kernel: add non-kprobe support for sucompat disable/enable

I have no idea if this is needed or any useful for manual hooks users. This is done like how vfs_read_hook, input_hook and execve_hook are disabled. While this is not exactly the same thing, this *CAN* achieve the same results. The complete disabling of all KernelSU hooks. While this is probably not so useful for us, lets still port it for the sake of feature parity. Signed-off-by: backslashxx <[email protected]>
tiann · Feb 25, 2025 · bc72286 · bc72286
1 parent 35672ce
commit bc72286
Showing 1 changed file with 52 additions and 0 deletions.
diff --git a/kernel/sucompat.c b/kernel/sucompat.c
@@ -20,6 +20,14 @@
 #define SU_PATH "/system/bin/su"
 #define SH_PATH "/system/bin/sh"
 
+#ifndef CONFIG_KSU_WITH_KPROBES
+bool ksu_faccessat_hook __read_mostly = true;
+bool ksu_stat_hook __read_mostly = true;
+bool ksu_execve_sucompat_hook __read_mostly = true;
+bool ksu_execveat_sucompat_hook __read_mostly = true;
+bool ksu_devpts_hook __read_mostly = true;
+#endif
+
 extern void escape_to_root();
 
 static void __user *userspace_stack_buffer(const void *d, size_t len)
@@ -50,6 +58,12 @@ int ksu_handle_faccessat(int *dfd, const char __user **filename_user, int *mode,
 {
 	const char su[] = SU_PATH;
 
+#ifndef CONFIG_KSU_WITH_KPROBES
+	if (!ksu_faccessat_hook) {
+		return 0;
+	}
+#endif
+
 	if (!ksu_is_allow_uid(current_uid().val)) {
 		return 0;
 	}
@@ -71,6 +85,12 @@ int ksu_handle_stat(int *dfd, const char __user **filename_user, int *flags)
 	// const char sh[] = SH_PATH;
 	const char su[] = SU_PATH;
 
+#ifndef CONFIG_KSU_WITH_KPROBES
+	if (!ksu_stat_hook){
+		return 0;
+	}
+#endif
+
 	if (!ksu_is_allow_uid(current_uid().val)) {
 		return 0;
 	}
@@ -115,6 +135,12 @@ int ksu_handle_execveat_sucompat(int *fd, struct filename **filename_ptr,
 	const char sh[] = KSUD_PATH;
 	const char su[] = SU_PATH;
 
+#ifndef CONFIG_KSU_WITH_KPROBES
+	if (!ksu_execveat_sucompat_hook) {
+		return 0;
+	}
+#endif
+
 	if (unlikely(!filename_ptr))
 		return 0;
 
@@ -144,6 +170,14 @@ int ksu_handle_execve_sucompat(int *fd, const char __user **filename_user,
 	const char su[] = SU_PATH;
 	char path[sizeof(su) + 1];
 
+#ifndef CONFIG_KSU_WITH_KPROBES
+	// placeholder. since manual hooks does NOT use 
+	// ksu_handle_execve_sucompat but it the future it might.
+	if (!ksu_execve_sucompat_hook) {
+		return 0;
+	}
+#endif
+
 	if (unlikely(!filename_user))
 		return 0;
 
@@ -166,6 +200,12 @@ int ksu_handle_execve_sucompat(int *fd, const char __user **filename_user,
 
 int ksu_handle_devpts(struct inode *inode)
 {
+
+#ifndef CONFIG_KSU_WITH_KPROBES
+	if (!ksu_devpts_hook) {
+		return 0;
+	}
+#endif
 	if (!current->mm) {
 		return 0;
 	}
@@ -273,6 +313,12 @@ void ksu_sucompat_init()
 	su_kps[1] = init_kprobe(SYS_FACCESSAT_SYMBOL, faccessat_handler_pre);
 	su_kps[2] = init_kprobe(SYS_NEWFSTATAT_SYMBOL, newfstatat_handler_pre);
 	su_kps[3] = init_kprobe("pts_unix98_lookup", pts_unix98_lookup_pre);
+#else
+	ksu_faccessat_hook = true;
+	ksu_stat_hook = true;
+	ksu_execve_sucompat_hook = true;
+	ksu_execveat_sucompat_hook = true;
+	ksu_devpts_hook = true;
 #endif
 }
 
@@ -282,5 +328,11 @@ void ksu_sucompat_exit()
 	for (int i = 0; i < ARRAY_SIZE(su_kps); i++) {
 		destroy_kprobe(&su_kps[i]);
 	}
+#else
+	ksu_faccessat_hook = false;
+	ksu_stat_hook = false;
+	ksu_execve_sucompat_hook = false;
+	ksu_execveat_sucompat_hook = false;
+	ksu_devpts_hook = false;
 #endif
 }