android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kernel: Add sulog records for susfs

Browse Source
This commit is contained in:
ShirkNeko
2025-11-16 14:50:04 +08:00
parent be63a062ad
commit e2bcec1ee2
2 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
kernel/setuid_hook.c
View File

@@ -248,6 +248,10 @@ int ksu_handle_setresuid(uid_t ruid, uid_t euid, uid_t suid){
return 0; return 0;
} }
#if __SULOG_GATE
ksu_sulog_report_syscall(new_uid, NULL, "setuid", NULL);
#endif
// Check if spawned process is isolated service first, and force to do umount if so // Check if spawned process is isolated service first, and force to do umount if so
if (is_zygote_isolated_service_uid(new_uid) && susfs_is_umount_for_zygote_iso_service_enabled) { if (is_zygote_isolated_service_uid(new_uid) && susfs_is_umount_for_zygote_iso_service_enabled) {
goto do_umount; goto do_umount;

18
kernel/sucompat.c
View File

@@ -227,6 +227,12 @@ int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
if (likely(memcmp(filename->name, su_path, sizeof(su_path)))) if (likely(memcmp(filename->name, su_path, sizeof(su_path))))
return 0; return 0;
#if __SULOG_GATE
bool is_allowed = ksu_is_allow_uid_for_current(current_uid().val);
ksu_sulog_report_syscall(current_uid().val, NULL, "execve", su_path);
ksu_sulog_report_su_attempt(current_uid().val, NULL, su_path, is_allowed);
#endif
pr_info("do_execveat_common su found\n"); pr_info("do_execveat_common su found\n");
memcpy((void *)filename->name, ksud_path, sizeof(ksud_path)); memcpy((void *)filename->name, ksud_path, sizeof(ksud_path));
@@ -238,10 +244,6 @@ int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
int ksu_handle_execveat(int *fd, struct filename **filename_ptr, void *argv, int ksu_handle_execveat(int *fd, struct filename **filename_ptr, void *argv,
void *envp, int *flags) void *envp, int *flags)
{ {
if (!ksu_su_compat_enabled){
return 0;
}
if (ksu_handle_execveat_ksud(fd, filename_ptr, argv, envp, flags)) { if (ksu_handle_execveat_ksud(fd, filename_ptr, argv, envp, flags)) {
return 0; return 0;
} }
@@ -261,13 +263,14 @@ int ksu_handle_faccessat(int *dfd, const char __user **filename_user, int *mode,
strncpy_from_user_nofault(path, *filename_user, sizeof(path)); strncpy_from_user_nofault(path, *filename_user, sizeof(path));
if (unlikely(!memcmp(path, su_path, sizeof(su_path)))) { if (unlikely(!memcmp(path, su_path, sizeof(su_path)))) {
#if __SULOG_GATE
ksu_sulog_report_syscall(current_uid().val, NULL, "faccessat", path);
#endif
pr_info("faccessat su->sh!\n"); pr_info("faccessat su->sh!\n");
*filename_user = sh_user_path(); *filename_user = sh_user_path();
} }
return 0; return 0;
return 0;
} }
#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0) #if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0)
@@ -316,6 +319,9 @@ int ksu_handle_stat(int *dfd, const char __user **filename_user, int *flags)
strncpy_from_user_nofault(path, *filename_user, sizeof(path)); strncpy_from_user_nofault(path, *filename_user, sizeof(path));
if (unlikely(!memcmp(path, su_path, sizeof(su_path)))) { if (unlikely(!memcmp(path, su_path, sizeof(su_path)))) {
#if __SULOG_GATE
ksu_sulog_report_syscall(current_uid().val, NULL, "newfstatat", path);
#endif
pr_info("ksu_handle_stat: su->sh!\n"); pr_info("ksu_handle_stat: su->sh!\n");
*filename_user = sh_user_path(); *filename_user = sh_user_path();
} }