM to be enabled.
         but it may affect system stability.
 
-choice
-    prompt "KernelSU hook type"
-    depends on KSU
-    default KSU_TRACEPOINT_HOOK
-
-config KSU_TRACEPOINT_HOOK
-    bool "Hook KernelSU with Tracepoint"
-    depends on HAVE_SYSCALL_TRACEPOINTS
-    help
-      If enabled, Hook required KernelSU syscalls with Tracepoint.
-
 config KSU_MANUAL_HOOK
     bool "Hook KernelSU manually"
     depends on KSU != m
     help
       If enabled, Hook required KernelSU syscalls with manually-patched function.
 
-endchoice
-
 menu "KernelSU - SUSFS"
 config KSU_SUSFS
     bool "KernelSU addon - SUSFS"
diff --git a/kernel/Makefile b/kernel/Makefile
index b47827b7..febf4514 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -95,12 +95,13 @@ endif
 ccflags-y += -DKSU_VERSION=$(KSU_VERSION)
 ccflags-y += -DKSU_VERSION_FULL=\"$(KSU_VERSION_FULL)\"
 
-ifeq ($(CONFIG_KSU_TRACEPOINT_HOOK), y)
-$(info -- SukiSU: KSU_TRACEPOINT_HOOK)
-ccflags-y += -DKSU_HAVE_SYSCALL_TRACEPOINTS_HOOK
-else ifeq ($(CONFIG_KSU_MANUAL_HOOK), y)
-$(info -- SukiSU: KSU_MANUAL_HOOK)
+ifeq ($(CONFIG_KSU_MANUAL_HOOK), y)
 ccflags-y += -DKSU_MANUAL_HOOK
+$(info -- SukiSU: KSU_MANUAL_HOOK)
+else
+ccflags-y += -DKSU_HAVE_SYSCALL_TRACEPOINTS_HOOK
+ccflags-y += -DKSU_KPROBES_HOOK
+$(info -- SukiSU: KSU_TRACEPOINT_HOOK)
 endif
 
 KERNEL_VERSION := $(VERSION).$(PATCHLEVEL)
diff --git a/kernel/allowlist.c b/kernel/allowlist.c
index d818d3e6..04519714 100644
--- a/kernel/allowlist.c
+++ b/kernel/allowlist.c
@@ -588,7 +588,7 @@ void ksu_temp_revoke_root_once(uid_t uid)
     strcpy(profile.rp_config.profile.selinux_domain, KSU_DEFAULT_SELINUX_DOMAIN);
 
     ksu_set_app_profile(&profile, false);
-    persistent_allow_list();
+    save_allow_list();
     pr_info("pending_root: UID=%d removed and persist updated\n", uid);
 }
 #endif
diff --git a/kernel/kernel_compat.h b/kernel/kernel_compat.h
index 39686416..ee9acb57 100644
--- a/kernel/kernel_compat.h
+++ b/kernel/kernel_compat.h
@@ -7,12 +7,6 @@
 #include "ss/policydb.h"
 #include "linux/key.h"
 
-#if defined(CONFIG_KPROBES) && !defined(KSU_MANUAL_HOOK)
-#define KSU_KPROBES_HOOK 1
-#else
-#define KSU_KPROBES_HOOK 0
-#endif
-
 /*
  * Linux 6.8+ does not have LKM support, due to numerous changes on LSM.
  * Let's fails if MODULE were defined.
diff --git a/kernel/ksu.c b/kernel/ksu.c
index 0a5d323e..5a829ef5 100644
--- a/kernel/ksu.c
+++ b/kernel/ksu.c
@@ -20,6 +20,13 @@
 #include <linux/susfs.h>
 #endif
 
+static struct workqueue_struct *ksu_workqueue;
+
+bool ksu_queue_work(struct work_struct *work)
+{
+    return queue_work(ksu_workqueue, work);
+}
+
 int __init kernelsu_init(void)
 {
     pr_info("kernelsu.enabled=%d\n",
@@ -45,6 +52,8 @@ int __init kernelsu_init(void)
 
     ksu_core_init();
 
+    ksu_workqueue = alloc_ordered_workqueue("kernelsu_work_queue", 0);
+
     ksu_allowlist_init();
 
     ksu_throne_tracker_init();
@@ -72,6 +81,8 @@ void kernelsu_exit(void)
 
     ksu_throne_tracker_exit();
 
+    destroy_workqueue(ksu_workqueue);
+
 #ifdef KSU_KPROBES_HOOK
     ksu_ksud_exit();
     ksu_sucompat_exit();
diff --git a/kernel/ksu.h b/kernel/ksu.h
index 724451bd..f3693e1a 100644
--- a/kernel/ksu.h
+++ b/kernel/ksu.h
@@ -95,6 +95,8 @@ struct app_profile {
     };
 };
 
+bool ksu_queue_work(struct work_struct *work);
+
 static inline int startswith(char *s, char *prefix)
 {
     return strncmp(s, prefix, strlen(prefix));
diff --git a/kernel/sucompat.c b/kernel/sucompat.c
index 85900ae9..077b3ea5 100644
--- a/kernel/sucompat.c
+++ b/kernel/sucompat.c
@@ -545,7 +545,7 @@ bool susfs_is_sus_su_hooks_enabled __read_mostly = false;
 int susfs_sus_su_working_mode = 0;
 
 static bool ksu_is_su_kps_enabled(void) {
-#ifdef CONFIG_KSU_KPROBES_HOOK
+#ifdef KSU_KPROBES_HOOK
     destroy_kprobe(&pts_kp);
 #endif
     return false;