You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Dec 24, 2023. It is now read-only.
Copy file name to clipboardExpand all lines: README.md
+5-6Lines changed: 5 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -3,16 +3,15 @@
3
3
## Intro
4
4
5
5
This is a kernel module to provide `/system/xbin/su` to Android Kernel (especially to WSA).
6
+
This is the best root solution if hidding is required. When GKI is ready, kernelsu is definitely the next generation of root.
6
7
7
-
Only works on 4.17+ kernel. For older kernel, you can refer to the [origin repo](https://git.zx2c4.com/kernel-assisted-superuser).
8
+
Only works on 4.17+ kernel (both WSA and GKI is 5.0+). For older kernel, you can refer to the [origin repo](https://git.zx2c4.com/kernel-assisted-superuser).
8
9
9
10
## How it works
10
11
- Replace syscall `newfstatat`, `faccessat` and `execve` on `/system/xbin/su` to `/system/bin/sh`
11
-
- When `execve` on `/system/xbin/su`, change SELinux to permissive, set all kinds of uids and gids to 0 and permit all capabilities.
12
-
13
-
## Improvement
14
-
- Instead of setting SELinux to permissive, we should set the target process to a permissive context
15
-
- Instead of allowing all to access and execute `/system/xbin/su`, we should allow only permitive uid or gid.
12
+
- When `execve` on `/system/xbin/su`, change SELinux to permissive, set all kinds of uids and gids to 0 and permit all capabilities
13
+
- Set SELinux context `su` to permissive
14
+
- Set the selinux context of the current process to `u:r:su:s0`
0 commit comments