I have no idea if this is needed or any useful for manual fs hooks users.
Upstream, this is likely to, well, simply disable hooking of those functions,
to remove and mitigate timing issues as some detection methods can actually
differentiate these.
This is done like how vfs_read_hook, input_hook and execve_hook is disabled.
While this is not exactly the same thing, this *CAN* achieve the same results.
The complete disabling of all KernelSU hooks.
While this is probably not so useful for us, honestly, I have no idea for shit
what I am doing, but lets still port it for the sake of feature parity.
cherry pick from:
kernel: backport support for sucompat disable/enable
https://github.com/backslashxx/KernelSU/commit/20ffabb
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Since upstream is now making kprobes a requirement, we adapt this tree to still allow
building with manual hooks in an easier way. Furthermore, this also allows a user to
build with manual hooks even with kprobes enabled.
Offending commit:
kernel: remove unused CONFIG guard becuase GKI kernel enable kprobe by default
upstream: https://github.com/tiann/KernelSU/commit/500ff9b
Other changes:
ksud.c, stop_input_hook(), short-circuit redundant logic left by this change.
cherry pick from: https://github.com/backslashxx/KernelSU/commit/a3d3e93
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Cherry pick from 8bb9518060a4a7db7f40
Backporting is cool, but not everyone has the skills for it.
This commit does NOT make it required, but it will allow compiler
to use whats in-kernel if it exists.
The following are backportable:
- kernel_read / kernel_write
< 4.14, backport chain, tested on 4.9
e13ec939e9bdd1d2d3d2c41fbad015ac452acae1
- strncpy_from_user_nofault
for 5.4, apply: bd88bb5d40
for 4.x, apply: 424e21f3b0
for any failures, just SKIP THIS or check dependency chain of, 3d7081822f
this got backported to v4.4.236, v4.9.236, v4.14.197, v4.19.144
- hint, `curl $url.patch | git am`
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
- When disabling Seccomp, ensure that current->sighand->siglock is held
during the operation.
- Locking to ensure safe access and modification of the `cred` structure
within the `escape_to_root` function.
---
I think this issue described in #2236 may have been caused by concurrent
read-write access without proper locking.
---------
Signed-off-by: SsageParuders<qinqingqing1025@gmail.com>
Signed-off-by: SsageParuders <qinqingqing1025@gmail.com>"
Useful for situations where the SU allowlist is not kept after a reboot.
As per upstream this is only used for < 4.10 and Huawei HiSilicon devices.
but theres user reports having issues even on 4.14/4.19 samsung kernels.
Expose this option so users affected can opt-in.
Discussion:
tiann#1249
tiann#1346
References:
tiann@f57d351
tiann@b61cb30
Credits to respective authors:
rhjdvsgsgks
ExtremeXT
Most kernel builders have to touch their kernel source code anyway so
we might as well tell them to backport path_umount to achieve some sort
of feature parity.
This enforces a path_umount backport, not a suggestion.
Its a requirement from now on.
You will backport path_umount and you will like it.
Useful for situations where the SU allowlist is not kept after a reboot.
As per upstream this is only used for < 4.10 and Huawei HiSilicon devices.
but theres user reports having issues even on 4.14/4.19 samsung kernels.
Expose this option so users affected can opt-in.
Discussion:
tiann#1249
tiann#1346
References:
tiann@f57d351
tiann@b61cb30
Credits to respective authors:
rhjdvsgsgks
ExtremeXT
