support 6.12 (#210)

* make kernel 6.12 bootup

* fist try safe systemcall

* Update version

Author: Admirepowered

kernel/Makefile

@@ -9,7 +9,7 @@ LD = $(TARGET_COMPILE)ld
 AS = $(TARGET_COMPILE)as
 OBJCOPY = $(TARGET_COMPILE)objcopy
 
-CFLAGS += -Wall -fno-builtin -std=gnu11 -nostdinc
+CFLAGS += -Wall -fno-builtin -std=gnu11 -nostdinc -mgeneral-regs-only
 CFLAGS += -g
 
 ifdef DEBUG

kernel/base/baselib.c

@@ -345,3 +345,11 @@ char *lib_strstr(const char *haystack, const char *needle)
 {
     return (char *)lib_memmem(haystack, lib_strlen(haystack), needle, lib_strlen(needle));
 }
+
+void *memset(void *s, int c, size_t n) {
+    unsigned char *p = s;
+    while (n--) {
+        *p++ = (unsigned char)c;
+    }
+    return s;
+}

kernel/linux/include/linux/vmalloc.h

@@ -64,6 +64,7 @@ extern void *kfunc_def(vm_map_ram)(struct page **pages, unsigned int count, int
 extern void kfunc_def(vm_unmap_aliases)(void);
 
 extern void *kfunc_def(vmalloc)(unsigned long size);
+extern void *kfunc_def(vmalloc_noprof)(unsigned long size);
 extern void *kfunc_def(vzalloc)(unsigned long size);
 extern void *kfunc_def(vmalloc_user)(unsigned long size);
 extern void *kfunc_def(vmalloc_node)(unsigned long size, int node);
@@ -121,6 +122,7 @@ static inline void vm_unmap_aliases(void)
 static inline void *vmalloc(unsigned long size)
 {
     kfunc_call(vmalloc, size);
+    kfunc_call(vmalloc_noprof, size);
     kfunc_not_found();
     return 0;
 }

kernel/patch/common/utils.c

@@ -75,12 +75,12 @@ int __must_check compat_copy_to_user(void __user *to, const void *from, int n)
 {
     int cplen = 0;
 
-    if (kfunc(seq_buf_to_user)) {
-        cplen = seq_buf_copy_to_user(to, from, n);
-    } else if (kfunc(xt_data_to_user)) {
+    if (kfunc(xt_data_to_user)) {
         // xt_data_to_user, xt_obj_to_user
         cplen = compat_xt_data_copy_to_user(to, from, n);
         if (!cplen) cplen = n;
+    } else if (kfunc(seq_buf_to_user)) {
+        cplen = seq_buf_copy_to_user(to, from, n);
     } else if (kfunc(bits_to_user)) {
         // bits_to_user, str_to_user
         cplen = compat_bits_copy_to_user(to, from, n);
@@ -98,6 +98,8 @@ KP_EXPORT_SYMBOL(compat_copy_to_user);
 
 long compat_strncpy_from_user(char *dest, const char __user *src, long count)
 {
+    kfunc_call(strncpy_from_user_nofault, dest, src, count);
+    kfunc_call(strncpy_from_unsafe_user, dest, src, count);
     if (kfunc(strncpy_from_user)) {
         long rc = kfunc(strncpy_from_user)(dest, src, count);
         if (rc >= count) {
@@ -108,8 +110,6 @@ long compat_strncpy_from_user(char *dest, const char __user *src, long count)
         }
         return rc;
     }
-    kfunc_call(strncpy_from_user_nofault, dest, src, count);
-    kfunc_call(strncpy_from_unsafe_user, dest, src, count);
     return 0;
 }
 KP_EXPORT_SYMBOL(compat_strncpy_from_user);

kernel/patch/ksyms/misc.c

@@ -336,6 +336,7 @@ void *kfunc_def(vm_map_ram)(struct page **pages, unsigned int count, int node) =
 void kfunc_def(vm_unmap_aliases)(void) = 0;
 
 void *kfunc_def(vmalloc)(unsigned long size) = 0;
+void *kfunc_def(vmalloc_noprof)(unsigned long size) = 0;
 void *kfunc_def(vzalloc)(unsigned long size) = 0;
 void *kfunc_def(vmalloc_user)(unsigned long size) = 0;
 void *kfunc_def(vmalloc_node)(unsigned long size, int node) = 0;
@@ -383,6 +384,7 @@ static void _linux_mm_vmalloc_sym_match(const char *name, unsigned long addr)
     // kfunc_match(vm_unmap_aliases, name, addr);
 
     kfunc_match(vmalloc, name, addr);
+    kfunc_match(vmalloc_noprof, name, addr);
     kfunc_match(vzalloc, name, addr);
     // kfunc_match(vmalloc_user, name, addr);
     // kfunc_match(vmalloc_node, name, addr);

tools/kallsym.c

@@ -85,6 +85,39 @@ static int find_linux_banner(kallsym_t *info, char *img, int32_t imglen)
     return 0;
 }
 
+int kernel_if_need_patch(kallsym_t *info, char *img, int32_t imglen)
+{
+    char linux_banner_prefix[] = "Linux version ";
+    size_t prefix_len = strlen(linux_banner_prefix);
+
+    char *imgend = img + imglen;
+    char *banner = (char *)img;
+    info->banner_num = 0;
+    while ((banner = (char *)memmem(banner + 1, imgend - banner - 1, linux_banner_prefix, prefix_len)) != NULL) {
+        if (isdigit(*(banner + prefix_len)) && *(banner + prefix_len + 1) == '.') {
+            info->linux_banner_offset[info->banner_num++] = (int32_t)(banner - img);
+        }
+    }
+    banner = img + info->linux_banner_offset[info->banner_num - 1];
+
+    char *uts_release_start = banner + prefix_len;
+    char *space = strchr(banner + prefix_len, ' ');
+
+    char *dot = NULL;
+
+    // VERSION
+    info->version.major = (uint8_t)strtoul(uts_release_start, &dot, 10);
+    // PATCHLEVEL
+    info->version.minor = (uint8_t)strtoul(dot + 1, &dot, 10);
+    // SUBLEVEL
+    int32_t patch = (int32_t)strtoul(dot + 1, &dot, 10);
+    info->version.patch = patch <= 256 ? patch : 255;
+
+    if (info->version.major < 6)return 0;
+    if (info->version.minor < 7)return 0;
+    return 1;
+}
+
 static int dump_kernel_config(kallsym_t *info, char *img, int32_t imglen)
 {
     // todo:

tools/kallsym.h

@@ -117,6 +117,7 @@ typedef struct
 
 } kallsym_t;
 
+int kernel_if_need_patch(kallsym_t *info, char *img, int32_t imglen);
 int analyze_kallsym_info(kallsym_t *info, char *img, int32_t imglen, enum arch_type arch, int32_t is_64);
 int dump_all_symbols(kallsym_t *info, char *img);
 int dump_all_ikconfig(char *img, int32_t imglen);

tools/patch.c

@@ -336,6 +336,29 @@ static void extra_append(char *kimg, const void *data, int len, int *offset)
     *offset += len;
 }
 
+static void disable_pi_map(char *img, int32_t imglen)
+{
+    
+    const unsigned char pattern[] = {
+        0xE6, 0x03, 0x16, 0xAA,
+        0xE7, 0x03, 0x1F, 0x2A,
+        0x34, 0x11, 0x88, 0x9A
+    };
+    const size_t pattern_len = sizeof(pattern);
+
+    const unsigned char replace[] = {
+        0xE6, 0x03, 0x16, 0xAA,
+        0xE7, 0x03, 0x1F, 0x2A,
+        0xF4, 0x03, 0x09, 0xAA
+    };
+
+    unsigned char *p = memmem(img, imglen, pattern, pattern_len);
+    if (p) {
+        memcpy(p, replace, pattern_len);
+    }
+
+}
+
 int patch_update_img(const char *kimg_path, const char *kpimg_path, const char *out_path, const char *superkey,
                      bool root_key, const char **additional, extra_config_t *extra_configs, int extra_config_num)
 {
@@ -362,6 +385,9 @@ int patch_update_img(const char *kimg_path, const char *kpimg_path, const char *
     char *kallsym_kimg = (char *)malloc(pimg.ori_kimg_len);
     memcpy(kallsym_kimg, pimg.kimg, pimg.ori_kimg_len);
     kallsym_t kallsym = { 0 };
+
+    if (kernel_if_need_patch(&kallsym, kallsym_kimg ,pimg.ori_kimg_len))disable_pi_map(kernel_file.kimg, kernel_file.kimg_len);
+    
     if (analyze_kallsym_info(&kallsym, kallsym_kimg, pimg.ori_kimg_len, ARM64, 1)) {
         tools_loge_exit("analyze_kallsym_info error\n");
     }

version

@@ -1,3 +1,3 @@
 #define MAJOR 0
 #define MINOR 12
-#define PATCH 0
+#define PATCH 1