Releases: vc-teahouse/Baseband-guard
Releases · vc-teahouse/Baseband-guard
v1.1
Highlights:
- Refactor to bbg_cred_security_struct, and hook cred_prepare/cred_transfer/set_cred to auto trace process as untrusted
- You can include bbg's tracing.h in any kernel module to control bbg's flag, directly use bbg_cred(current_cred()) to get current security context's bbg's flags
- You even can use this feature in your root impl's kernel side to add a superkey support or better process flags, but PROCESS WITH YOUR OWN RISK
- drop old selinux whitelist domain, now, any selinux domain denied will not appear, old "ota not work/can not run factory reset" has been fixed
- hook inode_rename/inode_symlink to avoid modify /dev/block/by-name's symlink content to bypass bbg
What's Changed
- feat: add 6.8+ kernel support by @AlexLiuDev233 in #29
- fix: section mismatch in reference warning by @AlexLiuDev233 in #30
- Introduce Selinux domain protection by @cctv18 in #35
- fix: double CONFIG_ cause domain anti spoof failed by @AlexLiuDev233 in #36
- Fix compilation error caused by relative path in Makefile by @ahmad24shargh in #38
- Rename SELINUXFS_PATH to SELINUX_PATH and remove initialization overhead by @ahmad24shargh in #41
- scripts: abort build when Kconfig configure wrong by @AlexLiuDev233 in #46
- feat: show current selinux domain when bbg in debug by @AlexLiuDev233 in #50
- Adjust debug log output to default by @cctv18 in #53
- Fix: Some syntax issues by @yu13140 in #58
- feat:Show baseband_guard repo in dmesg and build log by @luyanci in #59
- feat: refactor to process tracing by @AlexLiuDev233 in #68
New Contributors
- @ahmad24shargh made their first contribution in #38
- @yu13140 made their first contribution in #58
Full Changelog: v1.0...v1.1
Contributors
ahmad24shargh, luyanci, and 3 other contributors
Assets 2
0
Join discussion
v1.0
The first release
Note: Selinux permissive is NOT allowed in default.If you meet the problem by this when you using some apps,please contact your developer to set CONFIG_BBG_ANTI_SPOOF_DOMAIN to 3(disable) or 2(probably will lead to the system NOT stable) in defconfig and rebuild the kernel
What's Changed
- Add LICENSE by @luyanci in #1
- add miui & 5.11- kernel support by @AlexLiuDev233 in #2
- Fix some configs & config instruction by @cctv18 in #4
- add 5.1- kernel support by @AlexLiuDev233 in #5
- add makefile by @AlexLiuDev233 in #6
- script: Show CONFIG_LSM notice if we have LSM Kconfig by @AlexLiuDev233 in #7
- perf: add some likely&inline by @AlexLiuDev233 in #8
- refactor: move linux kernel api compat to kernel_compat.h by @AlexLiuDev233 in #9
- Add whitelist identification for zram block device by @cctv18 in #11
- 更新 README.md by @luyanci in #12
- Fix too many arguments on 4.10 and below by @luyanci in #13
- fix: script can change to permissive to bypass bbg by @AlexLiuDev233 in #14
- [breaking change]simply Kconfig by @luyanci in #15
- fix duplicate patch by @luyanci in #17
- fix: fix support for 6.5+ by @AlexLiuDev233 in #18
- Add Contact Information by @lshwjgpt25 in #19
- Fix Selinux mode protection by @cctv18 in #20
- chore: add 2 ways to config CONFIG_LSM by @AlexLiuDev233 in #21
- Fix a bug caused by commit ID format by @cctv18 in #22
- Remove unused definitions by @cctv18 in #23
- Optimized if express to fix auto patch by @luyanci in #24
- Fix update failure on ColorOS by @cctv18 in #25
- Fix a return value by @cctv18 in #26
New Contributors
- @luyanci made their first contribution in #1
- @cctv18 made their first contribution in #4
- @lshwjgpt25 made their first contribution in #19
Full Changelog: https://github.com/vc-teahouse/Baseband-guard/commits/v1.0
Contributors
luyanci, cctv18, and 2 other contributors