android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Reworking fdwrapper

Browse Source 
Co-authored-by: 5ec1cff <ewtqyqyewtqyqy@gmail.com>
Co-authored-by: 5ec1cff <56485584+5ec1cff@users.noreply.github.com>
Co-authored-by: Ylarod <me@ylarod.cn>
This commit is contained in:
ShirkNeko
2025-11-08 19:03:14 +08:00
parent ba56c81bd0
commit 9c0da2caeb
7 changed files with 433 additions and 434 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
kernel/supercalls.c
View File

@@ -19,7 +19,7 @@
#include "selinux/selinux.h"
#include "core_hook.h"
#include "objsec.h"
#include "file_proxy.h"
#include "file_wrapper.h"
#include "kernel_compat.h"
#include "throne_comm.h"
#include "dynamic_manager.h"
@@ -357,62 +357,56 @@ static int do_set_feature(void __user *arg)
return 0;
}
static int do_proxy_file(void __user *arg) {
if (!ksu_file_sid) {
return -EBUSY;
}
static int do_get_wrapper_fd(void __user *arg) {
if (!ksu_file_sid) {
return -1;
}
struct ksu_proxy_file_cmd cmd;
struct ksu_get_wrapper_fd_cmd cmd;
int ret;
if (copy_from_user(&cmd, arg, sizeof(cmd))) {
pr_err("do_proxy_file: copy_from_user failed\n");
pr_err("get_wrapper_fd: copy_from_user failed\n");
return -EFAULT;
}
struct file* f = fget(cmd.fd);
if (!f) {
return -EBADF;
}
struct ksu_file_proxy *data = ksu_create_file_proxy(f);
struct file* f = fget(cmd.fd);
if (!f) {
return -EBADF;
}
struct ksu_file_wrapper *data = ksu_create_file_wrapper(f);
if (data == NULL) {
ret = -ENOMEM;
goto put_orig_file;
}
struct file* pf = anon_inode_getfile("[ksu_file_proxy]", &data->ops, data, f->f_flags);
if (IS_ERR(pf)) {
ret = PTR_ERR(pf);
pr_err("do_proxy_file: anon_inode_getfile failed: %ld\n", PTR_ERR(pf));
goto put_proxy_data;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 12, 0)
#define getfd_secure anon_inode_create_getfd
#else
#define getfd_secure anon_inode_getfd_secure
#endif
ret = getfd_secure("[ksu_fdwrapper]", &data->ops, data, f->f_flags, NULL);
if (ret < 0) {
pr_err("ksu_fdwrapper: getfd failed: %d\n", ret);
goto put_wrapper_data;
}
struct file* pf = fget(ret);
struct inode* proxy_inode = file_inode(pf);
struct inode_security_struct *sec = selinux_inode(proxy_inode);
struct inode* wrapper_inode = file_inode(pf);
struct inode_security_struct *sec = selinux_inode(wrapper_inode);
if (sec) {
sec->sid = ksu_file_sid;
}
ret = get_unused_fd_flags(cmd.flags);
if (ret < 0) {
pr_err("do_proxy_file: get unused fd failed: %d\n", ret);
goto put_proxy_file;
}
// pr_info("do_proxy_file: installed proxy fd for %p %d (flags=%d, mode=%d) to %p %d (flags=%d, mode=%d)", f, cmd.fd, f->f_flags, f->f_mode, pf, ret, pf->f_flags, pf->f_mode);
// pf->f_mode |= FMODE_READ | FMODE_CAN_READ | FMODE_WRITE | FMODE_CAN_WRITE;
fd_install(ret, pf);
fput(pf);
goto put_orig_file;
put_proxy_file:
fput(pf);
put_proxy_data:
ksu_delete_file_proxy(data);
put_wrapper_data:
ksu_delete_file_wrapper(data);
put_orig_file:
fput(f);
return ret;
return ret;
}
// 100. GET_FULL_VERSION - Get full version string
@@ -632,7 +626,7 @@ static const struct ksu_ioctl_cmd_map ksu_ioctl_handlers[] = {
{ .cmd = KSU_IOCTL_SET_APP_PROFILE, .name = "SET_APP_PROFILE", .handler = do_set_app_profile, .perm_check = only_manager },
{ .cmd = KSU_IOCTL_GET_FEATURE, .name = "GET_FEATURE", .handler = do_get_feature, .perm_check = manager_or_root },
{ .cmd = KSU_IOCTL_SET_FEATURE, .name = "SET_FEATURE", .handler = do_set_feature, .perm_check = manager_or_root },
{ .cmd = KSU_IOCTL_PROXY_FILE, .name = "PROXY_FILE", .handler = do_proxy_file, .perm_check = manager_or_root },
{ .cmd = KSU_IOCTL_GET_WRAPPER_FD, .name = "GET_WRAPPER_FD", .handler = do_get_wrapper_fd, .perm_check = manager_or_root },
{ .cmd = KSU_IOCTL_GET_FULL_VERSION,.name = "GET_FULL_VERSION", .handler = do_get_full_version, .perm_check = always_allow},
{ .cmd = KSU_IOCTL_HOOK_TYPE,.name = "GET_HOOK_TYPE", .handler = do_get_hook_type, .perm_check = manager_or_root},
{ .cmd = KSU_IOCTL_ENABLE_KPM, .name = "GET_ENABLE_KPM", .handler = do_enable_kpm, .perm_check = manager_or_root},