Fixed function definition and restored missing ksu_try_umount calls that were unintentionally removed in previous commits. This includes unmounts for:
- /debug_ramdisk
- /sbin
- /system/etc/hosts
- /apex/com.android.art/bin/dex2oat64
- /apex/com.android.art/bin/dex2oat32
Fixes: b443b11df9 ("kernel: Refactoring the mount point unloading logic")
Fixes: da7632470d ("kernel: 使用 try_umount 替换 ksu_try_umount 以统一卸载逻辑")
Signed-off-by: schqiushui <orochi9999@gmail.com>
Skip directories that does NOT have the same magic as /data/app.
This is to avoid scanning incfs and any other stacked filesystems.
While this is way dumber, it's way cheaper.
no kern_path(), no missable path_put(), no ref handling.
This supercedes
`throne_tracker: avoid cross fs access
(https://github.com/tiann/KernelSU/pull/2626)`
- upstream
0b6998b474
Signed-off-by: backslashxx
<118538522+backslashxx@users.noreply.github.com>
context: this is known by many as `selinux hook`, `4.9 hook`
add is_ksu_transition check which allows ksud execution under nosuid.
it also eases up integration on 3.X kernels that does not have check_nnp_nosuid.
this also adds a `ksu_execveat_hook` check since this transition is NOT needed
anymore once ksud ran.
Usage:
if (check_ksu_transition(old_tsec, new_tsec))
return 0;
on either check_nnp_nosuid or selinux_bprm_set_creds (after execve sid reset)
reference: dfe003c9fd
taken from:
`allow init exec ksud under nosuid`
- 3df9df42a6
- https://github.com/tiann/KernelSU/pull/166#issue-1565872173
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
* Some people reports about undefined reference to `sys_umount`
* Since ksys_umount exist on Linux 4.17-rc1, then we gonna use that one.
Rev 2: Use correct int instead of long for ksys_umount
Signed-off-by: rsuntk <90097027+rsuntk@users.noreply.github.com>
I am repasting here what I posted on the source code originally:
/*
* turns out path_umount backport is completely unneeded
* we copy the trick used on strncpy_from_unsafe_user / strncpy_from_user_nofault
* https://elixir.bootlin.com/linux/v4.4.302/source/mm/maccess.c#L184
* basically
*
* mm_segment_t old_fs = get_fs(); // remember original fs segment
* set_fs(USER_DS); // or KERNEL_DS *
* do_whatever_in_userspace();
* set_fs(old_fs); // restore fs segment
*
* * kernel -> user, KERNEL_DS, user -> kernel, USER_DS
*
* so yes, we can try to straight up call a syscall from kernel space
*
* NOTE: on newer kernels you can use force_uaccess_begin + force_uaccess_end
* ref: https://elixir.bootlin.com/linux/v5.10.237/source/mm/maccess.c#L250
*
*/
path_umount backport now optional — neat trick, werks, what can I say.
Backports? Nah, we’re good.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes
fails to copy `filename_user` string correctly. This breaks su ofc, breaking
some apps like Termux (Play Store ver), ZArchiver and Root Explorer.
This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer)
My speculation? ARMv8.0 has weak speculation :)
here we replace `strncpy_from_user_nofault()` with another routine:
- access_ok() to validate the pointer
- strncpy_from_user() to copy and validate string
- manual null-termination just in case, as strncpy_from_user_nofault also does it
- remove that memset, seems useless as it is an strncpy, not strncat
Kind of mimicking _nofault, but yes with this one we allow pagefaults.
Tested on:
- ARMv8.0 A73.a53, A57.a53, A53.a53
- ARMv8.2 A76.a55
Tested-by: iDead XD <rafifirdaus12bb@gmail.com>
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
- We don't know if KPM can run on arm32-bit devices, so to avoid some problems, add a dependency on 64-bit architectures
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
This is done like how vfs_read_hook, input_hook and execve_hook is disabled.
While this is not exactly the same thing, this CAN achieve the same results.
The complete disabling of all KernelSU hooks.
While this is likely unneeded, It keeps feature parity to non-kprobe builds.
adapted from upstream:
kernel: Allow to re-enable sucompat - tiann/KernelSU@4593ae8
Rejected: tiann/KernelSU#2506
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
