* use sys_enter tracepoint for sucompat
* update sucompat rules
* clean tif mark
* mark tif after load allow list
* clear all tif first, then mark target
* Fix shell su
* allow when escape
* fix bugs
* kernel: Resolve logical inconsistencies
---------
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: weishu <twsxtd@gmail.com>
* Revert "feat: try manual reboot hook (#521)"
This reverts commit 1853d9decf.
* kernel: core_hook: provide a better reboot handler
I propose that you pass cmd and arg as reference.
this is so we can have much more extendable use of that pointer
kernel: core_hook: provide sys_reboot handler
- 2e2727d56c
kernel: kp_ksud: add sys_reboot kp hook
- 03285886b0
I'm proposing passing arg as reference to arg pointer and also pass int cmd
we can use it to pass numbers atleast.
for advanced usage, we can use it as a delimiter so we can pass a pointer to array.
example pass a char *array[] which decays to a char ** and then use cmd as the number of array members.
we can pass the pointer of the first member of the array and use cmd as the delimiter (count) of members.
for simpler usecase, heres some that I added.
kernel: core_hook: expose umount list on sys_reboot interface
- 352de41e4b
kernel: core_hook: expose nuke_ext4_sysfs to sys_reboot interface
- 83fc684ccb
ksud: add cmd for add-try-umount, wipe-umount-list and nuke-ext4-sysfs
- a4eab4b8c3
more usage demos
https://github.com/backslashxx/lkm_template/tree/write-pointer-on-pointerhttps://github.com/backslashxx/lkm_template/tree/pointer-reuse
I actually proposed sys_reboot upstream because of this pointer that is very usable.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
---------
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
* refactor: replace throne tracker with ksud token
* use snprintf
* refactor: new supercall impl
- Import the sukisu command
* disable seccomp for supercall users
* kernel: fmt clear
* kernel: Enable macro protection for sulog
- Only enabled on kernel versions greater than 5.10.245
* kernel: Refactor kprobe hooks and implement LSM hooks for improved security handling
* debug mode
* kernel: Add functionality to generate and validate authentication tokens for cmd_su
* kernel: Simplified manual SU command processing for code
* kernel: replace renameat hook with fsnotify
* Revert "refactor: replace throne tracker with ksud token"
This reverts commit aa2cbbf.
* kernel: fix compile
* kernel: fix compile below 6.0
* Fix compile err; Add become_manager
* kernel: install fd for manager automaticlly
- extend to import the corresponding command
* manager: new supercall impl
* temp changes for ksud
* ksud: fix compile
* fix wrong opcode
* kernel: fix compile
* kernel: Fixed hook type and KPM status retrieval errors
* kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
* ksud: fix cargo check
* manager: Fixed an issue where the KSUD release and user-mode scanning switch failed to function correctly.
- kernel: fix spin lock mutual
kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
kernel: try introduce like susfs's method to fix prctl delay
* seccomp: allow reboot
* use u32
* update clang-format
* 4 spaces save the world
* ksud: Fix build on macOS
* manager: bump minimal supported kernel.
- When get_hook_type is empty, display “Unknown”.
* Fix ksud build (#2841)
* try fix ksud
* fix for macos
* remove any
* Fix ksud build, take 3
* try fix allowlist
* bring lsm hook back
* fix: a lot again
* Fix ksud build, take 4 (#2846)
Remove init_driver_fd function for non-linux/android targets
* manager: Return to the native method via KSUd installation
* Merge with susfs-mian format
---------
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: AlexLiuDev233 <wzylin11@outlook.com>
Co-authored-by: Wang Han <416810799@qq.com>
* kernel: Restore the sequence of sulog logs
* sus_su: more precise control of the SUS_SU functionality.
For devices with kernels from 4.9 to 4.14, the SUS_SU functionality
cannot be used due to serious defects in Kprobes. Therefore, the
corresponding SuSFS lacks all code related to the SUS_SU definitions.
---------
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
KernelSU: Some optimization on parsing susfs CMD; Synced with latest commit of official KernelSU: 0390ef5dd73252115e486d3301f9b3234ebf46aa
- Removed redundant ksu_access_ok() check since copy_to_user has dealt with it already on kernel version >= 5.10
- move int error = 0; before the parse of susfs CMD so that we do not need to declare it again and again in each arg2 compare block
- Synced with upstream, see 0390ef5dd7
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
- A more aggressive prctl side channel is already implemented by cimb octo app and this is found by backslashxx (https://github.com/backslashxx/)
- The fix is easy same as the one implemented for sus_su by checking the TIF_PROC_UMOUNTED bit in current->thread_info.flags in the very beginning of ksu_handle_prctl()
- Also we need make sure to explicitly check for ksu manager uid in ksu_handle_setuid() before checking for normal user app since ksu maanger app uid is excluded in allow_list_arr which ksu_uid_should_umount(manager_uid) will always return true
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
Brought back the toggle of umount for zygote spawned isolated service; Synced with KernelSU main branch with latest commit 37ef0d27067d3d7e7bf07a80547a1949864789c4
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
Changes:
1. Simplified the flow of mnt_id reorder, now it happens only after all sus mounts are umounted in ksu_handle_setuid()
2. All mounts mounted by ksu process will be flagged as sus mount and allocated with a fake mnt_id/mnt_group_id
during ONLY the post-fs-data and service stage, which means other ksu mounts during/after boot-completed stage
will not be handled by susfs.
3. Renaming:
- susfs_mnt_id_ida => susfs_ksu_mnt_id_ida
- susfs_mnt_group_ida => susfs_ksu_mnt_group_ida
- DEFAULT_SUS_MNT_ID => DEFAULT_KSU_MNT_ID
- DEFAULT_SUS_MNT_GROUP_ID => DEFAULT_KSU_MNT_GROUP_ID
4. Increased the default fake mnt_id to 300000, and default fake mnt_group_id to 3000.
5. Unify susfs_is_current_non_root_user_app_proc() and susfs_is_current_proc_su_not_allowed() as susfs_is_current_proc_umounted()
Unify susfs_set_current_non_root_user_app_proc() and susfs_set_current_proc_su_not_allowed() as susfs_set_current_proc_umounted()
Unify TIF_NON_ROOT_USER_APP_PROC and TIF_PROC_SU_NOT_ALLOWED as TIF_PROC_UMOUNTED
6. Removed unused susfs_is_allow_su()
7. Reworked a custom ksu_handle_setuid() which will be used if CONFIG_KSU_SUSFS is defined
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
reorder ksu_handle_prctl checks a bit to allow non-manager to use CMD 15
this allows us to piggyback a small su to KernelSU's permission system after
disabling kernel sucompat
from:
Relax prctl perm check
- 95125c32f9
Allow prctl only for root or manager or su binary
- fa7af67d94
Refine prctl access check, allow /product/bin/su
- dd466dc1b6
Refine prctl check a little bit more
- e7c5b24efa
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: nampud <nampud@users.noreply.github.com>
