android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

kernel & KernelSU & ksu_susfs: Temp fix for avc log message being leaked by...

Browse Source 
kernel & KernelSU & ksu_susfs: Temp fix for avc log message being leaked by logd and added new toggle for enabling or disabling avc log spoofing

- See full details:
  https://android-review.googlesource.com/c/platform/system/logging/+/3725346/2
  https://github.com/aviraxp/ZN-AuditPatch

- Since spoofing avc log in kernel may make things harder when users trying to debug with some permission issues or selinux issues, so thats why the toggle is created here and this is just a temp fix implemented in kernel side

- usage: ksu_susfs enable_avc_log_spoofing <0|1>

Co-authored-by: simonpunk <simonpunk2016@gmail.com>
This commit is contained in:
ShirkNeko
2025-08-10 16:35:19 +08:00
parent 9e29b2c3d7
commit e2ea0138db
3 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
kernel/selinux/selinux.c
View File

@@ -14,9 +14,11 @@
#ifdef CONFIG_KSU_SUSFS
#define KERNEL_INIT_DOMAIN "u:r:init:s0"
#define KERNEL_ZYGOTE_DOMAIN "u:r:zygote:s0"
#define KERNEL_KERNEL_DOMAIN "u:r:kernel:s0"
u32 susfs_ksu_sid = 0;
u32 susfs_init_sid = 0;
u32 susfs_zygote_sid = 0;
u32 susfs_kernel_sid = 0;
#endif
static int transive_to_domain(const char *domain)
@@ -235,6 +237,11 @@ void susfs_set_init_sid(void)
bool susfs_is_current_init_domain(void) {
return unlikely(current_sid() == susfs_init_sid);
}
void susfs_set_kernel_sid(void)
{
susfs_set_sid(KERNEL_KERNEL_DOMAIN, &susfs_kernel_sid);
}
#endif
#define DEVPTS_DOMAIN "u:object_r:ksu_file:s0"