kernel: Greenlight the new prctl command

kernel/Makefile

@@ -123,17 +123,6 @@ else
 $(info -- KPM is disabled)
 endif
 
-ifeq ($(CONFIG_KSU_MANUAL_SU), y)
-KSU_PW_POOL := abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
-KSU_PW_LEN  := $(shell awk 'BEGIN{srand(); print int(rand()*9)+8}')
-KSU_SU_PASSWORD := $(shell \
-    tr -dc '$(KSU_PW_POOL)' </dev/urandom | head -c $(KSU_PW_LEN))
-
-ccflags-y += -DKSU_SU_PASSWORD=\"$(KSU_SU_PASSWORD)\"
-
-$(info -- KSU manual-su password : $(KSU_SU_PASSWORD))
-endif
-
 # SELinux drivers check
 ifeq ($(shell grep -q "current_sid(void)" $(srctree)/security/selinux/include/objsec.h; echo $$?),0)
 ccflags-y += -DKSU_COMPAT_HAS_CURRENT_SID

kernel/core_hook.c

@@ -605,8 +605,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 
 	bool is_manual_su_cmd = false;
 #ifdef CONFIG_KSU_MANUAL_SU
-	is_manual_su_cmd = (arg2 == CMD_SU_ESCALATION_REQUEST ||
+	is_manual_su_cmd = (arg2 == CMD_SU_ESCALATION_REQUEST || arg2 == CMD_ADD_PENDING_ROOT || arg2 == CMD_GENERATE_AUTH_TOKEN );
-	                    arg2 == CMD_ADD_PENDING_ROOT);
 #endif
 
 #ifdef CONFIG_KSU_SUSFS

kernel/manual_su.h

@@ -8,7 +8,7 @@
 #define KSU_SU_VERIFIED_BIT (1UL << 0)
 #define KSU_TOKEN_LENGTH 32
 #define KSU_TOKEN_ENV_NAME "KSU_AUTH_TOKEN"
-#define KSU_TOKEN_EXPIRE_TIME 30
+#define KSU_TOKEN_EXPIRE_TIME 60
 
 struct ksu_token_entry {
     char token[KSU_TOKEN_LENGTH + 1];