I have no idea if this is needed or any useful for manual fs hooks users.
Upstream, this is likely to, well, simply disable hooking of those functions,
to remove and mitigate timing issues as some detection methods can actually
differentiate these.
This is done like how vfs_read_hook, input_hook and execve_hook is disabled.
While this is not exactly the same thing, this *CAN* achieve the same results.
The complete disabling of all KernelSU hooks.
While this is probably not so useful for us, honestly, I have no idea for shit
what I am doing, but lets still port it for the sake of feature parity.
cherry pick from:
kernel: backport support for sucompat disable/enable
https://github.com/backslashxx/KernelSU/commit/20ffabb
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
Since upstream is now making kprobes a requirement, we adapt this tree to still allow
building with manual hooks in an easier way. Furthermore, this also allows a user to
build with manual hooks even with kprobes enabled.
Offending commit:
kernel: remove unused CONFIG guard becuase GKI kernel enable kprobe by default
upstream: https://github.com/tiann/KernelSU/commit/500ff9b
Other changes:
ksud.c, stop_input_hook(), short-circuit redundant logic left by this change.
cherry pick from: https://github.com/backslashxx/KernelSU/commit/a3d3e93
Signed-off-by: backslashxx <118538522+backslashxx@users.noreply.github.com>
1. Replace `do_execveat_common` with `sys_execve` and `sys_execveat`
2. Replace `input_handle_event` with `input_event` and
`input_inject_event`
Tested on android12-5.10-2024-04, android13-5.15-2024-04.
android14-6.1-2024-04
Otherwise we will rewrite paths for filenames that begins with
`/system/bin/su`.
This fix copies one extra byte from userspace filename so that when we
encounter filenames like `/system/bin/suasf`,
`/system/bin/su\0` gets compared with `/system/bin/sua`, which correctly
prevents the `su -> sh` path rewriting.
Close#957
Hi @tiann.
Thanks for the great project, I had great fun playing around with it.
This PR mainly tries to further minimize the possible delays caused by
KernelSU hooking.
There are 3 major changes:
- Processes with 0 < UID < 2000 are blocked straight-up before going
through the allow_list.
I don't see any need for such processes to be interested in root, and
this allows returning early before going through a more expensive
lookup.
If there's an expected breakage due to this change, I'll remove it. Let
me know.
- A page-sized (4K) bitmap is added.
This allows O(1) lookup for UID <= 32767.
This speeds up `ksu_is_allow_uid()` by about 4.8x by sacrificing a 4K
memory. IMHO, a good trade-off.
Most notably, this reduces the 99.999% result previously from worrying
milliseconds scale to microseconds scale.
For UID > 32767, another page-sized (4K) sequential array is used to
cache allow_list.
Compared to the previous PR #557, this new approach gives another nice
25% performance boost in average, 63-96% boost in worst cases.
Benchmark results are available at
https://docs.google.com/spreadsheets/d/1w_tO1zRLPNMFRer49pL1TQfL6ndEhilRrDU1XFIcWXY/edit?usp=sharing
Thanks!
---------
Signed-off-by: Juhyung Park <qkrwngud825@gmail.com>
- task_stack() had been separated when it was in Linux 4.11, so let's do
our migration when KernelSU facing the old version of kernel.
- See f3ac606719
Signed-off-by: Calling <KeternalGithub@163.com>
Signed-off-by: Calling <KeternalGithub@163.com>
