android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: Remove CONFIG_KSU_MANUAL_SU protection

Browse Source
This commit is contained in:
ShirkNeko
2025-11-04 21:28:39 +08:00
parent 23cc0ceff1
commit 46fefc299c
7 changed files with 1 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
kernel/Kconfig
View File

@@ -15,13 +15,6 @@ config KSU_DEBUG
help help
Enable KernelSU debug mode. Enable KernelSU debug mode.
config KSU_MANUAL_SU
bool "Use manual su"
depends on KSU
default y
help
Use manual su and authorize the corresponding command line and application via prctl
config KPM config KPM
bool "Enable SukiSU KPM" bool "Enable SukiSU KPM"
depends on KSU && 64BIT depends on KSU && 64BIT

2
kernel/Makefile
View File

@@ -13,9 +13,7 @@ kernelsu-objs += embed_ksud.o
kernelsu-objs += kernel_compat.o kernelsu-objs += kernel_compat.o
kernelsu-objs += throne_comm.o kernelsu-objs += throne_comm.o
kernelsu-objs += sulog.o kernelsu-objs += sulog.o
ifeq ($(CONFIG_KSU_MANUAL_SU), y)
kernelsu-objs += manual_su.o kernelsu-objs += manual_su.o
endif
ifeq ($(CONFIG_KSU_TRACEPOINT_HOOK), y) ifeq ($(CONFIG_KSU_TRACEPOINT_HOOK), y)
kernelsu-objs += ksu_trace.o kernelsu-objs += ksu_trace.o

4
kernel/allowlist.c
View File

@@ -527,7 +527,6 @@ void ksu_allowlist_exit(void)
mutex_unlock(&allowlist_mutex); mutex_unlock(&allowlist_mutex);
} }
#ifdef CONFIG_KSU_MANUAL_SU
bool ksu_temp_grant_root_once(uid_t uid) bool ksu_temp_grant_root_once(uid_t uid)
{ {
struct app_profile profile = { struct app_profile profile = {
@@ -602,5 +601,4 @@ void ksu_temp_revoke_root_once(uid_t uid)
ksu_set_app_profile(&profile, false); ksu_set_app_profile(&profile, false);
persistent_allow_list(); persistent_allow_list();
pr_info("pending_root: UID=%d removed and persist updated\n", uid); pr_info("pending_root: UID=%d removed and persist updated\n", uid);
} }
#endif

2
kernel/allowlist.h
View File

@@ -25,8 +25,6 @@ bool ksu_set_app_profile(struct app_profile *, bool persist);
bool ksu_uid_should_umount(uid_t uid); bool ksu_uid_should_umount(uid_t uid);
struct root_profile *ksu_get_root_profile(uid_t uid); struct root_profile *ksu_get_root_profile(uid_t uid);
#ifdef CONFIG_KSU_MANUAL_SU
bool ksu_temp_grant_root_once(uid_t uid); bool ksu_temp_grant_root_once(uid_t uid);
void ksu_temp_revoke_root_once(uid_t uid); void ksu_temp_revoke_root_once(uid_t uid);
#endif #endif
#endif

22
kernel/core_hook.c
View File

@@ -40,10 +40,7 @@
#include "kernel_compat.h" #include "kernel_compat.h"
#include "supercalls.h" #include "supercalls.h"
#include "sulog.h" #include "sulog.h"
#ifdef CONFIG_KSU_MANUAL_SU
#include "manual_su.h" #include "manual_su.h"
#endif
bool ksu_module_mounted = false; bool ksu_module_mounted = false;
@@ -57,7 +54,6 @@ bool ksu_is_compat __read_mostly = false;
extern int __ksu_handle_devpts(struct inode *inode); // sucompat.c extern int __ksu_handle_devpts(struct inode *inode); // sucompat.c
#ifdef CONFIG_KSU_MANUAL_SU
static void ksu_try_escalate_for_uid(uid_t uid) static void ksu_try_escalate_for_uid(uid_t uid)
{ {
if (!is_pending_root(uid)) if (!is_pending_root(uid))
@@ -66,7 +62,6 @@ static void ksu_try_escalate_for_uid(uid_t uid)
pr_info("pending_root: UID=%d temporarily allowed\n", uid); pr_info("pending_root: UID=%d temporarily allowed\n", uid);
remove_pending_root(uid); remove_pending_root(uid);
} }
#endif
static struct workqueue_struct *ksu_workqueue; static struct workqueue_struct *ksu_workqueue;
@@ -241,8 +236,6 @@ void escape_to_root(void)
#endif #endif
} }
#ifdef CONFIG_KSU_MANUAL_SU
static void disable_seccomp_for_task(struct task_struct *tsk) static void disable_seccomp_for_task(struct task_struct *tsk)
{ {
if (!tsk->seccomp.filter && tsk->seccomp.mode == SECCOMP_MODE_DISABLED) if (!tsk->seccomp.filter && tsk->seccomp.mode == SECCOMP_MODE_DISABLED)
@@ -265,7 +258,6 @@ static void disable_seccomp_for_task(struct task_struct *tsk)
tsk->seccomp.filter = NULL; tsk->seccomp.filter = NULL;
#endif #endif
} }
#endif
} }
void escape_to_root_for_cmd_su(uid_t target_uid, pid_t target_pid) void escape_to_root_for_cmd_su(uid_t target_uid, pid_t target_pid)
@@ -401,11 +393,7 @@ static void sulog_prctl_cmd(uid_t uid, unsigned long cmd)
const char *name = NULL; const char *name = NULL;
switch (cmd) { switch (cmd) {
#ifdef CONFIG_KSU_MANUAL_SU
case CMD_MANUAL_SU_REQUEST: name = "prctl_manual_su_request"; break; case CMD_MANUAL_SU_REQUEST: name = "prctl_manual_su_request"; break;
#endif
default: name = "prctl_unknown"; break; default: name = "prctl_unknown"; break;
} }
@@ -438,7 +426,6 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
pr_info("option: 0x%x, cmd: %ld\n", option, arg2); pr_info("option: 0x%x, cmd: %ld\n", option, arg2);
#endif #endif
#ifdef CONFIG_KSU_MANUAL_SU
if (arg2 == CMD_MANUAL_SU_REQUEST) { if (arg2 == CMD_MANUAL_SU_REQUEST) {
struct manual_su_request request; struct manual_su_request request;
int su_option = (int)arg3; int su_option = (int)arg3;
@@ -465,7 +452,6 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
} }
return 0; return 0;
} }
#endif
return 0; return 0;
} }
@@ -779,9 +765,7 @@ static int ksu_bprm_check_handler_pre(struct kprobe *p, struct pt_regs *regs)
ksu_handle_pre_ksud(filename); ksu_handle_pre_ksud(filename);
#ifdef CONFIG_KSU_MANUAL_SU
ksu_try_escalate_for_uid(current_uid().val); ksu_try_escalate_for_uid(current_uid().val);
#endif
return 0; return 0;
} }
@@ -791,7 +775,6 @@ static struct kprobe ksu_bprm_check_kp = {
.pre_handler = ksu_bprm_check_handler_pre, .pre_handler = ksu_bprm_check_handler_pre,
}; };
#ifdef CONFIG_KSU_MANUAL_SU
// 6. task_alloc hook for handling manual su escalation // 6. task_alloc hook for handling manual su escalation
static int ksu_task_alloc_handler_pre(struct kprobe *p, struct pt_regs *regs) static int ksu_task_alloc_handler_pre(struct kprobe *p, struct pt_regs *regs)
{ {
@@ -805,7 +788,6 @@ static struct kprobe ksu_task_alloc_kp = {
.symbol_name = "security_task_alloc", .symbol_name = "security_task_alloc",
.pre_handler = ksu_task_alloc_handler_pre, .pre_handler = ksu_task_alloc_handler_pre,
}; };
#endif
__maybe_unused int ksu_kprobe_init(void) __maybe_unused int ksu_kprobe_init(void)
{ {
@@ -852,7 +834,6 @@ __maybe_unused int ksu_kprobe_init(void)
pr_info("bprm_check_security kprobe registered successfully\n"); pr_info("bprm_check_security kprobe registered successfully\n");
} }
#ifdef CONFIG_KSU_MANUAL_SU
// Register task_alloc kprobe // Register task_alloc kprobe
rc = register_kprobe(&ksu_task_alloc_kp); rc = register_kprobe(&ksu_task_alloc_kp);
if (rc) { if (rc) {
@@ -860,7 +841,6 @@ __maybe_unused int ksu_kprobe_init(void)
} else { } else {
pr_info("task_alloc kprobe registered successfully\n"); pr_info("task_alloc kprobe registered successfully\n");
} }
#endif
return 0; return 0;
} }
@@ -872,9 +852,7 @@ __maybe_unused int ksu_kprobe_exit(void)
unregister_kprobe(&prctl_kp); unregister_kprobe(&prctl_kp);
unregister_kprobe(&ksu_inode_permission_kp); unregister_kprobe(&ksu_inode_permission_kp);
unregister_kprobe(&ksu_bprm_check_kp); unregister_kprobe(&ksu_bprm_check_kp);
#ifdef CONFIG_KSU_MANUAL_SU
unregister_kprobe(&ksu_task_alloc_kp); unregister_kprobe(&ksu_task_alloc_kp);
#endif
return 0; return 0;
} }

2
kernel/ksu.h
View File

@@ -9,9 +9,7 @@
extern bool ksu_uid_scanner_enabled; extern bool ksu_uid_scanner_enabled;
#ifdef CONFIG_KSU_MANUAL_SU
#define CMD_MANUAL_SU_REQUEST 50 #define CMD_MANUAL_SU_REQUEST 50
#endif
#define EVENT_POST_FS_DATA 1 #define EVENT_POST_FS_DATA 1
#define EVENT_BOOT_COMPLETED 2 #define EVENT_BOOT_COMPLETED 2

3
kernel/supercalls.c
View File

@@ -20,10 +20,7 @@
#include "kernel_compat.h" #include "kernel_compat.h"
#include "throne_comm.h" #include "throne_comm.h"
#include "dynamic_manager.h" #include "dynamic_manager.h"
#ifdef CONFIG_KSU_MANUAL_SU
#include "manual_su.h" #include "manual_su.h"
#endif
// Forward declarations from core_hook.c // Forward declarations from core_hook.c
extern void escape_to_root(void); extern void escape_to_root(void);