kernel: sucompat: increase reliability, commonize and micro-optimize #2656
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
pagefault stats show
from sd8g3 if #2653 gets in, we can move this to copy_from_user_nofault |
backslashxx
force-pushed
the
sucompat_opt
branch
4 times, most recently
from
97d396f to
8834e52
Compare
On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes fails to copy `filename_user` string correctly. This breaks su ofc, breaking some apps like Termux (Play Store ver), ZArchiver and Root Explorer. This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer) My speculation? ARMv8.0 has weak speculation :) here we replace `ksu_strncpy_from_user_nofault` with ksu_strncpy_from_user_retry: - ksu_strncpy_from_user_nofault as fast-path copy - fallback to access_ok to validate the pointer + strncpy_from_user - manual null-termination just in case, as strncpy_from_user_nofault also does it - remove that memset, seems useless as it is an strncpy, not strncat basically, we retry on pagefualt for usercopies, its not like were doing memset(dest, 0, sizeof(dest)); strncat(dest, var, bytes); that memset seems unneeded. instead we use strncpy itself to do proper error and oob check and null term it after. as for optimizations - just return early if unauthorized - commonized logic - reduced duplication Tested on: - ARMv8.0 A73.a53, A57.a53, A53.a53 - ARMv8.2 A76.a55 Signed-off-by: backslashxx <[email protected]>
backslashxx
force-pushed
the
sucompat_opt
branch
from
8834e52 to
ba3b469
Compare
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 2, 2025
…iann#2656) On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes fails to copy `filename_user` string correctly. This breaks su ofc, breaking some apps like Termux (Play Store ver), ZArchiver and Root Explorer. This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer) My speculation? ARMv8.0 has weak speculation :) here we replace `ksu_strncpy_from_user_nofault` with ksu_strncpy_from_user_retry: - ksu_strncpy_from_user_nofault as fast-path copy - fallback to access_ok to validate the pointer + strncpy_from_user - manual null-termination just in case, as strncpy_from_user_nofault also does it - remove that memset, seems useless as it is an strncpy, not strncat basically, we retry on pagefualt for usercopies, its not like were doing memset(dest, 0, sizeof(dest)); strncat(dest, var, bytes); that memset seems unneeded. instead we use strncpy itself to do proper error and oob check and null term it after. as for optimizations - just return early if unauthorized - commonized logic - reduced duplication Tested on: - ARMv8.0 A73.a53, A57.a53, A53.a53 - ARMv8.2 A76.a55 Stale: tiann#2656 Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 2, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+49) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: opt-out of struct filename use when unused kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: deadcode / no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 3, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+49) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: opt-out of struct filename use when unused kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: deadcode / no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 3, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+49) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: opt-out of struct filename use when unused kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: deadcode / no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 4, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+49) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: opt-out of struct filename use when unused kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: deadcode / no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 4, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+49) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: opt-out of struct filename use when unused kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: deadcode / no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 4, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+49) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: opt-out of struct filename use when unused kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: deadcode / no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 4, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+49) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: opt-out of struct filename use when unused kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: deadcode / no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 4, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+48) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: remove and no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 5, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+48) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: remove and no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 5, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+48) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: remove and no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 5, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+48) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: remove and no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 5, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+48) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: remove and no-op old hooks kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.18 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
pershoot
added a commit
to pershoot/KernelSU-Next
that referenced
this pull request
Jul 5, 2025
-v1.5 __backslashxx/KernelSU#5 ____sucompat: add is_su_allowed ____sucompat: ksu_sucompat_common -> ksu_sucompat_user_common ____sucompat: amend logic within ksu_handle_execveat_sucompat ____sucompat: move ksu_handle_execve_sucompat before ksu_handle_execveat_sucompat ____sucompat: retain some minute logic / style (ksu_sucompat_non_kp) ____sucompat: identify 'sh' (ksu_handle_execveat_sucompat) ____ksud: update comment <><><> Description addendums: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann/KernelSU#2656) backslashxx/KernelSU@c4530ac ... Stale: tiann/KernelSU#2656 <><><> kernel: ksud: migrate ksud execution to security_bprm_check (tiann/KernelSU#2653) backslashxx/KernelSU@cd07ae2 ... as for envp, we pass the pointer then hunt for it when needed My reasoning on adding a fallback on usercopy is that on some devices a fault happens, and it copies garbled data. On my creation of this, I actually had to lock that _nofault copy on a spinlock as a way to mimic preempt_disable/enable without actually doing it. As per user reports, no failed _nofault copies anyway but we have-to-have a fallback for resilience. ... With that, It also provides an inlined copy_from_user_nofault for < 5.8. ... <><><> -https://gitlab.com/pershoot/susfs4ksu/-/tree/gki-android14-6.1-dev
pershoot
added a commit
to pershoot/KernelSU-Next
that referenced
this pull request
Jul 5, 2025
-v1.5 __backslashxx/KernelSU#5 ____sucompat: add is_su_allowed ____sucompat: ksu_sucompat_common -> ksu_sucompat_user_common ____sucompat: amend logic within ksu_handle_execveat_sucompat ____sucompat: move ksu_handle_execve_sucompat before ksu_handle_execveat_sucompat ____sucompat: retain some minute logic / style (ksu_sucompat_non_kp) ____sucompat: identify 'sh' (ksu_handle_execveat_sucompat) ____ksud: update comment <><><> Description addendums: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann/KernelSU#2656) backslashxx/KernelSU@c4530ac ... Stale: tiann/KernelSU#2656 <><><> kernel: ksud: migrate ksud execution to security_bprm_check (tiann/KernelSU#2653) backslashxx/KernelSU@cd07ae2 ... as for envp, we pass the pointer then hunt for it when needed My reasoning on adding a fallback on usercopy is that on some devices a fault happens, and it copies garbled data. On my creation of this, I actually had to lock that _nofault copy on a spinlock as a way to mimic preempt_disable/enable without actually doing it. As per user reports, no failed _nofault copies anyway but we have-to-have a fallback for resilience. ... With that, It also provides an inlined copy_from_user_nofault for < 5.8. ... <><><> -https://gitlab.com/pershoot/susfs4ksu/-/tree/gki-android14-6.1-dev
Braeed
pushed a commit
to Braeed/KernelSU-Next
that referenced
this pull request
Jul 6, 2025
…(tiann#2656) On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes fails to copy `filename_user` string correctly. This breaks su ofc, breaking some apps like Termux (Play Store ver), ZArchiver and Root Explorer. This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer) My speculation? ARMv8.0 has weak speculation :) here we replace `ksu_strncpy_from_user_nofault` with ksu_strncpy_from_user_retry: - ksu_strncpy_from_user_nofault as fast-path copy - fallback to access_ok to validate the pointer + strncpy_from_user - manual null-termination just in case, as strncpy_from_user_nofault also does it - remove that memset, seems useless as it is an strncpy, not strncat basically, we retry on pagefualt for usercopies, its not like were doing memset(dest, 0, sizeof(dest)); strncat(dest, var, bytes); that memset seems unneeded. instead we use strncpy itself to do proper error and oob check and null term it after. as for optimizations - just return early if unauthorized - commonized logic - reduced duplication Tested on: - ARMv8.0 A73.a53, A57.a53, A53.a53 - ARMv8.2 A76.a55 Stale: tiann/KernelSU#2656 Signed-off-by: backslashxx <[email protected]>
AzyrRuthless
pushed a commit
to AzyrRuthless/KernelSU-Next
that referenced
this pull request
Jul 6, 2025
-v1.5 __backslashxx/KernelSU#5 ____sucompat: add is_su_allowed ____sucompat: ksu_sucompat_common -> ksu_sucompat_user_common ____sucompat: amend logic within ksu_handle_execveat_sucompat ____sucompat: move ksu_handle_execve_sucompat before ksu_handle_execveat_sucompat ____sucompat: retain some minute logic / style (ksu_sucompat_non_kp) ____sucompat: identify 'sh' (ksu_handle_execveat_sucompat) ____ksud: update comment <><><> Description addendums: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann/KernelSU#2656) backslashxx/KernelSU@c4530ac ... Stale: tiann/KernelSU#2656 <><><> kernel: ksud: migrate ksud execution to security_bprm_check (tiann/KernelSU#2653) backslashxx/KernelSU@cd07ae2 ... as for envp, we pass the pointer then hunt for it when needed My reasoning on adding a fallback on usercopy is that on some devices a fault happens, and it copies garbled data. On my creation of this, I actually had to lock that _nofault copy on a spinlock as a way to mimic preempt_disable/enable without actually doing it. As per user reports, no failed _nofault copies anyway but we have-to-have a fallback for resilience. ... With that, It also provides an inlined copy_from_user_nofault for < 5.8. ... <><><> -https://gitlab.com/pershoot/susfs4ksu/-/tree/gki-android14-6.1-dev
pershoot
added a commit
to pershoot/KernelSU-Next
that referenced
this pull request
Jul 6, 2025
-v1.5 __backslashxx/KernelSU#5 ____sucompat: add is_su_allowed ____sucompat: ksu_sucompat_common -> ksu_sucompat_user_common ____sucompat: amend logic within ksu_handle_execveat_sucompat ____sucompat: move ksu_handle_execve_sucompat before ksu_handle_execveat_sucompat ____sucompat: retain some minute logic / style (ksu_sucompat_non_kp) ____sucompat: identify 'sh' (ksu_handle_execveat_sucompat) ____ksud: update comment <><><> Description addendums: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann/KernelSU#2656) backslashxx/KernelSU@c4530ac ... Stale: tiann/KernelSU#2656 <><><> kernel: ksud: migrate ksud execution to security_bprm_check (tiann/KernelSU#2653) backslashxx/KernelSU@cd07ae2 ... as for envp, we pass the pointer then hunt for it when needed My reasoning on adding a fallback on usercopy is that on some devices a fault happens, and it copies garbled data. On my creation of this, I actually had to lock that _nofault copy on a spinlock as a way to mimic preempt_disable/enable without actually doing it. As per user reports, no failed _nofault copies anyway but we have-to-have a fallback for resilience. ... With that, It also provides an inlined copy_from_user_nofault for < 5.8. ... <><><> -https://gitlab.com/pershoot/susfs4ksu/-/tree/gki-android14-6.1-dev
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Jul 7, 2025
Added from 5ec1cff@16e13ae (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes ksud: probe for more workdir candidates (5ec1cff#12) app: persist show system app settings Other changes: (+49) manager: show module id on module page (tiann#2365) workflows: debloat ksud: add armeabi-v7a support manager: Add ABI and Kernel archirecture info into InfoCardItem manager: failure mode dummy demo dummy.keystore manager: unofficial build kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: handle backports kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: core_hook: automate and refactor umount (tiann#2531) kernel: core_hook: only umount when unmountable > 0 kernel: throne_tracker: offload to kthread (tiann#2632) kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: dont create structs just to deconstruct them for a string (tiann#2595) kernel: ksud: add commonized execve/compat_execve hooks for ksud kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: sucompat: dummify devpts hook kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: sucompat: strncpy_from_user -> copy_from_user kernel: ksud: reuse bprm_ksud logic on old handlers kernel: ksud: remove and no-op old hooks kernel: compat: handle strncpy_from_user -> copy_from_user migration kernel: core_hook: fixup 32-on-64 compat detection via linux_binprm kernel: core_hook: earlier escape_to_root already-root check kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.13 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook KernelSU v1.0.5+magic Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
pershoot
added a commit
to pershoot/KernelSU-Next
that referenced
this pull request
Jul 7, 2025
-v1.5 __backslashxx/KernelSU#5 ____sucompat: add is_su_allowed ____sucompat: ksu_sucompat_common -> ksu_sucompat_user_common ____sucompat: amend logic within ksu_handle_execveat_sucompat ____sucompat: move ksu_handle_execve_sucompat before ksu_handle_execveat_sucompat ____sucompat: retain some minute logic / style (ksu_sucompat_non_kp) ____sucompat: identify 'sh' (ksu_handle_execveat_sucompat) ____ksud: update comment <><><> Description addendums: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann/KernelSU#2656) backslashxx/KernelSU@c4530ac ... Stale: tiann/KernelSU#2656 <><><> kernel: ksud: migrate ksud execution to security_bprm_check (tiann/KernelSU#2653) backslashxx/KernelSU@cd07ae2 ... as for envp, we pass the pointer then hunt for it when needed My reasoning on adding a fallback on usercopy is that on some devices a fault happens, and it copies garbled data. On my creation of this, I actually had to lock that _nofault copy on a spinlock as a way to mimic preempt_disable/enable without actually doing it. As per user reports, no failed _nofault copies anyway but we have-to-have a fallback for resilience. ... With that, It also provides an inlined copy_from_user_nofault for < 5.8. ... <><><> -https://gitlab.com/pershoot/susfs4ksu/-/tree/gki-android14-6.1-dev
pershoot
added a commit
to pershoot/KernelSU-Next
that referenced
this pull request
Jul 7, 2025
-v1.5 __backslashxx/KernelSU#5 ____sucompat: add is_su_allowed ____sucompat: ksu_sucompat_common -> ksu_sucompat_user_common ____sucompat: amend logic within ksu_handle_execveat_sucompat ____sucompat: move ksu_handle_execve_sucompat before ksu_handle_execveat_sucompat ____sucompat: retain some minute logic / style (ksu_sucompat_non_kp) ____sucompat: identify 'sh' (ksu_handle_execveat_sucompat) ____ksud: update comment <><><> Description addendums: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann/KernelSU#2656) backslashxx/KernelSU@c4530ac ... Stale: tiann/KernelSU#2656 <><><> kernel: ksud: migrate ksud execution to security_bprm_check (tiann/KernelSU#2653) backslashxx/KernelSU@cd07ae2 ... as for envp, we pass the pointer then hunt for it when needed My reasoning on adding a fallback on usercopy is that on some devices a fault happens, and it copies garbled data. On my creation of this, I actually had to lock that _nofault copy on a spinlock as a way to mimic preempt_disable/enable without actually doing it. As per user reports, no failed _nofault copies anyway but we have-to-have a fallback for resilience. ... With that, It also provides an inlined copy_from_user_nofault for < 5.8. ... <><><> -https://gitlab.com/pershoot/susfs4ksu/-/tree/gki-android14-6.1-dev
KOWX712
pushed a commit
to KOWX712/KernelSU
that referenced
this pull request
Oct 19, 2025
This is a squash of: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: sucompat: provide do_execve_common handler for <= 3.13 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook Signed-off-by: backslashxx <[email protected]>
pershoot
added a commit
to pershoot/KernelSU-Next
that referenced
this pull request
Oct 19, 2025
-v1.5 __backslashxx/KernelSU#5 ____sucompat: add is_su_allowed ____sucompat: ksu_sucompat_common -> ksu_sucompat_user_common ____sucompat: amend logic within ksu_handle_execveat_sucompat ____sucompat: move ksu_handle_execve_sucompat before ksu_handle_execveat_sucompat ____sucompat: retain some minute logic / style (ksu_sucompat_non_kp) ____sucompat: identify 'sh' (ksu_handle_execveat_sucompat) ____ksud: update comment <><><> Description addendums: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann/KernelSU#2656) backslashxx/KernelSU@c4530ac ... Stale: tiann/KernelSU#2656 <><><> kernel: ksud: migrate ksud execution to security_bprm_check (tiann/KernelSU#2653) backslashxx/KernelSU@cd07ae2 ... as for envp, we pass the pointer then hunt for it when needed My reasoning on adding a fallback on usercopy is that on some devices a fault happens, and it copies garbled data. On my creation of this, I actually had to lock that _nofault copy on a spinlock as a way to mimic preempt_disable/enable without actually doing it. As per user reports, no failed _nofault copies anyway but we have-to-have a fallback for resilience. ... With that, It also provides an inlined copy_from_user_nofault for < 5.8. ... <><><> -https://gitlab.com/pershoot/susfs4ksu/-/tree/gki-android14-6.1-dev
0ctobot
pushed a commit
to 0ctobot/neutrino_kernel_google_caimito
that referenced
this pull request
Oct 19, 2025
tiann/KernelSU#2656 On ARMv8.0 devices (e.g. A53, A57, A73), strncpy_from_user_nofault can fail to reliably copy the filename_user string, causing su to break. This patch replaces ksu_strncpy_from_user_nofault with ksu_strncpy_from_user_retry, which: - Uses strncpy_from_user_nofault as a fast path - Falls back to access_ok + strncpy_from_user if needed - Adds manual null-termination (as strncpy_from_user_nofault does) - Removes an unnecessary memset, since we're not using strncat Signed-off-by: backslashxx <[email protected]> Signed-off-by: Adam W. Willis <[email protected]>
0ctobot
pushed a commit
to 0ctobot/neutrino_kernel_google_caimito
that referenced
this pull request
Oct 20, 2025
tiann/KernelSU#2656 On ARMv8.0 devices (e.g. A53, A57, A73), strncpy_from_user_nofault can fail to reliably copy the filename_user string, causing su to break. This patch replaces ksu_strncpy_from_user_nofault with ksu_strncpy_from_user_retry, which: - Uses strncpy_from_user_nofault as a fast path - Falls back to access_ok + strncpy_from_user if needed - Adds manual null-termination (as strncpy_from_user_nofault does) - Removes an unnecessary memset, since we're not using strncat Signed-off-by: backslashxx <[email protected]> Signed-off-by: Adam W. Willis <[email protected]>
KOWX712
pushed a commit
to KOWX712/KernelSU
that referenced
this pull request
Oct 20, 2025
This is a squash of: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: sucompat: provide do_execve_common handler for <= 3.13 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 20, 2025
…iann#2656) On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes fails to copy `filename_user` string correctly. This breaks su ofc, breaking some apps like Termux (Play Store ver), ZArchiver and Root Explorer. This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer) My speculation? ARMv8.0 has weak speculation :) here we replace `ksu_strncpy_from_user_nofault` with ksu_strncpy_from_user_retry: - ksu_strncpy_from_user_nofault as fast-path copy - fallback to access_ok to validate the pointer + strncpy_from_user - manual null-termination just in case, as strncpy_from_user_nofault also does it - remove that memset, seems useless as it is an strncpy, not strncat basically, we retry on pagefualt for usercopies, its not like were doing memset(dest, 0, sizeof(dest)); strncat(dest, var, bytes); that memset seems unneeded. instead we use strncpy itself to do proper error and oob check and null term it after. as for optimizations - just return early if unauthorized - commonized logic - reduced duplication Tested on: - ARMv8.0 A73.a53, A57.a53, A53.a53 - ARMv8.2 A76.a55 Stale: tiann#2656 Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 20, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
anzarfarooq
pushed a commit
to anzarfarooq/KernelSU
that referenced
this pull request
Oct 20, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
anzarfarooq
pushed a commit
to anzarfarooq/KernelSU
that referenced
this pull request
Oct 20, 2025
…iann#2656) On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes fails to copy `filename_user` string correctly. This breaks su ofc, breaking some apps like Termux (Play Store ver), ZArchiver and Root Explorer. This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer) My speculation? ARMv8.0 has weak speculation :) here we replace `ksu_strncpy_from_user_nofault` with ksu_strncpy_from_user_retry: - ksu_strncpy_from_user_nofault as fast-path copy - fallback to access_ok to validate the pointer + strncpy_from_user - manual null-termination just in case, as strncpy_from_user_nofault also does it - remove that memset, seems useless as it is an strncpy, not strncat basically, we retry on pagefualt for usercopies, its not like were doing memset(dest, 0, sizeof(dest)); strncat(dest, var, bytes); that memset seems unneeded. instead we use strncpy itself to do proper error and oob check and null term it after. as for optimizations - just return early if unauthorized - commonized logic - reduced duplication Tested on: - ARMv8.0 A73.a53, A57.a53, A53.a53 - ARMv8.2 A76.a55 Stale: tiann#2656 Signed-off-by: backslashxx <[email protected]>
anzarfarooq
pushed a commit
to anzarfarooq/KernelSU
that referenced
this pull request
Oct 20, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 21, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 21, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 21, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 21, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
…iann#2656) On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes fails to copy `filename_user` string correctly. This breaks su ofc, breaking some apps like Termux (Play Store ver), ZArchiver and Root Explorer. This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer) My speculation? ARMv8.0 has weak speculation :) here we replace `ksu_strncpy_from_user_nofault` with ksu_strncpy_from_user_retry: - ksu_strncpy_from_user_nofault as fast-path copy - fallback to access_ok to validate the pointer + strncpy_from_user - manual null-termination just in case, as strncpy_from_user_nofault also does it - remove that memset, seems useless as it is an strncpy, not strncat basically, we retry on pagefualt for usercopies, its not like were doing memset(dest, 0, sizeof(dest)); strncat(dest, var, bytes); that memset seems unneeded. instead we use strncpy itself to do proper error and oob check and null term it after. as for optimizations - just return early if unauthorized - commonized logic - reduced duplication Tested on: - ARMv8.0 A73.a53, A57.a53, A53.a53 - ARMv8.2 A76.a55 Stale: tiann#2656 Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+63) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
KOWX712
pushed a commit
to KOWX712/KernelSU
that referenced
this pull request
Oct 22, 2025
This is a squash of: kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: sucompat: provide do_execve_common handler for <= 3.13 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
SQUASH: kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init Signed-off-by: backslashxx <[email protected]> Co-Authored-By: ExtremeXT <[email protected]> Co-Authored-By: backslashxx <[email protected]> Co-Authored-By: Yaroslav Zviezda <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+63) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
selfmusing
pushed a commit
to selfmusing/USlenreK
that referenced
this pull request
Oct 22, 2025
…iann#2656) On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes fails to copy `filename_user` string correctly. This breaks su ofc, breaking some apps like Termux (Play Store ver), ZArchiver and Root Explorer. This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer) My speculation? ARMv8.0 has weak speculation :) here we replace `ksu_strncpy_from_user_nofault` with ksu_strncpy_from_user_retry: - ksu_strncpy_from_user_nofault as fast-path copy - fallback to access_ok to validate the pointer + strncpy_from_user - manual null-termination just in case, as strncpy_from_user_nofault also does it - remove that memset, seems useless as it is an strncpy, not strncat basically, we retry on pagefualt for usercopies, its not like were doing memset(dest, 0, sizeof(dest)); strncat(dest, var, bytes); that memset seems unneeded. instead we use strncpy itself to do proper error and oob check and null term it after. as for optimizations - just return early if unauthorized - commonized logic - reduced duplication Tested on: - ARMv8.0 A73.a53, A57.a53, A53.a53 - ARMv8.2 A76.a55 Stale: tiann#2656 Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 23, 2025
SQUASH: kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init Signed-off-by: backslashxx <[email protected]> Co-Authored-By: ExtremeXT <[email protected]> Co-Authored-By: Yaroslav Zviezda <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 23, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+63) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 23, 2025
SQUASH: kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init Signed-off-by: backslashxx <[email protected]> Co-Authored-By: ExtremeXT <[email protected]> Co-Authored-By: Yaroslav Zviezda <[email protected]>
selfmusing
pushed a commit
to selfmusing/USlenreK
that referenced
this pull request
Oct 23, 2025
…iann#2656) On plain ARMv8.0 devices (A53,A57,A73), strncpy_from_user_nofault() sometimes fails to copy `filename_user` string correctly. This breaks su ofc, breaking some apps like Termux (Play Store ver), ZArchiver and Root Explorer. This does NOT seem to affect newer ARMv8.2+ CPUs (A75/A76 and newer) My speculation? ARMv8.0 has weak speculation :) here we replace `ksu_strncpy_from_user_nofault` with ksu_strncpy_from_user_retry: - ksu_strncpy_from_user_nofault as fast-path copy - fallback to access_ok to validate the pointer + strncpy_from_user - manual null-termination just in case, as strncpy_from_user_nofault also does it - remove that memset, seems useless as it is an strncpy, not strncat basically, we retry on pagefualt for usercopies, its not like were doing memset(dest, 0, sizeof(dest)); strncat(dest, var, bytes); that memset seems unneeded. instead we use strncpy itself to do proper error and oob check and null term it after. as for optimizations - just return early if unauthorized - commonized logic - reduced duplication Tested on: - ARMv8.0 A73.a53, A57.a53, A53.a53 - ARMv8.2 A76.a55 Stale: tiann#2656 Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
SQUASH: 4f0d1750 - kernel: drop LKM and kprobes support 0a5788d8 - Revert "kernel: transition devpts in kernel" 6233f255 - kernel: restore compat code required for old kernels 1c410df6 - kernel: selinux: force sepol_data.sepol to be u64 * a4538e0e - kernel: expose allowlist workaround as Kconfig option 812b5756 - kernel: core_hook: screw path_umount backport, call sys_umount directly 1496ba99 - kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) ebfd6d50 - kernel: core_hook: add wipe umount list cmd 9c28706c - kernel: core_hook: only umount when unmountable > 0 9f0b8d1d - kernel: core_hook: expose nuke_ext4_sysfs to prctl interface * 19574f54 - kernel: throne_tracker: offload to kthread (tiann#2632) 40f085b2 - kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) 6543ab85 - kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) 6ce66242 - kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) 67ddeb57 - kernel: ksud: provide dummy handlers for old hooks 3a99b1b8 - kernel: core_hook: earlier escape_to_root already-root check 4c11e253 - kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig 78054261 - kernel: sucompat: provide do_execve_common handler for < 3.14 dd818818 - kernel: sucompat: provide getname_flags (user) ultimatum hook 80881890 - kernel: sucompat: provide getname_flags (kernel) ultimatum hook ae498de1 - kernel: sucompat: provide vfs_statx hook handler >= 5.18 66858826 - kernel: core_hook: harden prctl handler f252aac0 - kernel: core_hook: add support for KernelNoSU v2 7f5478f9 - kernel: kp_ksud: restore kprobes for early-boot and used-once hooks cf78f7f9 - kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) b9365735 - kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat b290b713 - kernel: extras: base implementation of avc log spoofing 463e6104 - kernel: extras/avc_spoof: add kprobe support 132fdd60 - kernel: ksud: provide is_ksu_transition check v2 e12cb810 - kernel: apk_sign: casting to char for strcmp -> memcmp 887c4de4 - kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek 702c5c9d - kernel: core_hook: no ext4_unregister_sysfs, no problem 9b29d58b - kernel: ksud: d_is_reg to S_ISREG 1e1b586b - kernel: Makefile: remove overlayfs requirement 221cf892 - kernel: throne_tracker: resolve s_magic for < 3.9 2ab1d835 - kernel: ksud: handle conditional read_iter requirement for < 3.16 16fa9ad5 - kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 e76dfa6b - kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 d61bd2a3 - kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 42ccee00 - kernel: apk_sign: provide bin2hex compat for < 3.18 208b086f - kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 ade6dfa7 - kernel: apk_sign: fix return check for ksu_sha256 38f75763 - kernel: handle backports 5e1e0c64 - kernel: apk_sign: add more size/hash pairs 4cad7156 - kernel: ksu: printout quirks / backports / etc on init Co-Authored-By: ExtremeXT <[email protected]> Co-Authored-By: Yaroslav Zviezda <[email protected]> Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+63) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
SQUASH: 4f0d1750 - kernel: drop LKM and kprobes support 0a5788d8 - Revert "kernel: transition devpts in kernel" 6233f255 - kernel: restore compat code required for old kernels 1c410df6 - kernel: selinux: force sepol_data.sepol to be u64 * a4538e0e - kernel: expose allowlist workaround as Kconfig option 812b5756 - kernel: core_hook: screw path_umount backport, call sys_umount directly 1496ba99 - kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) ebfd6d50 - kernel: core_hook: add wipe umount list cmd 9c28706c - kernel: core_hook: only umount when unmountable > 0 9f0b8d1d - kernel: core_hook: expose nuke_ext4_sysfs to prctl interface * 19574f54 - kernel: throne_tracker: offload to kthread (tiann#2632) 40f085b2 - kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) 6543ab85 - kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) 6ce66242 - kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) 67ddeb57 - kernel: ksud: provide dummy handlers for old hooks 3a99b1b8 - kernel: core_hook: earlier escape_to_root already-root check 4c11e253 - kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig 78054261 - kernel: sucompat: provide do_execve_common handler for < 3.14 dd818818 - kernel: sucompat: provide getname_flags (user) ultimatum hook 80881890 - kernel: sucompat: provide getname_flags (kernel) ultimatum hook ae498de1 - kernel: sucompat: provide vfs_statx hook handler >= 5.18 66858826 - kernel: core_hook: harden prctl handler f252aac0 - kernel: core_hook: add support for KernelNoSU v2 7f5478f9 - kernel: kp_ksud: restore kprobes for early-boot and used-once hooks cf78f7f9 - kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) b9365735 - kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat b290b713 - kernel: extras: base implementation of avc log spoofing 463e6104 - kernel: extras/avc_spoof: add kprobe support 132fdd60 - kernel: ksud: provide is_ksu_transition check v2 e12cb810 - kernel: apk_sign: casting to char for strcmp -> memcmp 887c4de4 - kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek 702c5c9d - kernel: core_hook: no ext4_unregister_sysfs, no problem 9b29d58b - kernel: ksud: d_is_reg to S_ISREG 1e1b586b - kernel: Makefile: remove overlayfs requirement 221cf892 - kernel: throne_tracker: resolve s_magic for < 3.9 2ab1d835 - kernel: ksud: handle conditional read_iter requirement for < 3.16 16fa9ad5 - kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 e76dfa6b - kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 d61bd2a3 - kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 42ccee00 - kernel: apk_sign: provide bin2hex compat for < 3.18 208b086f - kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 ade6dfa7 - kernel: apk_sign: fix return check for ksu_sha256 38f75763 - kernel: handle backports 5e1e0c64 - kernel: apk_sign: add more size/hash pairs c9364cf2 - kernel: ksu: printout quirks / backports / etc on init Co-Authored-By: ExtremeXT <[email protected]> Co-Authored-By: Yaroslav Zviezda <[email protected]> Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
SQUASH: 4f0d1750 - kernel: drop LKM and kprobes support 0a5788d8 - Revert "kernel: transition devpts in kernel" 6233f255 - kernel: restore compat code required for old kernels 1c410df6 - kernel: selinux: force sepol_data.sepol to be u64 * a4538e0e - kernel: expose allowlist workaround as Kconfig option 812b5756 - kernel: core_hook: screw path_umount backport, call sys_umount directly 1496ba99 - kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) ebfd6d50 - kernel: core_hook: add wipe umount list cmd 9c28706c - kernel: core_hook: only umount when unmountable > 0 9f0b8d1d - kernel: core_hook: expose nuke_ext4_sysfs to prctl interface * 19574f54 - kernel: throne_tracker: offload to kthread (tiann#2632) 40f085b2 - kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) 6543ab85 - kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) 6ce66242 - kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) 67ddeb57 - kernel: ksud: provide dummy handlers for old hooks 3a99b1b8 - kernel: core_hook: earlier escape_to_root already-root check 4c11e253 - kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig 78054261 - kernel: sucompat: provide do_execve_common handler for < 3.14 dd818818 - kernel: sucompat: provide getname_flags (user) ultimatum hook 80881890 - kernel: sucompat: provide getname_flags (kernel) ultimatum hook ae498de1 - kernel: sucompat: provide vfs_statx hook handler >= 5.18 66858826 - kernel: core_hook: harden prctl handler f252aac0 - kernel: core_hook: add support for KernelNoSU v2 7f5478f9 - kernel: kp_ksud: restore kprobes for early-boot and used-once hooks cf78f7f9 - kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) b9365735 - kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat b290b713 - kernel: extras: base implementation of avc log spoofing 463e6104 - kernel: extras/avc_spoof: add kprobe support 132fdd60 - kernel: ksud: provide is_ksu_transition check v2 e12cb810 - kernel: apk_sign: casting to char for strcmp -> memcmp 887c4de4 - kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek 702c5c9d - kernel: core_hook: no ext4_unregister_sysfs, no problem 9b29d58b - kernel: ksud: d_is_reg to S_ISREG 1e1b586b - kernel: Makefile: remove overlayfs requirement 221cf892 - kernel: throne_tracker: resolve s_magic for < 3.9 2ab1d835 - kernel: ksud: handle conditional read_iter requirement for < 3.16 16fa9ad5 - kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 e76dfa6b - kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 d61bd2a3 - kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 42ccee00 - kernel: apk_sign: provide bin2hex compat for < 3.18 208b086f - kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 ade6dfa7 - kernel: apk_sign: fix return check for ksu_sha256 38f75763 - kernel: handle backports 5e1e0c64 - kernel: apk_sign: add more size/hash pairs c9364cf2 - kernel: ksu: printout quirks / backports / etc on init Signed-off-by: backslashxx <[email protected]> Co-Authored-By: ExtremeXT <[email protected]> Co-Authored-By: Yaroslav Zviezda <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.