* kernel: Use NR_syscalls instead of SECCOMP_ARCH_NATIVE_NR
Old kernels don't has SECCOMP_ARCH_NATIVE_NR. But according to its definition,
it's equal to NR_syscalls. So use NR_syscalls instead.
* kernel: Fix wrong kernel version check
fsnotify_add_inode_mark was introduced in 4.17-rc5, not 4.12
* Pre Linux 5.9, handle_inode_event did not exist. This is was covered by handle_event.
* handle_event have a lot of changes, neither in arguments counts and arguments arrangements.
* Use fsnotify_add_mark_locked instead of fsnotify_add_inode_mark for kernel pre 4.12
NOTE: fsnotify_add_mark_locked is not tested! Report bugs if you found it!
Signed-off-by: Faris <rissu.ntk@gmail.com>
* refactor: replace throne tracker with ksud token
* use snprintf
* refactor: new supercall impl
- Import the sukisu command
* disable seccomp for supercall users
* kernel: fmt clear
* kernel: Enable macro protection for sulog
- Only enabled on kernel versions greater than 5.10.245
* kernel: Refactor kprobe hooks and implement LSM hooks for improved security handling
* debug mode
* kernel: Add functionality to generate and validate authentication tokens for cmd_su
* kernel: Simplified manual SU command processing for code
* kernel: replace renameat hook with fsnotify
* Revert "refactor: replace throne tracker with ksud token"
This reverts commit aa2cbbf.
* kernel: fix compile
* kernel: fix compile below 6.0
* Fix compile err; Add become_manager
* kernel: install fd for manager automaticlly
- extend to import the corresponding command
* manager: new supercall impl
* temp changes for ksud
* ksud: fix compile
* fix wrong opcode
* kernel: fix compile
* kernel: Fixed hook type and KPM status retrieval errors
* kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
* ksud: fix cargo check
* manager: Fixed an issue where the KSUD release and user-mode scanning switch failed to function correctly.
- kernel: fix spin lock mutual
kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
kernel: try introduce like susfs's method to fix prctl delay
* seccomp: allow reboot
* use u32
* update clang-format
* 4 spaces save the world
* ksud: Fix build on macOS
* manager: bump minimal supported kernel.
- When get_hook_type is empty, display “Unknown”.
* Fix ksud build (#2841)
* try fix ksud
* fix for macos
* remove any
* Fix ksud build, take 3
* try fix allowlist
* bring lsm hook back
* fix: a lot again
* Fix ksud build, take 4 (#2846)
Remove init_driver_fd function for non-linux/android targets
* manager: Return to the native method via KSUd installation
* Merge with susfs-mian format
---------
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: AlexLiuDev233 <wzylin11@outlook.com>
Co-authored-by: Wang Han <416810799@qq.com>
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
* kernel: Restore the sequence of sulog logs
* sus_su: more precise control of the SUS_SU functionality.
For devices with kernels from 4.9 to 4.14, the SUS_SU functionality
cannot be used due to serious defects in Kprobes. Therefore, the
corresponding SuSFS lacks all code related to the SUS_SU definitions.
---------
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
KernelSU: Some optimization on parsing susfs CMD; Synced with latest commit of official KernelSU: 0390ef5dd73252115e486d3301f9b3234ebf46aa
- Removed redundant ksu_access_ok() check since copy_to_user has dealt with it already on kernel version >= 5.10
- move int error = 0; before the parse of susfs CMD so that we do not need to declare it again and again in each arg2 compare block
- Synced with upstream, see 0390ef5dd7
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
* Due to numerous changes on LSM (Linux Security Module) in Linux 6.8+
* This is temporary guard until a working solution exist.
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
kernel & KernelSU: More Optimization on SUS_MOUNT and AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT; Dropped HAS_MAGIC_MOUNT feature in Kconfig
- In order to stop more performance loss, the changes here is not to monitor any ksu mounts anymore during/after boot-completed stage,
since monitoring the free of mnt_id and reordering the mnt_id takes some CPU cycles already.
- HAS_MAGIC_MOUNT is not needed anymore and catching magic mounts can be simplifed by checking whether
1. It is bind mount
2. Its mnt_devname is "KSU"
3. It is a directory
4. mounted path begins with "/debug_ramdisk/workdir/"
- Some sus bind mounts still cannot be catched with these changes, like revanced youtube module,
since it bind mounts after the user data is decrypted, at this point user may need to manually
add the mounted path to try_umount.
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
- A more aggressive prctl side channel is already implemented by cimb octo app and this is found by backslashxx (https://github.com/backslashxx/)
- The fix is easy same as the one implemented for sus_su by checking the TIF_PROC_UMOUNTED bit in current->thread_info.flags in the very beginning of ksu_handle_prctl()
- Also we need make sure to explicitly check for ksu manager uid in ksu_handle_setuid() before checking for normal user app since ksu maanger app uid is excluded in allow_list_arr which ksu_uid_should_umount(manager_uid) will always return true
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
