diff --git a/kernel/ksu_netlink.c b/kernel/ksu_netlink.c
index bd9e9388..a879790f 100644
--- a/kernel/ksu_netlink.c
+++ b/kernel/ksu_netlink.c
@@ -33,10 +33,11 @@ static bool system_uid(uid_t uid)
     return caller_uid <= 2000;
 }
 
+#ifdef CONFIG_KSU_MANUAL_SU
 // Manual SU
 static int handle_manual_su(struct sk_buff *skb, struct nlmsghdr *nlh, void *msg_data)
 {
-    struct ksu_netlink_manual_su *msg = (struct ksu_netlink_manual_su *)msg_data;
+    struct netlink_manual_su *msg = (struct netlink_manual_su *)msg_data;
     struct manual_su_request request;
     int res;
 
@@ -61,17 +62,20 @@ static int handle_manual_su(struct sk_buff *skb, struct nlmsghdr *nlh, void *msg
 
     return 0;
 }
+#endif
 
 // Command handlers mapping table
 static const struct ksu_netlink_cmd_handler ksu_netlink_handlers[] = {
+#ifdef CONFIG_KSU_MANUAL_SU
     {
         .cmd = KSU_NETLINK_CMD_MANUAL_SU,
-        .msg_size = sizeof(struct ksu_netlink_manual_su),
+        .msg_size = sizeof(struct netlink_manual_su),
         .name = "MANUAL_SU",
         .handler = handle_manual_su,
         .perm_check = system_uid
     },
-    { .cmd = 0, .name = NULL, .handler = NULL, .perm_check = NULL }
+#endif
+    { .cmd = 0, .msg_size = NULL, .name = NULL, .handler = NULL, .perm_check = NULL }
 };
 
 static void ksu_netlink_recv_msg(struct sk_buff *skb)
diff --git a/kernel/ksu_netlink.h b/kernel/ksu_netlink.h
index ff1f7db1..1286a387 100644
--- a/kernel/ksu_netlink.h
+++ b/kernel/ksu_netlink.h
@@ -15,17 +15,21 @@ struct ksu_netlink_hdr {
     int result;   // Result code (output)
 };
 
-struct ksu_netlink_manual_su {
+#ifdef CONFIG_KSU_MANUAL_SU
+struct netlink_manual_su {
     struct ksu_netlink_hdr hdr;
     int option;
     uid_t target_uid;
     pid_t target_pid;
     char token_buffer[33];
 };
+#endif
 
 union ksu_netlink_msg {
     struct ksu_netlink_hdr hdr;
-    struct ksu_netlink_manual_su manual_su;
+#ifdef CONFIG_KSU_MANUAL_SU
+    struct netlink_manual_su manual_su;
+#endif
 };
 
 typedef int (*ksu_netlink_handler_t)(struct sk_buff *skb, struct nlmsghdr *nlh, void *msg_data);
diff --git a/kernel/selinux/rules.c b/kernel/selinux/rules.c
index 62df8caa..ff5adec0 100644
--- a/kernel/selinux/rules.c
+++ b/kernel/selinux/rules.c
@@ -127,7 +127,9 @@ void apply_kernelsu_rules()
     ksu_allow(db, "system_server", KERNEL_SU_DOMAIN, "process", "getpgid");
     ksu_allow(db, "system_server", KERNEL_SU_DOMAIN, "process", "sigkill");
 
+#ifdef CONFIG_KSU_MANUAL_SU
     ksu_allow(db, "shell", "shell", "netlink_connector_socket", ALL);
+#endif
 
     // https://android-review.googlesource.com/c/platform/system/logging/+/3725346
     ksu_dontaudit(db, "untrusted_app", KERNEL_SU_DOMAIN, "dir", "getattr");