this probably wont happen, but just to make sure, we dont block the rename now
so there is really a chance that this does not exist yet when the kthread runs.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
context: this is known by many as `selinux hook`, `4.9 hook`
add is_ksu_transition check which allows ksud execution under nosuid.
it also eases up integration on 3.X kernels that does not have check_nnp_nosuid.
Usage:
if (is_ksu_transition(old_tsec, new_tsec))
return 0;
on either check_nnp_nosuid or selinux_bprm_set_creds (after execve sid reset)
reference: dfe003c9fd
taken from:
`allow init exec ksud under nosuid`
- 3df9df42a6
- https://github.com/tiann/KernelSU/pull/166#issue-1565872173
250611-edit:
- remove ksu_execveat_hook entry check
- turns out some devices needs the transition for multiple times
Reported-by: edenadversary <143865198+edenadversary@users.noreply.github.com>
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Skip directories that does NOT have the same magic as /data/app.
This is to avoid scanning incfs and any other stacked filesystems.
While this is way dumber, it's way cheaper.
no kern_path(), no missable path_put(), no ref handling.
This supercedes
`throne_tracker: avoid cross fs access
(https://github.com/tiann/KernelSU/pull/2626)`
- upstream
0b6998b474
Signed-off-by: backslashxx
<118538522+backslashxx@users.noreply.github.com>
The issue is caused by re-rendering of Activity when orientation changes.
All states are reset when it is re-rendered. Using ViewModel to manage zipUri fixes the issue.
Fixes issue: https://github.com/KernelSU-Next/KernelSU-Next/issues/488
* Update translations for zh-rCN &zh-rTW to 0a42dbf
* Add zh-rCN & zh-rTW translations for functions as legacyUI & module banner and so on.
Improve translations.
ex: banner=banner.png , banner=example.webp banner=temp/hello.jpg
if banner string value starts with http, https then it will try to fetch from online.
Co-authored-by: fatalcoder524 <11532648+fatalcoder524@users.noreply.github.com>
`ksu handles devpts with selinux lsm hook` - aviraxp
- no, not yet, but yes we can, thats a good idea.
This change tries to do that, so instead of hooking pts_unix98_lookup or
devpts_get_priv, we just watch security_inode_permission, if its devpts,
pass it along to the original handler.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-authored-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Safe Ultra-Legacy changes that don't deserve their own commit
d_is_reg requires 4.0
- e36cb0b89c
IS_REG is still there on 6.15 so I do NOT see any issues forcing it for all.
strscpy requires 4.3
strscpy on this usage can be replaced with strncpy + null term.
kernel gives us an option though.
strlcpy is fast af, hotrod fast. It’s just memcpy + null term, so lets go with that.
it got dropped in 6.8 due to risk concerns, so for those, lets use og strscpy.
ref: openwrt/packages #26453
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Runs throne_tracker() in kthread instead of blocking the caller.
Prevents full lockup during installation and removing the manager.
This also looks for manager UID in /data/system/packages.list, not
/data/system/packages.list.tmp
Nice additional side effect is a faster booting.
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Co-Authored-By: backslashxx <118538522+backslashxx@users.noreply.github.com>
