kernel: Fix compatibility with old and 32bit programs

In v0.9.3 and v0.9.4, we replaced `vfs_statx` and `do_execveat_common`
with syscall hooks. But we missed `fstatat64` and `compat_execve` and
break compatibility with old and 32bit programs.

In NetHunter Terminal compat_execve is directly called, but `fstatat64`
is called before it in JuiceSSH bash-4.2. So add these two hooks back to
fix them.

Rissu's note: "I still thinking about this comment tiann/KernelSU#2084 (comment), i'll drop it if this changed."

Co-authored-by: hamjin <[email protected]>
Signed-off-by: Rissu <[email protected]>

Author: hamjin

drivers/kernelsu/arch.h

@@ -22,14 +22,18 @@
 #define PRCTL_SYMBOL "__arm64_sys_prctl"
 #define SYS_READ_SYMBOL "__arm64_sys_read"
 #define SYS_NEWFSTATAT_SYMBOL "__arm64_sys_newfstatat"
+#define SYS_FSTATAT64_SYMBOL "__arm64_sys_fstatat64"
 #define SYS_FACCESSAT_SYMBOL "__arm64_sys_faccessat"
 #define SYS_EXECVE_SYMBOL "__arm64_sys_execve"
+#define SYS_EXECVE_COMPAT_SYMBOL "__arm64_compat_sys_execve"
 #else
 #define PRCTL_SYMBOL "sys_prctl"
 #define SYS_READ_SYMBOL "sys_read"
 #define SYS_NEWFSTATAT_SYMBOL "sys_newfstatat"
+#define SYS_FSTATAT64_SYMBOL "sys_fstatat64"
 #define SYS_FACCESSAT_SYMBOL "sys_faccessat"
 #define SYS_EXECVE_SYMBOL "sys_execve"
+#define SYS_EXECVE_COMPAT_SYMBOL "compat_sys_execve"
 #endif
 
 #elif defined(__x86_64__)
@@ -51,14 +55,18 @@
 #define PRCTL_SYMBOL "__x64_sys_prctl"
 #define SYS_READ_SYMBOL "__x64_sys_read"
 #define SYS_NEWFSTATAT_SYMBOL "__x64_sys_newfstatat"
+#define SYS_FSTATAT64_SYMBOL "__x64_sys_fstatat64"
 #define SYS_FACCESSAT_SYMBOL "__x64_sys_faccessat"
 #define SYS_EXECVE_SYMBOL "__x64_sys_execve"
+#define SYS_EXECVE_COMPAT_SYMBOL "__x64_compat_sys_execve"
 #else
 #define PRCTL_SYMBOL "sys_prctl"
 #define SYS_READ_SYMBOL "sys_read"
 #define SYS_NEWFSTATAT_SYMBOL "sys_newfstatat"
+#define SYS_FSTATAT64_SYMBOL "sys_fstatat64"
 #define SYS_FACCESSAT_SYMBOL "sys_faccessat"
 #define SYS_EXECVE_SYMBOL "sys_execve"
+#define SYS_EXECVE_COMPAT_SYMBOL "compat_sys_execve"
 #endif
 
 #else
@@ -89,4 +97,4 @@
 #define PT_REAL_REGS(regs) ((regs))
 #endif
 
-#endif
+#endif

drivers/kernelsu/sucompat.c

@@ -327,6 +327,11 @@ static struct kprobe newfstatat_kp = {
 };
 #endif
 
+static struct kprobe fstatat64_kp = {
+	.symbol_name = SYS_FSTATAT64_SYMBOL,
+	.pre_handler = sys_newfstatat_handler_pre,
+};
+
 #if 1
 static struct kprobe execve_kp = {
 	.symbol_name = SYS_EXECVE_SYMBOL,
@@ -345,6 +350,11 @@ static struct kprobe execve_kp = {
 };
 #endif
 
+static struct kprobe execve_compat_kp = {
+	.symbol_name = SYS_EXECVE_COMPAT_SYMBOL,
+	.pre_handler = sys_execve_handler_pre,
+};
+
 static int pts_unix98_lookup_pre(struct kprobe *p, struct pt_regs *regs)
 {
 	struct inode *inode;
@@ -372,8 +382,12 @@ void ksu_sucompat_init()
 	int ret;
 	ret = register_kprobe(&execve_kp);
 	pr_info("sucompat: execve_kp: %d\n", ret);
+	ret = register_kprobe(&execve_compat_kp);
+	pr_info("sucompat: execve_compat_kp: %d\n", ret);
 	ret = register_kprobe(&newfstatat_kp);
 	pr_info("sucompat: newfstatat_kp: %d\n", ret);
+	ret = register_kprobe(&fstatat64_kp);
+	pr_info("sucompat: fstatat64_kp: %d\n", ret);
 	ret = register_kprobe(&faccessat_kp);
 	pr_info("sucompat: faccessat_kp: %d\n", ret);
 	ret = register_kprobe(&pts_unix98_lookup_kp);
@@ -385,7 +399,9 @@ void ksu_sucompat_exit()
 {
 #ifdef KSU_HOOK_WITH_KPROBES
 	unregister_kprobe(&execve_kp);
+	unregister_kprobe(&execve_compat_kp);
 	unregister_kprobe(&newfstatat_kp);
+	unregister_kprobe(&fstatat64_kp);
 	unregister_kprobe(&faccessat_kp);
 	unregister_kprobe(&pts_unix98_lookup_kp);
 #endif
@@ -410,4 +426,3 @@ void ksu_susfs_enable_sus_su(void) {
 	ksu_devpts_hook = true;
 }
 #endif // #ifdef CONFIG_KSU_SUSFS_SUS_SU
-