android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
2,438 Commits 11 Branches 15 Tags
nongki
Commit Graph

88 Commits

Author SHA1 Message Date
F640
57e3c095be include objsec.h unconditonally (#618) 2025-11-26 20:33:30 +08:00
F640
2aa0034695 fix compile on nongki branch (#602) 
* fix compile

* revert some edits
 2025-11-18 23:07:00 +08:00
fc5b87cf
c93cf58f48 kernel: Syncronize upstream changes (#198) 
* Cherry-picked range: (kernel)
ebea31daa8..6915b62b9a

* Also merged unmerged pr:
https://github.com/tiann/KernelSU/pull/ 2909

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: 5ec1cff <56485584+5ec1cff@users.noreply.github.com>
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: u9521 <63995396+u9521@users.noreply.github.com>
Co-authored-by: Wang Han <416810799@qq.com>
 2025-11-17 20:57:05 +08:00
Faris
a2211e2909 kernel, manager: Track upstream changes (#195) 
* These commits are carefully picked from upstream (tiann/KernelSU)

- Picked range:
8c5f485f27..e5f43a3427

Signed-off-by: Faris <rissu.ntk@gmail.com>
Co-authored-by: Wang Han <416810799@qq.com>
Co-authored-by: TwinbornPlate75 <3342733415@qq.com>
Co-authored-by: KOWX712 <leecc0503@gmail.com>
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: YuKongA <70465933+YuKongA@users.noreply.github.com>
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: 5ec1cff <56485584+5ec1cff@users.noreply.github.com>
Co-authored-by: weishu <twsxtd@gmail.com>
 2025-11-11 15:38:53 +08:00
Faris
29c6e2dbcc kernel, ksud: clean headers and add fd wrapper for devpts (#193) 
* Now Official KernelSU devpts compat is questionable
Squashed commits:
4893fad235
e7c3d4a6a6
4bb2dae3f5

Signed-off-by: Faris <rissu.ntk@gmail.com>
Co-authored-by: 5ec1cff <56485584+5ec1cff@users.noreply.github.com>
Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
 2025-11-08 12:08:54 +08:00
Faris
a8cdd014dc kernel: fix wrong non-kprobe sucompat handler 
* Oops, i should read the code correctly..

Signed-off-by: Faris <rissu.ntk@gmail.com>
 2025-11-08 11:54:05 +08:00
Fanuel Berhanu
97b57de3d0 Update sucompat.c (#535) 2025-11-08 01:42:43 +08:00
ShirkNeko
a8302120c4 fix 2025-11-07 17:28:13 +08:00
ShirkNeko
68f3be2cbe kernel, ksud, manager: New supercalls implementations 
* This commit squashes new supercall impl:
3138651a38..562a3b9be7

Thanks to these people below:

Official KernelSU:
Co-authored-by: Wang Han <416810799@qq.com>
Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: YuKongA <70465933+YuKongA@users.noreply.github.com>

xxKSU maintainer:
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
MMRL maintainer:
Co-authored-by: Der_Googler <54764558+dergoogler@users.noreply.github.com>
KSUN maintainer:
Co-authored-by: Rifat Azad <33044977+rifsxd@users.noreply.github.com>
KOWSU maintainer:
Co-authored-by: KOWX712 <leecc0503@gmail.com>
 2025-11-06 03:54:44 +08:00
backslashxx
6af2da13ae kernel: migrate barriers to spec barriers and code style thing 
overkill, but yeah, might as well move on to the real deal.

[ rsuntk: Rename original variable name ]
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-10-07 16:48:38 +08:00
ShirkNeko
b4bdd17e4e kernel: core_hook: intercept devpts via security_inode_permission LSM 
`ksu handles devpts with selinux lsm hook` - aviraxp

- no, not yet, but yes we can, thats a good idea.

This change tries to do that, so instead of hooking pts_unix98_lookup or
devpts_get_priv, we just watch security_inode_permission, if its devpts,
pass it along to the original handler.

EDIT: define devpts super magic if its undefined
- yeah I aint gonna include a conditional include of a header just for this
- while we can just fully remove the macro and inline, readability loss is bad

Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
 2025-09-22 23:54:51 +08:00
rsuntk
cc8cf28cbc kernel: handle optional backport for selinux_inode 
* For supporting kernel 4.19 with 5.10 bpf backports.

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-09-12 14:41:31 +08:00
rsuntk
a7efaf6b93 kernel: remove unused ifdef 
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-09-04 16:08:43 +08:00
rsuntk
856bbf79d0 kernel: stop intercepting devpts inode permission via LSM 
* Somehow, it just does not work properly. (sometimes)

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-09-04 16:07:06 +08:00
rsuntk
1294bbe853 kernel: fix -Wstrict-prototypes warnings/errors 
* On newer kernel for some reason -Wno-strict-prototypes still does not fix the errors or warnings.
* To fix it, we just need to add void type.

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-09-02 14:51:06 +08:00
ShirkNeko
7177a48678 Remove references to ksu_creds.h 2025-08-27 15:22:27 +08:00
rsuntk
98d543e989 kernel: nuke creds wrapper 
* Little bit complicated, so let's remove it.

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-08-27 15:15:17 +08:00
Helium_Studio
ce58519e66 kernel: Reformat code using clang-format (#347) 
* The coding format is too messy, reformat to improve readability
  and get closer to Linux kernel coding style.

* While at it, update .clang-format file to linux-mainline state.
 2025-08-22 14:02:20 +08:00
ShirkNeko
351dc15d08 Fix lld link ksu_current_uid problem 2025-08-16 14:34:51 +08:00
M. Faris
ff6a68221f kernel: add wrapper for creds, refine disable_seccomp, revert some changes (#131) 
1. Wrapper for creds:
* Some older kernel does not have {.val}, so, for nicer compatibility support and clean code,
make some wrapper for credential use.
* After this change, do not use current_uid().val, instead, use ksu_current_uid(). For more
info, check kernel/include/ksu_creds.h.

2. Refine disable_seccomp (need to add k6.11+ support)
https://github.com/tiann/KernelSU/pull/2708
https://github.com/tiann/KernelSU/issues/2706

3. Revert "Handle unmount for isolated process correctly"
Reason: https://github.com/tiann/KernelSU/pull/2696#issuecomment-3181866301

4. consolidate most of the gaps

Co-authored-by: Wang Han <416810799@qq.com>
 2025-08-16 13:11:58 +08:00
rsuntk
f63dbca3fa kernel: rename sh to ksud_path 
* Questionable naming.

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-08-03 23:01:15 +08:00
rsuntk
672041b4d6 kernel: Replace ksu_access_ok with macro 
Signed-off-by: rsuntk <rissu.ntk@gmail.com>
 2025-08-03 23:01:04 +08:00
rsuntk
0c87765958 kernel: increase reliability, add ksu_access_ok to simplify 
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-08-03 23:00:42 +08:00
rsuntk
39811e311f kernel: fixup sucompat 
* For whatever reason, sh is ksud.

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-08-03 23:00:17 +08:00
rsuntk
da477fd588 kernel: fixup! su_path->su, make it as an array 
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-08-03 22:59:55 +08:00
rsuntk
fc85270a35 kernel: code clean up and some inlining 
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-08-03 22:58:46 +08:00
rsuntk
f820b9aaa8 kernel: phase out devpts_hook 
* Since it's interceptable from LSM Hook,
then we just need to remove ksu_handle_devpts and
make a decoy for it.

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-06-27 12:26:55 +08:00
rsuntk
ea7e2f4db6 kernel: allow GKI kprobes to use LSM hook for ksu_handle_devpts 
* Also minor changes on comments

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-06-20 00:28:20 +08:00
ShirkNeko
430a3504d4 Fix line breaks in code and clean up unnecessary includes 2025-06-11 15:08:43 +08:00
backslashxx
bf06b92850 kernel: sucompat: increase reliability of execve_sucompat 
On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes
fails to copy `filename_user` string correctly. This breaks su ofc, breaking
some apps like Termux (Play Store ver), ZArchiver and Root Explorer.

This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer)

My speculation? ARMv8.0 has weak speculation :)

here we replace `strncpy_from_user_nofault()` with another routine:
 - access_ok() to validate the pointer
 - strncpy_from_user() to copy and validate string
 - manual null-termination just in case, as strncpy_from_user_nofault also does it
 - remove that memset, seems useless as it is an strncpy, not strncat

Kind of mimicking _nofault, but yes with this one we allow pagefaults.

Tested on:
- ARMv8.0 A73.a53, A57.a53, A53.a53
- ARMv8.2 A76.a55

Tested-by: iDead XD <rafifirdaus12bb@gmail.com>
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
 2025-05-24 14:26:31 +08:00
ShirkNeko
9d920e7cc5 kernel: added compatibility for non-GKI devices 
Co-authored-by: rsuntk <rsuntk@yukiprjkt.my.id>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
 2025-05-10 13:19:30 +08:00
ShirkNeko
ba26677cfc Merge some files and rewrite the update history 2025-03-22 14:09:21 +08:00
5ec1cff
a034dbbe6e remove devpts hook 2025-03-08 23:47:50 +08:00
weishu
500ff9bcbc kernel: remove unused CONFIG guard becuase GKI kernel enable kprobe by default 2025-02-16 21:38:59 +08:00
weishu
4593ae81c7 kernel: Allow to re-enable sucompat 2025-02-16 21:33:26 +08:00
Ylarod
898e9d4f8c [1.0] Drop Non-GKI Support (#1483) 
Co-authored-by: weishu <twsxtd@gmail.com>
 2024-06-01 14:50:46 +08:00
weishu
31653b11f1 kernel: replace devpts kprobe 2024-05-16 17:16:00 +08:00
weishu
123b66e84b kernel: fix devpts permission. close #1727 2024-05-16 10:32:48 +08:00
weishu
7af4f338e5 kernel: Fix compile error on 4.4. close #1720 2024-05-10 15:01:05 +08:00
weishu
109442f8c4 docs: Add devpts description for non gki 2024-05-09 12:05:10 +08:00
weishu
98757bcdb3 kernel: transition devpts in kernel 2024-05-08 21:15:49 +08:00
weishu
efbc07fde3 kernel: use library import 2024-04-27 09:55:24 +08:00
weishu
f982683825 kernel: refactor PR_REAL_REGS 2024-04-26 13:25:29 +08:00
buildbot
dedd54d890 kernel: use syscall hook for all version, remove code next version if works well 2024-04-26 11:42:24 +08:00
Another Guy
2027ac325f Hook syscalls and stable symbols (#1657) 
1. Replace `do_execveat_common` with `sys_execve` and `sys_execveat`
2. Replace `input_handle_event` with `input_event` and
`input_inject_event`

Tested on android12-5.10-2024-04, android13-5.15-2024-04.
android14-6.1-2024-04
 2024-04-26 11:27:48 +08:00
CallMESuper
8fe19d3876 kernel: fix issue with dfd parameter retrieval (#1543) 
Although in most cases, this system call might not be used, or when
called, AT_FDCWD(-100) is passed in.
 2024-03-27 16:29:53 +08:00
weishu
858ec910fd kernel: clean memory when exit 2024-03-24 16:41:53 +08:00
weishu
bc1e03feb1 kernel: remove unused headers 2024-03-20 23:14:30 +08:00
weishu
71b56ba700 kernel: fix panic cast 2024-03-20 15:39:07 +08:00
weishu
815f4d0428 kernel: hook newfstatat/faccessat syscall instead of unstable symbol 2024-03-20 15:15:26 +08:00