br0kenpixel/KernelSU-Next
1
0
Fork 0
mirror of https://github.com/KernelSU-Next/KernelSU-Next.git synced 2025-08-27 23:46:34 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity
2,590 Commits 16 Branches 21 Tags
bd03c296a1f2af9569dfbb49077068fef1864c9d
Commit Graph

108 Commits

Author SHA1 Message Date
weishu
a9b310876f kernel: Let the kernel choose who is qualified to be the manager. 2024-03-23 21:48:03 +08:00
weishu
c0254fdb18 kernel: Fix the incorrect judgment condition. 2024-03-21 11:48:02 +08:00
weishu
91204e713e kernel: ignore all non application uid 2024-03-21 11:45:44 +08:00
weishu
7713b7ce41 kernel: Fix compile warning 2024-03-21 11:32:30 +08:00
weishu
4c9f201c21 kernel: minor fixes 2024-03-21 11:24:56 +08:00
backslashxx
65bda4b5a8 fixup! Suggest non-gki kernel users to backport path_umount (#1477) 
My bad.

as reported by @AzusaHana on tg

![image](https://github.com/tiann/KernelSU/assets/118538522/a67f97c2-20f7-4ee6-9ae1-9f9089376857)
 2024-03-19 15:39:54 +08:00
weishu
ae049019d6 kernel: support query working mode 2024-03-19 11:52:17 +08:00
backslashxx
cbb215ea81 Suggest non-gki kernel users to backport path_umount (#1464) 
Most kernel builders have to touch their kernel source code anyway, why
not also tell them to backport path_umount so even non-gki users can
benefit from this?

I know this might be a bit controversial as this will raise the barrier
of entry, but the benefits are just so high.

Idea was from OnlyTomInSecond on KernelSU group chat way back, and it
has been on the discussions for some time

references:
https://t.me/KernelSU_group/27237/176515
https://t.me/KernelSU_group/3249/184908

https://github.com/tiann/KernelSU/discussions/955#discussioncomment-7617166

03d233db8b
https://github.com/tiann/KernelSU/pull/1060 


https://elixir.bootlin.com/linux/v5.9.1/source/fs/namespace.c#L1728
https://elixir.bootlin.com/linux/v5.10.9/source/fs/namespace.c#L1730
https://elixir.bootlin.com/linux/v6.5/source/fs/namespace.c#L1887
https://github.com/tiann/KernelSU/pull/1464#issuecomment-2002492107


Kernel side change examples
5.4
961d978862
4.19
164917f56d
4.14
c07c70a0c5
4.9
195f07593a
4.4
21ea33fe41
https://github.com/tiann/KernelSU/pull/1464#issuecomment-2002424069
ofcourse having someone on 3.18 confirm this will be nice.

**PROS**: umount modules for everyone
**CONS**: barrier of entry +1

---------

Co-authored-by: Christoph Hellwig <hch@lst.de>
Co-authored-by: Fede2782 <78815152+Fede2782@users.noreply.github.com>
Co-authored-by: Tom <31297720+onlytominsecond@users.noreply.github.com>
 2024-03-18 10:27:31 +08:00
Ylarod
3f5d6ca54a Build KernelSU as LKM (#1254) 
Co-authored-by: weishu <twsxtd@gmail.com>
 2024-03-15 18:53:24 +08:00
Wang Han
9b254e8628 Guard a few logprint in prctl path with KSU_DEBUG (#1402) 2024-02-29 13:47:22 +08:00
weishu
8e06088f96 kernel: prevent become manager when failed. close #1328 2024-02-03 20:03:26 +08:00
weishu
802549d8cd kernel: avoding umount when there isn't any module. close #556 2024-01-08 12:55:08 +08:00
Ylarod
cbf8f0aa2a Try umount /sbin in kernel (#1257) 2024-01-06 08:59:30 +08:00
Nullptr
c07b7d38a0 Mount temp dir at /debug_ramdisk (#1226) 2023-12-23 21:05:26 +08:00
weishu
86dcb02f72 kernel: make compiler happy 2023-10-21 22:43:58 +08:00
weishu
5c495a7e83 kernel: make su without any capabilities possible 2023-10-21 20:32:28 +08:00
weishu
6dd1b266e9 kernel: don't umount for non zygote child process. fixes #1054,#1049,#1045 2023-10-19 17:29:10 +08:00
weishu
aefcb9c980 kernel: ignore path that's not mountpoint 2023-10-12 14:24:41 +08:00
weishu
aca3ecebd9 kernel: umount modules mnt when needed. fix #991 2023-10-08 14:17:33 +08:00
longhuan1999
b14ea03dc4 kernel: Adapt to low version Android init process (#973) 
1. Adapt to low version Android init process
2. Add stop hook output
3. Fix output with missing line breaks
 2023-10-02 12:00:24 +08:00
weishu
a3b675c6f7 kernel: Fix manager recognize err 2023-08-09 16:28:22 +08:00
weishu
2f5b4d979c kernel: don't trigger page fault when become manager. fix #836 2023-08-09 12:33:05 +08:00
4qwerty7
cd19ce2e86 Distinguish different PT_REGS_PARM4 under x86 (#711) 
1. `PT_REGS_CCALL_PARM4` 表示存放C调用约定的第4个参数的寄存器
2. `PT_REGS_SYSCALL_PARM4` 表示存放linux syscall调用约定的第4个参数的寄存器
3. 将原有 `PT_REGS_PARM4` 改为上述之一
4. 将原有 `ksu_handle_execveat_ksud` 和 `ksu_handle_execveat_sucompat` 可能被
kprobe 传递错误实参、且不使用的形参标记为 never_used 并传递 `NULL`
5. 为 `ksu_handle_execveat_ksud` 提供正确的 argv 参数用以在 x86 下也能正确识别 `init
second_stage`

---------

Co-authored-by: weishu <twsxtd@gmail.com>
 2023-07-06 09:01:35 +08:00
weishu
f87d6eb97d kernel: fix incorrect umount for apps 2023-06-22 15:17:32 +08:00
weishu
fc4f0b285a kernel: don't alloc groups for default groups 2023-06-22 13:42:28 +08:00
weishu
22e3e1fc0e Revert "kernel: getname might sleep in kprobe handler (#670)" 
This reverts commit 7fa7b5b875.
 2023-06-22 12:54:30 +08:00
weishu
7fa7b5b875 kernel: getname might sleep in kprobe handler (#670) 2023-06-22 10:54:50 +08:00
Fiqri Ardyansyah
3fffcde59d Fix error build when using GCC 12.0.0 (#609) 
Signed-off-by: Fiqri Ardyansyah <fiqri0927936@gmail.com>
 2023-06-09 10:35:16 +08:00
weishu
19e00ac4eb kernel: fix set groups for kernel 4.9- 2023-06-06 20:45:42 +08:00
weishu
bacd16a68c kernel: support setting selinux context for profile 2023-06-06 16:35:25 +08:00
weishu
893aebca4f kernel: support settings supplementary groups for profile 2023-06-06 13:19:11 +08:00
weishu
1a6e99bcc8 kernel: prevent root process to exec su, which makes app can escape root profile by exec it twice 2023-06-06 11:08:57 +08:00
weishu
fc96172655 kernel: make the profile uid, gid, capabilities really work 2023-06-04 17:29:12 +08:00
weishu
20a9c6ec0f kernel: use uid instead of package to compare allowlist, fix #580 2023-06-04 09:18:39 +08:00
weishu
395711c942 kernel: dont prune uid used for app profile 2023-06-04 01:01:39 +08:00
weishu
bc9e3da5ce kernel: respect the app profile's umount modules field for kernel umounting 2023-06-04 00:03:56 +08:00
weishu
14b1386879 kernel: support CMD_IS_UID_GRANTED_ROOT and CMD_IS_UID_SHOULD_UMOUNT 2023-06-03 22:44:01 +08:00
weishu
b4f6302262 kernel: don't copy profile when not found 2023-06-03 17:26:00 +08:00
weishu
e8d234ae66 kernel: baby version of profile 2023-06-03 00:01:00 +08:00
浅秋枫影
5b4655f827 Revert 052a3d3 (#500) 
确实会导致卡住问题,一旦卡住,其他程序就无法正确卸载。
可能是,卸载目录那里一直在等待前面的空闲后再卸载,然后把后面的事件全部阻塞了?
 2023-05-15 23:18:34 +08:00
tiann
002969e9a7 kernel: don't umount for process in global namespace 2023-05-12 12:32:35 +08:00
tiann
052a3d3a4f kernel: umount by lazy 2023-05-02 00:12:01 +08:00
tiann
168f1f1ddd kernel: fix snprintf 2023-04-18 19:38:58 +08:00
tiann
fa25a4fe18 kernel: allow manager to be installed in work profile 2023-04-18 18:32:33 +08:00
zhcnUTF8
54e5e8fc07 kernel: check CONFIG_SECCOMP status (#351) 2023-04-05 19:09:47 +08:00
tiann
4933b045e4 kernel: fix incorrect dput 2023-04-03 19:22:05 +08:00
tiann
44444b2a56 kernel: basicly umount overlayfs in kernel 2023-04-03 19:16:24 +08:00
tiann
a8bd9f198e kernel: Fix side channel attack 2023-03-28 12:07:18 +08:00
weishu
6ae2a73ad7 kernel: return early for prctl command 2023-02-22 14:26:53 +07:00
Nullptr
f946ef774b kernel: allow root processes to get allow/deny list (#256) 2023-02-19 16:09:21 +08:00