android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel: add wrapper for creds, refine disable_seccomp, revert some changes (#131)

Browse Source 
1. Wrapper for creds:
* Some older kernel does not have {.val}, so, for nicer compatibility support and clean code,
make some wrapper for credential use.
* After this change, do not use current_uid().val, instead, use ksu_current_uid(). For more
info, check kernel/include/ksu_creds.h.

2. Refine disable_seccomp (need to add k6.11+ support)
https://github.com/tiann/KernelSU/pull/2708
https://github.com/tiann/KernelSU/issues/2706

3. Revert "Handle unmount for isolated process correctly"
Reason: https://github.com/tiann/KernelSU/pull/2696#issuecomment-3181866301

Co-authored-by: Wang Han <416810799@qq.com>
Co-authored-by: rsuntk <rsuntk@yukiprjkt.my.id>
This commit is contained in:
ShirkNeko
2025-08-16 14:25:17 +08:00
parent 69a13ff999
commit 8a0d52a2ee
5 changed files with 151 additions and 140 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
kernel/sucompat.c
View File

@@ -24,6 +24,7 @@
#include "klog.h" // IWYU pragma: keep
#include "ksud.h"
#include "kernel_compat.h"
#include "include/ksu_creds.h"
#define SU_PATH "/system/bin/su"
#define SH_PATH "/system/bin/sh"
@@ -66,7 +67,7 @@ int ksu_handle_faccessat(int *dfd, const char __user **filename_user, int *mode,
#endif
#ifndef CONFIG_KSU_SUSFS_SUS_SU
if (!ksu_is_allow_uid(current_uid().val)) {
if (!ksu_is_allow_uid(ksu_current_uid())) {
return 0;
}
#endif
@@ -116,7 +117,7 @@ int ksu_handle_stat(int *dfd, const char __user **filename_user, int *flags)
#endif
#ifndef CONFIG_KSU_SUSFS_SUS_SU
if (!ksu_is_allow_uid(current_uid().val)) {
if (!ksu_is_allow_uid(ksu_current_uid())) {
return 0;
}
#endif
@@ -181,7 +182,7 @@ int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
return 0;
#ifndef CONFIG_KSU_SUSFS_SUS_SU
if (!ksu_is_allow_uid(current_uid().val))
if (!ksu_is_allow_uid(ksu_current_uid()))
return 0;
#endif
@@ -231,7 +232,7 @@ int ksu_handle_execve_sucompat(int *fd, const char __user **filename_user,
if (likely(memcmp(path, su, sizeof(su))))
return 0;
if (!ksu_is_allow_uid(current_uid().val))
if (!ksu_is_allow_uid(ksu_current_uid()))
return 0;
pr_info("sys_execve su found\n");
@@ -248,7 +249,7 @@ static int ksu_inline_handle_devpts(struct inode *inode)
return 0;
}
uid_t uid = current_uid().val;
uid_t uid = ksu_current_uid();
if (uid % 100000 < 10000) {
// not untrusted_app, ignore it
return 0;