Tracepoint is a predefined hook point in the kernel, compared to Kprobe,
it is more stable and has lower performance overhead, although compatibility
is relatively poor, it is still worth trying
By the way, we have also included the config definitions related to hook types
in Kconfig, to enhance cleanliness
These patches is based on https://github.com/backslashxx/KernelSU/issues/5
Co-authored-by: Cloud_Yun <1770669041@qq.com>
Co-authored-by: Prslc <prslc113@gmail.com>
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
kernel & KernelSU & ksu_susfs: Temp fix for avc log message being leaked by logd and added new toggle for enabling or disabling avc log spoofing
- See full details:
https://android-review.googlesource.com/c/platform/system/logging/+/3725346/2https://github.com/aviraxp/ZN-AuditPatch
- Since spoofing avc log in kernel may make things harder when users trying to debug with some permission issues or selinux issues, so thats why the toggle is created here and this is just a temp fix implemented in kernel side
- usage: ksu_susfs enable_avc_log_spoofing <0|1>
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
- When path is added via add_sus_path_loop, the path will be re-flagged as SUS_PATH on each non-root user app or isolated service starts,
this may address some issues that the added path via add_sus_path getting its inode status reset or inode re-created in kernel for whatever reason.
- Please also note that only path NOT inside /storage/ and /sdcard/ can be added via add_sus_path_loop.
- usage: ksu_susfs add_sus_path_loop </path/that/is/not/inside/sdcard/>
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
1. kernel & KernelSU: More optimization for SUS_SU mode 2 (Experimental)
2. Always flag zygote spawned isolated service as non-root user app process and no su allowed process
3. Change susfs_fake_qstr_name, shorter length
4. KernelSU: SUS_SU: Initiate path with 0 and no memset is needed
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
kernel & KernelSU: Replace kabi member susfs_task_state of tast_struct and use tast_struct->thread_info.flags instead; Fix for sus_path not working on some OEM devices; KSU_SUSFS requires CONFIG_THREAD_INFO_IN_TASK now;
- Since the kabi member is not guaranteed to be unused by OEM, that is why some deivces may conflict with the kabi member added by susfs, we should use less kabi member as much as possible.
- Luckily we have task_struct->thread_info that is enabled by all gki kernels just like kprobes, so we can utilize thread_info->flags for faster check, but it needs CONFIG_THREAD_INFO_IN_TASK to be on which should always be enabled
- Big thanks to fatalcoder524 (https://github.com/fatalcoder524) who did an excellent debug process for me
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
- This simplies the logic in ksu_susfs tool, and it should be more convenient for some ksu manager variants that integrate susfs since they can just pass the char buffer and its size to get the result now, which means they no longer need to update the bit value each time a new susfs features deprecated or added.
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
kernel & KernelSU: Added switch for enabling/disabling umount for zygote spawned isolated service process
- Some modules that overlay sysyem files like framework or other overlay apk may crash when all iso services are umounted by susfs, so a switch is made here for users to switch on/off this funtion at anytime when they need it or want to test it
- By default it is disabled in kernel, run "ksu_susfs umount_for_zygote_iso_service <0|1>" to switch on/off the function in userspace
- Also user can create new file to "/data/adb/susfs_umount_for_zygote_iso_service" to enable it in kernel on each boot
- Alternatively, disable this function and use other modules to handle the umount for iso services until a better solution is found
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
* Since it's interceptable from LSM Hook,
then we just need to remove ksu_handle_devpts and
make a decoy for it.
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
Use strscpy()/strlcpy() to populate the version buffer in CMD_GET_FULL_VERSION
instead of relying on uninitialized memory. This ensures the returned string
is null-terminated and avoids exposing garbage data to user space.
Signed-off-by: schqiushui <orochi9999@gmail.com>
Fixed function definition and restored missing ksu_try_umount calls that were unintentionally removed in previous commits. This includes unmounts for:
- /debug_ramdisk
- /sbin
- /system/etc/hosts
- /apex/com.android.art/bin/dex2oat64
- /apex/com.android.art/bin/dex2oat32
Fixes: b443b11df9 ("kernel: Refactoring the mount point unloading logic")
Fixes: da7632470d ("kernel: 使用 try_umount 替换 ksu_try_umount 以统一卸载逻辑")
Signed-off-by: schqiushui <orochi9999@gmail.com>
* Some people reports about undefined reference to `sys_umount`
* Since ksys_umount exist on Linux 4.17-rc1, then we gonna use that one.
Rev 2: Use correct int instead of long for ksys_umount
Signed-off-by: rsuntk <90097027+rsuntk@users.noreply.github.com>
I am repasting here what I posted on the source code originally:
/*
* turns out path_umount backport is completely unneeded
* we copy the trick used on strncpy_from_unsafe_user / strncpy_from_user_nofault
* https://elixir.bootlin.com/linux/v4.4.302/source/mm/maccess.c#L184
* basically
*
* mm_segment_t old_fs = get_fs(); // remember original fs segment
* set_fs(USER_DS); // or KERNEL_DS *
* do_whatever_in_userspace();
* set_fs(old_fs); // restore fs segment
*
* * kernel -> user, KERNEL_DS, user -> kernel, USER_DS
*
* so yes, we can try to straight up call a syscall from kernel space
*
* NOTE: on newer kernels you can use force_uaccess_begin + force_uaccess_end
* ref: https://elixir.bootlin.com/linux/v5.10.237/source/mm/maccess.c#L250
*
*/
path_umount backport now optional — neat trick, werks, what can I say.
Backports? Nah, we’re good.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
