* use sys_enter tracepoint for sucompat
* update sucompat rules
* clean tif mark
* mark tif after load allow list
* clear all tif first, then mark target
* Fix shell su
* allow when escape
* fix bugs
* kernel: Resolve logical inconsistencies
---------
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: weishu <twsxtd@gmail.com>
* Revert "feat: try manual reboot hook (#521)"
This reverts commit 1853d9decf.
* kernel: core_hook: provide a better reboot handler
I propose that you pass cmd and arg as reference.
this is so we can have much more extendable use of that pointer
kernel: core_hook: provide sys_reboot handler
- 2e2727d56c
kernel: kp_ksud: add sys_reboot kp hook
- 03285886b0
I'm proposing passing arg as reference to arg pointer and also pass int cmd
we can use it to pass numbers atleast.
for advanced usage, we can use it as a delimiter so we can pass a pointer to array.
example pass a char *array[] which decays to a char ** and then use cmd as the number of array members.
we can pass the pointer of the first member of the array and use cmd as the delimiter (count) of members.
for simpler usecase, heres some that I added.
kernel: core_hook: expose umount list on sys_reboot interface
- 352de41e4b
kernel: core_hook: expose nuke_ext4_sysfs to sys_reboot interface
- 83fc684ccb
ksud: add cmd for add-try-umount, wipe-umount-list and nuke-ext4-sysfs
- a4eab4b8c3
more usage demos
https://github.com/backslashxx/lkm_template/tree/write-pointer-on-pointerhttps://github.com/backslashxx/lkm_template/tree/pointer-reuse
I actually proposed sys_reboot upstream because of this pointer that is very usable.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
---------
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
* refactor: replace throne tracker with ksud token
* use snprintf
* refactor: new supercall impl
- Import the sukisu command
* disable seccomp for supercall users
* kernel: fmt clear
* kernel: Enable macro protection for sulog
- Only enabled on kernel versions greater than 5.10.245
* kernel: Refactor kprobe hooks and implement LSM hooks for improved security handling
* debug mode
* kernel: Add functionality to generate and validate authentication tokens for cmd_su
* kernel: Simplified manual SU command processing for code
* kernel: replace renameat hook with fsnotify
* Revert "refactor: replace throne tracker with ksud token"
This reverts commit aa2cbbf9cd.
* kernel: fix compile
* kernel: fix compile below 6.0
* Fix compile err; Add become_manager
* kernel: install fd for manager automaticlly
- extend to import the corresponding command
* manager: new supercall impl
* temp changes for ksud
* ksud: fix compile
* fix wrong opcode
* kernel: fix compile
* kernel: Fixed hook type and KPM status retrieval errors
* kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
* ksud: fix cargo check
* manager: Fixed an issue where the KSUD release and user-mode scanning switch failed to function correctly.
- kernel: fix spin lock mutual
kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
kernel: try introduce like susfs's method to fix prctl delay
* seccomp: allow reboot
* use u32
* update clang-format
* 4 spaces save the world
* ksud: Fix build on macOS
* manager: bump minimal supported kernel.
- When get_hook_type is empty, display “Unknown”.
* Fix ksud build (#2841)
* try fix ksud
* fix for macos
* remove any
* Fix ksud build, take 3
* try fix allowlist
* bring lsm hook back
* fix: a lot again
* Fix ksud build, take 4 (#2846)
Remove init_driver_fd function for non-linux/android targets
* manager: Return to the native method via KSUd installation
* Merge with susfs-mian format
---------
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: AlexLiuDev233 <wzylin11@outlook.com>
Co-authored-by: Wang Han <416810799@qq.com>
Wrap manual SU escalation handling in CONFIG_KSU_MANUAL_SU
conditional compilation to allow builds without this functionality.
This affects:
- CMD_SU_ESCALATION_REQUEST
- CMD_ADD_PENDING_ROOT
When CONFIG_KSU_MANUAL_SU is disabled, these prctl commands
will not be compiled into the kernel.
detection is done by comparing a 0xDEADBEEF call to a non-0xDEADBEEF one.
which yeah, you will see that the non-0xDEADBEEF one returns early.
yes I know this causes delays for all prctl calls, as we straight up check uid,
but this keeps the delay consistent, which is what we want.
another is that we only should only perform this recrowning logic for multiuser
- temp fix for cimb octo's prctl abuse
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
