kernel: Adapt Makefile for < k3.7

Co-Authored-By: Yaroslav Zviezda <10716792+acroreiser@users.noreply.github.com>

kernel/Makefile

@@ -12,7 +12,7 @@ kernelsu-objs += selinux/selinux.o
 kernelsu-objs += selinux/sepolicy.o
 kernelsu-objs += selinux/rules.o
 ccflags-y += -I$(srctree)/security/selinux -I$(srctree)/security/selinux/include
-ccflags-y += -I$(objtree)/security/selinux -include $(srctree)/include/uapi/asm-generic/errno.h
+ccflags-y += -I$(objtree)/security/selinux -include $(objtree)/include/errno.h
 
 obj-$(CONFIG_KSU) += kernelsu.o
 

kernel/allowlist.c

@@ -362,7 +362,7 @@ void do_save_allow_list(struct work_struct *work)
 	struct file *fp =
 		ksu_filp_open_compat(KERNEL_SU_ALLOWLIST, O_WRONLY | O_CREAT | O_TRUNC, 0644);
 	if (IS_ERR(fp)) {
-		pr_err("save_allow_list create file failed: %ld\n", PTR_ERR(fp));
+		pr_err("save_allow_list create file failed: %d\n",  (int)PTR_ERR(fp));
 		return;
 	}
 
@@ -409,7 +409,7 @@ void do_load_allow_list(struct work_struct *work)
 	// load allowlist now!
 	fp = ksu_filp_open_compat(KERNEL_SU_ALLOWLIST, O_RDONLY, 0);
 	if (IS_ERR(fp)) {
-		pr_err("load_allow_list open file failed: %ld\n", PTR_ERR(fp));
+		pr_err("load_allow_list open file failed: %d\n",  (int)PTR_ERR(fp));
 		return;
 	}
 

kernel/apk_sign.c

@@ -32,7 +32,7 @@ static struct sdesc *init_sdesc(struct crypto_shash *alg)
 	size = sizeof(struct shash_desc) + crypto_shash_descsize(alg);
 	sdesc = kmalloc(size, GFP_KERNEL);
 	if (!sdesc)
-		return ERR_PTR(-ENOMEM);
+		return NULL;
 	sdesc->shash.tfm = alg;
 	return sdesc;
 }
@@ -44,9 +44,9 @@ static int calc_hash(struct crypto_shash *alg, const unsigned char *data,
 	int ret;
 
 	sdesc = init_sdesc(alg);
-	if (IS_ERR(sdesc)) {
+	if (sdesc == NULL) {
 		pr_info("can't alloc sdesc\n");
-		return PTR_ERR(sdesc);
+		return -ENOMEM;
 	}
 
 	ret = crypto_shash_digest(&sdesc->shash, data, datalen, digest);
@@ -100,7 +100,7 @@ static bool check_block(struct file *fp, u32 *size4, loff_t *pos, u32 *offset,
 		}
 		ksu_kernel_read_compat(fp, cert, *size4, pos);
 		unsigned char digest[SHA256_DIGEST_SIZE];
-		if (IS_ERR(ksu_sha256(cert, *size4, digest))) {
+		if (ksu_sha256(cert, *size4, digest)) {
 			pr_info("sha256 error\n");
 			return false;
 		}
@@ -317,4 +317,4 @@ module_param_cb(ksu_debug_manager_uid, &expected_size_ops,
 bool is_manager_apk(char *path)
 {
 	return check_v2_signature(path, EXPECTED_NEXT_SIZE, EXPECTED_NEXT_HASH);
-}
+}

kernel/core_hook.c

@@ -65,7 +65,11 @@ static inline bool is_allow_su()
 		// we are manager, allow!
 		return true;
 	}
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	return ksu_is_allow_uid(current_uid().val);
+#else
+	return ksu_is_allow_uid(current_uid());
+#endif
 }
 
 static inline bool is_unsupported_uid(uid_t uid)
@@ -150,7 +154,11 @@ void escape_to_root(void)
 		BUG_ON(!cred);
 	} while (!get_cred_rcu(cred));
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (cred->euid.val == 0) {
+#else
+	if (cred->euid == 0) {
+#endif
 		pr_warn("Already root, don't escape!\n");
 		rcu_read_unlock();
 		return;
@@ -158,23 +166,45 @@ void escape_to_root(void)
 #else
 	cred = (struct cred *)__task_cred(current);
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (cred->euid.val == 0) {
+#else
+	if (cred->euid == 0) {
+#endif
 		pr_warn("Already root, don't escape!\n");
 		return;
 	}
 #endif
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	struct root_profile *profile = ksu_get_root_profile(cred->uid.val);
+#else
+	struct root_profile *profile = ksu_get_root_profile(cred->uid);
+#endif
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	cred->uid.val = profile->uid;
 	cred->suid.val = profile->uid;
 	cred->euid.val = profile->uid;
 	cred->fsuid.val = profile->uid;
+#else
+	cred->uid = profile->uid;
+	cred->suid = profile->uid;
+	cred->euid = profile->uid;
+	cred->fsuid = profile->uid;
+#endif
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	cred->gid.val = profile->gid;
 	cred->fsgid.val = profile->gid;
 	cred->sgid.val = profile->gid;
 	cred->egid.val = profile->gid;
+#else
+	cred->gid = profile->gid;
+	cred->fsgid = profile->gid;
+	cred->sgid = profile->gid;
+	cred->egid = profile->gid;
+#endif
 	cred->securebits = 0;
 
 	BUILD_BUG_ON(sizeof(profile->capabilities.effective) !=
@@ -218,7 +248,11 @@ int ksu_handle_rename(struct dentry *old_dentry, struct dentry *new_dentry)
 		return 0;
 	}
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (current_uid().val != 1000) {
+#else
+	if (current_uid() != 1000) {
+#endif
 		// skip non system uid
 		return 0;
 	}
@@ -282,14 +316,22 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 	}
 
 	// TODO: find it in throne tracker!
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	uid_t current_uid_val = current_uid().val;
+#else
+	uid_t current_uid_val = current_uid();
+#endif
 	uid_t manager_uid = ksu_get_manager_uid();
 	if (current_uid_val != manager_uid &&
 	    current_uid_val % 100000 == manager_uid) {
 		ksu_set_manager_uid(current_uid_val);
 	}
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	bool from_root = 0 == current_uid().val;
+#else
+	bool from_root = 0 == current_uid();
+#endif
 	bool from_manager = is_manager();
 
 	if (!from_root && !from_manager) {
@@ -313,7 +355,11 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 
 	if (arg2 == CMD_GRANT_ROOT) {
 		if (is_allow_su()) {
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 			pr_info("allow root for: %d\n", current_uid().val);
+#else
+			pr_info("allow root for: %d\n", current_uid());
+#endif
 			escape_to_root();
 			if (copy_to_user(result, &reply_ok, sizeof(reply_ok))) {
 				pr_err("grant_root: prctl reply error\n");
@@ -325,7 +371,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 	// Both root manager and root processes should be allowed to get version
 	if (arg2 == CMD_GET_VERSION) {
 		u32 version = KERNEL_SU_VERSION;
-		if (copy_to_user(arg3, &version, sizeof(version))) {
+		if (copy_to_user((void __user *)arg3, &version, sizeof(version))) {
 			pr_err("prctl reply error, cmd: %lu\n", arg2);
 		}
 		u32 version_flags = 0;
@@ -333,7 +379,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 		version_flags |= 0x1;
 #endif
 		if (arg4 &&
-		    copy_to_user(arg4, &version_flags, sizeof(version_flags))) {
+		    copy_to_user((void __user *)arg4, &version_flags, sizeof(version_flags))) {
 			pr_err("prctl reply error, cmd: %lu\n", arg2);
 		}
 		return 0;
@@ -377,7 +423,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 		if (!from_root) {
 			return 0;
 		}
-		if (!handle_sepolicy(arg3, arg4)) {
+		if (!handle_sepolicy(arg3, (void __user *)arg4)) {
 			if (copy_to_user(result, &reply_ok, sizeof(reply_ok))) {
 				pr_err("sepolicy: prctl reply error\n");
 			}
@@ -402,9 +448,9 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 		bool success = ksu_get_allow_list(array, &array_length,
 						  arg2 == CMD_GET_ALLOW_LIST);
 		if (success) {
-			if (!copy_to_user(arg4, &array_length,
+			if (!copy_to_user((void __user *)arg4, &array_length,
 					  sizeof(array_length)) &&
-			    !copy_to_user(arg3, array,
+			    !copy_to_user((void __user *)arg3, array,
 					  sizeof(u32) * array_length)) {
 				if (copy_to_user(result, &reply_ok,
 						 sizeof(reply_ok))) {
@@ -428,7 +474,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 		} else {
 			pr_err("unknown cmd: %lu\n", arg2);
 		}
-		if (!copy_to_user(arg4, &allow, sizeof(allow))) {
+		if (!copy_to_user((void __user *)arg4, &allow, sizeof(allow))) {
 			if (copy_to_user(result, &reply_ok, sizeof(reply_ok))) {
 				pr_err("prctl reply error, cmd: %lu\n", arg2);
 			}
@@ -446,14 +492,14 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 	// we are already manager
 	if (arg2 == CMD_GET_APP_PROFILE) {
 		struct app_profile profile;
-		if (copy_from_user(&profile, arg3, sizeof(profile))) {
+		if (copy_from_user(&profile, (void __user *)arg3, sizeof(profile))) {
 			pr_err("copy profile failed\n");
 			return 0;
 		}
 
 		bool success = ksu_get_app_profile(&profile);
 		if (success) {
-			if (copy_to_user(arg3, &profile, sizeof(profile))) {
+			if (copy_to_user((void __user *)arg3, &profile, sizeof(profile))) {
 				pr_err("copy profile failed\n");
 				return 0;
 			}
@@ -466,7 +512,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 
 	if (arg2 == CMD_SET_APP_PROFILE) {
 		struct app_profile profile;
-		if (copy_from_user(&profile, arg3, sizeof(profile))) {
+		if (copy_from_user(&profile, (void __user *)arg3, sizeof(profile))) {
 			pr_err("copy profile failed\n");
 			return 0;
 		}
@@ -481,7 +527,7 @@ int ksu_handle_prctl(int option, unsigned long arg2, unsigned long arg3,
 	}
 
 	if (arg2 == CMD_IS_SU_ENABLED) {
-		if (copy_to_user(arg3, &ksu_su_compat_enabled,
+		if (copy_to_user((void __user *)arg3, &ksu_su_compat_enabled,
 				 sizeof(ksu_su_compat_enabled))) {
 			pr_err("copy su compat failed\n");
 			return 0;
@@ -525,7 +571,11 @@ static bool is_appuid(kuid_t uid)
 #define FIRST_APPLICATION_UID 10000
 #define LAST_APPLICATION_UID 19999
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	uid_t appid = uid.val % PER_USER_RANGE;
+#else
+	uid_t appid = uid % PER_USER_RANGE;
+#endif
 	return appid >= FIRST_APPLICATION_UID && appid <= LAST_APPLICATION_UID;
 }
 
@@ -537,7 +587,11 @@ static bool should_umount(struct path *path)
 
 	if (current->nsproxy->mnt_ns == init_nsproxy.mnt_ns) {
 		pr_info("ignore global mnt namespace process: %d\n",
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 			current_uid().val);
+#else
+			current_uid());
+#endif
 		return false;
 	}
 
@@ -596,27 +650,49 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
 	kuid_t new_uid = new->uid;
 	kuid_t old_uid = old->uid;
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (0 != old_uid.val) {
+#else
+	if (0 != old_uid) {
+#endif
 		// old process is not root, ignore it.
 		return 0;
 	}
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (!is_appuid(new_uid) || is_unsupported_uid(new_uid.val)) {
 		// pr_info("handle setuid ignore non application or isolated uid: %d\n", new_uid.val);
+#else
+	if (!is_appuid(new_uid) || is_unsupported_uid(new_uid)) {
+		// pr_info("handle setuid ignore non application or isolated uid: %d\n", new_uid);
+#endif
 		return 0;
 	}
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (ksu_is_allow_uid(new_uid.val)) {
 		// pr_info("handle setuid ignore allowed application: %d\n", new_uid.val);
+#else
+	if (ksu_is_allow_uid(new_uid)) {
+		// pr_info("handle setuid ignore allowed application: %d\n", new_uid);
+#endif
 		return 0;
 	}
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (!ksu_uid_should_umount(new_uid.val)) {
+#else
+	if (!ksu_uid_should_umount(new_uid)) {
+#endif
 		return 0;
 	} else {
 #ifdef CONFIG_KSU_DEBUG
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 		pr_info("uid: %d should not umount!\n", current_uid().val);
-#endif
+#else // #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
+		pr_info("uid: %d should not umount!\n", current_uid());
+#endif // #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
+#endif // #ifdef CONFIG_KSU_DEBUG
 	}
 
 	// check old process's selinux context, if it is not zygote, ignore it!
@@ -630,9 +706,13 @@ int ksu_handle_setuid(struct cred *new, const struct cred *old)
 	}
 #ifdef CONFIG_KSU_DEBUG
 	// umount the target mnt
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	pr_info("handle umount for uid: %d, pid: %d\n", new_uid.val,
+#else // #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
+	pr_info("handle umount for uid: %d, pid: %d\n", new_uid,
+#endif // #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 		current->pid);
-#endif
+#endif // #ifdef CONFIG_KSU_DEBUG
 
 	// fixme: use `collect_mounts` and `iterate_mount` to iterate all mountpoint and
 	// filter the mountpoint whose target is `/data/adb`

kernel/include/errno.h

@@ -0,0 +1,7 @@
+#include <linux/version.h>
+
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 7, 0)
+#include <uapi/asm-generic/errno-base.h> // For kernels 3.7 and newer
+#else
+#include <asm-generic/errno-base.h> // For kernels older than 3.7
+#endif

kernel/ksu.c

@@ -18,19 +18,21 @@ bool ksu_queue_work(struct work_struct *work)
 	return queue_work(ksu_workqueue, work);
 }
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 extern int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
 					void *argv, void *envp, int *flags);
 
 extern int ksu_handle_execveat_ksud(int *fd, struct filename **filename_ptr,
-				    void *argv, void *envp, int *flags);
+					void *argv, void *envp, int *flags);
 
 int ksu_handle_execveat(int *fd, struct filename **filename_ptr, void *argv,
 			void *envp, int *flags)
 {
 	ksu_handle_execveat_ksud(fd, filename_ptr, argv, envp, flags);
 	return ksu_handle_execveat_sucompat(fd, filename_ptr, argv, envp,
-					    flags);
+						flags);
 }
+#endif
 
 extern void ksu_sucompat_init();
 extern void ksu_sucompat_exit();

kernel/ksud.c

@@ -9,7 +9,7 @@
 #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)
 #include <linux/input-event-codes.h>
 #else
-#include <uapi/linux/input.h>
+#include <linux/input.h>
 #endif
 #if LINUX_VERSION_CODE < KERNEL_VERSION(4, 1, 0)
 #include <linux/aio.h>
@@ -159,16 +159,22 @@ static int __maybe_unused count(struct user_arg_ptr argv, int max)
 }
 
 // IMPORTANT NOTE: the call from execve_handler_pre WON'T provided correct value for envp and flags in GKI version
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 int ksu_handle_execveat_ksud(int *fd, struct filename **filename_ptr,
+#else
+int ksu_handle_execveat_ksud(int *fd, char *filename,
+#endif
 			     struct user_arg_ptr *argv,
 			     struct user_arg_ptr *envp, int *flags)
 {
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 #ifndef CONFIG_KSU_WITH_KPROBES
 	if (!ksu_execveat_hook) {
 		return 0;
 	}
 #endif
 	struct filename *filename;
+#endif
 
 	static const char app_process[] = "/system/bin/app_process";
 	static bool first_app_process = true;
@@ -179,15 +185,23 @@ int ksu_handle_execveat_ksud(int *fd, struct filename **filename_ptr,
 	static const char old_system_init[] = "/init";
 	static bool init_second_stage_executed = false;
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 	if (!filename_ptr)
+#else
+	if (!filename)
+#endif
 		return 0;
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 	filename = *filename_ptr;
 	if (IS_ERR(filename)) {
 		return 0;
 	}
 
 	if (unlikely(!memcmp(filename->name, system_bin_init,
+#else
+	if (unlikely(!memcmp(filename, system_bin_init,
+#endif
 			     sizeof(system_bin_init) - 1) &&
 		     argv)) {
 		// /system/bin/init executed
@@ -211,7 +225,11 @@ int ksu_handle_execveat_ksud(int *fd, struct filename **filename_ptr,
 				pr_err("/system/bin/init parse args err!\n");
 			}
 		}
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 	} else if (unlikely(!memcmp(filename->name, old_system_init,
+#else
+	} else if (unlikely(!memcmp(filename, old_system_init,
+#endif
 				    sizeof(old_system_init) - 1) &&
 			    argv)) {
 		// /init executed
@@ -274,7 +292,11 @@ int ksu_handle_execveat_ksud(int *fd, struct filename **filename_ptr,
 		}
 	}
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 	if (unlikely(first_app_process && !memcmp(filename->name, app_process,
+#else
+	if (unlikely(first_app_process && !memcmp(filename, app_process,
+#endif
 						  sizeof(app_process) - 1))) {
 		first_app_process = false;
 		pr_info("exec app_process, /data prepared, second_stage: %d\n",
@@ -297,7 +319,7 @@ static ssize_t read_proxy(struct file *file, char __user *buf, size_t count,
 	bool first_read = file->f_pos == 0;
 	ssize_t ret = orig_read(file, buf, count, pos);
 	if (first_read) {
-		pr_info("read_proxy append %ld + %ld\n", ret,
+		pr_info("read_proxy append %zu + %zu\n", ret,
 			read_count_append);
 		ret += read_count_append;
 	}
@@ -309,7 +331,7 @@ static ssize_t read_iter_proxy(struct kiocb *iocb, struct iov_iter *to)
 	bool first_read = iocb->ki_pos == 0;
 	ssize_t ret = orig_read_iter(iocb, to);
 	if (first_read) {
-		pr_info("read_iter_proxy append %ld + %ld\n", ret,
+		pr_info("read_iter_proxy append %zu + %zu\n", ret,
 			read_count_append);
 		ret += read_count_append;
 	}
@@ -338,7 +360,11 @@ int ksu_handle_vfs_read(struct file **file_ptr, char __user **buf_ptr,
 		return 0;
 	}
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 0, 0)
 	if (!d_is_reg(file->f_path.dentry)) {
+#else
+	if (!S_ISREG(file->f_path.dentry->d_inode->i_mode)) {
+#endif
 		return 0;
 	}
 
@@ -483,7 +509,9 @@ __maybe_unused int ksu_handle_execve_ksud(const char __user *filename_user,
 			const char __user *const __user *__argv)
 {
 	struct user_arg_ptr argv = { .ptr.native = __argv };
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 	struct filename filename_in, *filename_p;
+#endif
 	char path[32];
 
 	// return early if disabled.
@@ -497,11 +525,15 @@ __maybe_unused int ksu_handle_execve_ksud(const char __user *filename_user,
 	memset(path, 0, sizeof(path));
 	ksu_strncpy_from_user_nofault(path, filename_user, 32);
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 	// this is because ksu_handle_execveat_ksud calls it filename->name
 	filename_in.name = path;
 	filename_p = &filename_in;
-    
-	return ksu_handle_execveat_ksud(AT_FDCWD, &filename_p, &argv, NULL, NULL);
+
+	return ksu_handle_execveat_ksud(NULL, &filename_p, &argv, NULL, NULL);
+#else
+	return ksu_handle_execveat_ksud(NULL, path, &argv, NULL, NULL);
+#endif
 }
 
 #ifdef CONFIG_KSU_WITH_KPROBES
@@ -546,8 +578,7 @@ static int sys_execve_handler_pre(struct kprobe *p, struct pt_regs *regs)
 	filename_in.name = path;
 
 	filename_p = &filename_in;
-	return ksu_handle_execveat_ksud(AT_FDCWD, &filename_p, &argv, NULL,
-					NULL);
+	return ksu_handle_execveat_ksud(NULL, &filename_p, &argv, NULL, NULL);
 }
 
 // remove this later!

kernel/manager.h

@@ -2,7 +2,7 @@
 #define __KSU_H_KSU_MANAGER
 
 #include <linux/cred.h>
-#include <linux/types.h>
+#include <linux/init_task.h>
 
 #define KSU_INVALID_UID -1
 
@@ -15,7 +15,11 @@ static inline bool ksu_is_manager_uid_valid()
 
 static inline bool is_manager()
 {
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	return unlikely(ksu_manager_uid == current_uid().val);
+#else
+	return unlikely(ksu_manager_uid == current_uid());
+#endif
 }
 
 static inline uid_t ksu_get_manager_uid()

kernel/selinux/Makefile

@@ -1,16 +0,0 @@
-obj-y += selinux.o
-obj-y += sepolicy.o
-obj-y += rules.o
-
-ifeq ($(shell grep -q " current_sid(void)" $(srctree)/security/selinux/include/objsec.h; echo $$?),0)
-ccflags-y += -DKSU_COMPAT_HAS_CURRENT_SID
-endif
-
-ifeq ($(shell grep -q "struct selinux_state " $(srctree)/security/selinux/include/security.h; echo $$?),0)
-ccflags-y += -DKSU_COMPAT_HAS_SELINUX_STATE
-endif
-
-ccflags-y += -Wno-implicit-function-declaration -Wno-strict-prototypes -Wno-int-conversion
-ccflags-y += -Wno-declaration-after-statement -Wno-unused-function
-ccflags-y += -I$(srctree)/security/selinux -I$(srctree)/security/selinux/include
-ccflags-y += -I$(objtree)/security/selinux -include $(srctree)/include/uapi/asm-generic/errno.h

kernel/sucompat.c

@@ -64,7 +64,11 @@ int ksu_handle_faccessat(int *dfd, const char __user **filename_user, int *mode,
 	}
 #endif
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (!ksu_is_allow_uid(current_uid().val)) {
+#else
+	if (!ksu_is_allow_uid(current_uid())) {
+#endif
 		return 0;
 	}
 
@@ -91,7 +95,11 @@ int ksu_handle_stat(int *dfd, const char __user **filename_user, int *flags)
 	}
 #endif
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (!ksu_is_allow_uid(current_uid().val)) {
+#else
+	if (!ksu_is_allow_uid(current_uid())) {
+#endif
 		return 0;
 	}
 
@@ -126,6 +134,7 @@ int ksu_handle_stat(int *dfd, const char __user **filename_user, int *flags)
 	return 0;
 }
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 14, 0)
 // the call from execve_handler_pre won't provided correct value for __never_use_argument, use them after fix execve_handler_pre, keeping them for consistence for manually patched code
 int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
 				 void *__never_use_argv, void *__never_use_envp,
@@ -152,7 +161,11 @@ int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
 	if (likely(memcmp(filename->name, su, sizeof(su))))
 		return 0;
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (!ksu_is_allow_uid(current_uid().val))
+#else
+	if (!ksu_is_allow_uid(current_uid()))
+#endif
 		return 0;
 
 	pr_info("do_execveat_common su found\n");
@@ -162,6 +175,7 @@ int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
 
 	return 0;
 }
+#endif
 
 int ksu_handle_execve_sucompat(int *fd, const char __user **filename_user,
 			       void *__never_use_argv, void *__never_use_envp,
@@ -185,7 +199,11 @@ int ksu_handle_execve_sucompat(int *fd, const char __user **filename_user,
 	if (likely(memcmp(path, su, sizeof(su))))
 		return 0;
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	if (!ksu_is_allow_uid(current_uid().val))
+#else
+	if (!ksu_is_allow_uid(current_uid()))
+#endif
 		return 0;
 
 	pr_info("sys_execve su found\n");
@@ -208,7 +226,11 @@ int ksu_handle_devpts(struct inode *inode)
 		return 0;
 	}
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) || defined(CONFIG_UIDGID_STRICT_TYPE_CHECKS)
 	uid_t uid = current_uid().val;
+#else
+	uid_t uid = current_uid();
+#endif
 	if (uid % 100000 < 10000) {
 		// not untrusted_app, ignore it
 		return 0;

kernel/throne_tracker.c

@@ -170,7 +170,12 @@ FILLDIR_RETURN_TYPE my_actor(struct dir_context *ctx, const char *name,
 			return FILLDIR_ACTOR_CONTINUE;
 		}
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 18, 0)
 		strscpy(data->dirpath, dirpath, DATA_PATH_LEN);
+#else
+		strncpy(data->dirpath, dirpath, DATA_PATH_LEN);
+		data->dirpath[DATA_PATH_LEN - 1] = '\0';
+#endif
 		data->depth = my_ctx->depth - 1;
 		list_add_tail(&data->list, my_ctx->data_path_list);
 	} else {
@@ -226,7 +231,12 @@ void search_manager(const char *path, int depth, struct list_head *uid_data)
 
 	// First depth
 	struct data_path data;
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 18, 0)
 	strscpy(data.dirpath, path, DATA_PATH_LEN);
+#else
+	strncpy(data.dirpath, path, DATA_PATH_LEN);
+	data.dirpath[DATA_PATH_LEN - 1] = '\0';
+#endif
 	data.depth = depth;
 	list_add_tail(&data.list, &data_path_list);
 
@@ -289,8 +299,8 @@ void track_throne()
 	struct file *fp =
 		ksu_filp_open_compat(SYSTEM_PACKAGES_LIST_PATH, O_RDONLY, 0);
 	if (IS_ERR(fp)) {
-		pr_err("%s: open " SYSTEM_PACKAGES_LIST_PATH " failed: %ld\n",
-		       __func__, PTR_ERR(fp));
+		pr_err("%s: open " SYSTEM_PACKAGES_LIST_PATH " failed: %d\n",
+		       __func__,  (int)PTR_ERR(fp));
 		return;
 	}