fix lot (#518)

* refact: use feature subsystem

* use 64bit feature

* fix

* add fixme

* add feature max to get_info

* use 32bit feature id

* allow root to get/set feature

* more clean perm_check functions

* fix

* add feature command to ksud

kernel: do not expose perm checker

* fix security_task_fix_setuid_handler_pre

* add android16-6.12 ci

* manager: add kernel_umount switch

Co-authored-by: YuKongA <70465933+YuKongA@users.noreply.github.com>

* manager: Reinstate the LKM selection function

* kernel: add name and print command value

- Optimise sulog log display

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>

* fix

* ksud: clippy

---------

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: YuKongA <70465933+YuKongA@users.noreply.github.com>
Co-authored-by: weishu <twsxtd@gmail.com>

manager/app/src/main/cpp/ksu.c

@@ -10,6 +10,7 @@
 #include <android/log.h>
 #include <dirent.h>
 #include <stdlib.h>
+#include <limits.h>
 
 #include <sys/syscall.h>
 
@@ -133,13 +134,56 @@ int get_app_profile(struct app_profile *profile) {
 }
 
 bool set_su_enabled(bool enabled) {
-	struct ksu_enable_su_cmd cmd = {.enable = enabled};
-	return ksuctl(KSU_IOCTL_ENABLE_SU, &cmd) == 0;
+    struct ksu_set_feature_cmd cmd = {};
+    cmd.feature_id = KSU_FEATURE_SU_COMPAT;
+    cmd.value = enabled ? 1 : 0;
+    return ksuctl(KSU_IOCTL_SET_FEATURE, &cmd) == 0;
 }
 
 bool is_su_enabled() {
-	struct ksu_is_su_enabled_cmd cmd = {};
-	return ksuctl(KSU_IOCTL_IS_SU_ENABLED, &cmd) == 0 && cmd.enabled;
+    struct ksu_get_feature_cmd cmd = {};
+    cmd.feature_id = KSU_FEATURE_SU_COMPAT;
+    if (ksuctl(KSU_IOCTL_GET_FEATURE, &cmd) != 0) {
+        return false;
+    }
+    if (!cmd.supported) {
+        return false;
+    }
+    return cmd.value != 0;
+}
+
+static inline bool get_feature(uint32_t feature_id, uint64_t *out_value, bool *out_supported) {
+    struct ksu_get_feature_cmd cmd = {};
+    cmd.feature_id = feature_id;
+    if (ksuctl(KSU_IOCTL_GET_FEATURE, &cmd) != 0) {
+        return false;
+    }
+    if (out_value) *out_value = cmd.value;
+    if (out_supported) *out_supported = cmd.supported;
+    return true;
+}
+
+static inline bool set_feature(uint32_t feature_id, uint64_t value) {
+    struct ksu_set_feature_cmd cmd = {};
+    cmd.feature_id = feature_id;
+    cmd.value = value;
+    return ksuctl(KSU_IOCTL_SET_FEATURE, &cmd) == 0;
+}
+
+bool set_kernel_umount_enabled(bool enabled) {
+    return set_feature(KSU_FEATURE_KERNEL_UMOUNT, enabled ? 1 : 0);
+}
+
+bool is_kernel_umount_enabled() {
+    uint64_t value = 0;
+    bool supported = false;
+    if (!get_feature(KSU_FEATURE_KERNEL_UMOUNT, &value, &supported)) {
+        return false;
+    }
+    if (!supported) {
+        return false;
+    }
+    return value != 0;
 }
 
 void get_full_version(char* buff) {