android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
2,840 Commits 11 Branches 15 Tags
06018a2f0325a8152f502de2017b9ae9853dce5b
Commit Graph

646 Commits

Author SHA1 Message Date
Ylarod
06018a2f03 revert: still using workqueue for allowlist 2025-11-06 23:05:29 +08:00
Ylarod
1324a7f54e fix: enhanced security register 2025-11-06 23:02:27 +08:00
Ylarod
5df9431a22 kill pgrp in enhanced security 2025-11-06 23:01:59 +08:00
Ylarod
e54989e51a add mutex for sucompat mark 2025-11-06 23:01:45 +08:00
Ylarod
cf50be122e fix: sucompat (#2874) 
Co-authored-by: Wang Han <416810799@qq.com>
 2025-11-06 23:01:28 +08:00
ShirkNeko
3dde6d9a25 manager: some ui changes 
* Steeing: add enhanced security dropdown
* Settings: allow change module update check
* Settings: allow always enable/disable feat
* misc: update all deps

---------

Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: YuKongA <70465933+YuKongA@users.noreply.github.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
 2025-11-06 22:54:43 +08:00
ShirkNeko
132e9ef8ed kernel: Resolve compilation issues 2025-11-06 13:48:26 +08:00
ShirkNeko
e6436b340c kernel: clean headers 
Co-authored-by: weishu <twsxtd@gmail.com>
 2025-11-06 13:08:01 +08:00
weishu
9cdf98782d kernel: Set the tracepoint flag in a tracepoint manner 2025-11-06 13:02:13 +08:00
Ylarod
dece57cacf feature: add enhanced security (#2873) 2025-11-06 12:59:09 +08:00
weishu
c8e103062a kernel: remove unused workqueue 2025-11-06 12:56:00 +08:00
Ylarod
91312effba fix sepolicy patch hint (#2872) 2025-11-06 12:53:09 +08:00
Ylarod
fd60cda3b3 fix: mark tif (#2871) 2025-11-06 12:52:52 +08:00
ShirkNeko
5323a500dd kernel: use sys_enter tracepoint for sucompat (#533) 
* use sys_enter tracepoint for sucompat

* update sucompat rules

* clean tif mark

* mark tif after load allow list

* clear all tif first, then mark target

* Fix shell su

* allow when escape

* fix bugs

* kernel: Resolve logical inconsistencies

---------

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: weishu <twsxtd@gmail.com>
 2025-11-06 12:45:37 +08:00
ShirkNeko
0ce7bc2627 kernel: Migrate manual_su to ioctl 2025-11-06 02:52:14 +08:00
libingxuan
c9c62b25d2 support mainline kernel (#2869) 2025-11-05 23:00:42 +08:00
ShirkNeko
f8904b1b02 kernel: Resolved permission verification issue 2025-11-05 19:04:51 +08:00
ShirkNeko
89ce65e8ba Use a more appropriate minor version number 2025-11-05 16:41:30 +08:00
ShirkNeko
994fdfddf2 kernel: Use CONFIG_KSU_MANUAL_SU to protect MANUAL_SU 2025-11-05 16:17:54 +08:00
ShirkNeko
557e7f8153 bump KSU_VERSION_API to 4.0.0 2025-11-05 16:07:23 +08:00
backslashxx
9e9bb685f0 kernel: supercall: allow escalation on ioctl interface (#2862) 
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
 2025-11-05 15:52:00 +08:00
ShirkNeko
0400b94674 v2.0.0 2025-11-05 15:43:10 +08:00
ShirkNeko
247f7d4aee Kernel: Enable processes with corresponding UIDs to utilise netlink, and optimise netlink functionality 2025-11-05 15:41:14 +08:00
ShirkNeko
088ce97697 kernel: Remove prctl; use netlink communication to control manual_su 2025-11-05 03:53:54 +08:00
ShirkNeko
c0a86544d8 kernel: Remove macro definitions, pass variables using ccflags -y, and reapply manual su protection. 
kernel: stop printing useless message unless its ddk environment
* In-tree build show empty KDIR

-- KDIR:
-- MDIR: /home/runner/work/KernelSU-Test/KernelSU-Test/kernel_414/KernelSU/kernel
  AR      drivers/iommu/built-in.o
  CC      drivers/input/misc/uinput.o
-- KernelSU version: 12329
-- KernelSU: CONFIG_KSU_MANUAL_HOOK
-- Supported KernelSU Manager(s): tiann, rsuntk, 5ec1cff
  CC      drivers/kernelsu/ksu.o
  AR      drivers/input/joystick/built-in.o
  CC      drivers/hid/hid-roccat-pyra.o

Co-authored-by: Faris <rissu.ntk@gmail.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
 2025-11-05 02:18:38 +08:00
weishu
47bd84f3d1 kernel: init/exit umount feature 2025-11-04 22:29:55 +08:00
weishu
1439e486a1 kernel: rework umount with task_work 2025-11-04 21:57:10 +08:00
ShirkNeko
801bcb0e1f Revert "Implement workqueue for unmounting" 2025-11-04 21:55:00 +08:00
Ylarod
54b5fb5fdb ignore user settings 2025-11-04 21:29:19 +08:00
ShirkNeko
46fefc299c kernel: Remove CONFIG_KSU_MANUAL_SU protection 2025-11-04 21:28:39 +08:00
ShirkNeko
23cc0ceff1 Revert "ci: bump ddk to 20251104, fix android16-6.12 lkm" 
This reverts commit 257f0ca6de.
 2025-11-04 21:08:24 +08:00
backslashxx
8177afa81e kernel: core_hook: provide a better reboot handler (#523) 
* Revert "feat: try manual reboot hook (#521)"

This reverts commit 1853d9decf.

* kernel: core_hook: provide a better reboot handler

I propose that you pass cmd and arg as reference.
this is so we can have much more extendable use of that pointer

kernel: core_hook: provide sys_reboot handler
- 2e2727d56c

kernel: kp_ksud: add sys_reboot kp hook
- 03285886b0

I'm proposing passing arg as reference to arg pointer and also pass int cmd
we can use it to pass numbers atleast.
for advanced usage, we can use it as a delimiter so we can pass a pointer to array.

example pass a char *array[] which decays to a char ** and then use cmd as the number of array members.
we can pass the pointer of the first member of the array and use cmd as the delimiter (count) of members.

for simpler usecase, heres some that I added.

kernel: core_hook: expose  umount list on sys_reboot interface
- 352de41e4b

kernel: core_hook: expose nuke_ext4_sysfs to sys_reboot interface
- 83fc684ccb

ksud: add cmd for add-try-umount, wipe-umount-list and nuke-ext4-sysfs
- a4eab4b8c3

more usage demos
https://github.com/backslashxx/lkm_template/tree/write-pointer-on-pointer
https://github.com/backslashxx/lkm_template/tree/pointer-reuse

I actually proposed sys_reboot upstream because of this pointer that is very usable.

Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>

---------

Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
 2025-11-04 19:51:40 +08:00
ShirkNeko
257f0ca6de ci: bump ddk to 20251104, fix android16-6.12 lkm 
-kernel: Using macros to control manual su operations

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
 2025-11-04 19:44:43 +08:00
ShirkNeko
c863ff6f49 ci: Attempting once more to build the LKM using the DDK 2025-11-04 19:28:13 +08:00
backslashxx
18e60ededa Reapply: "kernel: Allow to use in Private Space" (#2857) 
rebase of
0576495b4b

Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: weishu <twsxtd@gmail.com>
 2025-11-04 11:17:46 +08:00
AlexLiuDev233
1853d9decf feat: try manual reboot hook (#521) 
* feat: try manual reboot hook

* refactor: move ksu_handle_reboot to supercalls.c for ShirkNeko

---------
 2025-11-04 01:08:49 +08:00
ShirkNeko
d286f49e11 [skip ci]kernel: Migrating KPM to ioctl 2025-11-04 00:52:13 +08:00
ShirkNeko
c75b041c40 kernel: Reset KERNEL_SU_OPTION to 0xDEADBEEF 2025-11-03 12:12:08 +08:00
ShirkNeko
59339b806a Revert "ci: use ddk for faster ci, manual gki image build" 
This reverts commit 33d1f18395.
 2025-11-03 03:49:56 +08:00
ShirkNeko
2433d64b6b Revert "ci: Attempting to resolve the issue with DDK compilation being unavailable" 
This reverts commit a622657092.
 2025-11-03 03:39:46 +08:00
ShirkNeko
a622657092 ci: Attempting to resolve the issue with DDK compilation being unavailable 2025-11-03 00:57:29 +08:00
Ylarod
b4e682148a kernel: remove dynamic alloc in feature 2025-11-03 00:41:27 +08:00
Ylarod
450dbf14fc kernel: disable setuid debug log 2025-11-02 23:49:40 +08:00
Ylarod
d89eab2c34 use cap_task_fix_setuid hook to avoid inline issue 2025-11-02 22:04:28 +08:00
ShirkNeko
a6b86a4f99 ci: skip dup lkm build 
- Fixed and added build 6.12

- Repair construction

Co-authored-by: Ylarod <me@ylarod.cn>
 2025-11-02 21:53:53 +08:00
ShirkNeko
33d1f18395 ci: use ddk for faster ci, manual gki image build 
Co-authored-by: Ylarod <me@ylarod.cn>
 2025-11-02 20:54:58 +08:00
Ylarod
8ebe60ca04 update ioctl macro (#2850) 2025-11-02 20:15:55 +08:00
ShirkNeko
47bcc956a3 fix lot (#518) 
* refact: use feature subsystem

* use 64bit feature

* fix

* add fixme

* add feature max to get_info

* use 32bit feature id

* allow root to get/set feature

* more clean perm_check functions

* fix

* add feature command to ksud

kernel: do not expose perm checker

* fix security_task_fix_setuid_handler_pre

* add android16-6.12 ci

* manager: add kernel_umount switch

Co-authored-by: YuKongA <70465933+YuKongA@users.noreply.github.com>

* manager: Reinstate the LKM selection function

* kernel: add name and print command value

- Optimise sulog log display

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>

* fix

* ksud: clippy

---------

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: YuKongA <70465933+YuKongA@users.noreply.github.com>
Co-authored-by: weishu <twsxtd@gmail.com>
 2025-11-02 20:01:24 +08:00
Ylarod
97ec718fea switch ns umount 2025-11-02 12:23:23 +08:00
Wang Han
5c96f951b5 Implement workqueue for unmounting 
umount schedules, so it cannot be used in kprobe context.
 2025-11-02 12:21:00 +08:00