kernel: Introducing Tracepoint Hook Type Support

Tracepoint is a predefined hook point in the kernel, compared to Kprobe, it is more stable and has lower performance overhead, although compatibility is relatively poor, it is still worth trying By the way, we have also included the config definitions related to hook types in Kconfig, to enhance cleanliness Improve and merge types that do not require hooks Introducing the hook type prctl These patches is based on https://github.com/backslashxx/KernelSU/issues/5 Co-authored-by: Cloud_Yun <1770669041@qq.com> Co-authored-by: Prslc <prslc113@gmail.com> Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com> Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
2025-08-14 22:17:02 +08:00
parent 656a23a250
commit 49b01aad74
10 changed files with 218 additions and 21 deletions
--- a/kernel/ksud.c
+++ b/kernel/ksud.c
@@ -48,7 +48,7 @@ static void stop_vfs_read_hook();
 static void stop_execve_hook();
 static void stop_input_hook();

-#ifdef CONFIG_KPROBES
+#ifdef CONFIG_KSU_KPROBES_HOOK
 static struct work_struct stop_vfs_read_work;
 static struct work_struct stop_execve_hook_work;
 static struct work_struct stop_input_hook_work;
@@ -162,7 +162,7 @@ int ksu_handle_execveat_ksud(int *fd, struct filename **filename_ptr,
 			     struct user_arg_ptr *argv,
 			     struct user_arg_ptr *envp, int *flags)
 {
-#ifndef CONFIG_KPROBES
+#ifndef CONFIG_KSU_KPROBES_HOOK
 	if (!ksu_execveat_hook) {
 		return 0;
 	}
@@ -318,7 +318,7 @@ static ssize_t read_iter_proxy(struct kiocb *iocb, struct iov_iter *to)
 int ksu_handle_vfs_read(struct file **file_ptr, char __user **buf_ptr,
 			size_t *count_ptr, loff_t **pos)
 {
-#ifndef CONFIG_KPROBES
+#ifndef CONFIG_KSU_KPROBES_HOOK
 	if (!ksu_vfs_read_hook) {
 		return 0;
 	}
@@ -431,7 +431,7 @@ static bool is_volumedown_enough(unsigned int count)
 int ksu_handle_input_handle_event(unsigned int *type, unsigned int *code,
 				  int *value)
 {
-#ifndef CONFIG_KPROBES
+#ifndef CONFIG_KSU_KPROBES_HOOK
 	if (!ksu_input_hook) {
 		return 0;
 	}
@@ -473,7 +473,7 @@ bool ksu_is_safe_mode()
 	return false;
 }

-#ifdef CONFIG_KPROBES
+#ifdef CONFIG_KSU_KPROBES_HOOK
 static int sys_execve_handler_pre(struct kprobe *p, struct pt_regs *regs)
 {
 	struct pt_regs *real_regs = PT_REAL_REGS(regs);
@@ -549,7 +549,7 @@ static void do_stop_input_hook(struct work_struct *work)

 static void stop_vfs_read_hook()
 {
-#ifdef CONFIG_KPROBES
+#ifdef CONFIG_KSU_KPROBES_HOOK
 	bool ret = schedule_work(&stop_vfs_read_work);
 	pr_info("unregister vfs_read kprobe: %d!\n", ret);
 #else
@@ -560,7 +560,7 @@ static void stop_vfs_read_hook()

 static void stop_execve_hook()
 {
-#ifdef CONFIG_KPROBES
+#ifdef CONFIG_KSU_KPROBES_HOOK
 	bool ret = schedule_work(&stop_execve_hook_work);
 	pr_info("unregister execve kprobe: %d!\n", ret);
 #else
@@ -576,7 +576,7 @@ static void stop_input_hook()
 		return;
 	}
 	input_hook_stopped = true;
-#ifdef CONFIG_KPROBES
+#ifdef CONFIG_KSU_KPROBES_HOOK
 	bool ret = schedule_work(&stop_input_hook_work);
 	pr_info("unregister input kprobe: %d!\n", ret);
 #else
@@ -588,7 +588,7 @@ static void stop_input_hook()
 // ksud: module support
 void ksu_ksud_init()
 {
-#ifdef CONFIG_KPROBES
+#ifdef CONFIG_KSU_KPROBES_HOOK
 	int ret;

 	ret = register_kprobe(&execve_kp);
@@ -608,12 +608,12 @@ void ksu_ksud_init()

 void ksu_ksud_exit()
 {
-#ifdef CONFIG_KPROBES
+#ifdef CONFIG_KSU_KPROBES_HOOK
 	unregister_kprobe(&execve_kp);
 	// this should be done before unregister vfs_read_kp
 	// unregister_kprobe(&vfs_read_kp);
 	unregister_kprobe(&input_event_kp);
+#endif

 	is_boot_phase = false;
-#endif
 }