* Revert "feat: try manual reboot hook (#521)"
This reverts commit 1853d9decf.
* kernel: core_hook: provide a better reboot handler
I propose that you pass cmd and arg as reference.
this is so we can have much more extendable use of that pointer
kernel: core_hook: provide sys_reboot handler
- 2e2727d56c
kernel: kp_ksud: add sys_reboot kp hook
- 03285886b0
I'm proposing passing arg as reference to arg pointer and also pass int cmd
we can use it to pass numbers atleast.
for advanced usage, we can use it as a delimiter so we can pass a pointer to array.
example pass a char *array[] which decays to a char ** and then use cmd as the number of array members.
we can pass the pointer of the first member of the array and use cmd as the delimiter (count) of members.
for simpler usecase, heres some that I added.
kernel: core_hook: expose umount list on sys_reboot interface
- 352de41e4b
kernel: core_hook: expose nuke_ext4_sysfs to sys_reboot interface
- 83fc684ccb
ksud: add cmd for add-try-umount, wipe-umount-list and nuke-ext4-sysfs
- a4eab4b8c3
more usage demos
https://github.com/backslashxx/lkm_template/tree/write-pointer-on-pointerhttps://github.com/backslashxx/lkm_template/tree/pointer-reuse
I actually proposed sys_reboot upstream because of this pointer that is very usable.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
---------
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
* kernel: Use NR_syscalls instead of SECCOMP_ARCH_NATIVE_NR
Old kernels don't has SECCOMP_ARCH_NATIVE_NR. But according to its definition,
it's equal to NR_syscalls. So use NR_syscalls instead.
* kernel: Fix wrong kernel version check
fsnotify_add_inode_mark was introduced in 4.17-rc5, not 4.12
* Pre Linux 5.9, handle_inode_event did not exist. This is was covered by handle_event.
* handle_event have a lot of changes, neither in arguments counts and arguments arrangements.
* Use fsnotify_add_mark_locked instead of fsnotify_add_inode_mark for kernel pre 4.12
NOTE: fsnotify_add_mark_locked is not tested! Report bugs if you found it!
Signed-off-by: Faris <rissu.ntk@gmail.com>
* refactor: replace throne tracker with ksud token
* use snprintf
* refactor: new supercall impl
- Import the sukisu command
* disable seccomp for supercall users
* kernel: fmt clear
* kernel: Enable macro protection for sulog
- Only enabled on kernel versions greater than 5.10.245
* kernel: Refactor kprobe hooks and implement LSM hooks for improved security handling
* debug mode
* kernel: Add functionality to generate and validate authentication tokens for cmd_su
* kernel: Simplified manual SU command processing for code
* kernel: replace renameat hook with fsnotify
* Revert "refactor: replace throne tracker with ksud token"
This reverts commit aa2cbbf.
* kernel: fix compile
* kernel: fix compile below 6.0
* Fix compile err; Add become_manager
* kernel: install fd for manager automaticlly
- extend to import the corresponding command
* manager: new supercall impl
* temp changes for ksud
* ksud: fix compile
* fix wrong opcode
* kernel: fix compile
* kernel: Fixed hook type and KPM status retrieval errors
* kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
* ksud: fix cargo check
* manager: Fixed an issue where the KSUD release and user-mode scanning switch failed to function correctly.
- kernel: fix spin lock mutual
kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
kernel: try introduce like susfs's method to fix prctl delay
* seccomp: allow reboot
* use u32
* update clang-format
* 4 spaces save the world
* ksud: Fix build on macOS
* manager: bump minimal supported kernel.
- When get_hook_type is empty, display “Unknown”.
* Fix ksud build (#2841)
* try fix ksud
* fix for macos
* remove any
* Fix ksud build, take 3
* try fix allowlist
* bring lsm hook back
* fix: a lot again
* Fix ksud build, take 4 (#2846)
Remove init_driver_fd function for non-linux/android targets
* manager: Return to the native method via KSUd installation
* Merge with susfs-mian format
---------
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: AlexLiuDev233 <wzylin11@outlook.com>
Co-authored-by: Wang Han <416810799@qq.com>
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
* kernel: Restore the sequence of sulog logs
* sus_su: more precise control of the SUS_SU functionality.
For devices with kernels from 4.9 to 4.14, the SUS_SU functionality
cannot be used due to serious defects in Kprobes. Therefore, the
corresponding SuSFS lacks all code related to the SUS_SU definitions.
---------
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
KernelSU: Some optimization on parsing susfs CMD; Synced with latest commit of official KernelSU: 0390ef5dd73252115e486d3301f9b3234ebf46aa
- Removed redundant ksu_access_ok() check since copy_to_user has dealt with it already on kernel version >= 5.10
- move int error = 0; before the parse of susfs CMD so that we do not need to declare it again and again in each arg2 compare block
- Synced with upstream, see 0390ef5dd7
Co-authored-by: simonpunk <simonpunk2016@gmail.com>
* Due to numerous changes on LSM (Linux Security Module) in Linux 6.8+
* This is temporary guard until a working solution exist.
Signed-off-by: rsuntk <rsuntk@yukiprjkt.my.id>
