dd1eb98963
On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes
fails to copy `filename_user` string correctly. This breaks su ofc, breaking
some apps like Termux (Play Store ver), ZArchiver and Root Explorer.
Apply the susfs patch
This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer)
My speculation? ARMv8.0 has weak speculation :)
here we replace `ksu_strncpy_from_user_nofault` with ksu_strncpy_from_user_retry:
- ksu_strncpy_from_user_nofault as fast-path copy
- fallback to access_ok to validate the pointer + strncpy_from_user
- manual null-termination just in case, as strncpy_from_user_nofault also does it
- remove that memset, seems useless as it is an strncpy, not strncat
basically, we retry on pagefualt
for usercopies, its not like were doing
memset(dest, 0, sizeof(dest));
strncat(dest, var, bytes);
that memset seems unneeded. instead we use strncpy itself to do proper
error and oob check and null term it after.
as for optimizations
- just return early if unauthorized
- commonized logic
- reduced duplication
Tested on:
- ARMv8.0 A73.a53, A57.a53, A53.a53
- ARMv8.2 A76.a55
Stale: tiann #2656
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Co-authored-by: rsuntk <rsuntk@yukiprjkt.my.id>
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
83 lines
2.6 KiB
C
83 lines
2.6 KiB
C
#ifndef __KSU_H_KERNEL_COMPAT
|
|
#define __KSU_H_KERNEL_COMPAT
|
|
|
|
#include <linux/fs.h>
|
|
#include <linux/version.h>
|
|
#include <linux/cred.h>
|
|
#include "ss/policydb.h"
|
|
#include "linux/key.h"
|
|
|
|
/**
|
|
* list_count_nodes - count the number of nodes in a list
|
|
* @head: the head of the list
|
|
*
|
|
* This function iterates over the list starting from @head and counts
|
|
* the number of nodes in the list. It does not modify the list.
|
|
*
|
|
* Context: Any context. The function is safe to call in any context,
|
|
* including interrupt context, as it does not sleep or allocate
|
|
* memory.
|
|
*
|
|
* Return: the number of nodes in the list (excluding the head)
|
|
*/
|
|
#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 6, 0)
|
|
static inline __maybe_unused size_t list_count_nodes(const struct list_head *head)
|
|
{
|
|
const struct list_head *pos;
|
|
size_t count = 0;
|
|
|
|
if (!head)
|
|
return 0;
|
|
|
|
list_for_each(pos, head)
|
|
count++;
|
|
|
|
return count;
|
|
}
|
|
#endif
|
|
|
|
/*
|
|
* Adapt to Huawei HISI kernel without affecting other kernels ,
|
|
* Huawei Hisi Kernel EBITMAP Enable or Disable Flag ,
|
|
* From ss/ebitmap.h
|
|
*/
|
|
#if (LINUX_VERSION_CODE >= KERNEL_VERSION(4, 9, 0)) && \
|
|
(LINUX_VERSION_CODE < KERNEL_VERSION(4, 10, 0)) || \
|
|
(LINUX_VERSION_CODE >= KERNEL_VERSION(4, 14, 0)) && \
|
|
(LINUX_VERSION_CODE < KERNEL_VERSION(4, 15, 0))
|
|
#ifdef HISI_SELINUX_EBITMAP_RO
|
|
#define CONFIG_IS_HW_HISI
|
|
#endif
|
|
#endif
|
|
|
|
// Checks for UH, KDP and RKP
|
|
#ifdef SAMSUNG_UH_DRIVER_EXIST
|
|
#if defined(CONFIG_UH) || defined(CONFIG_KDP) || defined(CONFIG_RKP)
|
|
#error "CONFIG_UH, CONFIG_KDP and CONFIG_RKP is enabled! Please disable or remove it before compile a kernel with KernelSU!"
|
|
#endif
|
|
#endif
|
|
|
|
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 10, 0) || \
|
|
defined(CONFIG_IS_HW_HISI) || \
|
|
defined(CONFIG_KSU_ALLOWLIST_WORKAROUND)
|
|
extern struct key *init_session_keyring;
|
|
#endif
|
|
|
|
extern void ksu_android_ns_fs_check(void);
|
|
extern struct file *ksu_filp_open_compat(const char *filename, int flags,
|
|
umode_t mode);
|
|
extern ssize_t ksu_kernel_read_compat(struct file *p, void *buf, size_t count,
|
|
loff_t *pos);
|
|
extern ssize_t ksu_kernel_write_compat(struct file *p, const void *buf,
|
|
size_t count, loff_t *pos);
|
|
extern long ksu_copy_from_user_nofault(void *dst, const void __user *src, size_t size);
|
|
extern long ksu_copy_from_user_retry(void *to, const void __user *from, unsigned long count);
|
|
|
|
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 0, 0)
|
|
#define ksu_access_ok(addr, size) access_ok(addr, size)
|
|
#else
|
|
#define ksu_access_ok(addr, size) access_ok(VERIFY_READ, addr, size)
|
|
#endif
|
|
|
|
#endif
|