android/SukiSU-Ultra
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
2,938 Commits 11 Branches 15 Tags
c4d8c49e5c88532407d80e0be99ca282b7222af3
Commit Graph

26 Commits

Author SHA1 Message Date
Wang Han
ded31c2043 kernel: Fix task flag marking for root and shell UID 
Signed-off-by: Wang Han <416810799@qq.com>
Co-authored-by: 5ec1cff <56485584+5ec1cff@users.noreply.github.com>
 2025-11-11 16:26:37 +08:00
ShirkNeko
548258f922 kernel: Rewrite the kernel source code (#554) 
* clean unused header

* on_module_mounted in ksud.c

* refact: use app_profile

* unified hook manager

* add zygote to hook target

* move reboot hook to supercall.c

* refactor: kernel_umount setuid_hook

* update mark rules, add init mark tracker

* remove reboot from check_syscall_fastpath

* update setuid_hook, remove uneeded sucompat enable

* log freely

* kernel: Migrate kprobe hook configuration items

* kernel: fix build

* cli: add ksud debug mark

* Fix rustfmt warning

---------

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: Wang Han <416810799@qq.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
 2025-11-09 01:14:26 +08:00
ShirkNeko
4fc369a059 kernel: remove workqueue for allowlist 
Co-authored-by: weishu <twsxtd@gmail.com>
 2025-11-08 19:18:20 +08:00
Ylarod
06018a2f03 revert: still using workqueue for allowlist 2025-11-06 23:05:29 +08:00
Ylarod
fd60cda3b3 fix: mark tif (#2871) 2025-11-06 12:52:52 +08:00
ShirkNeko
5323a500dd kernel: use sys_enter tracepoint for sucompat (#533) 
* use sys_enter tracepoint for sucompat

* update sucompat rules

* clean tif mark

* mark tif after load allow list

* clear all tif first, then mark target

* Fix shell su

* allow when escape

* fix bugs

* kernel: Resolve logical inconsistencies

---------

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: weishu <twsxtd@gmail.com>
 2025-11-06 12:45:37 +08:00
ShirkNeko
c0a86544d8 kernel: Remove macro definitions, pass variables using ccflags -y, and reapply manual su protection. 
kernel: stop printing useless message unless its ddk environment
* In-tree build show empty KDIR

-- KDIR:
-- MDIR: /home/runner/work/KernelSU-Test/KernelSU-Test/kernel_414/KernelSU/kernel
  AR      drivers/iommu/built-in.o
  CC      drivers/input/misc/uinput.o
-- KernelSU version: 12329
-- KernelSU: CONFIG_KSU_MANUAL_HOOK
-- Supported KernelSU Manager(s): tiann, rsuntk, 5ec1cff
  CC      drivers/kernelsu/ksu.o
  AR      drivers/input/joystick/built-in.o
  CC      drivers/hid/hid-roccat-pyra.o

Co-authored-by: Faris <rissu.ntk@gmail.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
 2025-11-05 02:18:38 +08:00
ShirkNeko
46fefc299c kernel: Remove CONFIG_KSU_MANUAL_SU protection 2025-11-04 21:28:39 +08:00
ShirkNeko
23cc0ceff1 Revert "ci: bump ddk to 20251104, fix android16-6.12 lkm" 
This reverts commit 257f0ca6de.
 2025-11-04 21:08:24 +08:00
ShirkNeko
257f0ca6de ci: bump ddk to 20251104, fix android16-6.12 lkm 
-kernel: Using macros to control manual su operations

Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
 2025-11-04 19:44:43 +08:00
ShirkNeko
78e0dc6da2 kernel: Add CONFIG_KSU_MANUAL_SU configuration 
- Use random passphrase protection for manual su functionality
 2025-09-30 23:29:29 +08:00
ShirkNeko
a9a10466b3 Kernel: Enhanced temporary record UID functionality and elevated privileges 2025-09-30 23:27:02 +08:00
weishu
efbc07fde3 kernel: use library import 2024-04-27 09:55:24 +08:00
weishu
b1830049f1 kernel: prune allowlist with package name and uid 2023-10-12 15:44:43 +08:00
Juhyung Park
bd8434f4f4 Hook improvements (take 2) (#563) 
Hi @tiann.

Thanks for the great project, I had great fun playing around with it.

This PR mainly tries to further minimize the possible delays caused by
KernelSU hooking.

There are 3 major changes:
- Processes with 0 < UID < 2000 are blocked straight-up before going
through the allow_list.
I don't see any need for such processes to be interested in root, and
this allows returning early before going through a more expensive
lookup.
If there's an expected breakage due to this change, I'll remove it. Let
me know.
- A page-sized (4K) bitmap is added.
This allows O(1) lookup for UID <= 32767.
This speeds up `ksu_is_allow_uid()` by about 4.8x by sacrificing a 4K
memory. IMHO, a good trade-off.
Most notably, this reduces the 99.999% result previously from worrying
milliseconds scale to microseconds scale.
For UID > 32767, another page-sized (4K) sequential array is used to
cache allow_list.

Compared to the previous PR #557, this new approach gives another nice
25% performance boost in average, 63-96% boost in worst cases.

Benchmark results are available at
https://docs.google.com/spreadsheets/d/1w_tO1zRLPNMFRer49pL1TQfL6ndEhilRrDU1XFIcWXY/edit?usp=sharing

Thanks!

---------

Signed-off-by: Juhyung Park <qkrwngud825@gmail.com>
 2023-06-16 19:53:15 +08:00
weishu
076e5d3655 kernel: make the profile uid, gid, capabilities really work 2023-06-04 17:29:12 +08:00
weishu
fc77ca989f kernel: use uid instead of package to compare allowlist, fix #580 2023-06-04 09:18:39 +08:00
weishu
b31fc47197 kernel: support CMD_IS_UID_GRANTED_ROOT and CMD_IS_UID_SHOULD_UMOUNT 2023-06-03 22:44:01 +08:00
weishu
3abb7e4ca2 kernel: baby version of profile 2023-06-03 00:01:00 +08:00
Ylarod
22b66b6672 kernel: opt allowlist persist and log (#119) 
* kernel: persist on need

* kernel: opt log for ksu_allow_uid
 2023-01-26 08:55:27 +08:00
Ylarod
2f970f7ab8 kernel: refact (#113) 
* refact

* sort inlude

* update

* unregister execve kprobe

* update log

* don't unregister if not in kprobe

* opt for no kprobe

* opt for no kprobe

* stop debug

* don't forget to call ksu_uid_observer_exit

* rename core to core_hook

* direct call do_persistent_allow_list

* add prefix

* use getter, add warn

* add wrapper

* run clang-format

clang-format --style="{BasedOnStyle: InheritParentConfig, SortIncludes: true}" -i kernel/**/*.[ch]

* try fix wsa x64 build
 2023-01-25 21:53:19 +08:00
weishu
ab36e1fa0c kernel: add uid observer, correctly prune uid allowlist when app is installed/uninstalled. 2023-01-17 12:44:38 +07:00
Ylarod
848712e417 kernel: fix warning (#37) 2023-01-11 05:22:58 +08:00
weishu
b427c86ab3 misc: code format(use kernel code stype: https://www.kernel.org/doc/html/v6.1/process/coding-style.html 2022-12-27 18:21:10 +07:00
weishu
91f3b3ef1c kernel: load_allow_list when /data prepared 2022-12-15 16:06:07 +07:00
tiann
51c84400cf Init 2022-12-09 22:04:40 +08:00