br0kenpixel/KernelSU-Next
1
0
Fork 0
mirror of https://github.com/KernelSU-Next/KernelSU-Next.git synced 2025-08-27 23:46:34 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity
2,338 Commits 16 Branches 21 Tags
217d230b61b3297b93b511d766e5ff1896886f06
Commit Graph

98 Commits

Author SHA1 Message Date
weishu
8e06088f96 kernel: prevent become manager when failed. close #1328 2024-02-03 20:03:26 +08:00
weishu
802549d8cd kernel: avoding umount when there isn't any module. close #556 2024-01-08 12:55:08 +08:00
Ylarod
cbf8f0aa2a Try umount /sbin in kernel (#1257) 2024-01-06 08:59:30 +08:00
Nullptr
c07b7d38a0 Mount temp dir at /debug_ramdisk (#1226) 2023-12-23 21:05:26 +08:00
weishu
86dcb02f72 kernel: make compiler happy 2023-10-21 22:43:58 +08:00
weishu
5c495a7e83 kernel: make su without any capabilities possible 2023-10-21 20:32:28 +08:00
weishu
6dd1b266e9 kernel: don't umount for non zygote child process. fixes #1054,#1049,#1045 2023-10-19 17:29:10 +08:00
weishu
aefcb9c980 kernel: ignore path that's not mountpoint 2023-10-12 14:24:41 +08:00
weishu
aca3ecebd9 kernel: umount modules mnt when needed. fix #991 2023-10-08 14:17:33 +08:00
longhuan1999
b14ea03dc4 kernel: Adapt to low version Android init process (#973) 
1. Adapt to low version Android init process
2. Add stop hook output
3. Fix output with missing line breaks
 2023-10-02 12:00:24 +08:00
weishu
a3b675c6f7 kernel: Fix manager recognize err 2023-08-09 16:28:22 +08:00
weishu
2f5b4d979c kernel: don't trigger page fault when become manager. fix #836 2023-08-09 12:33:05 +08:00
4qwerty7
cd19ce2e86 Distinguish different PT_REGS_PARM4 under x86 (#711) 
1. `PT_REGS_CCALL_PARM4` 表示存放C调用约定的第4个参数的寄存器
2. `PT_REGS_SYSCALL_PARM4` 表示存放linux syscall调用约定的第4个参数的寄存器
3. 将原有 `PT_REGS_PARM4` 改为上述之一
4. 将原有 `ksu_handle_execveat_ksud` 和 `ksu_handle_execveat_sucompat` 可能被
kprobe 传递错误实参、且不使用的形参标记为 never_used 并传递 `NULL`
5. 为 `ksu_handle_execveat_ksud` 提供正确的 argv 参数用以在 x86 下也能正确识别 `init
second_stage`

---------

Co-authored-by: weishu <twsxtd@gmail.com>
 2023-07-06 09:01:35 +08:00
weishu
f87d6eb97d kernel: fix incorrect umount for apps 2023-06-22 15:17:32 +08:00
weishu
fc4f0b285a kernel: don't alloc groups for default groups 2023-06-22 13:42:28 +08:00
weishu
22e3e1fc0e Revert "kernel: getname might sleep in kprobe handler (#670)" 
This reverts commit 7fa7b5b875.
 2023-06-22 12:54:30 +08:00
weishu
7fa7b5b875 kernel: getname might sleep in kprobe handler (#670) 2023-06-22 10:54:50 +08:00
Fiqri Ardyansyah
3fffcde59d Fix error build when using GCC 12.0.0 (#609) 
Signed-off-by: Fiqri Ardyansyah <fiqri0927936@gmail.com>
 2023-06-09 10:35:16 +08:00
weishu
19e00ac4eb kernel: fix set groups for kernel 4.9- 2023-06-06 20:45:42 +08:00
weishu
bacd16a68c kernel: support setting selinux context for profile 2023-06-06 16:35:25 +08:00
weishu
893aebca4f kernel: support settings supplementary groups for profile 2023-06-06 13:19:11 +08:00
weishu
1a6e99bcc8 kernel: prevent root process to exec su, which makes app can escape root profile by exec it twice 2023-06-06 11:08:57 +08:00
weishu
fc96172655 kernel: make the profile uid, gid, capabilities really work 2023-06-04 17:29:12 +08:00
weishu
20a9c6ec0f kernel: use uid instead of package to compare allowlist, fix #580 2023-06-04 09:18:39 +08:00
weishu
395711c942 kernel: dont prune uid used for app profile 2023-06-04 01:01:39 +08:00
weishu
bc9e3da5ce kernel: respect the app profile's umount modules field for kernel umounting 2023-06-04 00:03:56 +08:00
weishu
14b1386879 kernel: support CMD_IS_UID_GRANTED_ROOT and CMD_IS_UID_SHOULD_UMOUNT 2023-06-03 22:44:01 +08:00
weishu
b4f6302262 kernel: don't copy profile when not found 2023-06-03 17:26:00 +08:00
weishu
e8d234ae66 kernel: baby version of profile 2023-06-03 00:01:00 +08:00
浅秋枫影
5b4655f827 Revert 052a3d3 (#500) 
确实会导致卡住问题,一旦卡住,其他程序就无法正确卸载。
可能是,卸载目录那里一直在等待前面的空闲后再卸载,然后把后面的事件全部阻塞了?
 2023-05-15 23:18:34 +08:00
tiann
002969e9a7 kernel: don't umount for process in global namespace 2023-05-12 12:32:35 +08:00
tiann
052a3d3a4f kernel: umount by lazy 2023-05-02 00:12:01 +08:00
tiann
168f1f1ddd kernel: fix snprintf 2023-04-18 19:38:58 +08:00
tiann
fa25a4fe18 kernel: allow manager to be installed in work profile 2023-04-18 18:32:33 +08:00
zhcnUTF8
54e5e8fc07 kernel: check CONFIG_SECCOMP status (#351) 2023-04-05 19:09:47 +08:00
tiann
4933b045e4 kernel: fix incorrect dput 2023-04-03 19:22:05 +08:00
tiann
44444b2a56 kernel: basicly umount overlayfs in kernel 2023-04-03 19:16:24 +08:00
tiann
a8bd9f198e kernel: Fix side channel attack 2023-03-28 12:07:18 +08:00
weishu
6ae2a73ad7 kernel: return early for prctl command 2023-02-22 14:26:53 +07:00
Nullptr
f946ef774b kernel: allow root processes to get allow/deny list (#256) 2023-02-19 16:09:21 +08:00
weishu
20fcc971e1 kernel: press KEY_VOLUMEDOWN over 2 seconds will enter safemode and disable all modules 
Co-authored-by: Ylarod <me@ylarod.cn>
 2023-02-13 21:23:28 +07:00
f19
9b8f8fac99 kernel: fix filp_open on older kernel's kworker (#205) 
On older kernel, kworker missing keyring from init process , and this
keyring is related to FBE , which causes filp_open return ENOKEY or
other errors.To fix this,just install init's keyring to per
kworkers.This works on Kernel 4.4 and 4.9.
 2023-02-05 07:14:59 +08:00
weishu
3603778a8c kernel: support sepolicy 2023-01-31 18:54:31 +07:00
Ylarod
fa1b6f6d5b kernel: minor fix (#122) 2023-01-26 14:55:41 +08:00
Ylarod
443c5867cd kernel: precise trigger timing of post-fs-data (#118) 
* kernel: add report_event cmd

* ksud: report event

* kernel: trigger on_post_fs_data

* ksud: comment unused code

* [skip ci] run clang-format

Signed-off-by: Ylarod <me@ylarod.cn>

* ci: use custom key to sign official bootimgs

* format ksud

* reject non root

* remove

Signed-off-by: Ylarod <me@ylarod.cn>
 2023-01-26 11:29:02 +08:00
Ylarod
21ecb29d41 kernel: opt allowlist persist and log (#119) 
* kernel: persist on need

* kernel: opt log for ksu_allow_uid
 2023-01-26 08:55:27 +08:00
Ylarod
9fe636cd47 kernel: fix missing log tag (#117) 2023-01-25 22:24:00 +08:00
Ylarod
3d07b7285b kernel: refact (#113) 
* refact

* sort inlude

* update

* unregister execve kprobe

* update log

* don't unregister if not in kprobe

* opt for no kprobe

* opt for no kprobe

* stop debug

* don't forget to call ksu_uid_observer_exit

* rename core to core_hook

* direct call do_persistent_allow_list

* add prefix

* use getter, add warn

* add wrapper

* run clang-format

clang-format --style="{BasedOnStyle: InheritParentConfig, SortIncludes: true}" -i kernel/**/*.[ch]

* try fix wsa x64 build
 2023-01-25 21:53:19 +08:00