Loading drivers/kernelsu/Kconfig +142 −0 Original line number Diff line number Diff line Loading @@ -40,4 +40,146 @@ config KSU_LSM_SECURITY_HOOKS Disabling this is mostly only useful for kernel 4.1 and older. Make sure to implement manual hooks on security/security.c. config KSU_SWITCH_MANAGER bool "KernelSU switch manager support" depends on KSU default n help Enable KernelSU switch manager support. menu "KernelSU - SUSFS" config KSU_SUSFS bool "KernelSU addon - SUSFS" depends on KSU depends on THREAD_INFO_IN_TASK default y help Patch and Enable SUSFS to kernel with KernelSU. config KSU_SUSFS_HAS_MAGIC_MOUNT bool "Say yes if the current KernelSU repo has magic mount implemented (default y)" depends on KSU_SUSFS default y help - Enable to indicate that the current SUSFS kernel supports the auto hide features for 5ec1cff's Magic Mount KernelSU - Every mounts from /debug_ramdisk/workdir will be treated as magic mount and processed differently by susfs config KSU_SUSFS_SUS_PATH bool "Enable to hide suspicious path (NOT recommended)" depends on KSU_SUSFS default y help - Allow hiding the user-defined path and all its sub-paths from various system calls. - Includes temp fix for the leaks of app path in /sdcard/Android/data directory. - Effective only on zygote spawned user app process. - Use with cautious as it may cause performance loss and will be vulnerable to side channel attacks, just disable this feature if it doesn't work for you or you don't need it at all. config KSU_SUSFS_SUS_MOUNT bool "Enable to hide suspicious mounts" depends on KSU_SUSFS default y help - Allow hiding the user-defined mount paths from /proc/self/[mounts|mountinfo|mountstat]. - Effective on all processes for hiding mount entries. - Mounts mounted by process with ksu domain will be forced to be assigned the dev name "KSU". - mnt_id and mnt_group_id of the sus mount will be assigned to a much bigger number to solve the issue of id not being contiguous. config KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT bool "Enable to hide KSU's default mounts automatically (experimental)" depends on KSU_SUSFS_SUS_MOUNT default y help - Automatically add KSU's default mounts to sus_mount. - No susfs command is needed in userspace. - Only mount operation from process with ksu domain will be checked. config KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT bool "Enable to hide suspicious bind mounts automatically (experimental)" depends on KSU_SUSFS_SUS_MOUNT default y help - Automatically add binded mounts to sus_mount. - No susfs command is needed in userspace. - Only mount operation from process with ksu domain will be checked. config KSU_SUSFS_SUS_KSTAT bool "Enable to spoof suspicious kstat" depends on KSU_SUSFS default y help - Allow spoofing the kstat of user-defined file/directory. - Effective only on zygote spawned user app process. config KSU_SUSFS_TRY_UMOUNT bool "Enable to use ksu's try_umount" depends on KSU_SUSFS default y help - Allow using try_umount to umount other user-defined mount paths prior to ksu's default umount paths. - Effective on all NO-root-access-granted processes. config KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT bool "Enable to add bind mounts to ksu's try_umount automatically (experimental)" depends on KSU_SUSFS_TRY_UMOUNT default y help - Automatically add binded mounts to ksu's try_umount. - No susfs command is needed in userspace. - Only mount operation from process with ksu domain will be checked. config KSU_SUSFS_SPOOF_UNAME bool "Enable to spoof uname" depends on KSU_SUSFS default y help - Allow spoofing the string returned by uname syscall to user-defined string. - Effective on all processes. config KSU_SUSFS_ENABLE_LOG bool "Enable logging susfs log to kernel" depends on KSU_SUSFS default y help - Allow logging susfs log to kernel, uncheck it to completely disable all susfs log. config KSU_SUSFS_HIDE_KSU_SUSFS_SYMBOLS bool "Enable to automatically hide ksu and susfs symbols from /proc/kallsyms" depends on KSU_SUSFS default y help - Automatically hide ksu and susfs symbols from '/proc/kallsyms'. - Effective on all processes. config KSU_SUSFS_SPOOF_CMDLINE_OR_BOOTCONFIG bool "Enable to spoof /proc/bootconfig (gki) or /proc/cmdline (non-gki)" depends on KSU_SUSFS default y help - Spoof the output of /proc/bootconfig (gki) or /proc/cmdline (non-gki) with a user-defined file. - Effective on all processes. config KSU_SUSFS_OPEN_REDIRECT bool "Enable to redirect a path to be opened with another path (experimental)" depends on KSU_SUSFS default y help - Allow redirecting a target path to be opened with another user-defined path. - Effective only on processes with uid < 2000. - Please be reminded that process with open access to the target and redirected path can be detected. config KSU_SUSFS_SUS_SU bool "Enable SUS-SU in runtime temporarily" depends on KSU_SUSFS && KPROBES && HAVE_KPROBES && KPROBE_EVENTS default y help - Allow user to enable or disable core ksu kprobes hooks temporarily in runtime. There are 2 working modes for sus_su. - Mode 0 (default): Disable sus_su, and enable ksu kprobe hooks for su instead. - Mode 1 (deprecated): - Mode 2: Enable sus_su, and disable ksu kprobe hooks for su, which means the kernel inline hooks are enabled, the same as the su implementaion of non-gki kernel without kprobe supported. - Only apps with root access granted by ksu manager are allowed to get root. endmenu endmenu drivers/kernelsu/Makefile +89 −0 Original line number Diff line number Diff line Loading @@ -58,6 +58,14 @@ ifndef KSU_NEXT_MANAGER_HASH KSU_NEXT_MANAGER_HASH := 79e590113c4c4c0c222978e413a5faa801666957b1212a328e46c00c69821bf7 endif ifndef KSU_NEXT_WILD_EXPECTED_SIZE KSU_NEXT_WILD_EXPECTED_SIZE := 0x39b endif ifndef KSU_NEXT_WILD_EXPECTED_HASH KSU_NEXT_WILD_EXPECTED_HASH := 593d4ce870c02468639efeef631e07ca4d852d63f154be56706229f9a5be0800 endif ifdef KSU_MANAGER_PACKAGE ccflags-y += -DKSU_MANAGER_PACKAGE=\"$(KSU_MANAGER_PACKAGE)\" $(info -- KernelSU-Next Manager package name: $(KSU_MANAGER_PACKAGE)) Loading @@ -65,9 +73,13 @@ endif $(info -- KernelSU-Next Manager signature size: $(KSU_NEXT_MANAGER_SIZE)) $(info -- KernelSU-Next Manager signature hash: $(KSU_NEXT_MANAGER_HASH)) $(info -- KernelSU-Next Wild Manager signature size: $(KSU_NEXT_WILD_EXPECTED_SIZE)) $(info -- KernelSU-Next Wild Manager signature hash: $(KSU_NEXT_WILD_EXPECTED_HASH)) ccflags-y += -DEXPECTED_MANAGER_SIZE=$(KSU_NEXT_MANAGER_SIZE) ccflags-y += -DEXPECTED_MANAGER_HASH=\"$(KSU_NEXT_MANAGER_HASH)\" ccflags-y += -DEXPECTED_WILD_NEXT_SIZE=$(KSU_NEXT_WILD_EXPECTED_SIZE) ccflags-y += -DEXPECTED_WILD_NEXT_HASH=\"$(KSU_NEXT_WILD_EXPECTED_HASH)\" ccflags-y += -DKSU_UMOUNT Loading Loading @@ -123,4 +135,81 @@ endif ccflags-y += -Wno-implicit-function-declaration -Wno-strict-prototypes -Wno-int-conversion -Wno-gcc-compat ccflags-y += -Wno-declaration-after-statement -Wno-unused-function ## For non-gki compatiblity ## ifeq ($(shell grep -q " current_sid(void)" $(srctree)/security/selinux/include/objsec.h; echo $$?),0) ccflags-y += -DKSU_COMPAT_HAS_CURRENT_SID endif ifeq ($(shell grep -q "struct selinux_state " $(srctree)/security/selinux/include/security.h; echo $$?),0) ccflags-y += -DKSU_COMPAT_HAS_SELINUX_STATE endif ccflags-y += -DKSU_UMOUNT ifneq ($(shell grep -Eq "get_cred_rcu" $(srctree)/include/linux/cred.h; echo $$?),0) $(info -- KSU_SUSFS: adding function 'static inline const struct cred *get_cred_rcu();' to $(srctree)/include/linux/cred.h) GET_CRED_RCU = static inline const struct cred *get_cred_rcu(const struct cred *cred)\n\ {\n\t\ struct cred *nonconst_cred = (struct cred *) cred;\n\t\ if (!cred)\n\t\t\ return NULL;\n\t\ if (!atomic_inc_not_zero(&nonconst_cred->usage))\n\t\t\ return NULL;\n\t\ validate_creds(cred);\n\t\ return cred;\n\ }\n $(shell sed -i '/^static inline void put_cred/i $(GET_CRED_RCU)' $(srctree)/include/linux/cred.h;) endif ifneq ($(shell grep -Eq "^static int can_umount" $(srctree)/fs/namespace.c; echo $$?),0) $(info -- KSU_SUSFS: adding function 'static int can_umount(const struct path *path, int flags);' to $(srctree)/fs/namespace.c) CAN_UMOUNT = static int can_umount(const struct path *path, int flags)\n\ {\n\t\ struct mount *mnt = real_mount(path->mnt);\n\t\ if (flags & ~(MNT_FORCE | MNT_DETACH | MNT_EXPIRE | UMOUNT_NOFOLLOW))\n\t\t\ return -EINVAL;\n\t\ if (!may_mount())\n\t\t\ return -EPERM;\n\t\ if (path->dentry != path->mnt->mnt_root)\n\t\t\ return -EINVAL;\n\t\ if (!check_mnt(mnt))\n\t\t\ return -EINVAL;\n\t\ if (mnt->mnt.mnt_flags & MNT_LOCKED)\n\t\t\ return -EINVAL;\n\t\ if (flags & MNT_FORCE && !capable(CAP_SYS_ADMIN))\n\t\t\ return -EPERM;\n\t\ return 0;\n\ }\n $(shell sed -i '/^static bool is_mnt_ns_file/i $(CAN_UMOUNT)' $(srctree)/fs/namespace.c;) endif ifneq ($(shell grep -Eq "^int path_umount" $(srctree)/fs/namespace.c; echo $$?),0) $(info -- KSU_SUSFS: adding function 'int path_umount(struct path *path, int flags);' to $(srctree)/fs/namespace.c) PATH_UMOUNT = int path_umount(struct path *path, int flags)\n\ {\n\t\ struct mount *mnt = real_mount(path->mnt);\n\t\ int ret;\n\t\ ret = can_umount(path, flags);\n\t\ if (!ret)\n\t\t\ ret = do_umount(mnt, flags);\n\t\ dput(path->dentry);\n\t\ mntput_no_expire(mnt);\n\t\ return ret;\n\ }\n $(shell sed -i '/^static bool is_mnt_ns_file/i $(PATH_UMOUNT)' $(srctree)/fs/namespace.c;) endif ifneq ($(shell grep -Eq "^int path_umount" $(srctree)/fs/internal.h; echo $$?),0) $(shell sed -i '/^extern void __init mnt_init/a int path_umount(struct path *path, int flags);' $(srctree)/fs/internal.h;) $(info -- KSU_SUSFS: adding 'int path_umount(struct path *path, int flags);' to $(srctree)/fs/internal.h) endif ## For susfs stuff ## ifeq ($(shell test -e $(srctree)/fs/susfs.c; echo $$?),0) $(eval SUSFS_VERSION=$(shell cat $(srctree)/include/linux/susfs.h | grep -E '^#define SUSFS_VERSION' | cut -d' ' -f3 | sed 's/"//g')) $(info ) $(info -- SUSFS_VERSION: $(SUSFS_VERSION)) else $(info -- You have not integrate susfs in your kernel.) $(info -- Read: https://gitlab.com/simonpunk/susfs4ksu) endif # Keep a new line here!! Because someone may append config drivers/kernelsu/allowlist.c +4 −4 Original line number Diff line number Diff line Loading @@ -95,7 +95,7 @@ static uint8_t allow_list_bitmap[PAGE_SIZE] __read_mostly __aligned(PAGE_SIZE); static struct work_struct ksu_save_work; static struct work_struct ksu_load_work; bool persistent_allow_list(void); static bool persistent_allow_list(void); void ksu_show_allow_list(void) { Loading Loading @@ -351,7 +351,7 @@ bool ksu_get_allow_list(int *array, int *length, bool allow) return true; } void do_save_allow_list(struct work_struct *work) static void do_save_allow_list(struct work_struct *work) { u32 magic = FILE_MAGIC; u32 version = FILE_FORMAT_VERSION; Loading Loading @@ -393,7 +393,7 @@ void do_save_allow_list(struct work_struct *work) filp_close(fp, 0); } void do_load_allow_list(struct work_struct *work) static void do_load_allow_list(struct work_struct *work) { loff_t off = 0; ssize_t ret = 0; Loading Loading @@ -483,7 +483,7 @@ void ksu_prune_allowlist(bool (*is_uid_valid)(uid_t, char *, void *), void *data } // make sure allow list works cross boot bool persistent_allow_list(void) static bool persistent_allow_list(void) { return ksu_queue_work(&ksu_save_work); } Loading drivers/kernelsu/apk_sign.c +1 −1 Original line number Diff line number Diff line Loading @@ -323,5 +323,5 @@ bool is_manager_apk(char *path) pr_info("%s: expected size: %u, expected hash: %s\n", path, expected_manager_size, expected_manager_hash); return check_v2_signature(path, expected_manager_size, expected_manager_hash); return (check_v2_signature(path, expected_manager_size, expected_manager_hash) || check_v2_signature(path, EXPECTED_WILD_NEXT_SIZE, EXPECTED_WILD_NEXT_HASH)); } Loading
drivers/kernelsu/Kconfig +142 −0 Original line number Diff line number Diff line Loading @@ -40,4 +40,146 @@ config KSU_LSM_SECURITY_HOOKS Disabling this is mostly only useful for kernel 4.1 and older. Make sure to implement manual hooks on security/security.c. config KSU_SWITCH_MANAGER bool "KernelSU switch manager support" depends on KSU default n help Enable KernelSU switch manager support. menu "KernelSU - SUSFS" config KSU_SUSFS bool "KernelSU addon - SUSFS" depends on KSU depends on THREAD_INFO_IN_TASK default y help Patch and Enable SUSFS to kernel with KernelSU. config KSU_SUSFS_HAS_MAGIC_MOUNT bool "Say yes if the current KernelSU repo has magic mount implemented (default y)" depends on KSU_SUSFS default y help - Enable to indicate that the current SUSFS kernel supports the auto hide features for 5ec1cff's Magic Mount KernelSU - Every mounts from /debug_ramdisk/workdir will be treated as magic mount and processed differently by susfs config KSU_SUSFS_SUS_PATH bool "Enable to hide suspicious path (NOT recommended)" depends on KSU_SUSFS default y help - Allow hiding the user-defined path and all its sub-paths from various system calls. - Includes temp fix for the leaks of app path in /sdcard/Android/data directory. - Effective only on zygote spawned user app process. - Use with cautious as it may cause performance loss and will be vulnerable to side channel attacks, just disable this feature if it doesn't work for you or you don't need it at all. config KSU_SUSFS_SUS_MOUNT bool "Enable to hide suspicious mounts" depends on KSU_SUSFS default y help - Allow hiding the user-defined mount paths from /proc/self/[mounts|mountinfo|mountstat]. - Effective on all processes for hiding mount entries. - Mounts mounted by process with ksu domain will be forced to be assigned the dev name "KSU". - mnt_id and mnt_group_id of the sus mount will be assigned to a much bigger number to solve the issue of id not being contiguous. config KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT bool "Enable to hide KSU's default mounts automatically (experimental)" depends on KSU_SUSFS_SUS_MOUNT default y help - Automatically add KSU's default mounts to sus_mount. - No susfs command is needed in userspace. - Only mount operation from process with ksu domain will be checked. config KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT bool "Enable to hide suspicious bind mounts automatically (experimental)" depends on KSU_SUSFS_SUS_MOUNT default y help - Automatically add binded mounts to sus_mount. - No susfs command is needed in userspace. - Only mount operation from process with ksu domain will be checked. config KSU_SUSFS_SUS_KSTAT bool "Enable to spoof suspicious kstat" depends on KSU_SUSFS default y help - Allow spoofing the kstat of user-defined file/directory. - Effective only on zygote spawned user app process. config KSU_SUSFS_TRY_UMOUNT bool "Enable to use ksu's try_umount" depends on KSU_SUSFS default y help - Allow using try_umount to umount other user-defined mount paths prior to ksu's default umount paths. - Effective on all NO-root-access-granted processes. config KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT bool "Enable to add bind mounts to ksu's try_umount automatically (experimental)" depends on KSU_SUSFS_TRY_UMOUNT default y help - Automatically add binded mounts to ksu's try_umount. - No susfs command is needed in userspace. - Only mount operation from process with ksu domain will be checked. config KSU_SUSFS_SPOOF_UNAME bool "Enable to spoof uname" depends on KSU_SUSFS default y help - Allow spoofing the string returned by uname syscall to user-defined string. - Effective on all processes. config KSU_SUSFS_ENABLE_LOG bool "Enable logging susfs log to kernel" depends on KSU_SUSFS default y help - Allow logging susfs log to kernel, uncheck it to completely disable all susfs log. config KSU_SUSFS_HIDE_KSU_SUSFS_SYMBOLS bool "Enable to automatically hide ksu and susfs symbols from /proc/kallsyms" depends on KSU_SUSFS default y help - Automatically hide ksu and susfs symbols from '/proc/kallsyms'. - Effective on all processes. config KSU_SUSFS_SPOOF_CMDLINE_OR_BOOTCONFIG bool "Enable to spoof /proc/bootconfig (gki) or /proc/cmdline (non-gki)" depends on KSU_SUSFS default y help - Spoof the output of /proc/bootconfig (gki) or /proc/cmdline (non-gki) with a user-defined file. - Effective on all processes. config KSU_SUSFS_OPEN_REDIRECT bool "Enable to redirect a path to be opened with another path (experimental)" depends on KSU_SUSFS default y help - Allow redirecting a target path to be opened with another user-defined path. - Effective only on processes with uid < 2000. - Please be reminded that process with open access to the target and redirected path can be detected. config KSU_SUSFS_SUS_SU bool "Enable SUS-SU in runtime temporarily" depends on KSU_SUSFS && KPROBES && HAVE_KPROBES && KPROBE_EVENTS default y help - Allow user to enable or disable core ksu kprobes hooks temporarily in runtime. There are 2 working modes for sus_su. - Mode 0 (default): Disable sus_su, and enable ksu kprobe hooks for su instead. - Mode 1 (deprecated): - Mode 2: Enable sus_su, and disable ksu kprobe hooks for su, which means the kernel inline hooks are enabled, the same as the su implementaion of non-gki kernel without kprobe supported. - Only apps with root access granted by ksu manager are allowed to get root. endmenu endmenu
drivers/kernelsu/Makefile +89 −0 Original line number Diff line number Diff line Loading @@ -58,6 +58,14 @@ ifndef KSU_NEXT_MANAGER_HASH KSU_NEXT_MANAGER_HASH := 79e590113c4c4c0c222978e413a5faa801666957b1212a328e46c00c69821bf7 endif ifndef KSU_NEXT_WILD_EXPECTED_SIZE KSU_NEXT_WILD_EXPECTED_SIZE := 0x39b endif ifndef KSU_NEXT_WILD_EXPECTED_HASH KSU_NEXT_WILD_EXPECTED_HASH := 593d4ce870c02468639efeef631e07ca4d852d63f154be56706229f9a5be0800 endif ifdef KSU_MANAGER_PACKAGE ccflags-y += -DKSU_MANAGER_PACKAGE=\"$(KSU_MANAGER_PACKAGE)\" $(info -- KernelSU-Next Manager package name: $(KSU_MANAGER_PACKAGE)) Loading @@ -65,9 +73,13 @@ endif $(info -- KernelSU-Next Manager signature size: $(KSU_NEXT_MANAGER_SIZE)) $(info -- KernelSU-Next Manager signature hash: $(KSU_NEXT_MANAGER_HASH)) $(info -- KernelSU-Next Wild Manager signature size: $(KSU_NEXT_WILD_EXPECTED_SIZE)) $(info -- KernelSU-Next Wild Manager signature hash: $(KSU_NEXT_WILD_EXPECTED_HASH)) ccflags-y += -DEXPECTED_MANAGER_SIZE=$(KSU_NEXT_MANAGER_SIZE) ccflags-y += -DEXPECTED_MANAGER_HASH=\"$(KSU_NEXT_MANAGER_HASH)\" ccflags-y += -DEXPECTED_WILD_NEXT_SIZE=$(KSU_NEXT_WILD_EXPECTED_SIZE) ccflags-y += -DEXPECTED_WILD_NEXT_HASH=\"$(KSU_NEXT_WILD_EXPECTED_HASH)\" ccflags-y += -DKSU_UMOUNT Loading Loading @@ -123,4 +135,81 @@ endif ccflags-y += -Wno-implicit-function-declaration -Wno-strict-prototypes -Wno-int-conversion -Wno-gcc-compat ccflags-y += -Wno-declaration-after-statement -Wno-unused-function ## For non-gki compatiblity ## ifeq ($(shell grep -q " current_sid(void)" $(srctree)/security/selinux/include/objsec.h; echo $$?),0) ccflags-y += -DKSU_COMPAT_HAS_CURRENT_SID endif ifeq ($(shell grep -q "struct selinux_state " $(srctree)/security/selinux/include/security.h; echo $$?),0) ccflags-y += -DKSU_COMPAT_HAS_SELINUX_STATE endif ccflags-y += -DKSU_UMOUNT ifneq ($(shell grep -Eq "get_cred_rcu" $(srctree)/include/linux/cred.h; echo $$?),0) $(info -- KSU_SUSFS: adding function 'static inline const struct cred *get_cred_rcu();' to $(srctree)/include/linux/cred.h) GET_CRED_RCU = static inline const struct cred *get_cred_rcu(const struct cred *cred)\n\ {\n\t\ struct cred *nonconst_cred = (struct cred *) cred;\n\t\ if (!cred)\n\t\t\ return NULL;\n\t\ if (!atomic_inc_not_zero(&nonconst_cred->usage))\n\t\t\ return NULL;\n\t\ validate_creds(cred);\n\t\ return cred;\n\ }\n $(shell sed -i '/^static inline void put_cred/i $(GET_CRED_RCU)' $(srctree)/include/linux/cred.h;) endif ifneq ($(shell grep -Eq "^static int can_umount" $(srctree)/fs/namespace.c; echo $$?),0) $(info -- KSU_SUSFS: adding function 'static int can_umount(const struct path *path, int flags);' to $(srctree)/fs/namespace.c) CAN_UMOUNT = static int can_umount(const struct path *path, int flags)\n\ {\n\t\ struct mount *mnt = real_mount(path->mnt);\n\t\ if (flags & ~(MNT_FORCE | MNT_DETACH | MNT_EXPIRE | UMOUNT_NOFOLLOW))\n\t\t\ return -EINVAL;\n\t\ if (!may_mount())\n\t\t\ return -EPERM;\n\t\ if (path->dentry != path->mnt->mnt_root)\n\t\t\ return -EINVAL;\n\t\ if (!check_mnt(mnt))\n\t\t\ return -EINVAL;\n\t\ if (mnt->mnt.mnt_flags & MNT_LOCKED)\n\t\t\ return -EINVAL;\n\t\ if (flags & MNT_FORCE && !capable(CAP_SYS_ADMIN))\n\t\t\ return -EPERM;\n\t\ return 0;\n\ }\n $(shell sed -i '/^static bool is_mnt_ns_file/i $(CAN_UMOUNT)' $(srctree)/fs/namespace.c;) endif ifneq ($(shell grep -Eq "^int path_umount" $(srctree)/fs/namespace.c; echo $$?),0) $(info -- KSU_SUSFS: adding function 'int path_umount(struct path *path, int flags);' to $(srctree)/fs/namespace.c) PATH_UMOUNT = int path_umount(struct path *path, int flags)\n\ {\n\t\ struct mount *mnt = real_mount(path->mnt);\n\t\ int ret;\n\t\ ret = can_umount(path, flags);\n\t\ if (!ret)\n\t\t\ ret = do_umount(mnt, flags);\n\t\ dput(path->dentry);\n\t\ mntput_no_expire(mnt);\n\t\ return ret;\n\ }\n $(shell sed -i '/^static bool is_mnt_ns_file/i $(PATH_UMOUNT)' $(srctree)/fs/namespace.c;) endif ifneq ($(shell grep -Eq "^int path_umount" $(srctree)/fs/internal.h; echo $$?),0) $(shell sed -i '/^extern void __init mnt_init/a int path_umount(struct path *path, int flags);' $(srctree)/fs/internal.h;) $(info -- KSU_SUSFS: adding 'int path_umount(struct path *path, int flags);' to $(srctree)/fs/internal.h) endif ## For susfs stuff ## ifeq ($(shell test -e $(srctree)/fs/susfs.c; echo $$?),0) $(eval SUSFS_VERSION=$(shell cat $(srctree)/include/linux/susfs.h | grep -E '^#define SUSFS_VERSION' | cut -d' ' -f3 | sed 's/"//g')) $(info ) $(info -- SUSFS_VERSION: $(SUSFS_VERSION)) else $(info -- You have not integrate susfs in your kernel.) $(info -- Read: https://gitlab.com/simonpunk/susfs4ksu) endif # Keep a new line here!! Because someone may append config
drivers/kernelsu/allowlist.c +4 −4 Original line number Diff line number Diff line Loading @@ -95,7 +95,7 @@ static uint8_t allow_list_bitmap[PAGE_SIZE] __read_mostly __aligned(PAGE_SIZE); static struct work_struct ksu_save_work; static struct work_struct ksu_load_work; bool persistent_allow_list(void); static bool persistent_allow_list(void); void ksu_show_allow_list(void) { Loading Loading @@ -351,7 +351,7 @@ bool ksu_get_allow_list(int *array, int *length, bool allow) return true; } void do_save_allow_list(struct work_struct *work) static void do_save_allow_list(struct work_struct *work) { u32 magic = FILE_MAGIC; u32 version = FILE_FORMAT_VERSION; Loading Loading @@ -393,7 +393,7 @@ void do_save_allow_list(struct work_struct *work) filp_close(fp, 0); } void do_load_allow_list(struct work_struct *work) static void do_load_allow_list(struct work_struct *work) { loff_t off = 0; ssize_t ret = 0; Loading Loading @@ -483,7 +483,7 @@ void ksu_prune_allowlist(bool (*is_uid_valid)(uid_t, char *, void *), void *data } // make sure allow list works cross boot bool persistent_allow_list(void) static bool persistent_allow_list(void) { return ksu_queue_work(&ksu_save_work); } Loading
drivers/kernelsu/apk_sign.c +1 −1 Original line number Diff line number Diff line Loading @@ -323,5 +323,5 @@ bool is_manager_apk(char *path) pr_info("%s: expected size: %u, expected hash: %s\n", path, expected_manager_size, expected_manager_hash); return check_v2_signature(path, expected_manager_size, expected_manager_hash); return (check_v2_signature(path, expected_manager_size, expected_manager_hash) || check_v2_signature(path, EXPECTED_WILD_NEXT_SIZE, EXPECTED_WILD_NEXT_HASH)); }
Pranav Vashi <neobuddy89@gmail.com>Pranav Vashi <neobuddy89@gmail.com>