afc8b53ca6
* refactor: replace throne tracker with ksud token
* use snprintf
* refactor: new supercall impl
- Import the sukisu command
* disable seccomp for supercall users
* kernel: fmt clear
* kernel: Enable macro protection for sulog
- Only enabled on kernel versions greater than 5.10.245
* kernel: Refactor kprobe hooks and implement LSM hooks for improved security handling
* debug mode
* kernel: Add functionality to generate and validate authentication tokens for cmd_su
* kernel: Simplified manual SU command processing for code
* kernel: replace renameat hook with fsnotify
* Revert "refactor: replace throne tracker with ksud token"
This reverts commit aa2cbbf.
* kernel: fix compile
* kernel: fix compile below 6.0
* Fix compile err; Add become_manager
* kernel: install fd for manager automaticlly
- extend to import the corresponding command
* manager: new supercall impl
* temp changes for ksud
* ksud: fix compile
* fix wrong opcode
* kernel: fix compile
* kernel: Fixed hook type and KPM status retrieval errors
* kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
* ksud: fix cargo check
* manager: Fixed an issue where the KSUD release and user-mode scanning switch failed to function correctly.
- kernel: fix spin lock mutual
kernel: Fixed potential null pointer issue with current->mm in kernel version 5.10
When calling get_full_comm() within system call hooks, current->mm may be null (prctl). A fallback mechanism for current->comm must be added beforehand to prevent null pointer dereferences when accessing mm->arg_start/arg_end.
kernel: try introduce like susfs's method to fix prctl delay
* seccomp: allow reboot
* use u32
* update clang-format
* 4 spaces save the world
* ksud: Fix build on macOS
* manager: bump minimal supported kernel.
- When get_hook_type is empty, display “Unknown”.
* Fix ksud build (#2841)
* try fix ksud
* fix for macos
* remove any
* Fix ksud build, take 3
* try fix allowlist
* bring lsm hook back
* fix: a lot again
* Fix ksud build, take 4 (#2846)
Remove init_driver_fd function for non-linux/android targets
* manager: Return to the native method via KSUd installation
* Merge with susfs-mian format
---------
Signed-off-by: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Co-authored-by: Ylarod <me@ylarod.cn>
Co-authored-by: weishu <twsxtd@gmail.com>
Co-authored-by: AlexLiuDev233 <wzylin11@outlook.com>
Co-authored-by: Wang Han <416810799@qq.com>
234 lines
8.0 KiB
Plaintext
234 lines
8.0 KiB
Plaintext
menu "KernelSU"
|
|
|
|
config KSU
|
|
tristate "KernelSU function support"
|
|
default y
|
|
help
|
|
Enable kernel-level root privileges on Android System.
|
|
To compile as a module, choose M here: the
|
|
module will be called kernelsu.
|
|
|
|
config KSU_DEBUG
|
|
bool "KernelSU debug mode"
|
|
depends on KSU
|
|
default n
|
|
help
|
|
Enable KernelSU debug mode.
|
|
|
|
config KSU_MULTI_MANAGER_SUPPORT
|
|
bool "Multi KernelSU manager support"
|
|
depends on KSU
|
|
default n
|
|
help
|
|
Enable multi KernelSU manager support
|
|
|
|
config KSU_THRONE_TRACKER_LEGACY
|
|
bool "Use legacy throne tracker (packages.list scanning)"
|
|
depends on KSU
|
|
default n
|
|
help
|
|
Use legacy throne tracker that scans packages.list for app UIDs.
|
|
This is kept for Ultra-Legacy Linux 4.4-3.X kernels which are prone to deadlocks.
|
|
Enable this if default scanning deadlocks/crashes on you.
|
|
|
|
config KSU_MANUAL_SU
|
|
bool "Use manual su"
|
|
depends on KSU
|
|
default y
|
|
help
|
|
Use manual su and authorize the corresponding command line and application via prctl
|
|
|
|
config KSU_ALLOWLIST_WORKAROUND
|
|
bool "KernelSU Session Keyring Init workaround"
|
|
depends on KSU
|
|
default n
|
|
help
|
|
Enable session keyring init workaround for problematic devices.
|
|
Useful for situations where the SU allowlist is not kept after a reboot
|
|
|
|
config KSU_CMDLINE
|
|
bool "Enable KernelSU cmdline"
|
|
depends on KSU && KSU != m
|
|
default n
|
|
help
|
|
Enable a cmdline called kernelsu.enabled
|
|
Value 1 means enabled, value 0 means disabled.
|
|
|
|
config KPM
|
|
bool "Enable SukiSU KPM"
|
|
depends on KSU && 64BIT
|
|
select KALLSYMS
|
|
select KALLSYMS_ALL
|
|
default n
|
|
help
|
|
Enabling this option will activate the KPM feature of SukiSU.
|
|
This option is suitable for scenarios where you need to force KPM to be enabled.
|
|
but it may affect system stability.
|
|
|
|
choice
|
|
prompt "KernelSU hook type"
|
|
depends on KSU
|
|
default KSU_KPROBES_HOOK
|
|
help
|
|
Hook type for KernelSU
|
|
|
|
config KSU_KPROBES_HOOK
|
|
bool "Hook KernelSU with Kprobes"
|
|
depends on KPROBES
|
|
help
|
|
If enabled, Hook required KernelSU syscalls with Kernel-probe.
|
|
|
|
config KSU_TRACEPOINT_HOOK
|
|
bool "Hook KernelSU with Tracepoint"
|
|
depends on TRACEPOINTS
|
|
help
|
|
If enabled, Hook required KernelSU syscalls with Tracepoint.
|
|
|
|
config KSU_MANUAL_HOOK
|
|
bool "Hook KernelSU manually"
|
|
depends on KSU != m
|
|
help
|
|
If enabled, Hook required KernelSU syscalls with manually-patched function.
|
|
|
|
endchoice
|
|
|
|
menu "KernelSU - SUSFS"
|
|
config KSU_SUSFS
|
|
bool "KernelSU addon - SUSFS"
|
|
depends on KSU
|
|
depends on THREAD_INFO_IN_TASK
|
|
default y
|
|
help
|
|
Patch and Enable SUSFS to kernel with KernelSU.
|
|
|
|
config KSU_SUSFS_SUS_PATH
|
|
bool "Enable to hide suspicious path (NOT recommended)"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Allow hiding the user-defined path and all its sub-paths from various system calls.
|
|
- tmpfs filesystem is not allowed to be added.
|
|
- Effective only on zygote spawned user app process.
|
|
- Use with cautious as it may cause performance loss and will be vulnerable to side channel attacks,
|
|
just disable this feature if it doesn't work for you or you don't need it at all.
|
|
|
|
config KSU_SUSFS_SUS_MOUNT
|
|
bool "Enable to hide suspicious mounts"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Allow hiding the user-defined mount paths from /proc/self/[mounts|mountinfo|mountstat].
|
|
- Effective on all processes for hiding mount entries.
|
|
- Mounts mounted by process with ksu domain will be forced to be assigned the dev name "KSU".
|
|
- mnt_id and mnt_group_id of the sus mount will be assigned to a much bigger number to solve the issue of id not being contiguous.
|
|
|
|
config KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT
|
|
bool "Enable to hide KSU's default mounts automatically (experimental)"
|
|
depends on KSU_SUSFS_SUS_MOUNT
|
|
default y
|
|
help
|
|
- Automatically add KSU's default mounts to sus_mount.
|
|
- No susfs command is needed in userspace.
|
|
- Only mount operation from process with ksu domain will be checked.
|
|
|
|
config KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT
|
|
bool "Enable to hide suspicious bind mounts automatically (experimental)"
|
|
depends on KSU_SUSFS_SUS_MOUNT
|
|
default y
|
|
help
|
|
- Automatically add binded mounts to sus_mount.
|
|
- No susfs command is needed in userspace.
|
|
- Only mount operation from process with ksu domain will be checked.
|
|
|
|
config KSU_SUSFS_SUS_KSTAT
|
|
bool "Enable to spoof suspicious kstat"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Allow spoofing the kstat of user-defined file/directory.
|
|
- Effective only on zygote spawned user app process.
|
|
|
|
config KSU_SUSFS_TRY_UMOUNT
|
|
bool "Enable to use ksu's try_umount"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Allow using try_umount to umount other user-defined mount paths prior to ksu's default umount paths.
|
|
- Effective on all NO-root-access-granted processes.
|
|
|
|
config KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT
|
|
bool "Enable to add bind mounts to ksu's try_umount automatically (experimental)"
|
|
depends on KSU_SUSFS_TRY_UMOUNT
|
|
default y
|
|
help
|
|
- Automatically add binded mounts to ksu's try_umount.
|
|
- No susfs command is needed in userspace.
|
|
- Only mount operation from process with ksu domain will be checked.
|
|
|
|
config KSU_SUSFS_SPOOF_UNAME
|
|
bool "Enable to spoof uname"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Allow spoofing the string returned by uname syscall to user-defined string.
|
|
- Effective on all processes.
|
|
|
|
config KSU_SUSFS_ENABLE_LOG
|
|
bool "Enable logging susfs log to kernel"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Allow logging susfs log to kernel, uncheck it to completely disable all susfs log.
|
|
|
|
config KSU_SUSFS_HIDE_KSU_SUSFS_SYMBOLS
|
|
bool "Enable to automatically hide ksu and susfs symbols from /proc/kallsyms"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Automatically hide ksu and susfs symbols from '/proc/kallsyms'.
|
|
- Effective on all processes.
|
|
|
|
config KSU_SUSFS_SPOOF_CMDLINE_OR_BOOTCONFIG
|
|
bool "Enable to spoof /proc/bootconfig (gki) or /proc/cmdline (non-gki)"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Spoof the output of /proc/bootconfig (gki) or /proc/cmdline (non-gki) with a user-defined file.
|
|
- Effective on all processes.
|
|
|
|
config KSU_SUSFS_OPEN_REDIRECT
|
|
bool "Enable to redirect a path to be opened with another path (experimental)"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Allow redirecting a target path to be opened with another user-defined path.
|
|
- Effective only on processes with uid < 2000.
|
|
- Please be reminded that process with open access to the target and redirected path can be detected.
|
|
|
|
config KSU_SUSFS_SUS_SU
|
|
bool "Enable SUS-SU in runtime temporarily"
|
|
depends on KSU_SUSFS && KPROBES && HAVE_KPROBES && KPROBE_EVENTS
|
|
default y
|
|
help
|
|
- Allow user to enable or disable core ksu kprobes hooks temporarily in runtime. There are 2 working modes for sus_su.
|
|
- Mode 0 (default): Disable sus_su, and enable ksu kprobe hooks for su instead.
|
|
- Mode 1 (deprecated):
|
|
- Mode 2: Enable sus_su, and disable ksu kprobe hooks for su, which means the kernel inline hooks are enabled,
|
|
the same as the su implementaion of non-gki kernel without kprobe supported.
|
|
- Only apps with root access granted by ksu manager are allowed to get root.
|
|
|
|
config KSU_SUSFS_SUS_MAP
|
|
bool "Enable to hide some mmapped real file from different proc maps interfaces"
|
|
depends on KSU_SUSFS
|
|
default y
|
|
help
|
|
- Allow hiding mmapped real file from /proc/<pid>/[maps|smaps|smaps_rollup|map_files|mem|pagemap]
|
|
- It does NOT support hiding for anon memory.
|
|
- It does NOT hide any inline hooks or plt hooks cause by the injected library itself.
|
|
- It may not be able to evade detections by apps that implement a good injection detection.
|
|
- Effective only on zygote spawned umounted user app process.
|
|
|
|
endmenu
|
|
|
|
endmenu
|