From 98a692370f9e91eb18e4757e8a7b2852874906a4 Mon Sep 17 00:00:00 2001 From: Rifat Azad Date: Thu, 12 Dec 2024 17:01:14 +0600 Subject: [PATCH] kernel: Removed SuSFS Patch --- kernel/Kconfig | 140 ------------------------ kernel/Makefile | 133 ++--------------------- kernel/apk_sign.c | 4 +- kernel/core_hook.c | 263 --------------------------------------------- kernel/kernel | 1 + 5 files changed, 9 insertions(+), 532 deletions(-) create mode 120000 kernel/kernel diff --git a/kernel/Kconfig b/kernel/Kconfig index 076c61dd..67f177f4 100644 --- a/kernel/Kconfig +++ b/kernel/Kconfig @@ -16,144 +16,4 @@ config KSU_DEBUG help Enable KernelSU debug mode. -menu "KernelSU - SUSFS" -config KSU_SUSFS - bool "KernelSU addon - SUSFS" - depends on KSU - default y - help - Patch and Enable SUSFS to kernel with KernelSU. - -config KSU_SUSFS_SUS_PATH - bool "Enable to hide suspicious path (NOT recommended)" - depends on KSU_SUSFS - default y - help - - Allow hiding the user-defined path and all its sub-paths from various system calls. - - tmpfs filesystem is not allowed to be added. - - Effective on process with uid > 2000 only. - - Use with cautious as it may cause performance loss and will be vulnerable to side channel attacks, - just disable this feature if it doesn't work for you or you don't need it at all. - -config KSU_SUSFS_SUS_MOUNT - bool "Enable to hide suspicious mounts" - depends on KSU_SUSFS - default y - help - - Allow hiding the user-defined mount paths from /proc/self/[mounts|mountinfo|mountstat]. - - Effective on all processes for hiding mount entries. - - Mounts mounted by process with ksu domain will be forced to be assigned the dev name "KSU". - - mnt_id and mnt_group_id of the sus mount will be assigned to a much bigger number to solve the issue of id not being contiguous. - -config KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT - bool "Enable to hide KSU's default mounts automatically (experimental)" - depends on KSU_SUSFS_SUS_MOUNT - default y - help - - Automatically add KSU's default mounts to sus_mount. - - No susfs command is needed in userspace. - - Only mount operation from process with ksu domain will be checked. - -config KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT - bool "Enable to hide suspicious bind mounts automatically (experimental)" - depends on KSU_SUSFS_SUS_MOUNT - default y - help - - Automatically add binded mounts to sus_mount. - - No susfs command is needed in userspace. - - Only mount operation from process with ksu domain will be checked. - -config KSU_SUSFS_SUS_KSTAT - bool "Enable to spoof suspicious kstat" - depends on KSU_SUSFS - default y - help - - Allow spoofing the kstat of user-defined file/directory. - - Effective on all processes. - -config KSU_SUSFS_SUS_OVERLAYFS - bool "Enable to automatically spoof kstat and kstatfs for overlayed files/directories" - depends on KSU_SUSFS - default y - help - - Automatically spoof the kstat and kstatfs for overlayed files/directories. - - No susfs command is needed in userspace. - - Effective on all processes. - -config KSU_SUSFS_TRY_UMOUNT - bool "Enable to use ksu's try_umount" - depends on KSU_SUSFS - default y - help - - Allow using ksu's umount to umount other user-defined mount paths prior to ksu's default umount paths. - - Effective on all NO-root-access-granted processes. - -config KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT - bool "Enable to add bind mounts to ksu's try_umount automatically (experimental)" - depends on KSU_SUSFS_TRY_UMOUNT - default y - help - - Automatically add binded mounts to ksu's try_umount. - - No susfs command is needed in userspace. - - Only mount operation from process with ksu domain will be checked. - -config KSU_SUSFS_SPOOF_UNAME - bool "Enable to spoof uname" - depends on KSU_SUSFS - default y - help - - Allow spoofing the string returned by uname syscall to user-defined string. - - Effective on all processes. - -config KSU_SUSFS_ENABLE_LOG - bool "Enable logging susfs log to kernel" - depends on KSU_SUSFS - default y - help - - Allow logging susfs log to kernel, uncheck it to completely disable all susfs log. - -config KSU_SUSFS_HIDE_KSU_SUSFS_SYMBOLS - bool "Enable to automatically hide ksu and susfs symbols from /proc/kallsyms" - depends on KSU_SUSFS - default y - help - - Automatically hide ksu and susfs symbols from '/proc/kallsyms'. - - Effective on all processes. - -config KSU_SUSFS_SPOOF_BOOTCONFIG - bool "Enable to spoof /proc/bootconfig" - depends on KSU_SUSFS - default y - help - - Spoof the output of /proc/bootconfig with a user-defined file. - - Effective on all processes. - -config KSU_SUSFS_OPEN_REDIRECT - bool "Enable to redirect a path to be opened with another path (experimental)" - depends on KSU_SUSFS - default y - help - - Allow redirecting a target path to be opened with another user-defined path. - - Effective only on processes with uid < 2000. - - Please be reminded that process with open access to the target and redirected path can be detected. - -config KSU_SUSFS_SUS_SU - bool "Enable SUS-SU in runtime temporarily" - depends on KSU_SUSFS && KPROBES && HAVE_KPROBES && KPROBE_EVENTS - default y - help - - Allow user to enable or disable core ksu kprobes hooks temporarily in runtime. There are 2 modes for sus_su. - - Mode 1: when enabling sus_su, ksu kprobes will be disabled, and a fifo driver will be created in - /dev/[random_string] (for first time only), then user needs to mount the 'sus_su' to /system/bin/su using overlayfs or whatever - techniques, and run 'su' to get root shell from the fifo driver. Or, refer to the method in service.sh from module template. - ** sus_su userspace tool and an overlay mount is required ** - - Mode 2: When enabling sus_su, ksu kprobes will be disabled, and the kernel inline hooks will be enabled, - just same as the su implementaion of non-gki kernel without kprobe supported. - ** Needs no extra userspace tools and mounts ** - - When disabling sus_su, ksu kprobes will be enabled again, and the fifo driver will be deleted. - - Only apps with root access granted by ksu manager are allowed to get root. - - Also overlayfs is required. - -endmenu - endmenu diff --git a/kernel/Makefile b/kernel/Makefile index 1033793d..b883d6ef 100644 --- a/kernel/Makefile +++ b/kernel/Makefile @@ -26,7 +26,7 @@ $(info -- KernelSU version: $(KSU_VERSION)) ccflags-y += -DKSU_VERSION=$(KSU_VERSION) else # If there is no .git file, the default version will be passed. $(warning "KSU_GIT_VERSION not defined! It is better to make KernelSU a git submodule!") -ccflags-y += -DKSU_VERSION=16 +ccflags-y += -DKSU_VERSION=11986 endif ifeq ($(shell grep -q " current_sid(void)" $(srctree)/security/selinux/include/objsec.h; echo $$?),0) @@ -53,21 +53,6 @@ ifndef KSU_NEXT_EXPECTED_HASH KSU_NEXT_EXPECTED_HASH := d50f782a7d12deaa1ae967959a5b69cd88587874387e92b8b1517df232e5a061 endif -ifndef KSU_LEGACY_EXPECTED_SIZE -KSU_LEGACY_EXPECTED_SIZE := 0x363 -endif - -ifndef KSU_LEGACY_EXPECTED_HASH -KSU_LEGACY_EXPECTED_HASH := 4359c171f32543394cbc23ef908c4bb94cad7c8087002ba164c8230948c21549 -endif - -ifndef KSU_N3X7G3N_EXPECTED_SIZE -KSU_N3X7G3N_EXPECTED_SIZE := 0x29c -endif - -ifndef KSU_N3X7G3N_EXPECTED_HASH -KSU_N3X7G3N_EXPECTED_HASH := bfddf83a559355b053187177775c39c639d2d2695163baa77253746dbf18098d -endif ifdef KSU_MANAGER_PACKAGE ccflags-y += -DKSU_MANAGER_PACKAGE=\"$(KSU_MANAGER_PACKAGE)\" @@ -76,128 +61,24 @@ endif $(info -- KernelSU Manager signature size: $(KSU_EXPECTED_SIZE)) $(info -- KernelSU Manager signature hash: $(KSU_EXPECTED_HASH)) + $(info -- KernelSU next Manager signature size: $(KSU_NEXT_EXPECTED_SIZE)) $(info -- KernelSU next Manager signature hash: $(KSU_NEXT_EXPECTED_HASH)) -$(info -- KernelSU legacy Manager signature size: $(KSU_LEGACY_EXPECTED_SIZE)) -$(info -- KernelSU legacy Manager signature hash: $(KSU_LEGACY_EXPECTED_HASH)) -$(info -- KernelSU n3x7g3n Manager signature size: $(KSU_N3X7G3N_EXPECTED_SIZE)) -$(info -- KernelSU n3x7g3n Manager signature hash: $(KSU_N3X7G3N_EXPECTED_HASH)) ccflags-y += -DEXPECTED_SIZE=$(KSU_EXPECTED_SIZE) ccflags-y += -DEXPECTED_HASH=\"$(KSU_EXPECTED_HASH)\" + ccflags-y += -DEXPECTED_NEXT_SIZE=$(KSU_NEXT_EXPECTED_SIZE) ccflags-y += -DEXPECTED_NEXT_HASH=\"$(KSU_NEXT_EXPECTED_HASH)\" -ccflags-y += -DEXPECTED_LEGACY_SIZE=$(KSU_LEGACY_EXPECTED_SIZE) -ccflags-y += -DEXPECTED_LEGACY_HASH=\"$(KSU_LEGACY_EXPECTED_HASH)\" -ccflags-y += -DEXPECTED_N3X7G3N_SIZE=$(KSU_N3X7G3N_EXPECTED_SIZE) -ccflags-y += -DEXPECTED_N3X7G3N_HASH=\"$(KSU_N3X7G3N_EXPECTED_HASH)\" - -#ifeq ($(shell grep -q "int path_umount" $(srctree)/fs/namespace.c; echo $$?),0) -#ccflags-y += -DKSU_UMOUNT -#else -#$(info -- Did you know you can backport path_umount to fs/namespace.c from 5.9?) -#$(info -- Read: https://kernelsu.org/guide/how-to-integrate-for-non-gki.html#how-to-backport-path-umount) -#endif +ifeq ($(shell grep -q "int path_umount" $(srctree)/fs/namespace.c; echo $$?),0) ccflags-y += -DKSU_UMOUNT - -ifneq ($(shell grep -Eq "^static int can_umount" $(srctree)/fs/namespace.c; echo $$?),0) -$(info -- KSU_SUSFS: adding function 'static int can_umount(const struct path *path, int flags);' to $(srctree)/fs/namespace.c) -CAN_UMOUNT = static int can_umount(const struct path *path, int flags)\n\ -{\n\t\ - struct mount *mnt = real_mount(path->mnt);\n\t\ - if (flags & ~(MNT_FORCE | MNT_DETACH | MNT_EXPIRE | UMOUNT_NOFOLLOW))\n\t\t\ - return -EINVAL;\n\t\ - if (!may_mount())\n\t\t\ - return -EPERM;\n\t\ - if (path->dentry != path->mnt->mnt_root)\n\t\t\ - return -EINVAL;\n\t\ - if (!check_mnt(mnt))\n\t\t\ - return -EINVAL;\n\t\ - if (mnt->mnt.mnt_flags & MNT_LOCKED)\n\t\t\ - return -EINVAL;\n\t\ - if (flags & MNT_FORCE && !capable(CAP_SYS_ADMIN))\n\t\t\ - return -EPERM;\n\t\ - return 0;\n\ -}\n -$(shell sed -i '/^static bool is_mnt_ns_file/i $(CAN_UMOUNT)' $(srctree)/fs/namespace.c;) -endif - -ifneq ($(shell grep -Eq "^int path_umount" $(srctree)/fs/namespace.c; echo $$?),0) -$(info -- KSU_SUSFS: adding function 'int path_umount(struct path *path, int flags);' to $(srctree)/fs/namespace.c) -PATH_UMOUNT = int path_umount(struct path *path, int flags)\n\ -{\n\t\ - struct mount *mnt = real_mount(path->mnt);\n\t\ - int ret;\n\t\ - ret = can_umount(path, flags);\n\t\ - if (!ret)\n\t\t\ - ret = do_umount(mnt, flags);\n\t\ - dput(path->dentry);\n\t\ - mntput_no_expire(mnt);\n\t\ - return ret;\n\ -}\n -$(shell sed -i '/^static bool is_mnt_ns_file/i $(PATH_UMOUNT)' $(srctree)/fs/namespace.c;) -endif - -ifneq ($(shell grep -Eq "^int path_umount" $(srctree)/fs/internal.h; echo $$?),0) -$(shell sed -i '/^extern void __init mnt_init/a int path_umount(struct path *path, int flags);' $(srctree)/fs/internal.h;) -$(info -- KSU_SUSFS: adding 'int path_umount(struct path *path, int flags);' to $(srctree)/fs/internal.h) +else +$(info -- Did you know you can backport path_umount to fs/namespace.c from 5.9?) +$(info -- Read: https://kernelsu.org/guide/how-to-integrate-for-non-gki.html#how-to-backport-path-umount) endif ccflags-y += -Wno-implicit-function-declaration -Wno-strict-prototypes -Wno-int-conversion -Wno-gcc-compat ccflags-y += -Wno-declaration-after-statement -Wno-unused-function -ifeq ($(shell test -e $(srctree)/fs/susfs.c; echo $$?),0) -$(eval SUSFS_VERSION=$(shell cat $(srctree)/include/linux/susfs.h | grep -E '^#define SUSFS_VERSION' | cut -d' ' -f3 | sed 's/"//g')) -$(info -- SUSFS_VERSION: $(SUSFS_VERSION)) -ifdef KSU_SUSFS -ccflags-y += -DKSU_SUSFS -endif -ifdef KSU_SUSFS_SUS_PATH -ccflags-y += -DKSU_SUSFS_SUS_PATH -endif -ifdef KSU_SUSFS_SUS_MOUNT -ccflags-y += -DKSU_SUSFS_SUS_MOUNT -endif -ifdef KSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT -ccflags-y += -DKSU_SUSFS_AUTO_ADD_SUS_KSU_DEFAULT_MOUNT -endif -ifdef KSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT -ccflags-y += -DKSU_SUSFS_AUTO_ADD_SUS_BIND_MOUNT -endif -ifdef KSU_SUSFS_SUS_KSTAT -ccflags-y += -DKSU_SUSFS_SUS_KSTAT -endif -ifdef KSU_SUSFS_SUS_OVERLAYFS -ccflags-y += -DKSU_SUSFS_SUS_OVERLAYFS -endif -ifdef KSU_SUSFS_TRY_UMOUNT -ccflags-y += -DKSU_SUSFS_TRY_UMOUNT -endif -ifdef KSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT -ccflags-y += -DKSU_SUSFS_AUTO_ADD_TRY_UMOUNT_FOR_BIND_MOUNT -endif -ifdef KSU_SUSFS_SPOOF_UNAME -ccflags-y += -DKSU_SUSFS_SPOOF_UNAME -endif -ifdef KSU_SUSFS_ENABLE_LOG -ccflags-y += -DKSU_SUSFS_ENABLE_LOG -endif -ifdef KSU_SUSFS_HIDE_KSU_SUSFS_SYMBOLS -ccflags-y += -DKSU_SUSFS_HIDE_KSU_SUSFS_SYMBOLS -endif -ifdef KSU_SUSFS_SPOOF_BOOTCONFIG -ccflags-y += -DKSU_SUSFS_SPOOF_BOOTCONFIG -endif -ifdef KSU_SUSFS_OPEN_REDIRECT -ccflags-y += -DKSU_SUSFS_OPEN_REDIRECT -endif -ifdef KSU_SUSFS_SUS_SU -ccflags-y += -DKSU_SUSFS_SUS_SU -endif -else -$(info -- You have not integrate susfs in your kernel.) -$(info -- Read: https://gitlab.com/simonpunk/susfs4ksu) -endif - # Keep a new line here!! Because someone may append config diff --git a/kernel/apk_sign.c b/kernel/apk_sign.c index 731f51d7..6d42841c 100644 --- a/kernel/apk_sign.c +++ b/kernel/apk_sign.c @@ -317,7 +317,5 @@ module_param_cb(ksu_debug_manager_uid, &expected_size_ops, bool is_manager_apk(char *path) { return (check_v2_signature(path, EXPECTED_SIZE, EXPECTED_HASH) - || check_v2_signature(path, EXPECTED_NEXT_SIZE, EXPECTED_NEXT_HASH) - || check_v2_signature(path, EXPECTED_LEGACY_SIZE, EXPECTED_LEGACY_HASH) - || check_v2_signature(path, EXPECTED_N3X7G3N_SIZE, EXPECTED_N3X7G3N_HASH)); + || check_v2_signature(path, EXPECTED_NEXT_SIZE, EXPECTED_NEXT_HASH)); } \ No newline at end of file diff --git a/kernel/core_hook.c b/kernel/core_hook.c index 9cc12812..43056e46 100644 --- a/kernel/core_hook.c +++ b/kernel/core_hook.c @@ -33,10 +33,6 @@ #include #endif -#ifdef CONFIG_KSU_SUSFS -#include -#endif // #ifdef CONFIG_KSU_SUSFS - #include "allowlist.h" #include "arch.h" #include "core_hook.h" @@ -49,20 +45,6 @@ #include "throne_tracker.h" #include "kernel_compat.h" -#ifdef CONFIG_KSU_SUSFS -bool susfs_is_allow_su(void) -{ - if (is_manager()) { - // we are manager, allow! - return true; - } - return ksu_is_allow_uid(current_uid().val); -} - -extern u32 susfs_zygote_sid; -extern void susfs_run_try_umount_for_current_mnt_ns(void); -#endif // #ifdef CONFIG_KSU_SUSFS - static bool ksu_module_mounted = false; extern int handle_sepolicy(unsigned long arg3, void __user *arg4); @@ -394,205 +376,6 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3, return 0; } -#ifdef CONFIG_KSU_SUSFS - if (current_uid_val == 0) { -#ifdef CONFIG_KSU_SUSFS_SUS_PATH - if (arg2 == CMD_SUSFS_ADD_SUS_PATH) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_sus_path))) { - pr_err("susfs: CMD_SUSFS_ADD_SUS_PATH -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_ADD_SUS_PATH -> arg5 is not accessible\n"); - return 0; - } - error = susfs_add_sus_path((struct st_susfs_sus_path __user*)arg3); - pr_info("susfs: CMD_SUSFS_ADD_SUS_PATH -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } -#endif //#ifdef CONFIG_KSU_SUSFS_SUS_PATH -#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT - if (arg2 == CMD_SUSFS_ADD_SUS_MOUNT) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_sus_mount))) { - pr_err("susfs: CMD_SUSFS_ADD_SUS_MOUNT -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_ADD_SUS_MOUNT -> arg5 is not accessible\n"); - return 0; - } - error = susfs_add_sus_mount((struct st_susfs_sus_mount __user*)arg3); - pr_info("susfs: CMD_SUSFS_ADD_SUS_MOUNT -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } -#endif //#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT -#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT - if (arg2 == CMD_SUSFS_ADD_SUS_KSTAT) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_sus_kstat))) { - pr_err("susfs: CMD_SUSFS_ADD_SUS_KSTAT -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_ADD_SUS_KSTAT -> arg5 is not accessible\n"); - return 0; - } - error = susfs_add_sus_kstat((struct st_susfs_sus_kstat __user*)arg3); - pr_info("susfs: CMD_SUSFS_ADD_SUS_KSTAT -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } - if (arg2 == CMD_SUSFS_UPDATE_SUS_KSTAT) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_sus_kstat))) { - pr_err("susfs: CMD_SUSFS_UPDATE_SUS_KSTAT -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_UPDATE_SUS_KSTAT -> arg5 is not accessible\n"); - return 0; - } - error = susfs_update_sus_kstat((struct st_susfs_sus_kstat __user*)arg3); - pr_info("susfs: CMD_SUSFS_UPDATE_SUS_KSTAT -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } - if (arg2 == CMD_SUSFS_ADD_SUS_KSTAT_STATICALLY) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_sus_kstat))) { - pr_err("susfs: CMD_SUSFS_ADD_SUS_KSTAT_STATICALLY -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_ADD_SUS_KSTAT_STATICALLY -> arg5 is not accessible\n"); - return 0; - } - error = susfs_add_sus_kstat((struct st_susfs_sus_kstat __user*)arg3); - pr_info("susfs: CMD_SUSFS_ADD_SUS_KSTAT_STATICALLY -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } -#endif //#ifdef CONFIG_KSU_SUSFS_SUS_KSTAT -#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT - if (arg2 == CMD_SUSFS_ADD_TRY_UMOUNT) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_try_umount))) { - pr_err("susfs: CMD_SUSFS_ADD_TRY_UMOUNT -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_ADD_TRY_UMOUNT -> arg5 is not accessible\n"); - return 0; - } - error = susfs_add_try_umount((struct st_susfs_try_umount __user*)arg3); - pr_info("susfs: CMD_SUSFS_ADD_TRY_UMOUNT -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } - if (arg2 == CMD_SUSFS_RUN_UMOUNT_FOR_CURRENT_MNT_NS) { - int error = 0; - susfs_run_try_umount_for_current_mnt_ns(); - pr_info("susfs: CMD_SUSFS_RUN_UMOUNT_FOR_CURRENT_MNT_NS -> ret: %d\n", error); - } -#endif //#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT -#ifdef CONFIG_KSU_SUSFS_SPOOF_UNAME - if (arg2 == CMD_SUSFS_SET_UNAME) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_uname))) { - pr_err("susfs: CMD_SUSFS_SET_UNAME -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_SET_UNAME -> arg5 is not accessible\n"); - return 0; - } - error = susfs_set_uname((struct st_susfs_uname __user*)arg3); - pr_info("susfs: CMD_SUSFS_SET_UNAME -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } -#endif //#ifdef CONFIG_KSU_SUSFS_SPOOF_UNAME -#ifdef CONFIG_KSU_SUSFS_ENABLE_LOG - if (arg2 == CMD_SUSFS_ENABLE_LOG) { - int error = 0; - if (arg3 != 0 && arg3 != 1) { - pr_err("susfs: CMD_SUSFS_ENABLE_LOG -> arg3 can only be 0 or 1\n"); - return 0; - } - susfs_set_log(arg3); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } -#endif //#ifdef CONFIG_KSU_SUSFS_ENABLE_LOG -#ifdef CONFIG_KSU_SUSFS_SPOOF_BOOTCONFIG - if (arg2 == CMD_SUSFS_SET_BOOTCONFIG) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, SUSFS_FAKE_BOOT_CONFIG_SIZE)) { - pr_err("susfs: CMD_SUSFS_SET_BOOTCONFIG -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_SET_BOOTCONFIG -> arg5 is not accessible\n"); - return 0; - } - error = susfs_set_bootconfig((char __user*)arg3); - pr_info("susfs: CMD_SUSFS_SET_BOOTCONFIG -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } -#endif //#ifdef CONFIG_KSU_SUSFS_SPOOF_BOOTCONFIG -#ifdef CONFIG_KSU_SUSFS_OPEN_REDIRECT - if (arg2 == CMD_SUSFS_ADD_OPEN_REDIRECT) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_susfs_open_redirect))) { - pr_err("susfs: CMD_SUSFS_ADD_OPEN_REDIRECT -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_ADD_OPEN_REDIRECT -> arg5 is not accessible\n"); - return 0; - } - error = susfs_add_open_redirect((struct st_susfs_open_redirect __user*)arg3); - pr_info("susfs: CMD_SUSFS_ADD_OPEN_REDIRECT -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } -#endif //#ifdef CONFIG_KSU_SUSFS_OPEN_REDIRECT -#ifdef CONFIG_KSU_SUSFS_SUS_SU - if (arg2 == CMD_SUSFS_SUS_SU) { - int error = 0; - if (!ksu_access_ok((void __user*)arg3, sizeof(struct st_sus_su))) { - pr_err("susfs: CMD_SUSFS_SUS_SU -> arg3 is not accessible\n"); - return 0; - } - if (!ksu_access_ok((void __user*)arg5, sizeof(error))) { - pr_err("susfs: CMD_SUSFS_SUS_SU -> arg5 is not accessible\n"); - return 0; - } - error = susfs_sus_su((struct st_sus_su __user*)arg3); - pr_info("susfs: CMD_SUSFS_SUS_SU -> ret: %d\n", error); - if (copy_to_user((void __user*)arg5, &error, sizeof(error))) - pr_info("susfs: copy_to_user() failed\n"); - return 0; - } -#endif //#ifdef CONFIG_KSU_SUSFS_SUS_SU - } -#endif //#ifdef CONFIG_KSU_SUSFS - // all other cmds are for 'root manager' if (!from_manager) { return 0; @@ -677,11 +460,7 @@ static int ksu_umount_mnt(struct path *path, int flags) #endif } -#ifdef CONFIG_KSU_SUSFS -void try_umount(const char *mnt, bool check_mnt, int flags) -#else static void try_umount(const char *mnt, bool check_mnt, int flags) -#endif { struct path path; int err = kern_path(mnt, 0, &path); @@ -705,18 +484,6 @@ static void try_umount(const char *mnt, bool check_mnt, int flags) } } -#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT -void susfs_try_umount_all(uid_t uid) { - susfs_try_umount(uid); - try_umount("/system", true, 0); - try_umount("/system_ext", true, 0); - try_umount("/vendor", true, 0); - try_umount("/product", true, 0); - try_umount("/data/adb/modules", false, MNT_DETACH); - try_umount("/debug_ramdisk", false, MNT_DETACH); -} -#endif - int ksu_handle_setuid(struct cred *new, const struct cred *old) { // this hook is used for umounting overlayfs for some uid, if there isn't any module mounted, just ignore it! @@ -736,17 +503,6 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old) return 0; } -#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT - // check if current process is zygote - bool is_zygote_child = susfs_is_sid_equal(old->security, susfs_zygote_sid); - if (likely(is_zygote_child)) { - // if spawned process is non user app process, run try_umount() - if (unlikely(new_uid.val < 10000 && new_uid.val >= 1000)) { - goto out_try_umount; - } - } -#endif - if (!is_appuid(new_uid) || is_unsupported_uid(new_uid.val)) { // pr_info("handle setuid ignore non application or isolated uid: %d\n", new_uid.val); return 0; @@ -756,12 +512,6 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old) // pr_info("handle setuid ignore allowed application: %d\n", new_uid.val); return 0; } -#ifdef CONFIG_KSU_SUSFS_SUS_PATH - else { - // if new uid is not root granted, then drop a payload to inidicate that sus_path will be effective on this uid - new->user->android_kabi_reserved2 |= USER_STRUCT_KABI2_NON_ROOT_USER_APP_PROFILE; - } -#endif if (!ksu_uid_should_umount(new_uid.val)) { return 0; @@ -771,12 +521,7 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old) #endif } -#ifndef CONFIG_KSU_SUSFS_SUS_MOUNT - // check old process's selinux context, if it is not zygote, ignore it! - // because some su apps may setuid to untrusted_app but they are in global mount namespace - // when we umount for such process, that is a disaster! bool is_zygote_child = is_zygote(old->security); -#endif if (!is_zygote_child) { pr_info("handle umount ignore non zygote child: %d\n", current->pid); @@ -789,13 +534,6 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old) current->pid); #endif -#ifdef CONFIG_KSU_SUSFS_SUS_MOUNT -out_try_umount: -#endif -#ifdef CONFIG_KSU_SUSFS_TRY_UMOUNT - // susfs come first, and lastly umount by ksu, make sure umount in reversed order - susfs_try_umount_all(new_uid.val); -#else // fixme: use `collect_mounts` and `iterate_mount` to iterate all mountpoint and // filter the mountpoint whose target is `/data/adb` try_umount("/system", true, 0); @@ -806,7 +544,6 @@ out_try_umount: // try umount ksu temp path try_umount("/debug_ramdisk", false, MNT_DETACH); try_umount("/sbin", false, MNT_DETACH); -#endif return 0; } diff --git a/kernel/kernel b/kernel/kernel new file mode 120000 index 00000000..9e51d0d6 --- /dev/null +++ b/kernel/kernel @@ -0,0 +1 @@ +../KernelSU/kernel \ No newline at end of file