Handle unmount for isolated process correctly #2696
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
|
I think this cause trouble for some modules. Unlike magisk, ksu doesn't have a userspace daemon to match isolated process with app. |
|
I referred to your code, I think there's nothing major about it 💕 |
rsuntk
added a commit
to rsuntk/KernelSU
that referenced
this pull request
Aug 16, 2025
…anges (#131) 1. Wrapper for creds: * Some older kernel does not have {.val}, so, for nicer compatibility support and clean code, make some wrapper for credential use. * After this change, do not use current_uid().val, instead, use ksu_current_uid(). For more info, check kernel/include/ksu_creds.h. 2. Refine disable_seccomp (need to add k6.11+ support) tiann#2708 tiann#2706 3. Revert "Handle unmount for isolated process correctly" Reason: tiann#2696 (comment) Co-authored-by: Wang Han <[email protected]>
ShirkNeko
pushed a commit
to SukiSU-Ultra/SukiSU-Ultra
that referenced
this pull request
Aug 16, 2025
…anges (#131) 1. Wrapper for creds: * Some older kernel does not have {.val}, so, for nicer compatibility support and clean code, make some wrapper for credential use. * After this change, do not use current_uid().val, instead, use ksu_current_uid(). For more info, check kernel/include/ksu_creds.h. 2. Refine disable_seccomp (need to add k6.11+ support) tiann/KernelSU#2708 tiann/KernelSU#2706 3. Revert "Handle unmount for isolated process correctly" Reason: tiann/KernelSU#2696 (comment) 4. consolidate most of the gaps Co-authored-by: Wang Han <[email protected]>
ShirkNeko
pushed a commit
to SukiSU-Ultra/SukiSU-Ultra
that referenced
this pull request
Aug 16, 2025
…anges (#131) 1. Wrapper for creds: * Some older kernel does not have {.val}, so, for nicer compatibility support and clean code, make some wrapper for credential use. * After this change, do not use current_uid().val, instead, use ksu_current_uid(). For more info, check kernel/include/ksu_creds.h. 2. Refine disable_seccomp (need to add k6.11+ support) tiann/KernelSU#2708 tiann/KernelSU#2706 3. Revert "Handle unmount for isolated process correctly" Reason: tiann/KernelSU#2696 (comment) Co-authored-by: Wang Han <[email protected]>
ShirkNeko
added a commit
to SukiSU-Ultra/SukiSU-Ultra
that referenced
this pull request
Aug 16, 2025
…anges (#131) 1. Wrapper for creds: * Some older kernel does not have {.val}, so, for nicer compatibility support and clean code, make some wrapper for credential use. * After this change, do not use current_uid().val, instead, use ksu_current_uid(). For more info, check kernel/include/ksu_creds.h. 2. Refine disable_seccomp (need to add k6.11+ support) tiann/KernelSU#2708 tiann/KernelSU#2706 3. Revert "Handle unmount for isolated process correctly" Reason: tiann/KernelSU#2696 (comment) Co-authored-by: Wang Han <[email protected]>
ShirkNeko
added a commit
to SukiSU-Ultra/SukiSU-Ultra
that referenced
this pull request
Aug 16, 2025
…anges (#131) 1. Wrapper for creds: * Some older kernel does not have {.val}, so, for nicer compatibility support and clean code, make some wrapper for credential use. * After this change, do not use current_uid().val, instead, use ksu_current_uid(). For more info, check kernel/include/ksu_creds.h. 2. Refine disable_seccomp (need to add k6.11+ support) tiann/KernelSU#2708 tiann/KernelSU#2706 3. Revert "Handle unmount for isolated process correctly" Reason: tiann/KernelSU#2696 (comment) Co-authored-by: Wang Han <[email protected]> Co-authored-by: rsuntk <[email protected]>
mihoy3rd
pushed a commit
to mihoy3rd/SukiSU-Ultra
that referenced
this pull request
Aug 19, 2025
…anges (SukiSU-Ultra#131) 1. Wrapper for creds: * Some older kernel does not have {.val}, so, for nicer compatibility support and clean code, make some wrapper for credential use. * After this change, do not use current_uid().val, instead, use ksu_current_uid(). For more info, check kernel/include/ksu_creds.h. 2. Refine disable_seccomp (need to add k6.11+ support) tiann/KernelSU#2708 tiann/KernelSU#2706 3. Revert "Handle unmount for isolated process correctly" Reason: tiann/KernelSU#2696 (comment) 4. consolidate most of the gaps Co-authored-by: Wang Han <[email protected]>
Ylarod
approved these changes
Aug 23, 2025
pershoot
pushed a commit
to pershoot/KernelSU-Next
that referenced
this pull request
Aug 24, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
aviraxp
pushed a commit
that referenced
this pull request
Aug 24, 2025
sidex15
pushed a commit
to sidex15/KernelSU
that referenced
this pull request
Aug 25, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
luyanci
pushed a commit
to luyanci/KernelSU
that referenced
this pull request
Aug 26, 2025
…anges (rsuntk#131) 1. Wrapper for creds: * Some older kernel does not have {.val}, so, for nicer compatibility support and clean code, make some wrapper for credential use. * After this change, do not use current_uid().val, instead, use ksu_current_uid(). For more info, check kernel/include/ksu_creds.h. 2. Refine disable_seccomp (need to add k6.11+ support) tiann#2708 tiann#2706 3. Revert "Handle unmount for isolated process correctly" Reason: tiann#2696 (comment) Co-authored-by: Wang Han <[email protected]>
LeCmnGend
pushed a commit
to LeCmnGend/KernelSU
that referenced
this pull request
Sep 2, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
|
I reconsidered this. Isolated process which directly forks from zygote is just like normal app, so there is no reason apps won't crash but Isolated process will. Also zygote reopens fd before actually fork, so it should be fine. |
|
I don't use any module that mounts, so maybe feedback is needed for ones especially uses overlay, font modules. |
fadlyas07
added a commit
to bengal-upstream/KernelSU
that referenced
this pull request
Sep 13, 2025
* 'main' of https://github.com/tiann/KernelSU: (42 commits) Unmount isolated process which forks from zygote unconditionally (tiann#2747) fix 'for' loop problem (tiann#2745) update resetprop (tiann#2733) Strip JNI debug logs on release build (tiann#2732) manager: Support search module (tiann#2730) manager: Add uninstall 2nd confirm (tiann#2729) manager: Fix some issues (tiann#2725) manager: fix button issues in module cards (tiann#2719) manager: switch ui to miuix design style (tiann#2710) Revert "Handle unmount for isolated process correctly" (tiann#2718) Handle unmount for isolated process correctly (tiann#2696) Reset seccomp filter count when escaping to root (tiann#2708) kernel: selinux: rules: Micro-optimize get_policydb() and fix illegal RCU lock usage in handle_sepolicy() (tiann#2695) Update resetprop from Magisk v30.2 (tiann#2700) ksud: support vendor_boot patching for some odd devices (tiann#2650) ksud: make clippy happy (tiann#2683) feat(ui): improve predictive back animations (tiann#2675) kernel: added new prctl CMD_GET_MANAGER_UID to get the uid of the crowned manager (tiann#2673) kernel: selinux: rules: Fix illegal RCU lock usage in apply_kernelsu_rules() (tiann#2646) manger: fix lkm detection (tiann#2654) ... Conflicts: kernel/core_hook.c kernel/selinux/rules.c kernel/throne_tracker.c Change-Id: Iebf7dd870a7d9e35f4cecbf97fa13eeb174b7b5d
backslashxx
pushed a commit
to backslashxx/KernelSU
that referenced
this pull request
Sep 25, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Sep 25, 2025
Added from 5ec1cff@63c615e (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+50) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add cmd for nuke-ext4-sysfs workflows: debloat ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: handle backports kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.13 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: core_hook: add support for KernelNoSU kernel: kp_ksud: restore kprobes for early-boot and used-once hooks KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Sep 25, 2025
Added from 5ec1cff@63c615e (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+50) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add cmd for nuke-ext4-sysfs workflows: debloat ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: handle backports kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.13 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: core_hook: add support for KernelNoSU kernel: kp_ksud: restore kprobes for early-boot and used-once hooks KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Sep 26, 2025
Added from 5ec1cff@63c615e (+24) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image use module dir name as real id allow restore uninstalled module ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+50) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add cmd for nuke-ext4-sysfs workflows: debloat ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: handle backports kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for <= 3.13 kernel: ksud: provide is_ksu_transition check v2 kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: throne_tracker: add strscpy/strlcpy compat kernel: ksud: d_is_reg to IS_REG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle read_iter requirement conditionally kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: inline iterate_dir -> vfs_readdir compat kernel: apk_sign: fix return check for ksu_sha256 kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: core_hook: add support for KernelNoSU kernel: kp_ksud: restore kprobes for early-boot and used-once hooks KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 19, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+57) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add cmd for nuke-ext4-sysfs workflows: debloat ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 19, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+57) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add cmd for nuke-ext4-sysfs workflows: debloat ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
pushed a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 19, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 19, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+57) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add cmd for nuke-ext4-sysfs workflows: debloat ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 19, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+57) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add cmd for nuke-ext4-sysfs workflows: debloat ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 19, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+60) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
pushed a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 20, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 20, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
anzarfarooq
pushed a commit
to anzarfarooq/KernelSU
that referenced
this pull request
Oct 20, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
anzarfarooq
pushed a commit
to anzarfarooq/KernelSU
that referenced
this pull request
Oct 20, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
anzarfarooq
pushed a commit
to anzarfarooq/KernelSU
that referenced
this pull request
Oct 20, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
anzarfarooq
pushed a commit
to anzarfarooq/KernelSU
that referenced
this pull request
Oct 20, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 21, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 21, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 21, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 21, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+62) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: intercept devpts via security_inode_permission LSM kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
pushed a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+63) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 22, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+63) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 23, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+63) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 23, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+17) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: squash all changes KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 23, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+17) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: squash all changes KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
pushed a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) implement magic mount restorecon: set adb_file to system_file for module files magic_mount: use trusted.overlay.opaque chore: fmt magic_mount: supports whiteout chore: refine code magic_mount: fix log: make verbose logging optional magic_mount: refine ksud: fix disable / enable modules ksud: fix odm not magic-mounted manager: no need to check overlayfs ksud: fix partition link ksud: fix clone symlink ksud: refine tmpfs ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) manager: remove shrink image ksud: make tmpfs and magic mount optional ksud: fix stat reformat rust codes app: persist show system app settings magic mount: make mount points read only Other changes: (+63) ksud: move workdir to /mnt/vendor ksud: remove tmpfs mounting ksud: tell prctl interface about our mounts (5ec1cff#16) ksud: add cmd for add-try-umount (5ec1cff#16) ksud: add wipe umount list cmd ksud: add cmd for nuke-ext4-sysfs workflows: debloat workflows: debloat pt. 2 ksud: add armeabi-v7a support manager: failure mode dummy demo dummy.keystore manager: unofficial build manager: Add ABI and Kernel archirecture info into InfoCardItem ksud/su: import devpts workaround Reapply: "Handle unmount for isolated process correctly (tiann#2696)" kernel: drop LKM and kprobes support kernel: restore compat code required for old kernels kernel: expose allowlist workaround as Kconfig option kernel: core_hook: screw path_umount backport, call sys_umount directly kernel: core_hook: expose prctl interface for umount list (5ec1cff#16) kernel: core_hook: add wipe umount list cmd kernel: core_hook: only umount when unmountable > 0 kernel: core_hook: expose nuke_ext4_sysfs to prctl interface kernel: throne_tracker: offload to kthread (tiann#2632) kernel: sucompat: increase reliability, commonize and micro-optimize (tiann#2656) kernel: sucompat: sucompat toggle support for non-kp (tiann#2506) kernel: ksud: migrate ksud execution to security_bprm_check (tiann#2653) kernel: core_hook: remove devpts workaround kernel: compat: migrate sucompat strncpy_from_user to copy_from_user kernel: selinux: fix pointer mismatch with 32-bit ksud on 64-bit kernels kernel: ksud: provide dummy handlers for old hooks kernel: core_hook: earlier escape_to_root already-root check kernel: expose KSU_LSM_SECURITY_HOOKS on Kconfig kernel: sucompat: provide do_execve_common handler for < 3.14 kernel: sucompat: provide getname_flags (user) ultimatum hook kernel: sucompat: provide getname_flags (kernel) ultimatum hook kernel: sucompat: provide vfs_statx hook handler >= 5.18 kernel: core_hook: harden prctl handler kernel: harden barriers for arm/arm64 kernel: core_hook: add support for KernelNoSU v2 kernel: kp_ksud: restore kprobes for early-boot and used-once hooks kernel: kp_ksud: add security_bounded_transition hook for < 4.14 (tiann#1704) kernel: rp_sucompat: add kretprobes-hooked getname_flags for sucompat kernel: extras: base implementation of avc log spoofing kernel: extras/avc_spoof: add kprobe support kernel: ksud: provide is_ksu_transition check v2 kernel: apk_sign: casting to char for strcmp -> memcmp kernel: apk_sign: migrate generic_file_llseek -> vfs_llseek kernel: core_hook: no ext4_unregister_sysfs, no problem kernel: ksud: d_is_reg to S_ISREG kernel: Makefile: remove overlayfs requirement kernel: throne_tracker: resolve s_magic for < 3.9 kernel: ksud: handle conditional read_iter requirement for < 3.16 kernel: throne_tracker: handle filldir_t ABI mismatch on <= 3.18 kernel: compat: iterate_dir -> vfs_readdir compat for < 3.11 kernel: sucompat: bruteforce writeable stack from start_stack for < 3.8 kernel: apk_sign: provide bin2hex compat for < 3.18 kernel: throne_tracker: add strscpy pseudo-compat for < 4.3 kernel: apk_sign: fix return check for ksu_sha256 kernel: handle backports kernel: apk_sign: add more size/hash pairs kernel: ksu: printout quirks / backports / etc on init KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) 153e8bc - implement magic mount dde1efb - restorecon: set adb_file to system_file for module files 8508566 - magic_mount: use trusted.overlay.opaque 78ce6de - chore: fmt df0f057 - magic_mount: supports whiteout bd8fab1 - chore: refine code 61a2be6 - magic_mount: fix 12c584b - log: make verbose logging optional 044a08f - magic_mount: refine 55b6cb5 - ksud: fix disable / enable modules 42cdb10 - ksud: fix odm not magic-mounted 897f06f - manager: no need to check overlayfs b703c97 - ksud: fix partition link f7b08ff - ksud: fix clone symlink dcedf38 - ksud: refine tmpfs 845219b - ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) f1fcf4b - manager: remove shrink image 7baaad7 - ksud: make tmpfs and magic mount optional bc856e9 - ksud: fix stat 882edf5 - reformat rust codes fb4cdb5 - app: persist show system app settings a47bb7b - magic mount: make mount points read only Other changes: (+18) 426fa8a - ksud: move workdir to /mnt/vendor 03d9726 - ksud: remove tmpfs mounting 0f68d54 - ksud: tell prctl interface about our mounts (5ec1cff#16) 511b874 - ksud: add cmd for add-try-umount (5ec1cff#16) 02636ae - ksud: add wipe umount list cmd ca1ccb3 - ksud: add cmd for nuke-ext4-sysfs 02ef753 - workflows: debloat 3b9c8c1 - workflows: debloat pt. 2 70f5e9e - ksud: add armeabi-v7a support 5e70e6b - manager: failure mode dummy demo 8c07502 - dummy.keystore a27c3ad - manager: unofficial build 73cd53c - manager: Add ABI and Kernel archirecture info into InfoCardItem cc54bc8 - ksud: prevent 32-on-64 pointer mismatches on sepolicy 449cfc7 - ksud/su: import devpts workaround 3dc9d06 - Reapply: "Handle unmount for isolated process correctly (tiann#2696)" d8f905a - kernel: squash all changes KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) 153e8bc - implement magic mount dde1efb - restorecon: set adb_file to system_file for module files 8508566 - magic_mount: use trusted.overlay.opaque 78ce6de - chore: fmt df0f057 - magic_mount: supports whiteout bd8fab1 - chore: refine code 61a2be6 - magic_mount: fix 12c584b - log: make verbose logging optional 044a08f - magic_mount: refine 55b6cb5 - ksud: fix disable / enable modules 42cdb10 - ksud: fix odm not magic-mounted 897f06f - manager: no need to check overlayfs b703c97 - ksud: fix partition link f7b08ff - ksud: fix clone symlink dcedf38 - ksud: refine tmpfs 845219b - ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) f1fcf4b - manager: remove shrink image 7baaad7 - ksud: make tmpfs and magic mount optional bc856e9 - ksud: fix stat 882edf5 - reformat rust codes fb4cdb5 - app: persist show system app settings a47bb7b - magic mount: make mount points read only Other changes: (+18) 426fa8a - ksud: move workdir to /mnt/vendor 03d9726 - ksud: remove tmpfs mounting 0f68d54 - ksud: tell prctl interface about our mounts (5ec1cff#16) 511b874 - ksud: add cmd for add-try-umount (5ec1cff#16) 02636ae - ksud: add wipe umount list cmd ca1ccb3 - ksud: add cmd for nuke-ext4-sysfs 02ef753 - workflows: debloat 3b9c8c1 - workflows: debloat pt. 2 70f5e9e - ksud: add armeabi-v7a support 5e70e6b - manager: failure mode dummy demo 8c07502 - dummy.keystore a27c3ad - manager: unofficial build 73cd53c - manager: Add ABI and Kernel archirecture info into InfoCardItem cc54bc8 - ksud: prevent 32-on-64 pointer mismatches on sepolicy 449cfc7 - ksud/su: import devpts workaround 3dc9d06 - Reapply: "Handle unmount for isolated process correctly (tiann#2696)" 2c0d25c - kernel: squash all changes KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) 153e8bc - implement magic mount dde1efb - restorecon: set adb_file to system_file for module files 8508566 - magic_mount: use trusted.overlay.opaque 78ce6de - chore: fmt df0f057 - magic_mount: supports whiteout bd8fab1 - chore: refine code 61a2be6 - magic_mount: fix 12c584b - log: make verbose logging optional 044a08f - magic_mount: refine 55b6cb5 - ksud: fix disable / enable modules 42cdb10 - ksud: fix odm not magic-mounted 897f06f - manager: no need to check overlayfs b703c97 - ksud: fix partition link f7b08ff - ksud: fix clone symlink dcedf38 - ksud: refine tmpfs 845219b - ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) f1fcf4b - manager: remove shrink image 7baaad7 - ksud: make tmpfs and magic mount optional bc856e9 - ksud: fix stat 882edf5 - reformat rust codes fb4cdb5 - app: persist show system app settings a47bb7b - magic mount: make mount points read only Other changes: (+18) 426fa8a - ksud: move workdir to /mnt/vendor 03d9726 - ksud: remove tmpfs mounting 0f68d54 - ksud: tell prctl interface about our mounts (5ec1cff#16) 511b874 - ksud: add cmd for add-try-umount (5ec1cff#16) 02636ae - ksud: add wipe umount list cmd ca1ccb3 - ksud: add cmd for nuke-ext4-sysfs 02ef753 - workflows: debloat 3b9c8c1 - workflows: debloat pt. 2 70f5e9e - ksud: add armeabi-v7a support 5e70e6b - manager: failure mode dummy demo 8c07502 - dummy.keystore a27c3ad - manager: unofficial build 73cd53c - manager: Add ABI and Kernel archirecture info into InfoCardItem cc54bc8 - ksud: prevent 32-on-64 pointer mismatches on sepolicy 449cfc7 - ksud/su: import devpts workaround 3dc9d06 - Reapply: "Handle unmount for isolated process correctly (tiann#2696)" 2c0d25c - kernel: squash all changes KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
backslashxx
added a commit
to backslashxx/KernelSU
that referenced
this pull request
Oct 27, 2025
Added from https://github.com/5ec1cff/KernelSU (+22) 153e8bc - implement magic mount dde1efb - restorecon: set adb_file to system_file for module files 8508566 - magic_mount: use trusted.overlay.opaque 78ce6de - chore: fmt df0f057 - magic_mount: supports whiteout bd8fab1 - chore: refine code 61a2be6 - magic_mount: fix 12c584b - log: make verbose logging optional 044a08f - magic_mount: refine 55b6cb5 - ksud: fix disable / enable modules 42cdb10 - ksud: fix odm not magic-mounted 897f06f - manager: no need to check overlayfs b703c97 - ksud: fix partition link f7b08ff - ksud: fix clone symlink dcedf38 - ksud: refine tmpfs 845219b - ksud: add KSU_MAGIC_MOUNT to env (5ec1cff#5) f1fcf4b - manager: remove shrink image 7baaad7 - ksud: make tmpfs and magic mount optional bc856e9 - ksud: fix stat 882edf5 - reformat rust codes fb4cdb5 - app: persist show system app settings a47bb7b - magic mount: make mount points read only Other changes: (+18) 426fa8a - ksud: move workdir to /mnt/vendor 03d9726 - ksud: remove tmpfs mounting 0f68d54 - ksud: tell prctl interface about our mounts (5ec1cff#16) 511b874 - ksud: add cmd for add-try-umount (5ec1cff#16) 02636ae - ksud: add wipe umount list cmd ca1ccb3 - ksud: add cmd for nuke-ext4-sysfs 02ef753 - workflows: debloat 3b9c8c1 - workflows: debloat pt. 2 70f5e9e - ksud: add armeabi-v7a support 5e70e6b - manager: failure mode dummy demo 8c07502 - dummy.keystore a27c3ad - manager: unofficial build 73cd53c - manager: Add ABI and Kernel archirecture info into InfoCardItem cc54bc8 - ksud: prevent 32-on-64 pointer mismatches on sepolicy 449cfc7 - ksud/su: import devpts workaround 3dc9d06 - Reapply: "Handle unmount for isolated process correctly (tiann#2696)" 2c0d25c - kernel: squash all changes KernelSU v1.0.5+ Warning: Managers built from this repo has a known keystore. See dummy.keystore. Signed-off-by: backslashxx <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Isolated processes can be directly forked from zygote, but current code doesn't handle it well. Fix it by unmounting unconditionally if isolated process is forked from zygote.