br0kenpixel/KernelSU-Next
1
0
Fork 0
mirror of https://github.com/KernelSU-Next/KernelSU-Next.git synced 2025-08-27 23:46:34 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity
1,379 Commits 16 Branches 21 Tags
c8b4dd8427bd1278f8d3689129f6f0392d0da39b
Commit Graph

283 Commits

Author SHA1 Message Date
Wang Han
9b254e8628 Guard a few logprint in prctl path with KSU_DEBUG (#1402) 2024-02-29 13:47:22 +08:00
weishu
cfc3e73c45 kernel: fix bazel build 2024-02-26 16:54:14 +08:00
weishu
09b6c219e9 kernel: Unshallow the repo in Makefile. close #1365 2024-02-26 12:23:51 +08:00
那年雪落
e6613bed72 kernel: Add back Makefile new line with posix compatible (#1372) 2024-02-23 16:55:22 +08:00
weishu
9e9ac672ef kernel: Allow system_server to kill su process 2024-02-20 18:16:43 +08:00
weishu
8e06088f96 kernel: prevent become manager when failed. close #1328 2024-02-03 20:03:26 +08:00
weishu
eb5d503488 kernel: Add init selinux rules. 2024-01-15 20:28:53 +08:00
Ylarod
85caf41e97 kernel: fix secctx mem leak (#1283) 
Co-authored-by: weishu <twsxtd@gmail.com>
 2024-01-14 11:15:52 +08:00
weishu
802549d8cd kernel: avoding umount when there isn't any module. close #556 2024-01-08 12:55:08 +08:00
Ylarod
cbf8f0aa2a Try umount /sbin in kernel (#1257) 2024-01-06 08:59:30 +08:00
Ylarod
bf040afa64 Correctly handle is_ksu_domain, close #972 (#1246) 
fix #972
 2024-01-04 14:14:31 +08:00
weishu
2f3862b1cc kernel: truncate allowlist before save 2023-12-29 18:32:45 +08:00
weishu
8197ddb359 kernel: fix out of bound reading. close #1227 2023-12-27 20:19:21 +08:00
weishu
e3a8bdaced kernel: optimize uid list reading 2023-12-27 19:33:25 +08:00
Nullptr
c07b7d38a0 Mount temp dir at /debug_ramdisk (#1226) 2023-12-23 21:05:26 +08:00
The_second_Tom
108d618f53 kernel: adapt to kernel above 6.4 (#1196) 
Above kernel 6.4, there is no struct_avc member in selinux_state.
 2023-12-11 00:13:06 +08:00
weishu
d86c9cc9b6 kernel: Add mitigation to avoid placing manager in lib to bypass check 2023-12-08 14:48:49 +08:00
weishu
62117c6017 kernel: fix su not working in shell for 6.1 kernel 2023-11-13 15:06:25 +08:00
4qwerty7
d5985f7450 kernel: fix null pointer dereference for some case (#1075) 
#973 __never_use_envp 被改名为 envp 并使用。

这导致 GKI 版本一旦代码运行到
[213](86dcb02f72/kernel/ksud.c (L213))
行(或许只有 WSA 等类似情况会跑到这?),就会触发一个空指针解引用。

此PR意在修复此问题,且已在WSA上测试。
 2023-10-24 07:00:52 +08:00
weishu
518c8a21b0 kernel: fix incorrect strcmp 2023-10-23 22:22:47 +08:00
weishu
4a5cdf25f1 Merge pull request from GHSA-86cp-3prf-pwqq 
* kernel: deny v2 signature blocks with incorrect number

* kernel: reject v1 signature

* kernel: enforce manager package name at compile time

* kernel: don't specific package name in source code, use it in ci
 2023-10-23 12:59:30 +08:00
kevios12
a6a4dd025d kernel: fix Modules install stuck on kernel 4.4 (#1059) 2023-10-22 23:40:53 +08:00
weishu
86dcb02f72 kernel: make compiler happy 2023-10-21 22:43:58 +08:00
weishu
5c495a7e83 kernel: make su without any capabilities possible 2023-10-21 20:32:28 +08:00
weishu
6dd1b266e9 kernel: don't umount for non zygote child process. fixes #1054,#1049,#1045 2023-10-19 17:29:10 +08:00
weishu
8d3a873eeb kernel: use strncpy and strncmp 2023-10-12 15:52:10 +08:00
weishu
165e450f4e kernel: prune allowlist with package name and uid 2023-10-12 15:44:43 +08:00
weishu
aefcb9c980 kernel: ignore path that's not mountpoint 2023-10-12 14:24:41 +08:00
weishu
582d4978ac kernel: reject v3 and v3.1 signature scheme for manager verification 2023-10-11 17:06:14 +08:00
weishu
02def78124 kernel: harden the signature check (#1027) 2023-10-11 02:53:11 -05:00
weishu
dfec5d5059 kernel: Add selinux rules for module umount 2023-10-09 18:09:54 +08:00
weishu
aca3ecebd9 kernel: umount modules mnt when needed. fix #991 2023-10-08 14:17:33 +08:00
longhuan1999
b14ea03dc4 kernel: Adapt to low version Android init process (#973) 
1. Adapt to low version Android init process
2. Add stop hook output
3. Fix output with missing line breaks
 2023-10-02 12:00:24 +08:00
Levi Zim
c8d0f01ce4 Copy one extra byte from userspace filename (#958) 
Otherwise we will rewrite paths for filenames that begins with
`/system/bin/su`.

This fix copies one extra byte from userspace filename so that when we
encounter filenames like `/system/bin/suasf`,
`/system/bin/su\0` gets compared with `/system/bin/sua`, which correctly
prevents the `su -> sh` path rewriting.

Close #957
 2023-09-16 12:23:04 +08:00
weishu
222b747c86 kernel: avoding select OVERLAY_FS becuase it may break GKI checks. fix 2023-08-28 01:06:44 +08:00
rhjdvsgsgks
a9d1e84762 kernel: fix build for gcc (#873) 
current_cred() need this
 2023-08-16 17:55:23 +08:00
Aquarius223
d4a9869b03 kernel: Fix commit e666e8ed in Linux 4.9.y and Linux 4.4.y builds (#841) 
* linux/uaccess.h is also required on 4.4 and 4.9

-- KernelSU version: 11184
-- KernelSU Manager signature size: 0x033b
-- KernelSU Manager signature hash: 0xb0b91415
  CC      drivers/kernelsu/kernel_compat.o
../drivers/kernelsu/kernel_compat.c:159:9: error: use of undeclared
identifier 'USER_DS'
        set_fs(USER_DS);
               ^
1 error generated.
make[4]: ***
[../scripts/Makefile.build:314:drivers/kernelsu/kernel_compat.o] 错误 1
make[3]: *** [../scripts/Makefile.build:599:drivers/kernelsu] 错误 2

Change-Id: I19598c62a3ae901049ea99ef878fa5c1a15201fd

Co-authored-by: stic-server-open <1138705738@qq.com>
 2023-08-09 22:17:56 +08:00
weishu
a568eb9ae1 kernel: Fix compile err 2023-08-09 18:51:03 +08:00
weishu
e666e8ed0d kernel: fix probe_kernel_read failed to read user addr 2023-08-09 18:37:30 +08:00
weishu
a3b675c6f7 kernel: Fix manager recognize err 2023-08-09 16:28:22 +08:00
weishu
2f5b4d979c kernel: don't trigger page fault when become manager. fix #836 2023-08-09 12:33:05 +08:00
The_second_Tom
99d3e54fbb Kernel: fix filp_open in kernel below 4.9 (#822) 
Use current_cred()->session_keyring to check whether session_keyring
installed or not. close #814
 2023-08-01 20:51:32 +08:00
weishu
f7c1c078f5 kernel: use ordered work queue to avoid timing issues 2023-08-01 20:47:43 +08:00
セリカ・シルフィル
76685769f3 CI: Support set manager signature size and hash (#757) 
close #739, close #745, close #752
 2023-07-18 12:38:44 +08:00
dabao1955
54214cdc9c kernel/ksu.c:Fix word mistakes when enabling CONFIG_KSU_DEBUG (#724) 
According to the instructions in Kconfig, when the `CONFIG_KSU_DEBUG`
option is turned on, KernelSU will run in `debug mode` instead of the
`debug version` mentioned in kernel/ksu.c.
 2023-07-08 01:22:06 +08:00
4qwerty7
cd19ce2e86 Distinguish different PT_REGS_PARM4 under x86 (#711) 
1. `PT_REGS_CCALL_PARM4` 表示存放C调用约定的第4个参数的寄存器
2. `PT_REGS_SYSCALL_PARM4` 表示存放linux syscall调用约定的第4个参数的寄存器
3. 将原有 `PT_REGS_PARM4` 改为上述之一
4. 将原有 `ksu_handle_execveat_ksud` 和 `ksu_handle_execveat_sucompat` 可能被
kprobe 传递错误实参、且不使用的形参标记为 never_used 并传递 `NULL`
5. 为 `ksu_handle_execveat_ksud` 提供正确的 argv 参数用以在 x86 下也能正确识别 `init
second_stage`

---------

Co-authored-by: weishu <twsxtd@gmail.com>
 2023-07-06 09:01:35 +08:00
weishu
6e5b23840a kernel: fix compile err in old kernel 2023-07-02 19:06:31 +08:00
weishu
378c667b0c kernel: fix compile err and format code. close #706 2023-07-02 14:51:14 +08:00
4qwerty7
c62c5f1d78 kernel: support the case that init_task.mnt_ns != zygote.mnt_ns(WSA) (#698) 
Basic support for the case that init_task.mnt_ns != zygote.mnt_ns(WSA),
just copy nsproxy and fs pointers for solve #276.

Note the copy in `apk_sign.c` is not required but suggested for
secure(ensure the checked mnt_ns is what ns android running, not created
by user, although many distributions does not have user ns.).

Tested with latest release on Win10 19045.3086(with WSAPatch).

Further review required for:
- [x] Security of this operation (without locking).
- [x] The impact of these modifications on other Android distributions.
 2023-07-02 00:20:01 +08:00
weishu
756968b163 kernel: authorize the newly type for all roles. refer: http://aospxref.com/kernel-android12-5.10-lts/xref/security/selinux/ss/policydb.c#950 2023-07-01 20:54:13 +08:00