{"id":6516,"date":"2025-07-22T22:56:08","date_gmt":"2025-07-23T02:56:08","guid":{"rendered":"https:\/\/droidbasement.com\/db-blog\/?p=6516"},"modified":"2025-09-25T17:28:56","modified_gmt":"2025-09-25T21:28:56","slug":"tutorial-kernelsu-next-with-susfs-integrated-in-to-a-gki-generic-kernel-image","status":"publish","type":"post","link":"https:\/\/droidbasement.com\/db-blog\/tutorial-kernelsu-next-with-susfs-integrated-in-to-a-gki-generic-kernel-image\/","title":{"rendered":"Tutorial – KernelSU-Next with SuSFS integrated in to a GKI (Generic Kernel Image)"},"content":{"rendered":"\n

This is a tutorial to build KernelSU-Next<\/a> (rifsxd<\/a>) with SuSFS<\/a> (simonpunk<\/a>) integrated in to a GKI<\/a> (Generic Kernel Image). This is used to gain escalation on your mobile device.<\/p>\n\n\n\n

This tutorial will use Pixel 7a as an example (Pixel 6 \/ 7 \/ 8 \/ 9 can be used) and is geared towards using AVB<\/a> Android14-11. Other interfaces can be used (the tutorial shows how to get this information), but you would need to, perhaps, fix hunks and \/ or rejects against the source that is applicable to your device, when using the patches. We will build using Ubuntu 24.0.4.2 on WSL2 (this requires virtualization to be on).<\/p>\n\n\n\n

…..<\/p>\n\n\n\n

Pre-requirements:
You will need adb \/ fastboot<\/a>.
Install git (sudo apt-get update && sudo apt-get -y install git)
You will need magiskboot<\/a> (place the binary from x86-64 (if on Windows using WSL2 Linux) in to the root of the ~\/.bin directory (see below; where you are putting the manual install of repo)). Ensure you set execute permissions on it: chmod u+x magiskboot
Install curl (sudo apt-get -y install curl).

You will need to perform a one-time wipe to turn off boot verification so you can boot and flash things you build, to properly test before committal. Please see below but do not remove the -w (wipe USERDATA), but add on the aforementioned flags before it, Thereafter, you will always pass the needed flags when you flash the monthly updates (but remove the -w).<\/strong>
Note: As per Avo and urkiu, leaving it on, doesn’t appear to prevent you from booting and flashing (SPL is being modified). However, antezero ran in to some odd issues which prevented proper back \/ forth updates and SweBow ran in to a no boot \/ crash situation, so it is advised to turn it off, which requires a one-time wipe.<\/em>

Grab the stock boot.img (referenced as boot-stock.img below) from the latest monthly update for your device in to the root of the workarea folder (see below) and name it boot-stock.img (mv boot.img boot-stock.img<\/code>).

Update to the latest monthly update for your device prior (remove any ramdisk modifications you may have made (Magisk), remove -w after fastboot in flash-all script and replace with –disable-verity –disable-verification):
https:\/\/developers.google.com\/android\/images#xxxxx
Replace xxxxx with the codename for your device.<\/p>\n\n\n\n

Repo<\/a> (Use manual install, its newer).

Put the path to it (repo) in your PATH:
export PATH=PATH_TO_REPO<\/em>:$PATH<\/code>
Replace PATH_TO_REPO<\/em> with the \/xxx\/xxx\/xxx path to repo.
You can make it permanent by adding it in to your shell’s .rc file (i.e. if you use BASH then at the end of ~\/.bashrc) and source it after (source ~\/.bashrc), so it can reflect in your current shell session.<\/p>\n\n\n\n

…..<\/p>\n\n\n\n

Create a work area for yourself and enter it:
mkdir workarea && cd workarea<\/code><\/p>\n\n\n\n

We will use android14-6.1 (Pixel 6 \/ 7 \/ 8).
You can get this information by unpacking the stock boot.img (see below) with magiskboot and taking note of the linux version string:
strings kernel | grep -i 'linux version'<\/code><\/p>\n\n\n\n

…..<\/p>\n\n\n\n

Grab manifest_xxxxx<\/em>.xml from a Tagged build (click kernel under ‘kernel artifacts’):
https:\/\/source.android.com\/docs\/core\/architecture\/kernel\/gki-android14-6_1-release-builds
Note: Replace xxxxx<\/em> with the actual number.

After you click on manifest_xxxxx<\/em>.xml, right click ‘Download’, copy link:
curl -o manifest_xxxxx<\/em>.xml \"LINK<\/em>\"<\/code>
Note: Replace LINK<\/em> (inside the quotes; retain the quotes (due to special characters in the long link)) with the actual session based URL \/ LINK<\/em> that was copied in to your buffer.

Clone susfs4ksu:
Note: 8\/15\/25: Added flag(s) for space reduction.
Note2: 8\/21\/25: Increase depth.
git clone --depth 3 --no-tags<\/code> https:\/\/gitlab.com\/pershoot\/susfs4ksu.git -b gki-android14-6.1-dev<\/code><\/p>\n\n\n\n

Create the source folder for the repository and the destination directory for the build:
mkdir gki-kernel
mkdir android-kernel<\/code><\/p>\n\n\n\n

Pull down the repository (Note: Replace xxxxx<\/em> with the actual number):
Note: 8\/15\/25: Added flag(s) for space reduction.
Note2: 8\/21\/25: Increase depth.
cd gki-kernel
repo init -u https:\/\/android.googlesource.com\/kernel\/manifest --depth=3
cp -p ..\/manifest_xxxxx<\/em>.xml .repo\/manifests
repo init -m manifest_xxxxx<\/em>.xml --depth=3
repo sync -c --no-tags
cd ..<\/code>

Create a mirror, which you will work against:
rsync -a --del gki-kernel\/ gki-14<\/code>

Copy SuSFS module and patches in:
cd gki-14<\/code>
cp -p ..\/susfs4ksu\/kernel_patches\/fs\/* common\/fs
cp -p ..\/susfs4ksu\/kernel_patches\/include\/linux\/* common\/include\/linux
cp -p ..\/susfs4ksu\/kernel_patches\/50_add_susfs_in_gki-android14-6.1.patch common
cp -p ..\/susfs4ksu\/kernel_patches\/60_scope-minimized_manual_hooks.patch common<\/code><\/p>\n\n\n\n

Patch:
Note: 8\/15\/25: Use input and unified flag.
cd common
patch -p1 -ui 50_add_susfs_in_gki-android14-6.1.patch
patch -p1 -ui 60_scope-minimized_manual_hooks.patch
cd ..<\/code><\/p>\n\n\n\n

Pull down KernelSU-Next and execute setup:
curl -LSs \"https:\/\/raw.githubusercontent.com\/pershoot\/KernelSU-Next\/refs\/heads\/next-susfs\/kernel\/setup.sh\" | bash -s next-susfs<\/code><\/p>\n\n\n\n

Remove protected exports (also the patches) so Wi-Fi and Bluetooth will function:
sed -i '\/^[[:space:]]*\"protected_exports_list\"[[:space:]]*:[[:space:]]*\"android\\\/abi_gki_protected_exports_aarch64\",$\/d' common\/BUILD.bazel
rm common\/android\/abi_gki_protected_exports_* common\/50_add_susfs_in_gki-android14-6.1.patch common\/60_scope-minimized_manual_hooks.patch<\/code><\/p>\n\n\n\n

Commit the changes in to your local repository:
cd common
git add -A
git commit -a -m \"Add KernelSU-Next-susfs\"
cd ..<\/code><\/p>\n\n\n\n

Build:
tools\/bazel run --config=fast --config=stamp --lto=thin \/\/common:kernel_aarch64_dist -- --dist_dir=..\/android-kernel<\/code><\/p>\n\n\n\n

Create a directory where you will use magiskboot to sort out SPL (Security Patch Level) using your stock image:
Note: If you have ~\/.bin in your PATH, then you do not have to put a preceding relative path. The below assumes you followed the manual install of repo and put it in that same directory.
mkdir ..\/android-kernel\/kernel
cd ..\/android-kernel\/kernel
cp -p ..\/boot.img .
..\/..\/..\/.bin\/magiskboot unpack boot.img
..\/..\/..\/.bin\/magiskboot repack ..\/..\/boot-stock.img<\/code>
<\/p>\n\n\n\n

…..<\/p>\n\n\n\n


Test your boot image (new-boot.img is found in android-kernel\/kernel directory you are in):
adb reboot bootloader or vol down and power
fastboot boot new-boot.img<\/code>

If all looks well:
adb reboot bootloader
fastboot flash boot new-boot.img
fastboot reboot<\/code><\/p>\n\n\n\n

…..<\/p>\n\n\n\n

Install the latest susfs4ksu<\/a> module (sidex15<\/a>) through the KernelSU-Next Manager.<\/p>\n\n\n\n

Enjoy!<\/p>\n\n\n\n

…..<\/p>\n\n\n\n

Sources:
pershoot\/KernelSU-Next at next-susfs<\/a>
pershoot\/susfs4ksu\/-\/tree\/gki-android14-6.1-dev<\/a>
KernelSU-Next\/KernelSU-Next: An advanced Kernel based root solution for Android<\/a>
simonpunk\/susfs4ksu\/-\/tree\/gki-android14-6.1<\/a>
sidex15\/susfs4ksu-module: An addon root hiding service for KernelSU<\/a>
backslashxx\/KernelSU<\/a><\/p>\n\n\n\n


<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

This is a tutorial to build KernelSU-Next (rifsxd) with SuSFS (simonpunk) integrated in to a GKI (Generic Kernel Image). This is used to gain escalation on your mobile device. This tutorial will use Pixel 7a as an example (Pixel 6 \/ 7 \/ 8 \/ 9 can be used) and is geared towards using AVB […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[87,85,86],"class_list":["post-6516","post","type-post","status-publish","format-standard","hentry","category-android","tag-gki","tag-kernelsunext","tag-susfs"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/posts\/6516","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/comments?post=6516"}],"version-history":[{"count":67,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/posts\/6516\/revisions"}],"predecessor-version":[{"id":6723,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/posts\/6516\/revisions\/6723"}],"wp:attachment":[{"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/media?parent=6516"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/categories?post=6516"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/droidbasement.com\/db-blog\/wp-json\/wp\/v2\/tags?post=6516"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}