kernel: Add kernel compatibility for cmd_su

kernel/core_hook.c

@@ -1774,7 +1774,7 @@ int ksu_bprm_check(struct linux_binprm *bprm)
 
 }
 
-#ifdef CONFIG_KSU_MANUAL_SU
+#if LINUX_VERSION_CODE > KERNEL_VERSION(4, 10, 0) && defined(CONFIG_KSU_MANUAL_SU)
 static int ksu_task_alloc(struct task_struct *task,
                           unsigned long clone_flags)
 {
@@ -1801,8 +1801,8 @@ static struct security_hook_list ksu_hooks[] = {
 	LSM_HOOK_INIT(inode_rename, ksu_inode_rename),
 	LSM_HOOK_INIT(task_fix_setuid, ksu_task_fix_setuid),
 	LSM_HOOK_INIT(inode_permission, ksu_inode_permission),
-#ifdef CONFIG_KSU_MANUAL_SU
-	LSM_HOOK_INIT(task_alloc, ksu_task_alloc),
+#if LINUX_VERSION_CODE > KERNEL_VERSION(4, 10, 0) && defined(CONFIG_KSU_MANUAL_SU)
+    LSM_HOOK_INIT(task_alloc, ksu_task_alloc),
 #endif
 #ifndef CONFIG_KSU_KPROBES_HOOK
 	LSM_HOOK_INIT(bprm_check_security, ksu_bprm_check),

kernel/manual_su.h

@@ -3,6 +3,7 @@
 
 #include <linux/types.h>
 #include <linux/sched.h>
+#include <linux/version.h>
 
 #define KSU_SU_VERIFIED_BIT (1UL << 0)
 
@@ -11,6 +12,17 @@ struct su_request_arg {
     const char __user *user_password;
 };
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 10, 0)
+static inline bool ksu_is_current_verified(void)
+{
+    return ((unsigned long)(current->cred->security) & KSU_SU_VERIFIED_BIT) != 0;
+}
+
+static inline void ksu_mark_current_verified(void)
+{
+    current->cred->security = (void *)((unsigned long)(current->cred->security) | KSU_SU_VERIFIED_BIT);
+}
+#else
 static inline bool ksu_is_current_verified(void)
 {
     return ((unsigned long)(current->security) & KSU_SU_VERIFIED_BIT) != 0;
@@ -20,6 +32,7 @@ static inline void ksu_mark_current_verified(void)
 {
     current->security = (void *)((unsigned long)(current->security) | KSU_SU_VERIFIED_BIT);
 }
+#endif
 
 int ksu_manual_su_escalate(uid_t target_uid, pid_t target_pid,
                            const char __user *user_password);