fix lot (#518)

* refact: use feature subsystem * use 64bit feature * fix * add fixme * add feature max to get_info * use 32bit feature id * allow root to get/set feature * more clean perm_check functions * fix * add feature command to ksud kernel: do not expose perm checker * fix security_task_fix_setuid_handler_pre * add android16-6.12 ci * manager: add kernel_umount switch Co-authored-by: YuKongA <70465933+YuKongA@users.noreply.github.com> * manager: Reinstate the LKM selection function * kernel: add name and print command value - Optimise sulog log display Co-authored-by: Ylarod <me@ylarod.cn> Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com> * fix * ksud: clippy --------- Co-authored-by: Ylarod <me@ylarod.cn> Co-authored-by: YuKongA <70465933+YuKongA@users.noreply.github.com> Co-authored-by: weishu <twsxtd@gmail.com>
2025-11-02 20:01:24 +08:00
parent 00de4e1c64
commit 47bcc956a3
26 changed files with 963 additions and 852 deletions
--- a/userspace/ksud/src/cli.rs
+++ b/userspace/ksud/src/cli.rs
@@ -64,6 +64,12 @@ enum Commands {
        command: Profile,
    },

+    /// Manage kernel features
+    Feature {
+        #[command(subcommand)]
+        command: Feature,
+    },
+
    /// Patch boot or init_boot images to apply KernelSU
    BootPatch {
        /// boot image path, if not specified, will try to find the boot image automatically
@@ -281,6 +287,32 @@ enum Profile {
    ListTemplates,
 }

+#[derive(clap::Subcommand, Debug)]
+enum Feature {
+    /// Get feature value and support status
+    Get {
+        /// Feature ID or name (su_compat, kernel_umount)
+        id: String,
+    },
+
+    /// Set feature value
+    Set {
+        /// Feature ID or name
+        id: String,
+        /// Feature value (0=disable, 1=enable)
+        value: u64,
+    },
+
+    /// List all available features
+    List,
+
+    /// Load configuration from file and apply to kernel
+    Load,
+
+    /// Save current kernel feature states to file
+    Save,
+}
+
 #[cfg(target_arch = "aarch64")]
 mod kpm_cmd {
    use clap::Subcommand;
@@ -368,6 +400,14 @@ pub fn run() -> Result<()> {
            Profile::ListTemplates => crate::profile::list_templates(),
        },

+        Commands::Feature { command } => match command {
+            Feature::Get { id } => crate::feature::get_feature(id),
+            Feature::Set { id, value } => crate::feature::set_feature(id, value),
+            Feature::List => crate::feature::list_features(),
+            Feature::Load => crate::feature::load_config_and_apply(),
+            Feature::Save => crate::feature::save_config(),
+        },
+
        Commands::Debug { command } => match command {
            Debug::SetManager { apk } => debug::set_manager(&apk),
            Debug::GetSign { apk } => {
--- a/userspace/ksud/src/feature.rs
+++ b/userspace/ksud/src/feature.rs
@@ -0,0 +1,282 @@
+use anyhow::{Context, Result, bail};
+use const_format::concatcp;
+use std::collections::HashMap;
+use std::fs::File;
+use std::io::{Read, Write};
+use std::path::Path;
+
+use crate::defs;
+
+const FEATURE_CONFIG_PATH: &str = concatcp!(defs::WORKING_DIR, ".feature_config");
+const FEATURE_MAGIC: u32 = 0x7f4b5355;
+const FEATURE_VERSION: u32 = 1;
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
+#[repr(u32)]
+pub enum FeatureId {
+    SuCompat = 0,
+    KernelUmount = 1,
+}
+
+impl FeatureId {
+    pub fn from_u32(id: u32) -> Option<Self> {
+        match id {
+            0 => Some(FeatureId::SuCompat),
+            1 => Some(FeatureId::KernelUmount),
+            _ => None,
+        }
+    }
+
+    pub fn name(&self) -> &'static str {
+        match self {
+            FeatureId::SuCompat => "su_compat",
+            FeatureId::KernelUmount => "kernel_umount",
+        }
+    }
+
+    pub fn description(&self) -> &'static str {
+        match self {
+            FeatureId::SuCompat => {
+                "SU Compatibility Mode - allows authorized apps to gain root via traditional 'su' command"
+            }
+            FeatureId::KernelUmount => {
+                "Kernel Umount - controls whether kernel automatically unmounts modules when not needed"
+            }
+        }
+    }
+}
+
+fn parse_feature_id(name: &str) -> Result<FeatureId> {
+    match name {
+        "su_compat" | "0" => Ok(FeatureId::SuCompat),
+        "kernel_umount" | "1" => Ok(FeatureId::KernelUmount),
+        _ => bail!("Unknown feature: {}", name),
+    }
+}
+
+pub fn load_binary_config() -> Result<HashMap<u32, u64>> {
+    let path = Path::new(FEATURE_CONFIG_PATH);
+    if !path.exists() {
+        log::info!("Feature config not found, using defaults");
+        return Ok(HashMap::new());
+    }
+
+    let mut file = File::open(path).with_context(|| "Failed to open feature config")?;
+
+    let mut magic_buf = [0u8; 4];
+    file.read_exact(&mut magic_buf)
+        .with_context(|| "Failed to read magic")?;
+    let magic = u32::from_le_bytes(magic_buf);
+
+    if magic != FEATURE_MAGIC {
+        bail!(
+            "Invalid feature config magic: expected 0x{:08x}, got 0x{:08x}",
+            FEATURE_MAGIC,
+            magic
+        );
+    }
+
+    let mut version_buf = [0u8; 4];
+    file.read_exact(&mut version_buf)
+        .with_context(|| "Failed to read version")?;
+    let version = u32::from_le_bytes(version_buf);
+
+    if version != FEATURE_VERSION {
+        log::warn!(
+            "Feature config version mismatch: expected {}, got {}",
+            FEATURE_VERSION,
+            version
+        );
+    }
+
+    let mut count_buf = [0u8; 4];
+    file.read_exact(&mut count_buf)
+        .with_context(|| "Failed to read count")?;
+    let count = u32::from_le_bytes(count_buf);
+
+    let mut features = HashMap::new();
+    for _ in 0..count {
+        let mut id_buf = [0u8; 4];
+        let mut value_buf = [0u8; 8];
+
+        file.read_exact(&mut id_buf)
+            .with_context(|| "Failed to read feature id")?;
+        file.read_exact(&mut value_buf)
+            .with_context(|| "Failed to read feature value")?;
+
+        let id = u32::from_le_bytes(id_buf);
+        let value = u64::from_le_bytes(value_buf);
+
+        features.insert(id, value);
+    }
+
+    log::info!("Loaded {} features from config", features.len());
+    Ok(features)
+}
+
+pub fn save_binary_config(features: &HashMap<u32, u64>) -> Result<()> {
+    crate::utils::ensure_dir_exists(Path::new(defs::WORKING_DIR))?;
+
+    let path = Path::new(FEATURE_CONFIG_PATH);
+    let mut file = File::create(path).with_context(|| "Failed to create feature config")?;
+
+    file.write_all(&FEATURE_MAGIC.to_le_bytes())
+        .with_context(|| "Failed to write magic")?;
+
+    file.write_all(&FEATURE_VERSION.to_le_bytes())
+        .with_context(|| "Failed to write version")?;
+
+    let count = features.len() as u32;
+    file.write_all(&count.to_le_bytes())
+        .with_context(|| "Failed to write count")?;
+
+    for (&id, &value) in features.iter() {
+        file.write_all(&id.to_le_bytes())
+            .with_context(|| format!("Failed to write feature id {}", id))?;
+        file.write_all(&value.to_le_bytes())
+            .with_context(|| format!("Failed to write feature value for id {}", id))?;
+    }
+
+    file.sync_all()
+        .with_context(|| "Failed to sync feature config")?;
+
+    log::info!("Saved {} features to config", features.len());
+    Ok(())
+}
+
+pub fn apply_config(features: &HashMap<u32, u64>) -> Result<()> {
+    log::info!("Applying feature configuration to kernel...");
+
+    let mut applied = 0;
+    for (&id, &value) in features.iter() {
+        match crate::ksucalls::set_feature(id, value) {
+            Ok(_) => {
+                if let Some(feature_id) = FeatureId::from_u32(id) {
+                    log::info!("Set feature {} to {}", feature_id.name(), value);
+                } else {
+                    log::info!("Set feature {} to {}", id, value);
+                }
+                applied += 1;
+            }
+            Err(e) => {
+                log::warn!("Failed to set feature {}: {}", id, e);
+            }
+        }
+    }
+
+    log::info!("Applied {} features successfully", applied);
+    Ok(())
+}
+
+pub fn get_feature(id: String) -> Result<()> {
+    let feature_id = parse_feature_id(&id)?;
+    let (value, supported) = crate::ksucalls::get_feature(feature_id as u32)
+        .with_context(|| format!("Failed to get feature {}", id))?;
+
+    if !supported {
+        println!("Feature '{}' is not supported by kernel", id);
+        return Ok(());
+    }
+
+    println!("Feature: {} ({})", feature_id.name(), feature_id as u32);
+    println!("Description: {}", feature_id.description());
+    println!("Value: {}", value);
+    println!(
+        "Status: {}",
+        if value != 0 { "enabled" } else { "disabled" }
+    );
+
+    Ok(())
+}
+
+pub fn set_feature(id: String, value: u64) -> Result<()> {
+    let feature_id = parse_feature_id(&id)?;
+
+    crate::ksucalls::set_feature(feature_id as u32, value)
+        .with_context(|| format!("Failed to set feature {} to {}", id, value))?;
+
+    println!(
+        "Feature '{}' set to {} ({})",
+        feature_id.name(),
+        value,
+        if value != 0 { "enabled" } else { "disabled" }
+    );
+
+    Ok(())
+}
+
+pub fn list_features() -> Result<()> {
+    println!("Available Features:");
+    println!("{}", "=".repeat(80));
+
+    let all_features = [FeatureId::SuCompat, FeatureId::KernelUmount];
+
+    for feature_id in all_features.iter() {
+        let id = *feature_id as u32;
+        let (value, supported) = crate::ksucalls::get_feature(id).unwrap_or((0, false));
+
+        let status = if !supported {
+            "NOT_SUPPORTED".to_string()
+        } else if value != 0 {
+            format!("ENABLED ({})", value)
+        } else {
+            "DISABLED".to_string()
+        };
+
+        println!("[{}] {} (ID={})", status, feature_id.name(), id);
+        println!("    {}", feature_id.description());
+        println!();
+    }
+
+    Ok(())
+}
+
+pub fn load_config_and_apply() -> Result<()> {
+    let features = load_binary_config()?;
+
+    if features.is_empty() {
+        println!("No features found in config file");
+        return Ok(());
+    }
+
+    apply_config(&features)?;
+    println!("Feature configuration loaded and applied");
+    Ok(())
+}
+
+pub fn save_config() -> Result<()> {
+    let mut features = HashMap::new();
+
+    let all_features = [FeatureId::SuCompat, FeatureId::KernelUmount];
+
+    for feature_id in all_features.iter() {
+        let id = *feature_id as u32;
+        if let Ok((value, supported)) = crate::ksucalls::get_feature(id)
+            && supported {
+                features.insert(id, value);
+                log::info!("Saved feature {} = {}", feature_id.name(), value);
+            }
+    }
+
+    save_binary_config(&features)?;
+    println!(
+        "Current feature states saved to config file ({} features)",
+        features.len()
+    );
+    Ok(())
+}
+
+pub fn init_features() -> Result<()> {
+    log::info!("Initializing features from config...");
+
+    let features = load_binary_config()?;
+
+    if features.is_empty() {
+        log::info!("No feature config found, skipping initialization");
+        return Ok(());
+    }
+
+    apply_config(&features)?;
+
+    Ok(())
+}
--- a/userspace/ksud/src/init_event.rs
+++ b/userspace/ksud/src/init_event.rs
@@ -87,6 +87,11 @@ pub fn on_post_data_fs() -> Result<()> {
        warn!("apply root profile sepolicy failed: {e}");
    }

+    // load feature config
+    if let Err(e) = crate::feature::init_features() {
+        warn!("init features failed: {e}");
+    }
+
    #[cfg(target_arch = "aarch64")]
    if let Err(e) = kpm::start_kpm_watcher() {
        warn!("KPM: Failed to start KPM watcher: {e}");
--- a/userspace/ksud/src/ksucalls.rs
+++ b/userspace/ksud/src/ksucalls.rs
@@ -8,11 +8,13 @@ const EVENT_POST_FS_DATA: u32 = 1;
 const EVENT_BOOT_COMPLETED: u32 = 2;
 const EVENT_MODULE_MOUNTED: u32 = 3;

-const KSU_IOCTL_GRANT_ROOT: u32 = 0x4B01; // _IO('K', 1)
+const KSU_IOCTL_GRANT_ROOT: u32 = 0x00004b01; // _IO('K', 1)
 const KSU_IOCTL_GET_INFO: u32 = 0x80084b02; // _IOR('K', 2, struct ksu_get_info_cmd)
-const KSU_IOCTL_REPORT_EVENT: u32 = 0x40044b03; // _IOW('K', 3, struct ksu_report_event_cmd)
+const KSU_IOCTL_REPORT_EVENT: u32 = 0x40084b03; // _IOW('K', 3, struct ksu_report_event_cmd)
 const KSU_IOCTL_SET_SEPOLICY: u32 = 0xc0104b04; // _IOWR('K', 4, struct ksu_set_sepolicy_cmd)
 const KSU_IOCTL_CHECK_SAFEMODE: u32 = 0x80014b05; // _IOR('K', 5, struct ksu_check_safemode_cmd)
+const KSU_IOCTL_GET_FEATURE: u32 = 0xc00c4b0d; // _IOWR('K', 13, struct ksu_get_feature_cmd)
+const KSU_IOCTL_SET_FEATURE: u32 = 0x40084b0e; // _IOW('K', 14, struct ksu_set_feature_cmd)

 #[repr(C)]
 #[derive(Clone, Copy, Default)]
@@ -39,6 +41,21 @@ struct CheckSafemodeCmd {
    in_safe_mode: u8,
 }

+#[repr(C)]
+#[derive(Clone, Copy, Default)]
+struct GetFeatureCmd {
+    feature_id: u32,
+    value: u64,
+    supported: u8,
+}
+
+#[repr(C)]
+#[derive(Clone, Copy, Default)]
+struct SetFeatureCmd {
+    feature_id: u32,
+    value: u64,
+}
+
 // Global driver fd cache
 #[cfg(any(target_os = "linux", target_os = "android"))]
 static DRIVER_FD: OnceLock<RawFd> = OnceLock::new();
@@ -183,4 +200,23 @@ pub fn set_sepolicy(cmd: &SetSepolicyCmd) -> std::io::Result<()> {
    let mut ioctl_cmd = *cmd;
    ksuctl(KSU_IOCTL_SET_SEPOLICY, &mut ioctl_cmd as *mut _)?;
    Ok(())
-}
+}
+
+/// Get feature value and support status from kernel
+/// Returns (value, supported)
+pub fn get_feature(feature_id: u32) -> std::io::Result<(u64, bool)> {
+    let mut cmd = GetFeatureCmd {
+        feature_id,
+        value: 0,
+        supported: 0,
+    };
+    ksuctl(KSU_IOCTL_GET_FEATURE, &mut cmd as *mut _)?;
+    Ok((cmd.value, cmd.supported != 0))
+}
+
+/// Set feature value in kernel
+pub fn set_feature(feature_id: u32, value: u64) -> std::io::Result<()> {
+    let mut cmd = SetFeatureCmd { feature_id, value };
+    ksuctl(KSU_IOCTL_SET_FEATURE, &mut cmd as *mut _)?;
+    Ok(())
+}
--- a/userspace/ksud/src/main.rs
+++ b/userspace/ksud/src/main.rs
@@ -4,6 +4,7 @@ mod boot_patch;
 mod cli;
 mod debug;
 mod defs;
+mod feature;
 mod init_event;
 #[cfg(target_arch = "aarch64")]
 mod kpm;