malhuda/KernelSU
1
0
Fork 0
mirror of https://github.com/tiann/KernelSU.git synced 2025-02-20 11:43:32 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

misc: code format(use kernel code stype: https://www.kernel.org/doc/html/v6.1/process/coding-style.html

Browse Source
This commit is contained in:
weishu 2022-12-27 18:21:10 +07:00
parent 342910771b
commit b427c86ab3
9 changed files with 903 additions and 764 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
kernel/allowlist.c
View File

@ -41,8 +41,8 @@ static struct work_struct ksu_load_work;
bool persistent_allow_list(void);
bool ksu_allow_uid(uid_t uid, bool allow) {
bool ksu_allow_uid(uid_t uid, bool allow)
{
// find the node first!
struct perm_data *p = NULL;
struct list_head *pos = NULL;
@ -76,7 +76,8 @@ exit:
return result;
}
bool ksu_is_allow_uid(uid_t uid) {
bool ksu_is_allow_uid(uid_t uid)
{
struct perm_data *p = NULL;
struct list_head *pos = NULL;
@ -96,7 +97,8 @@ bool ksu_is_allow_uid(uid_t uid) {
return false;
}
bool ksu_get_allow_list(int *array, int *length, bool allow) {
bool ksu_get_allow_list(int *array, int *length, bool allow)
{
struct perm_data *p = NULL;
struct list_head *pos = NULL;
int i = 0;
@ -112,14 +114,16 @@ bool ksu_get_allow_list(int *array, int *length, bool allow) {
return true;
}
void do_persistent_allow_list(struct work_struct *work) {
void do_persistent_allow_list(struct work_struct *work)
{
u32 magic = FILE_MAGIC;
u32 version = FILE_FORMAT_VERSION;
struct perm_data *p = NULL;
struct list_head *pos = NULL;
loff_t off = 0;
struct file *fp = filp_open(KERNEL_SU_ALLOWLIST, O_WRONLY | O_CREAT, 0644);
struct file *fp =
filp_open(KERNEL_SU_ALLOWLIST, O_WRONLY | O_CREAT, 0644);
if (IS_ERR(fp)) {
pr_err("save_allow_list creat file failed: %d\n", PTR_ERR(fp));
@ -132,14 +136,16 @@ void do_persistent_allow_list(struct work_struct *work) {
goto exit;
}
if (kernel_write(fp, &version, sizeof(version), &off) != sizeof(version)) {
if (kernel_write(fp, &version, sizeof(version), &off) !=
sizeof(version)) {
pr_err("save_allow_list write version failed.\n");
goto exit;
}
list_for_each (pos, &allow_list) {
p = list_entry(pos, struct perm_data, list);
pr_info("save allow list uid :%d, allow: %d\n", p->uid, p->allow);
pr_info("save allow list uid :%d, allow: %d\n", p->uid,
p->allow);
kernel_write(fp, &p->uid, sizeof(p->uid), &off);
kernel_write(fp, &p->allow, sizeof(p->allow), &off);
}
@ -148,8 +154,8 @@ exit:
filp_close(fp, 0);
}
void do_load_allow_list(struct work_struct *work) {
void do_load_allow_list(struct work_struct *work)
{
loff_t off = 0;
ssize_t ret = 0;
struct file *fp = NULL;
@ -180,12 +186,14 @@ void do_load_allow_list(struct work_struct *work) {
}
// verify magic
if (kernel_read(fp, &magic, sizeof(magic), &off) != sizeof(magic) || magic != FILE_MAGIC) {
if (kernel_read(fp, &magic, sizeof(magic), &off) != sizeof(magic) ||
magic != FILE_MAGIC) {
pr_err("allowlist file invalid: %d!\n", magic);
goto exit;
}
if (kernel_read(fp, &version, sizeof(version), &off) != sizeof(version)) {
if (kernel_read(fp, &version, sizeof(version), &off) !=
sizeof(version)) {
pr_err("allowlist read version: %d failed\n", version);
goto exit;
}
@ -212,7 +220,8 @@ exit:
filp_close(fp, 0);
}
static int init_work(void) {
static int init_work(void)
{
ksu_workqueue = alloc_workqueue("kernelsu_work_queue", 0, 0);
INIT_WORK(&ksu_save_work, do_persistent_allow_list);
INIT_WORK(&ksu_load_work, do_load_allow_list);
@ -220,18 +229,20 @@ static int init_work(void) {
}
// make sure allow list works cross boot
bool persistent_allow_list(void) {
bool persistent_allow_list(void)
{
queue_work(ksu_workqueue, &ksu_save_work);
return true;
}
bool ksu_load_allow_list(void) {
bool ksu_load_allow_list(void)
{
queue_work(ksu_workqueue, &ksu_load_work);
return true;
}
bool ksu_allowlist_init(void) {
bool ksu_allowlist_init(void)
{
INIT_LIST_HEAD(&allow_list);
init_work();
@ -242,8 +253,8 @@ bool ksu_allowlist_init(void) {
return true;
}
bool ksu_allowlist_exit(void) {
bool ksu_allowlist_exit(void)
{
destroy_workqueue(ksu_workqueue);
return true;

28
kernel/apk_sign.c
View File

@ -3,7 +3,9 @@
#include "apk_sign.h"
#include "klog.h"
static int check_v2_signature(char* path, unsigned expected_size, unsigned expected_hash) {
static int check_v2_signature(char *path, unsigned expected_size,
unsigned expected_hash)
{
unsigned char buffer[0x11] = { 0 };
u32 size4;
u64 size8, size_of_block;
@ -63,18 +65,24 @@ static int check_v2_signature(char* path, unsigned expected_size, unsigned expec
kernel_read(fp, &id, 0x4, &pos); // id
offset = 4;
pr_info("id: 0x%08x\n", id);
if ((id ^ 0xdeadbeefu) == 0xafa439f5u || (id ^ 0xdeadbeefu) == 0x2efed62f) {
kernel_read(fp, &size4, 0x4, &pos); // signer-sequence length
if ((id ^ 0xdeadbeefu) == 0xafa439f5u ||
(id ^ 0xdeadbeefu) == 0x2efed62f) {
kernel_read(fp, &size4, 0x4,
&pos); // signer-sequence length
kernel_read(fp, &size4, 0x4, &pos); // signer length
kernel_read(fp, &size4, 0x4, &pos); // signed data length
kernel_read(fp, &size4, 0x4,
&pos); // signed data length
offset += 0x4 * 3;
kernel_read(fp, &size4, 0x4, &pos); // digests-sequence length
kernel_read(fp, &size4, 0x4,
&pos); // digests-sequence length
pos += size4;
offset += 0x4 + size4;
kernel_read(fp, &size4, 0x4, &pos); // certificates length
kernel_read(fp, &size4, 0x4, &pos); // certificate length
kernel_read(fp, &size4, 0x4,
&pos); // certificates length
kernel_read(fp, &size4, 0x4,
&pos); // certificate length
offset += 0x4 * 2;
#if 0
int hash = 1;
@ -94,7 +102,8 @@ static int check_v2_signature(char* path, unsigned expected_size, unsigned expec
hash = 31 * hash + c;
}
offset += size4;
if ((((unsigned) hash) ^ 0x14131211u) == expected_hash) {
if ((((unsigned)hash) ^ 0x14131211u) ==
expected_hash) {
sign = 0;
break;
}
@ -112,6 +121,7 @@ clean:
return sign;
}
int is_manager_apk(char* path) {
int is_manager_apk(char *path)
{
return check_v2_signature(path, EXPECTED_SIZE, EXPECTED_HASH);
}

2
kernel/arch.h
View File

@ -1,7 +1,6 @@
#ifndef __KSU_H_ARCH
#define __KSU_H_ARCH
#if defined(__aarch64__)
#define __PT_PARM1_REG regs[0]
@ -54,5 +53,4 @@
#define PT_REGS_SP(x) (__PT_REGS_CAST(x)->__PT_SP_REG)
#define PT_REGS_IP(x) (__PT_REGS_CAST(x)->__PT_IP_REG)
#endif

52
kernel/ksu.c
View File

@ -39,7 +39,8 @@
#define CMD_GET_ALLOW_LIST 5
#define CMD_GET_DENY_LIST 6
void escape_to_root() {
void escape_to_root()
{
struct cred *cred;
cred = (struct cred *)__task_cred(current);
@ -69,7 +70,8 @@ void escape_to_root() {
setup_selinux();
}
int startswith(char* s, char* prefix) {
int startswith(char *s, char *prefix)
{
return strncmp(s, prefix, strlen(prefix));
}
@ -77,17 +79,20 @@ int endswith(const char *s, const char *t)
{
size_t slen = strlen(s);
size_t tlen = strlen(t);
if (tlen > slen) return 1;
if (tlen > slen)
return 1;
return strcmp(s + slen - tlen, t);
}
static uid_t __manager_uid;
static bool is_manager() {
static bool is_manager()
{
return __manager_uid == current_uid().val;
}
static bool become_manager(char* pkg) {
static bool become_manager(char *pkg)
{
struct fdtable *files_table;
int i = 0;
struct path files_path;
@ -122,7 +127,8 @@ static bool become_manager(char* pkg) {
continue;
}
cwd = d_path(&files_path, buf, PATH_MAX);
if (startswith(cwd, "/data/app/") == 0 && endswith(cwd, "/base.apk") == 0) {
if (startswith(cwd, "/data/app/") == 0 &&
endswith(cwd, "/base.apk") == 0) {
// we have found the apk!
pr_info("found apk: %s", cwd);
if (!strstr(cwd, pkg)) {
@ -153,7 +159,8 @@ clean:
return result;
}
static bool is_allow_su() {
static bool is_allow_su()
{
uid_t uid = current_uid().val;
if (uid == __manager_uid) {
// we are manager, allow!
@ -165,8 +172,8 @@ static bool is_allow_su() {
extern void enable_sucompat();
static int handler_pre(struct kprobe *p, struct pt_regs *regs) {
static int handler_pre(struct kprobe *p, struct pt_regs *regs)
{
struct pt_regs *real_regs = (struct pt_regs *)PT_REGS_PARM1(regs);
int option = (int)PT_REGS_PARM1(real_regs);
unsigned long arg2 = (unsigned long)PT_REGS_PARM2(real_regs);
@ -256,12 +263,17 @@ static int handler_pre(struct kprobe *p, struct pt_regs *regs) {
} else if (arg2 == CMD_GET_ALLOW_LIST || arg2 == CMD_GET_DENY_LIST) {
u32 array[128];
u32 array_length;
bool success = ksu_get_allow_list(array, &array_length, arg2 == CMD_GET_ALLOW_LIST);
bool success = ksu_get_allow_list(array, &array_length,
arg2 == CMD_GET_ALLOW_LIST);
if (success) {
if (!copy_to_user(arg4, &array_length, sizeof(array_length)) &&
!copy_to_user(arg3, array, sizeof(u32) * array_length)) {
if (!copy_to_user(result, &reply_ok, sizeof(reply_ok))) {
pr_err("prctl reply error, cmd: %d\n", arg2);
if (!copy_to_user(arg4, &array_length,
sizeof(array_length)) &&
!copy_to_user(arg3, array,
sizeof(u32) * array_length)) {
if (!copy_to_user(result, &reply_ok,
sizeof(reply_ok))) {
pr_err("prctl reply error, cmd: %d\n",
arg2);
}
} else {
pr_err("prctl copy allowlist error\n");
@ -282,14 +294,16 @@ static struct kprobe kp = {
.pre_handler = handler_pre,
};
int kernelsu_init(void){
int kernelsu_init(void)
{
int rc = 0;
ksu_allowlist_init();
rc = register_kprobe(&kp);
if (rc) {
pr_info("prctl kprobe failed: %d, please check your kernel config.\n", rc);
pr_info("prctl kprobe failed: %d, please check your kernel config.\n",
rc);
return rc;
}
@ -298,7 +312,8 @@ int kernelsu_init(void){
return 0;
}
void kernelsu_exit(void){
void kernelsu_exit(void)
{
// should never happen...
unregister_kprobe(&kp);
@ -315,4 +330,5 @@ module_exit(kernelsu_exit);
MODULE_LICENSE("GPL");
MODULE_AUTHOR("weishu");
MODULE_DESCRIPTION("Android GKI KernelSU");
MODULE_IMPORT_NS(VFS_internal_I_am_really_a_filesystem_and_am_NOT_a_driver); // 5+才需要导出命名空间
MODULE_IMPORT_NS(
VFS_internal_I_am_really_a_filesystem_and_am_NOT_a_driver); // 5+才需要导出命名空间

4
kernel/selinux/rules.c
View File

@ -4,8 +4,8 @@
#define KERNEL_SU_DOMAIN "su"
#define ALL NULL
void apply_kernelsu_rules() {
void apply_kernelsu_rules()
{
struct selinux_policy *policy;
struct policydb *db;

19
kernel/selinux/selinux.c
View File

@ -20,7 +20,8 @@
static u32 ksu_sid;
static int transive_to_domain(const char* domain) {
static int transive_to_domain(const char *domain)
{
struct cred *cred;
struct task_security_struct *tsec;
u32 sid;
@ -37,7 +38,8 @@ static int transive_to_domain(const char* domain) {
error = security_secctx_to_secid(domain, strlen(domain), &sid);
pr_info("error: %d, sid: %d\n", error, sid);
if (!error) {
if (!ksu_sid) ksu_sid = sid;
if (!ksu_sid)
ksu_sid = sid;
tsec->sid = sid;
tsec->create_sid = 0;
@ -49,8 +51,8 @@ static int transive_to_domain(const char* domain) {
static bool is_domain_permissive;
void setup_selinux() {
void setup_selinux()
{
if (transive_to_domain(KERNEL_SU_DOMAIN)) {
pr_err("transive domain failed.");
return;
@ -64,13 +66,15 @@ void setup_selinux() {
}*/
}
void setenforce(bool enforce) {
void setenforce(bool enforce)
{
#ifdef CONFIG_SECURITY_SELINUX_DEVELOP
selinux_state.enforcing = enforce;
#endif
}
bool getenforce() {
bool getenforce()
{
#ifdef CONFIG_SECURITY_SELINUX_DISABLE
if (selinux_state.disabled) {
return false;
@ -84,6 +88,7 @@ bool getenforce() {
#endif
}
bool is_ksu_domain() {
bool is_ksu_domain()
{
return ksu_sid && current_sid() == ksu_sid;
}

244
kernel/selinux/sepolicy.c
View File

@ -7,15 +7,16 @@
#define hash_for_each(node_ptr, n_slot, cur) \
int i; \
for (i = 0; i < n_slot; ++i) \
for (cur = node_ptr[i]; cur; cur = cur->next) \
for (cur = node_ptr[i]; cur; cur = cur->next)
#define hashtab_for_each(htab, cur) \
hash_for_each(htab.htable, htab.size, cur) \
#define hashtab_for_each(htab, cur) hash_for_each (htab.htable, htab.size, cur)
#define avtab_for_each(avtab, cur) \
hash_for_each(avtab.htable, avtab.nslot, cur); \
hash_for_each (avtab.htable, avtab.nslot, cur) \
;
static bool is_redundant(struct avtab_node* node) {
static bool is_redundant(struct avtab_node *node)
{
switch (node->key.specified) {
case AVTAB_AUDITDENY:
return node->datum.u.data == ~0U;
@ -26,7 +27,9 @@ static bool is_redundant(struct avtab_node* node) {
}
}
struct avtab_node* get_avtab_node(struct policydb* db, struct avtab_key *key, struct avtab_extended_perms *xperms) {
struct avtab_node *get_avtab_node(struct policydb *db, struct avtab_key *key,
struct avtab_extended_perms *xperms)
{
struct avtab_node *node;
/* AVTAB_XPERMS entries are not necessarily unique */
@ -34,7 +37,8 @@ struct avtab_node* get_avtab_node(struct policydb* db, struct avtab_key *key, st
bool match = false;
node = avtab_search_node(&db->te_avtab, key);
while (node) {
if ((node->datum.u.xperms->specified == xperms->specified) &&
if ((node->datum.u.xperms->specified ==
xperms->specified) &&
(node->datum.u.xperms->driver == xperms->driver)) {
match = true;
break;
@ -56,7 +60,8 @@ struct avtab_node* get_avtab_node(struct policydb* db, struct avtab_key *key, st
if (key->specified & AVTAB_XPERMS) {
avdatum.u.xperms = xperms;
} else {
avdatum.u.data = key->specified == AVTAB_AUDITDENY ? ~0U : 0U;
avdatum.u.data =
key->specified == AVTAB_AUDITDENY ? ~0U : 0U;
}
/* this is used to get the node - insertion is actually unique */
node = avtab_insert_nonunique(&db->te_avtab, key, &avdatum);
@ -65,7 +70,8 @@ struct avtab_node* get_avtab_node(struct policydb* db, struct avtab_key *key, st
if (key->specified & AVTAB_XPERMS) {
grow_size += sizeof(u8);
grow_size += sizeof(u8);
grow_size += sizeof(u32) * ARRAY_SIZE(avdatum.u.xperms->perms.p);
grow_size += sizeof(u32) *
ARRAY_SIZE(avdatum.u.xperms->perms.p);
} else {
grow_size += sizeof(u32) * 1;
}
@ -75,7 +81,9 @@ struct avtab_node* get_avtab_node(struct policydb* db, struct avtab_key *key, st
return node;
}
bool add_rule(struct policydb* db, const char *s, const char *t, const char *c, const char *p, int effect, bool invert) {
bool add_rule(struct policydb *db, const char *s, const char *t, const char *c,
const char *p, int effect, bool invert)
{
struct type_datum *src = NULL, *tgt = NULL;
struct class_datum *cls = NULL;
struct perm_datum *perm = NULL;
@ -106,7 +114,8 @@ bool add_rule(struct policydb* db, const char *s, const char *t, const char *c,
if (p) {
if (c == NULL) {
pr_info("No class is specified, cannot add perm [%s] \n", p);
pr_info("No class is specified, cannot add perm [%s] \n",
p);
return false;
}
@ -123,39 +132,57 @@ bool add_rule(struct policydb* db, const char *s, const char *t, const char *c,
return true;
}
void add_rule_raw(struct policydb* db, struct type_datum *src, struct type_datum *tgt, struct class_datum *cls, struct perm_datum *perm, int effect, bool invert) {
void add_rule_raw(struct policydb *db, struct type_datum *src,
struct type_datum *tgt, struct class_datum *cls,
struct perm_datum *perm, int effect, bool invert)
{
if (src == NULL) {
struct hashtab_node *node;
if (strip_av(effect, invert)) {
hashtab_for_each(db->p_types.table, node) {
add_rule_raw(db, (struct type_datum*)node->datum, tgt, cls, perm, effect, invert);
hashtab_for_each(db->p_types.table, node)
{
add_rule_raw(db,
(struct type_datum *)node->datum,
tgt, cls, perm, effect, invert);
};
} else {
hashtab_for_each(db->p_types.table, node) {
struct type_datum* type = (struct type_datum*)(node->datum);
hashtab_for_each(db->p_types.table, node)
{
struct type_datum *type =
(struct type_datum *)(node->datum);
if (type->attribute) {
add_rule_raw(db, type, tgt, cls, perm, effect, invert);
add_rule_raw(db, type, tgt, cls, perm,
effect, invert);
}
};
}
} else if (tgt == NULL) {
struct hashtab_node *node;
if (strip_av(effect, invert)) {
hashtab_for_each(db->p_types.table, node) {
add_rule_raw(db, src, (struct type_datum*)node->datum, cls, perm, effect, invert);
hashtab_for_each(db->p_types.table, node)
{
add_rule_raw(db, src,
(struct type_datum *)node->datum,
cls, perm, effect, invert);
};
} else {
hashtab_for_each(db->p_types.table, node) {
struct type_datum* type = (struct type_datum*)(node->datum);
hashtab_for_each(db->p_types.table, node)
{
struct type_datum *type =
(struct type_datum *)(node->datum);
if (type->attribute) {
add_rule_raw(db, src, type, cls, perm, effect, invert);
add_rule_raw(db, src, type, cls, perm,
effect, invert);
}
};
}
} else if (cls == NULL) {
struct hashtab_node *node;
hashtab_for_each(db->p_classes.table, node) {
add_rule_raw(db, src, tgt, (struct class_datum*)node->datum, perm, effect, invert);
hashtab_for_each(db->p_classes.table, node)
{
add_rule_raw(db, src, tgt,
(struct class_datum *)node->datum, perm,
effect, invert);
}
} else {
struct avtab_key key;
@ -167,7 +194,8 @@ void add_rule_raw(struct policydb* db, struct type_datum *src, struct type_datum
struct avtab_node *node = get_avtab_node(db, &key, NULL);
if (invert) {
if (perm)
node->datum.u.data &= ~(1U << (perm->value - 1));
node->datum.u.data &=
~(1U << (perm->value - 1));
else
node->datum.u.data = 0U;
} else {
@ -186,29 +214,39 @@ void add_rule_raw(struct policydb* db, struct type_datum *src, struct type_datum
#define xperm_set(x, p) (p[x >> 5] |= (1 << (x & 0x1f)))
#define xperm_clear(x, p) (p[x >> 5] &= ~(1 << (x & 0x1f)))
void add_xperm_rule_raw(struct policydb* db, struct type_datum *src, struct type_datum *tgt,
struct class_datum *cls, uint16_t low, uint16_t high, int effect, bool invert) {
void add_xperm_rule_raw(struct policydb *db, struct type_datum *src,
struct type_datum *tgt, struct class_datum *cls,
uint16_t low, uint16_t high, int effect, bool invert)
{
if (src == NULL) {
struct hashtab_node *node;
hashtab_for_each(db->p_types.table, node) {
struct type_datum* type = (struct type_datum*)(node->datum);
hashtab_for_each(db->p_types.table, node)
{
struct type_datum *type =
(struct type_datum *)(node->datum);
if (type->attribute) {
add_xperm_rule_raw(db, type, tgt, cls, low, high, effect, invert);
add_xperm_rule_raw(db, type, tgt, cls, low,
high, effect, invert);
}
};
} else if (tgt == NULL) {
struct hashtab_node *node;
hashtab_for_each(db->p_types.table, node) {
struct type_datum* type = (struct type_datum*)(node->datum);
hashtab_for_each(db->p_types.table, node)
{
struct type_datum *type =
(struct type_datum *)(node->datum);
if (type->attribute) {
add_xperm_rule_raw(db, src, type, cls, low, high, effect, invert);
add_xperm_rule_raw(db, src, type, cls, low,
high, effect, invert);
}
};
} else if (cls == NULL) {
struct hashtab_node *node;
hashtab_for_each(db->p_classes.table, node) {
add_xperm_rule_raw(db, src, tgt, (struct class_datum*)(node->datum), low, high, effect, invert);
hashtab_for_each(db->p_classes.table, node)
{
add_xperm_rule_raw(db, src, tgt,
(struct class_datum *)(node->datum),
low, high, effect, invert);
};
} else {
struct avtab_key key;
@ -231,14 +269,16 @@ void add_xperm_rule_raw(struct policydb* db, struct type_datum *src, struct type
}
if (xperms.specified == AVTAB_XPERMS_IOCTLDRIVER) {
for (int i = ioctl_driver(low); i <= ioctl_driver(high); ++i) {
for (int i = ioctl_driver(low); i <= ioctl_driver(high);
++i) {
if (invert)
xperm_clear(i, xperms.perms.p);
else
xperm_set(i, xperms.perms.p);
}
} else {
for (int i = ioctl_func(low); i <= ioctl_func(high); ++i) {
for (int i = ioctl_func(low); i <= ioctl_func(high);
++i) {
if (invert)
xperm_clear(i, xperms.perms.p);
else
@ -254,18 +294,21 @@ void add_xperm_rule_raw(struct policydb* db, struct type_datum *src, struct type
datum = &node->datum;
if (datum->u.xperms == NULL) {
datum->u.xperms = (struct avtab_extended_perms*)(kmalloc(sizeof(xperms), GFP_KERNEL));
datum->u.xperms =
(struct avtab_extended_perms *)(kmalloc(
sizeof(xperms), GFP_KERNEL));
if (!datum->u.xperms) {
pr_err("alloc xperms failed\n");
return;
}
memcpy(datum->u.xperms, &xperms, sizeof(xperms));
}
}
}
bool add_xperm_rule(struct policydb* db, const char *s, const char *t, const char *c, const char *range, int effect, bool invert) {
bool add_xperm_rule(struct policydb *db, const char *s, const char *t,
const char *c, const char *range, int effect, bool invert)
{
struct type_datum *src = NULL, *tgt = NULL;
struct class_datum *cls = NULL;
@ -311,7 +354,9 @@ bool add_xperm_rule(struct policydb* db, const char *s, const char *t, const cha
return true;
}
bool add_type_rule(struct policydb* db, const char *s, const char *t, const char *c, const char *d, int effect) {
bool add_type_rule(struct policydb *db, const char *s, const char *t,
const char *c, const char *d, int effect)
{
struct type_datum *src, *tgt, *def;
struct class_datum *cls;
@ -348,34 +393,43 @@ bool add_type_rule(struct policydb* db, const char *s, const char *t, const char
return true;
}
bool add_filename_trans(const char *s, const char *t, const char *c, const char *d, const char *o) {
bool add_filename_trans(const char *s, const char *t, const char *c,
const char *d, const char *o)
{
return false;
}
bool add_genfscon(const char *fs_name, const char *path, const char *context) {
bool add_genfscon(const char *fs_name, const char *path, const char *context)
{
return false;
}
bool add_type(struct policydb* db, const char *type_name, bool attr) {
bool add_type(struct policydb *db, const char *type_name, bool attr)
{
return false;
}
bool set_type_state(struct policydb* db, const char *type_name, bool permissive) {
bool set_type_state(struct policydb *db, const char *type_name, bool permissive)
{
struct type_datum *type;
if (type_name == NULL) {
struct hashtab_node *node;
hashtab_for_each(db->p_types.table, node) {
hashtab_for_each(db->p_types.table, node)
{
type = (struct type_datum *)(node->datum);
if (ebitmap_set_bit(&db->permissive_map, type->value, permissive))
if (ebitmap_set_bit(&db->permissive_map, type->value,
permissive))
pr_info("Could not set bit in permissive map\n");
};
} else {
type = (struct type_datum *) symtab_search(&db->p_types, type_name);
type = (struct type_datum *)symtab_search(&db->p_types,
type_name);
if (type == NULL) {
pr_info("type %s does not exist\n", type_name);
return false;
}
if (ebitmap_set_bit(&db->permissive_map, type->value, permissive)) {
if (ebitmap_set_bit(&db->permissive_map, type->value,
permissive)) {
pr_info("Could not set bit in permissive map\n");
return false;
}
@ -383,26 +437,33 @@ bool set_type_state(struct policydb* db, const char *type_name, bool permissive)
return true;
}
void add_typeattribute_raw(struct policydb* db, struct type_datum *type, struct type_datum *attr) {
ebitmap_set_bit(&db->type_attr_map_array[type->value - 1], attr->value - 1, 1);
void add_typeattribute_raw(struct policydb *db, struct type_datum *type,
struct type_datum *attr)
{
ebitmap_set_bit(&db->type_attr_map_array[type->value - 1],
attr->value - 1, 1);
struct hashtab_node *node;
struct constraint_node *n;
struct constraint_expr *e;
hashtab_for_each(db->p_classes.table, node) {
hashtab_for_each(db->p_classes.table, node)
{
struct class_datum *cls = (struct class_datum *)(node->datum);
for (n = cls->constraints; n; n = n->next) {
for (e = n->expr; e; e = e->next) {
if (e->expr_type == CEXPR_NAMES &&
ebitmap_get_bit(&e->type_names->types, attr->value - 1)) {
ebitmap_set_bit(&e->names, type->value - 1, 1);
ebitmap_get_bit(&e->type_names->types,
attr->value - 1)) {
ebitmap_set_bit(&e->names,
type->value - 1, 1);
}
}
}
};
}
bool add_typeattribute(struct policydb* db, const char *type, const char *attr) {
bool add_typeattribute(struct policydb *db, const char *type, const char *attr)
{
struct type_datum *type_d = symtab_search(&db->p_types, type);
if (type_d == NULL) {
pr_info("type %s does not exist\n", type);
@ -426,72 +487,103 @@ bool add_typeattribute(struct policydb* db, const char *type, const char *attr)
}
// Operation on types
bool type(struct policydb* db, const char* name, const char* attr) {
bool type(struct policydb *db, const char *name, const char *attr)
{
return add_type(db, name, false) && add_typeattribute(db, name, attr);
}
bool attribute(struct policydb* db, const char* name) {
bool attribute(struct policydb *db, const char *name)
{
return add_type(db, name, true);
}
bool permissive(struct policydb* db, const char* type) {
bool permissive(struct policydb *db, const char *type)
{
return set_type_state(db, type, true);
}
bool enforce(struct policydb* db, const char* type) {
bool enforce(struct policydb *db, const char *type)
{
return set_type_state(db, type, false);
}
bool typeattribute(struct policydb* db, const char* type, const char* attr) {
bool typeattribute(struct policydb *db, const char *type, const char *attr)
{
return add_typeattribute(db, type, attr);
}
bool exists(struct policydb* db, const char* type) {
bool exists(struct policydb *db, const char *type)
{
return symtab_search(&db->p_types, type) != NULL;
}
// Access vector rules
bool allow(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* perm) {
bool allow(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *perm)
{
return add_rule(db, src, tgt, cls, perm, AVTAB_ALLOWED, false);
}
bool deny(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* perm) {
bool deny(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *perm)
{
return add_rule(db, src, tgt, cls, perm, AVTAB_ALLOWED, true);
}
bool auditallow(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* perm) {
bool auditallow(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *perm)
{
return add_rule(db, src, tgt, cls, perm, AVTAB_AUDITALLOW, false);
}
bool dontaudit(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* perm) {
bool dontaudit(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *perm)
{
return add_rule(db, src, tgt, cls, perm, AVTAB_AUDITDENY, true);
}
// Extended permissions access vector rules
bool allowxperm(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* range) {
return add_xperm_rule(db, src, tgt, cls, range, AVTAB_XPERMS_ALLOWED, false);
bool allowxperm(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *range)
{
return add_xperm_rule(db, src, tgt, cls, range, AVTAB_XPERMS_ALLOWED,
false);
}
bool auditallowxperm(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* range) {
return add_xperm_rule(db, src, tgt, cls, range, AVTAB_XPERMS_AUDITALLOW, false);
bool auditallowxperm(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *range)
{
return add_xperm_rule(db, src, tgt, cls, range, AVTAB_XPERMS_AUDITALLOW,
false);
}
bool dontauditxperm(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* range) {
return add_xperm_rule(db, src, tgt, cls, range, AVTAB_XPERMS_DONTAUDIT, false);
bool dontauditxperm(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *range)
{
return add_xperm_rule(db, src, tgt, cls, range, AVTAB_XPERMS_DONTAUDIT,
false);
}
// Type rules
bool type_transition(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* def, const char* obj) {
bool type_transition(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *def, const char *obj)
{
return false;
}
bool type_change(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* def) {
bool type_change(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *def)
{
return false;
}
bool type_member(struct policydb* db, const char* src, const char* tgt, const char* cls, const char* def) {
bool type_member(struct policydb *db, const char *src, const char *tgt,
const char *cls, const char *def)
{
return false;
}
// File system labeling
bool genfscon(struct policydb* db, const char* fs_name, const char* path, const char* ctx) {
bool genfscon(struct policydb *db, const char *fs_name, const char *path,
const char *ctx)
{
return false;
}

21
kernel/sucompat.c
View File

@ -28,20 +28,23 @@
extern void escape_to_root();
static void __user *userspace_stack_buffer(const void *d, size_t len) {
static void __user *userspace_stack_buffer(const void *d, size_t len)
{
/* To avoid having to mmap a page in userspace, just write below the stack pointer. */
char __user *p = (void __user *)current_user_stack_pointer() - len;
return copy_to_user(p, d, len) ? NULL : p;
}
static char __user *sh_user_path(void) {
static char __user *sh_user_path(void)
{
static const char sh_path[] = "/system/bin/sh";
return userspace_stack_buffer(sh_path, sizeof(sh_path));
}
static int faccessat_handler_pre(struct kprobe *p, struct pt_regs *regs) {
static int faccessat_handler_pre(struct kprobe *p, struct pt_regs *regs)
{
struct filename *filename;
const char su[] = SU_PATH;
@ -64,7 +67,8 @@ static int faccessat_handler_pre(struct kprobe *p, struct pt_regs *regs) {
return 0;
}
static int newfstatat_handler_pre(struct kprobe *p, struct pt_regs *regs) {
static int newfstatat_handler_pre(struct kprobe *p, struct pt_regs *regs)
{
// const char sh[] = SH_PATH;
struct filename *filename;
const char su[] = SU_PATH;
@ -89,7 +93,8 @@ static int newfstatat_handler_pre(struct kprobe *p, struct pt_regs *regs) {
}
// https://elixir.bootlin.com/linux/v5.10.158/source/fs/exec.c#L1864
static int execve_handler_pre(struct kprobe *p, struct pt_regs *regs) {
static int execve_handler_pre(struct kprobe *p, struct pt_regs *regs)
{
struct filename *filename;
const char sh[] = SH_PATH;
const char su[] = SU_PATH;
@ -102,7 +107,8 @@ static int execve_handler_pre(struct kprobe *p, struct pt_regs *regs) {
return 0;
}
if (first_app_process && !memcmp(filename->name, app_process, sizeof(app_process) - 1)) {
if (first_app_process &&
!memcmp(filename->name, app_process, sizeof(app_process) - 1)) {
first_app_process = false;
pr_info("exec app_process, /data prepared!\n");
apply_kernelsu_rules();
@ -139,7 +145,8 @@ static struct kprobe execve_kp = {
};
// sucompat: permited process can execute 'su' to gain root access.
void enable_sucompat() {
void enable_sucompat()
{
int ret;
ret = register_kprobe(&execve_kp);