diff --git a/kernel/Kconfig b/kernel/Kconfig index edcff6c3..10c8be90 100644 --- a/kernel/Kconfig +++ b/kernel/Kconfig @@ -217,6 +217,17 @@ config KSU_SUSFS_SUS_SU the same as the su implementaion of non-gki kernel without kprobe supported. - Only apps with root access granted by ksu manager are allowed to get root. +config KSU_SUSFS_SUS_MAP + bool "Enable to hide some mmapped real file from different proc maps interfaces" + depends on KSU_SUSFS + default y + help + - Allow hiding mmapped real file from /proc//[maps|smaps|smaps_rollup|map_files|mem|pagemap] + - It does NOT support hiding for anon memory. + - It does NOT hide any inline hooks or plt hooks cause by the injected library itself. + - It may not be able to evade detections by apps that implement a good injection detection. + - Effective only on zygote spawned umounted user app process. + endmenu endmenu diff --git a/kernel/core_hook.c b/kernel/core_hook.c index 2c37aea3..5b76d1ec 100644 --- a/kernel/core_hook.c +++ b/kernel/core_hook.c @@ -1255,6 +1255,24 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3, return 0; } #endif // #ifdef CONFIG_KSU_SUSFS_SUS_SU +#ifdef CONFIG_KSU_SUSFS_SUS_MAP + if (arg2 == CMD_SUSFS_ADD_SUS_MAP) { + int error = 0; + if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_sus_map))) { + pr_err("susfs: CMD_SUSFS_ADD_SUS_MAP -> arg3 is not accessible\n"); + return 0; + } + if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { + pr_err("susfs: CMD_SUSFS_ADD_SUS_MAP -> arg5 is not accessible\n"); + return 0; + } + error = susfs_add_sus_map((struct st_susfs_sus_map __user*)arg3); + pr_info("susfs: CMD_SUSFS_ADD_SUS_MAP -> ret: %d\n", error); + if (copy_to_user((void __user*)arg5, &error, sizeof(error))) + pr_info("susfs: copy_to_user() failed\n"); + return 0; + } +#endif // #ifdef CONFIG_KSU_SUSFS_SUS_MAP if (arg2 == CMD_SUSFS_ENABLE_AVC_LOG_SPOOFING) { int error = 0; if (arg3 != 0 && arg3 != 1) {