android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: Apply the susfs patch

Browse Source 
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
This commit is contained in:
ShirkNeko
2025-11-14 18:36:04 +08:00
parent 4920877dd8
commit 4c04508267
20 changed files with 982 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

226
kernel/supercalls.c
View File

@@ -24,7 +24,9 @@
#include "selinux/selinux.h"
#include "objsec.h"
#include "file_wrapper.h"
#ifndef CONFIG_KSU_SUSFS
#include "syscall_hook_manager.h"
#endif
#include "throne_comm.h"
#include "dynamic_manager.h"
@@ -32,6 +34,56 @@
#include "manual_su.h"
#endif
#ifdef CONFIG_KSU_SUSFS
#include <linux/namei.h>
#include <linux/susfs.h>
bool susfs_is_boot_completed_triggered = false;
extern bool susfs_is_umount_for_zygote_system_process_enabled;
#ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT
extern bool susfs_is_auto_add_sus_bind_mount_enabled;
#endif // #ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT
#ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT
extern bool susfs_is_auto_add_sus_ksu_default_mount_enabled;
#endif // #ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT
#ifdef CONFIG_KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT
extern bool susfs_is_auto_add_try_umount_for_bind_mount_enabled;
#endif // #ifdef CONFIG_KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT
static void susfs_on_post_fs_data(void) {
struct path path;
#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
if (!kern_path(DATA_ADB_UMOUNT_FOR_ZYGOTE_SYSTEM_PROCESS, 0, &path)) {
susfs_is_umount_for_zygote_system_process_enabled = true;
path_put(&path);
}
pr_info("susfs_is_umount_for_zygote_system_process_enabled: %d\n", susfs_is_umount_for_zygote_system_process_enabled);
#endif // #ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
#ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT
if (!kern_path(DATA_ADB_NO_AUTO_ADD_SUS_BIND_MOUNT, 0, &path)) {
susfs_is_auto_add_sus_bind_mount_enabled = false;
path_put(&path);
}
pr_info("susfs_is_auto_add_sus_bind_mount_enabled: %d\n", susfs_is_auto_add_sus_bind_mount_enabled);
#endif // #ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT
#ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT
if (!kern_path(DATA_ADB_NO_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT, 0, &path)) {
susfs_is_auto_add_sus_ksu_default_mount_enabled = false;
path_put(&path);
}
pr_info("susfs_is_auto_add_sus_ksu_default_mount_enabled: %d\n", susfs_is_auto_add_sus_ksu_default_mount_enabled);
#endif // #ifdef CONFIG_KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT
#ifdef CONFIG_KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT
if (!kern_path(DATA_ADB_NO_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT, 0, &path)) {
susfs_is_auto_add_try_umount_for_bind_mount_enabled = false;
path_put(&path);
}
pr_info("susfs_is_auto_add_try_umount_for_bind_mount_enabled: %d\n", susfs_is_auto_add_try_umount_for_bind_mount_enabled);
#endif // #ifdef CONFIG_KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT
}
#endif // #ifdef CONFIG_KSU_SUSFS
bool ksu_uid_scanner_enabled = false;
// Permission check functions
@@ -121,6 +173,10 @@ static int do_report_event(void __user *arg)
if (!post_fs_data_lock) {
post_fs_data_lock = true;
pr_info("post-fs-data triggered\n");
#ifdef CONFIG_KSU_SUSFS
susfs_on_post_fs_data();
pr_info("susfs_on_post_fs_data triggered\n");
#endif
on_post_fs_data();
init_uid_scanner();
#if __SULOG_GATE
@@ -136,6 +192,9 @@ static int do_report_event(void __user *arg)
boot_complete_lock = true;
pr_info("boot_complete triggered\n");
on_boot_completed();
#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
susfs_is_boot_completed_triggered = true;
#endif
}
break;
}
@@ -422,7 +481,9 @@ put_orig_file:
static int do_manage_mark(void __user *arg)
{
struct ksu_manage_mark_cmd cmd;
#ifndef CONFIG_KSU_SUSFS
int ret = 0;
#endif
if (copy_from_user(&cmd, arg, sizeof(cmd))) {
pr_err("manage_mark: copy_from_user failed\n");
@@ -431,6 +492,7 @@ static int do_manage_mark(void __user *arg)
switch (cmd.operation) {
case KSU_MARK_GET: {
#ifndef CONFIG_KSU_SUSFS
// Get task mark status
ret = ksu_get_task_mark(cmd.pid);
if (ret < 0) {
@@ -439,8 +501,12 @@ static int do_manage_mark(void __user *arg)
}
cmd.result = (u32)ret;
break;
#else
return -EINVAL;
#endif
}
case KSU_MARK_MARK: {
#ifndef CONFIG_KSU_SUSFS
if (cmd.pid == 0) {
ksu_mark_all_process();
} else {
@@ -451,9 +517,13 @@ static int do_manage_mark(void __user *arg)
return ret;
}
}
#else
pr_info("susfs: cmd: KSU_MARK_MARK => do nothing\n");
#endif
break;
}
case KSU_MARK_UNMARK: {
#ifndef CONFIG_KSU_SUSFS
if (cmd.pid == 0) {
ksu_unmark_all_process();
} else {
@@ -464,11 +534,18 @@ static int do_manage_mark(void __user *arg)
return ret;
}
}
#else
pr_info("susfs: cmd: KSU_MARK_UNMARK => do nothing\n");
#endif
break;
}
case KSU_MARK_REFRESH: {
#ifndef CONFIG_KSU_SUSFS
ksu_mark_running_process();
pr_info("manage_mark: refreshed running processes\n");
#else
pr_info("susfs: cmd: KSU_MARK_REFRESH: do nothing\n");
#endif
break;
}
default: {
@@ -508,9 +585,11 @@ static int do_get_hook_type(void __user *arg)
{
struct ksu_hook_type_cmd cmd = {0};
const char *type = "Tracepoint";
#if defined(KSU_MANUAL_HOOK)
type = "Manual";
#elif defined(CONFIG_KSU_SUSFS)
type = "Inline";
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 13, 0)
@@ -717,6 +796,7 @@ static const struct ksu_ioctl_cmd_map ksu_ioctl_handlers[] = {
{ .cmd = 0, .name = NULL, .handler = NULL, .perm_check = NULL} // Sentine
};
#ifndef CONFIG_KSU_SUSFS
struct ksu_install_fd_tw {
struct callback_head cb;
int __user *outp;
@@ -792,6 +872,142 @@ static struct kprobe reboot_kp = {
.pre_handler = reboot_handler_pre,
};
#endif
#else
int ksu_handle_sys_reboot(int magic1, int magic2, unsigned int cmd, void __user **arg)
{
if (magic1 != KSU_INSTALL_MAGIC1) {
return -EINVAL;
}
// If magic2 is susfs and current process is root
if (magic2 == SUSFS_MAGIC && current_uid().val == 0) {
#ifdef CONFIG_KSU_SUSFS_SUS_PATH
if (cmd == CMD_SUSFS_ADD_SUS_PATH) {
susfs_add_sus_path(arg);
return 0;
}
if (cmd == CMD_SUSFS_ADD_SUS_PATH_LOOP) {
susfs_add_sus_path_loop(arg);
return 0;
}
if (cmd == CMD_SUSFS_SET_ANDROID_DATA_ROOT_PATH) {
susfs_set_i_state_on_external_dir(arg);
return 0;
}
if (cmd == CMD_SUSFS_SET_SDCARD_ROOT_PATH) {
susfs_set_i_state_on_external_dir(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_SUS_PATH
#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
if (cmd == CMD_SUSFS_ADD_SUS_MOUNT) {
susfs_add_sus_mount(arg);
return 0;
}
if (cmd == CMD_SUSFS_HIDE_SUS_MNTS_FOR_ALL_PROCS) {
susfs_set_hide_sus_mnts_for_all_procs(arg);
return 0;
}
if (cmd == CMD_SUSFS_UMOUNT_FOR_ZYGOTE_ISO_SERVICE) {
susfs_set_umount_for_zygote_iso_service(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT
#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
if (cmd == CMD_SUSFS_ADD_SUS_KSTAT) {
susfs_add_sus_kstat(arg);
return 0;
}
if (cmd == CMD_SUSFS_UPDATE_SUS_KSTAT) {
susfs_update_sus_kstat(arg);
return 0;
}
if (cmd == CMD_SUSFS_ADD_SUS_KSTAT_STATICALLY) {
susfs_add_sus_kstat(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT
#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT
if (cmd == CMD_SUSFS_ADD_TRY_UMOUNT) {
susfs_add_try_umount(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT
#ifdef CONFIG_KSU_SUSFS_SPOOF_UNAME
if (cmd == CMD_SUSFS_SET_UNAME) {
susfs_set_uname(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_SPOOF_UNAME
#ifdef CONFIG_KSU_SUSFS_ENABLE_LOG
if (cmd == CMD_SUSFS_ENABLE_LOG) {
susfs_enable_log(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_ENABLE_LOG
#ifdef CONFIG_KSU_SUSFS_SPOOF_CMDLINE_OR_BOOTCONFIG
if (cmd == CMD_SUSFS_SET_CMDLINE_OR_BOOTCONFIG) {
susfs_set_cmdline_or_bootconfig(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_SPOOF_CMDLINE_OR_BOOTCONFIG
#ifdef CONFIG_KSU_SUSFS_OPEN_REDIRECT
if (cmd == CMD_SUSFS_ADD_OPEN_REDIRECT) {
susfs_add_open_redirect(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_OPEN_REDIRECT
#ifdef CONFIG_KSU_SUSFS_SUS_SU
if (cmd == CMD_SUSFS_SHOW_SUS_SU_WORKING_MODE) {
susfs_get_sus_su_working_mode(arg);
return 0;
}
if (cmd == CMD_SUSFS_IS_SUS_SU_READY) {
susfs_is_sus_su_ready(arg);
return 0;
}
if (cmd == CMD_SUSFS_SUS_SU) {
susfs_sus_su(arg);
return 0;
}
#endif //#ifdef CONFIG_KSU_SUSFS_SUS_SU
#ifdef CONFIG_KSU_SUSFS_SUS_MAP
if (cmd == CMD_SUSFS_ADD_SUS_MAP) {
susfs_add_sus_map(arg);
return 0;
}
#endif // #ifdef CONFIG_KSU_SUSFS_SUS_MAP
if (cmd == CMD_SUSFS_ENABLE_AVC_LOG_SPOOFING) {
susfs_set_avc_log_spoofing(arg);
return 0;
}
if (cmd == CMD_SUSFS_SHOW_ENABLED_FEATURES) {
susfs_get_enabled_features(arg);
return 0;
}
if (cmd == CMD_SUSFS_SHOW_VARIANT) {
susfs_show_variant(arg);
return 0;
}
if (cmd == CMD_SUSFS_SHOW_VERSION) {
susfs_show_version(arg);
return 0;
}
return 0;
}
// Check if this is a request to install KSU fd
if (magic2 == KSU_INSTALL_MAGIC2) {
int fd = ksu_install_fd();
pr_info("[%d] install ksu fd: %d\n", current->pid, fd);
if (copy_to_user((int *)*arg, &fd, sizeof(fd))) {
pr_err("install ksu fd reply err\n");
return 0;
}
}
return 0;
}
#endif // #ifndef CONFIG_KSU_SUSFS
void ksu_supercalls_init(void)
{
@@ -801,6 +1017,7 @@ void ksu_supercalls_init(void)
for (i = 0; ksu_ioctl_handlers[i].handler; i++) {
pr_info(" %-18s = 0x%08x\n", ksu_ioctl_handlers[i].name, ksu_ioctl_handlers[i].cmd);
}
#ifndef CONFIG_KSU_SUSFS
#ifdef KSU_KPROBES_HOOK
int rc = register_kprobe(&reboot_kp);
if (rc) {
@@ -809,13 +1026,18 @@ void ksu_supercalls_init(void)
pr_info("reboot kprobe registered successfully\n");
}
#endif
#endif
}
void ksu_supercalls_exit(void)
{
#ifndef CONFIG_KSU_SUSFS
#ifdef KSU_KPROBES_HOOK
unregister_kprobe(&reboot_kp);
#endif
#else
pr_info("susfs: do nothing\n");
#endif
}
static inline void ksu_ioctl_audit(unsigned int cmd, const char *cmd_name, uid_t uid, int ret)
@@ -906,4 +1128,4 @@ int ksu_install_fd(void)
pr_info("ksu fd installed: %d for pid %d\n", fd, current->pid);
return fd;
}
}