android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kernel: Remove macro definitions, pass variables using ccflags -y, and reapply manual su protection.

Browse Source 
kernel: stop printing useless message unless its ddk environment
* In-tree build show empty KDIR

-- KDIR:
-- MDIR: /home/runner/work/KernelSU-Test/KernelSU-Test/kernel_414/KernelSU/kernel
  AR      drivers/iommu/built-in.o
  CC      drivers/input/misc/uinput.o
-- KernelSU version: 12329
-- KernelSU: CONFIG_KSU_MANUAL_HOOK
-- Supported KernelSU Manager(s): tiann, rsuntk, 5ec1cff
  CC      drivers/kernelsu/ksu.o
  AR      drivers/input/joystick/built-in.o
  CC      drivers/hid/hid-roccat-pyra.o

Co-authored-by: Faris <rissu.ntk@gmail.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
This commit is contained in:
ShirkNeko
2025-11-05 02:18:38 +08:00
parent 47bd84f3d1
commit c0a86544d8
12 changed files with 74 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
kernel/core_hook.c
View File

@@ -41,7 +41,10 @@
#include "kernel_compat.h"
#include "supercalls.h"
#include "sulog.h"
#ifdef CONFIG_KSU_MANUAL_SU
#include "manual_su.h"
#endif
bool ksu_module_mounted = false;
@@ -55,6 +58,7 @@ bool ksu_is_compat __read_mostly = false;
extern int __ksu_handle_devpts(struct inode *inode); // sucompat.c
#ifdef CONFIG_KSU_MANUAL_SU
static void ksu_try_escalate_for_uid(uid_t uid)
{
if (!is_pending_root(uid))
@@ -63,6 +67,7 @@ static void ksu_try_escalate_for_uid(uid_t uid)
pr_info("pending_root: UID=%d temporarily allowed\n", uid);
remove_pending_root(uid);
}
#endif
static bool ksu_kernel_umount_enabled = true;
@@ -230,6 +235,8 @@ void escape_to_root(void)
#endif
}
#ifdef CONFIG_KSU_MANUAL_SU
static void disable_seccomp_for_task(struct task_struct *tsk)
{
if (!tsk->seccomp.filter && tsk->seccomp.mode == SECCOMP_MODE_DISABLED)
@@ -252,6 +259,7 @@ static void disable_seccomp_for_task(struct task_struct *tsk)
tsk->seccomp.filter = NULL;
#endif
}
#endif
}
void escape_to_root_for_cmd_su(uid_t target_uid, pid_t target_pid)
@@ -387,7 +395,11 @@ static void sulog_prctl_cmd(uid_t uid, unsigned long cmd)
const char *name = NULL;
switch (cmd) {
#ifdef CONFIG_KSU_MANUAL_SU
case CMD_MANUAL_SU_REQUEST: name = "prctl_manual_su_request"; break;
#endif
default: name = "prctl_unknown"; break;
}
@@ -420,6 +432,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
pr_info("option: 0x%x, cmd: %ld\n", option, arg2);
#endif
#ifdef CONFIG_KSU_MANUAL_SU
if (arg2 == CMD_MANUAL_SU_REQUEST) {
struct manual_su_request request;
int su_option = (int)arg3;
@@ -446,6 +459,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
}
return 0;
}
#endif
return 0;
}
@@ -770,7 +784,9 @@ static int ksu_bprm_check_handler_pre(struct kprobe *p, struct pt_regs *regs)
ksu_handle_pre_ksud(filename);
#ifdef CONFIG_KSU_MANUAL_SU
ksu_try_escalate_for_uid(current_uid().val);
#endif
return 0;
}
@@ -780,6 +796,7 @@ static struct kprobe ksu_bprm_check_kp = {
.pre_handler = ksu_bprm_check_handler_pre,
};
#ifdef CONFIG_KSU_MANUAL_SU
// 6. task_alloc hook for handling manual su escalation
static int ksu_task_alloc_handler_pre(struct kprobe *p, struct pt_regs *regs)
{
@@ -793,6 +810,7 @@ static struct kprobe ksu_task_alloc_kp = {
.symbol_name = "security_task_alloc",
.pre_handler = ksu_task_alloc_handler_pre,
};
#endif
__maybe_unused int ksu_kprobe_init(void)
{
@@ -839,6 +857,7 @@ __maybe_unused int ksu_kprobe_init(void)
pr_info("bprm_check_security kprobe registered successfully\n");
}
#ifdef CONFIG_KSU_MANUAL_SU
// Register task_alloc kprobe
rc = register_kprobe(&ksu_task_alloc_kp);
if (rc) {
@@ -846,6 +865,7 @@ __maybe_unused int ksu_kprobe_init(void)
} else {
pr_info("task_alloc kprobe registered successfully\n");
}
#endif
return 0;
}
@@ -857,7 +877,9 @@ __maybe_unused int ksu_kprobe_exit(void)
unregister_kprobe(&prctl_kp);
unregister_kprobe(&ksu_inode_permission_kp);
unregister_kprobe(&ksu_bprm_check_kp);
#ifdef CONFIG_KSU_MANUAL_SU
unregister_kprobe(&ksu_task_alloc_kp);
#endif
return 0;
}