ANDROID: syscall_check: add vendor hook for mmap syscall

Through this vendor hook, we can get the timing to check current running task for the validation of its credential and related operations. Bug: 191291287 Signed-off-by: Kuan-Ying Lee <Kuan-Ying.Lee@mediatek.com> Change-Id: If20bd8bb8311ad10a374033734fbdc7ef61a7704 (cherry picked from commit a5543c9cd718cf3ac51b4065110213e5535d4ee5)
2021-10-05 17:29:04 +08:00 · 2021-10-05 17:29:04 +08:00 · e13e55eae1
commit e13e55eae1
parent f2d4bb3c0e
3 changed files with 28 additions and 0 deletions
--- a/drivers/android/vendor_hooks.c
+++ b/drivers/android/vendor_hooks.c
@ -42,6 +42,7 @@
 #include <trace/hooks/memory.h>
 #include <trace/hooks/module.h>
 #include <trace/hooks/selinux.h>
+#include <trace/hooks/syscall_check.h>

 /*
 * Export tracepoints that act as a bare tracehook (ie: have no trace event
@ -192,3 +193,4 @@ EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_set_memory_rw);
 EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_set_module_permit_before_init);
 EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_set_module_permit_after_init);
 EXPORT_TRACEPOINT_SYMBOL_GPL(android_rvh_selinux_is_initialized);
+EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_check_mmap_file);
--- a/include/trace/hooks/syscall_check.h
+++ b/include/trace/hooks/syscall_check.h
@ -0,0 +1,22 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#undef TRACE_SYSTEM
+#define TRACE_SYSTEM syscall_check
+
+#define TRACE_INCLUDE_PATH trace/hooks
+#if !defined(_TRACE_HOOK_SYSCALL_CHECK_H) || defined(TRACE_HEADER_MULTI_READ)
+#define _TRACE_HOOK_SYSCALL_CHECK_H
+#include <linux/tracepoint.h>
+#include <trace/hooks/vendor_hooks.h>
+/*
+ * Following tracepoints are not exported in tracefs and provide a
+ * mechanism for vendor modules to hook and extend functionality
+ */
+struct file;
+DECLARE_HOOK(android_vh_check_mmap_file,
+	TP_PROTO(const struct file *file, unsigned long prot,
+		unsigned long flag, unsigned long ret),
+	TP_ARGS(file, prot, flag, ret));
+
+#endif /* _TRACE_HOOK_SYSCALL_CHECK_H */
+/* This part must be outside protection */
+#include <trace/define_trace.h>
--- a/mm/util.c
+++ b/mm/util.c
@ -27,6 +27,9 @@
 #include <linux/uaccess.h>

 #include "internal.h"
+#ifndef __GENSYMS__
+#include <trace/hooks/syscall_check.h>
+#endif

 /**
 * kfree_const - conditionally free memory
@ -523,6 +526,7 @@ unsigned long vm_mmap_pgoff(struct file *file, unsigned long addr,
 		if (populate)
 			mm_populate(ret, populate);
 	}
+	trace_android_vh_check_mmap_file(file, prot, flag, ret);
 	return ret;
 }