* The coding format is too messy, reformat to improve readability
and get closer to Linux kernel coding style.
* While at it, update .clang-format file to linux-mainline state.
* path_umount pretty much guaranteed to work as is, so it would not need
much logging.
Unlike sys_umount which is an alternative to path_umount for older kernel, so, sys_umount need constant logging.
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
Tracepoint is a predefined hook point in the kernel, compared to Kprobe,
it is more stable and has lower performance overhead, although compatibility
is relatively poor, it is still worth trying
By the way, we have also included the config definitions related to hook types
in Kconfig, to enhance cleanliness
Improve and merge types that do not require hooks
Introducing the hook type prctl
These patches is based on backslashxx/KernelSU#5
Co-authored-by: Cloud_Yun <1770669041@qq.com>
Co-authored-by: Prslc <prslc113@gmail.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
* Since it's interceptable from LSM Hook,
then we just need to remove ksu_handle_devpts and
make a decoy for it.
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
Use strscpy()/strlcpy() to populate the version buffer in CMD_GET_FULL_VERSION
instead of relying on uninitialized memory. This ensures the returned string
is null-terminated and avoids exposing garbage data to user space.
Signed-off-by: schqiushui <orochi9999@gmail.com>
`ksu handles devpts with selinux lsm hook` - aviraxp
- no, not yet, but yes we can, thats a good idea.
This change tries to do that, so instead of hooking pts_unix98_lookup or
devpts_get_priv, we just watch security_inode_permission, if its devpts,
pass it along to the original handler.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
I am repasting here what I posted on the source code originally:
/*
* turns out path_umount backport is completely unneeded
* we copy the trick used on strncpy_from_unsafe_user / strncpy_from_user_nofault
* https://elixir.bootlin.com/linux/v4.4.302/source/mm/maccess.c#L184
* basically
*
* mm_segment_t old_fs = get_fs(); // remember original fs segment
* set_fs(USER_DS); // or KERNEL_DS *
* do_whatever_in_userspace();
* set_fs(old_fs); // restore fs segment
*
* * kernel -> user, KERNEL_DS, user -> kernel, USER_DS
*
* so yes, we can try to straight up call a syscall from kernel space
*
* NOTE: on newer kernels you can use force_uaccess_begin + force_uaccess_end
* ref: https://elixir.bootlin.com/linux/v5.10.237/source/mm/maccess.c#L250
*
*/
path_umount backport now optional — neat trick, werks, what can I say.
Backports? Nah, we’re good.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
disabling this removes the need for LSM_HOOK_INIT, security_add_hooks and such,.
furthermore, this will also allow easier integration on pre-4.1 kernels.
Expose this and make it a configurable option.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
When the manager is already running, if other programs / kernel toggle
the sucompat enable status,
The manager "Disable SU Compat" toggle button can not work, kmesg print
"cmd enable su but no need to change."
I think we should still return reply_ok when the syscall value is
consistent with the kernel, which would fix the issue.
