Releases: nampud/KernelSU
v0.0.3
Download module from here, needs modified KernelSU (one is provided below)
Update: since this commit in KSUN, the module should work on unmodified KernelSU Next (though it is not yet in a KSUN release, but CI build can be used)
Only supports aarch64
Use the official KernelSU manager apk, the one from this repository will not work
This is a KernelSU modification and module with the goal of mitigating the detectability of the kprobe hooks KernelSU uses to implement sucompat. Devices affected by this detection show Detected delayed syscall caused by Apatch/KSU in Native Detector, and Abnormal Environment in Holmes and Native Test.
It works by disabling the built-in sucompat (deactivating the problematic kprobe hooks), and instead mounting a /system/bin/su binary, which then uses the prctl interface provided by KernelSU to obtain root privileges.
The module will mount a /system/bin/su binary, and automatically disable sucompat at boot.
Note that the module needs support from the kernel code to allow the prctl(KERNEL_SU_OPTION, CMD_GRANT_ROOT) command to be used by the mounted su binary. Currently upstream KernelSU only allows the manager to use it, preventing this module from working.
The kernel files downloadable below were built by GitHub CI from the source code available in this repository, and they have the necessary changes applied to allow the module to work.
This repository aims to provide a proof-of-concept (but hopefully still reliable) implementation, with both the kernel-side changes and the module complexity being kept to a minimum. Other implementations of this idea might be available, for example this version of the module by backslashxx adds support for architectures other than aarch64 and adds optimizations related to reducing mount count when using magic mount.