android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
2,515 Commits 11 Branches 15 Tags
484054003862b8ae740c4f0aaa93541c453468be
Commit Graph

96 Commits

Author SHA1 Message Date
ShirkNeko
dd6d695020 kernel:Add Dynamic Signature Configuration 2025-07-05 16:21:29 +08:00
古塵
4532bab230 kernel: refactor CMD_GET_FULL_VERSION to safely initialize version string (#220) 
Use strscpy()/strlcpy() to populate the version buffer in CMD_GET_FULL_VERSION
instead of relying on uninitialized memory. This ensures the returned string
is null-terminated and avoids exposing garbage data to user space.

Signed-off-by: schqiushui <orochi9999@gmail.com>
 2025-06-27 10:42:38 +08:00
ShirkNeko
2c2698f6bc kernel: Rewrite kernle version code management 
Co-authored-by: lamadaemon <i@lama.icu>
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
 2025-06-24 23:16:16 +08:00
rsuntk
483a39c7ac kernel: core_hook: fix refcount leaks on try_umount (#2635) 
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
 2025-06-19 18:28:21 +08:00
Wang Han
1bac30930f Switch to prepare_creds/commit_creds 
Update API as per kernel doc recommends, also fix setup_groups refcount
leak while at it.
 2025-06-10 23:39:08 +08:00
ShirkNeko
8f4c58c4c3 [skip ci]: kernel: simplify KPM enabled check in ksu_handle_prctl 2025-05-24 15:25:54 +08:00
rsuntk
7e88e9648f kernel: guard nuke_ext4_sysfs 
Rather than using depends on / select,
i just prefer this way, although, yes, it is
an ifdef hell.

Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
 2025-05-24 15:05:44 +08:00
ShirkNeko
d619f5fafc Refactoring KPM support to check KPM status using CMD_ENABLE_KPM 2025-05-24 03:28:28 +08:00
liankong
079f74d960 更改返回值处理方式 2025-03-31 19:47:22 +08:00
liankong
af78f3bac4 转变为仅在内核留下Stub在外部加载KPM 2025-03-31 13:55:48 +08:00
ShirkNeko
0db25f14f1 添加 KPM 状态信息输出,并更新支持的非官方管理器信息 2025-03-30 19:45:10 +08:00
liankong
c6664af45b 修复 2025-03-30 17:15:25 +08:00
liankong
770c9632ae 添加panic时打印出对应KPM信息的情况 2025-03-30 16:52:44 +08:00
liankong
315df33bd6 添加跳过CFI检查的机制 2025-03-30 16:14:23 +08:00
ShirkNeko
fcf2739cbc 添加 KPM 模块控制的条件编译支持 2025-03-30 02:42:40 +08:00
ShirkNeko
8972327faa manager: add KPM module with control codes and compact symbol handling 2025-03-29 21:04:54 +08:00
ShirkNeko
ba26677cfc Merge some files and rewrite the update history 2025-03-22 14:09:21 +08:00
AlexLiuDev233
931ababd14 kernel: fix sometimes sucompat can not toggle by manager (#2484) 
When the manager is already running, if other programs / kernel toggle
the sucompat enable status,
The manager "Disable SU Compat" toggle button can not work, kmesg print
"cmd enable su but no need to change."

I think we should still return reply_ok when the syscall value is
consistent with the kernel, which would fix the issue.
 2025-03-01 15:59:18 +08:00
Wang Han
1feac4c621 Fix reference count leak in nuke_ext4_sysfs() (#2467) 
We need to call path_put() to decrease the refcount.
 2025-02-23 10:42:24 +08:00
weishu
de291151f1 kernel: unregister sysfs for module's ext4 image 2025-02-17 21:06:21 +08:00
weishu
500ff9bcbc kernel: remove unused CONFIG guard becuase GKI kernel enable kprobe by default 2025-02-16 21:38:59 +08:00
weishu
2096bd7304 kernel: add support for disable sucompat 2025-02-16 19:29:58 +08:00
5ec1cff
62ef18b560 kernel: clear securebits (#2387) 
fix adb shell cannot escape to root after #2381
 2025-01-28 19:02:14 +08:00
Wang Han
7a71da057e Clean up umount targets (#2386) 2025-01-27 19:35:33 +08:00
Wang Han
38640ee4a6 Avoid unnecessarily overriding capabilities (#2381) 
Previously all capabilities were overridden with 0xffffffffffffffff,
which is
not what normal processes have. This causes PR_CAPBSET_DROP prctl
fail because it is dropping invalid caps. Fix it.

This fixes
https://gitlab.com/kalilinux/nethunter/apps/kali-nethunter-app/-/issues/378.

Co-Authored-By: 5ec1cff <56485584+5ec1cff@users.noreply.github.com>

Co-authored-by: 5ec1cff <56485584+5ec1cff@users.noreply.github.com>
 2025-01-25 17:29:08 +08:00
SsageParuders
58ed786c43 Improve seccomp disable && Add locking to protect cred modifications in escape_to_root (#2320) 
- When disabling Seccomp, ensure that current->sighand->siglock is held
during the operation.
- Locking to ensure safe access and modification of the `cred` structure
within the `escape_to_root` function.

---

I think this issue described in #2236 may have been caused by concurrent
read-write access without proper locking.

---------

Signed-off-by: SsageParuders<qinqingqing1025@gmail.com>
Signed-off-by: SsageParuders <qinqingqing1025@gmail.com>"
 2024-12-28 13:33:21 +08:00
Huy Minh
27bb2491c2 kernel: Relax dentry_path_raw compare in core_hook (#2041) 
On Android-x86 (or BlissOS) it initialize Android by using switch_root
or chroot, when checking a path with dentry_path_raw() it will show the
whole real path instead of the path that we want.

Relax the checking requirement by using strstr to look for
"/system/packages.list" in the string instead of requiring the path to
be "/system/packages.list"

This fixes #1783

Signed-off-by: hmtheboy154 <buingoc67@gmail.com>
 2024-09-07 10:59:06 +08:00
Ylarod
898e9d4f8c [1.0] Drop Non-GKI Support (#1483) 
Co-authored-by: weishu <twsxtd@gmail.com>
 2024-06-01 14:50:46 +08:00
weishu
0576495b4b kernel: Allow to use in Private Space 2024-05-16 12:03:58 +08:00
weishu
efbc07fde3 kernel: use library import 2024-04-27 09:55:24 +08:00
weishu
f982683825 kernel: refactor PR_REAL_REGS 2024-04-26 13:25:29 +08:00
D8G Official
444574739c Fix missing semicolon (#1551) 
Fix build non gki kernel
 2024-03-28 20:22:00 +08:00
Coconut
4f05fe226e kernel:Add Huawei hisi check (#1545) 
Use huawei_hisi_check.h to determine whether it is an old Huawei
HiSilicon device.
Solve:  
1. Compatible with non-GKI Huawei HiSilicon devices
2. Solve different bugs in EMUI of different system versions
3. Does not affect other devices
 2024-03-28 14:20:00 +08:00
weishu
4ac203a78d kernel: Fix misleading log 2024-03-27 17:29:03 +08:00
Jprimero15
cb7f414e39 kernel: guard "umount for uid" logprint with CONFIG_KSU_DEBUG (#1519) 
Its too spammy to be on non-debug mode.
 2024-03-24 21:42:23 +08:00
weishu
858ec910fd kernel: clean memory when exit 2024-03-24 16:41:53 +08:00
weishu
dc5f911e43 kernel: remove become_manager and minor refactors 2024-03-24 11:20:43 +08:00
weishu
e1f9900b2f kernel: simplify prctl 2024-03-23 23:11:47 +08:00
weishu
9a04211051 kernel: Let the kernel choose who is qualified to be the manager. 2024-03-23 21:48:03 +08:00
weishu
b3a15e2b6b kernel: Fix the incorrect judgment condition. 2024-03-21 11:48:02 +08:00
weishu
c5d423c4eb kernel: ignore all non application uid 2024-03-21 11:45:44 +08:00
weishu
64908583e9 kernel: Fix compile warning 2024-03-21 11:32:30 +08:00
weishu
c408710b11 kernel: minor fixes 2024-03-21 11:24:56 +08:00
backslashxx
247aa877e4 fixup! Suggest non-gki kernel users to backport path_umount (#1477) 
My bad.

as reported by @AzusaHana on tg

![image](https://github.com/tiann/KernelSU/assets/118538522/a67f97c2-20f7-4ee6-9ae1-9f9089376857)
 2024-03-19 15:39:54 +08:00
weishu
ce0c397a65 kernel: support query working mode 2024-03-19 11:52:17 +08:00
backslashxx
b4cfc2f298 Suggest non-gki kernel users to backport path_umount (#1464) 
Most kernel builders have to touch their kernel source code anyway, why
not also tell them to backport path_umount so even non-gki users can
benefit from this?

I know this might be a bit controversial as this will raise the barrier
of entry, but the benefits are just so high.

Idea was from OnlyTomInSecond on KernelSU group chat way back, and it
has been on the discussions for some time

references:
https://t.me/KernelSU_group/27237/176515
https://t.me/KernelSU_group/3249/184908

https://github.com/tiann/KernelSU/discussions/955#discussioncomment-7617166

03d233db8b
https://github.com/tiann/KernelSU/pull/1060 


https://elixir.bootlin.com/linux/v5.9.1/source/fs/namespace.c#L1728
https://elixir.bootlin.com/linux/v5.10.9/source/fs/namespace.c#L1730
https://elixir.bootlin.com/linux/v6.5/source/fs/namespace.c#L1887
https://github.com/tiann/KernelSU/pull/1464#issuecomment-2002492107


Kernel side change examples
5.4
961d978862
4.19
164917f56d
4.14
c07c70a0c5
4.9
195f07593a
4.4
21ea33fe41
https://github.com/tiann/KernelSU/pull/1464#issuecomment-2002424069
ofcourse having someone on 3.18 confirm this will be nice.

**PROS**: umount modules for everyone
**CONS**: barrier of entry +1

---------

Co-authored-by: Christoph Hellwig <hch@lst.de>
Co-authored-by: Fede2782 <78815152+Fede2782@users.noreply.github.com>
Co-authored-by: Tom <31297720+onlytominsecond@users.noreply.github.com>
 2024-03-18 10:27:31 +08:00
Ylarod
7568d55be1 Build KernelSU as LKM (#1254) 
Co-authored-by: weishu <twsxtd@gmail.com>
 2024-03-15 18:53:24 +08:00
Wang Han
3e2de84a81 Guard a few logprint in prctl path with KSU_DEBUG (#1402) 2024-02-29 13:47:22 +08:00
weishu
07e475c5dc kernel: prevent become manager when failed. close #1328 2024-02-03 20:03:26 +08:00
weishu
e9997a07c1 kernel: avoding umount when there isn't any module. close #556 2024-01-08 12:55:08 +08:00