When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
* kernel: Restore the sequence of sulog logs
* sus_su: more precise control of the SUS_SU functionality.
For devices with kernels from 4.9 to 4.14, the SUS_SU functionality
cannot be used due to serious defects in Kprobes. Therefore, the
corresponding SuSFS lacks all code related to the SUS_SU definitions.
---------
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
KernelSU: Some optimization on parsing susfs CMD; Synced with latest commit of official KernelSU: 0390ef5dd73252115e486d3301f9b3234ebf46aa
- Removed redundant ksu_access_ok() check since copy_to_user has dealt with it already on kernel version >= 5.10
- move int error = 0; before the parse of susfs CMD so that we do not need to declare it again and again in each arg2 compare block
- Synced with upstream, see 0390ef5dd7
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
* Due to numerous changes on LSM (Linux Security Module) in Linux 6.8+
* This is temporary guard until a working solution exist.
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
kernel & KernelSU: More Optimization on SUS_MOUNT and AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT; Dropped HAS_MAGIC_MOUNT feature in Kconfig
- In order to stop more performance loss, the changes here is not to monitor any ksu mounts anymore during/after boot-completed stage,
since monitoring the free of mnt_id and reordering the mnt_id takes some CPU cycles already.
- HAS_MAGIC_MOUNT is not needed anymore and catching magic mounts can be simplifed by checking whether
1. It is bind mount
2. Its mnt_devname is "KSU"
3. It is a directory
4. mounted path begins with "/debug_ramdisk/workdir/"
- Some sus bind mounts still cannot be catched with these changes, like revanced youtube module,
since it bind mounts after the user data is decrypted, at this point user may need to manually
add the mounted path to try_umount.
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
- A more aggressive prctl side channel is already implemented by cimb octo app and this is found by backslashxx (https://github.com/backslashxx/)
- The fix is easy same as the one implemented for sus_su by checking the TIF_PROC_UMOUNTED bit in current->thread_info.flags in the very beginning of ksu_handle_prctl()
- Also we need make sure to explicitly check for ksu manager uid in ksu_handle_setuid() before checking for normal user app since ksu maanger app uid is excluded in allow_list_arr which ksu_uid_should_umount(manager_uid) will always return true
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
Brought back the toggle of umount for zygote spawned isolated service; Synced with KernelSU main branch with latest commit 37ef0d27067d3d7e7bf07a80547a1949864789c4
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
Changes:
1. Simplified the flow of mnt_id reorder, now it happens only after all sus mounts are umounted in ksu_handle_setuid()
2. All mounts mounted by ksu process will be flagged as sus mount and allocated with a fake mnt_id/mnt_group_id
during ONLY the post-fs-data and service stage, which means other ksu mounts during/after boot-completed stage
will not be handled by susfs.
3. Renaming:
- susfs_mnt_id_ida => susfs_ksu_mnt_id_ida
- susfs_mnt_group_ida => susfs_ksu_mnt_group_ida
- DEFAULT_SUS_MNT_ID => DEFAULT_KSU_MNT_ID
- DEFAULT_SUS_MNT_GROUP_ID => DEFAULT_KSU_MNT_GROUP_ID
4. Increased the default fake mnt_id to 300000, and default fake mnt_group_id to 3000.
5. Unify susfs_is_current_non_root_user_app_proc() and susfs_is_current_proc_su_not_allowed() as susfs_is_current_proc_umounted()
Unify susfs_set_current_non_root_user_app_proc() and susfs_set_current_proc_su_not_allowed() as susfs_set_current_proc_umounted()
Unify TIF_NON_ROOT_USER_APP_PROC and TIF_PROC_SU_NOT_ALLOWED as TIF_PROC_UMOUNTED
6. Removed unused susfs_is_allow_su()
7. Reworked a custom ksu_handle_setuid() which will be used if CONFIG_KSU_SUSFS is defined
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
reorder ksu_handle_prctl checks a bit to allow non-manager to use CMD 15
this allows us to piggyback a small su to KernelSU's permission system after
disabling kernel sucompat
from:
Relax prctl perm check
- 95125c32f9
Allow prctl only for root or manager or su binary
- fa7af67d94
Refine prctl access check, allow /product/bin/su
- dd466dc1b6
Refine prctl check a little bit more
- e7c5b24efa
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: nampud <nampud@users.noreply.github.com>
