ANDROID: selinux: add vendor hook in selinux

Add vendor hook for selinux_state, so we can know if the selinux_state is initialized Bug: 186363840 Signed-off-by: Kuan-Ying Lee <Kuan-Ying.Lee@mediatek.com> Change-Id: Ideed051a1d53ed1bce7d7915e38366264a7d77eb
2026-03-25 20:10:23 +09:00 · 2021-04-26 10:16:11 +08:00
parent 4870b68f3f
commit 546252f29c
3 changed files with 26 additions and 0 deletions
--- a/drivers/android/vendor_hooks.c
+++ b/drivers/android/vendor_hooks.c
@@ -53,6 +53,7 @@
 #include <trace/hooks/logbuf.h>
 #include <trace/hooks/vmscan.h>
 #include <trace/hooks/psi.h>
+#include <trace/hooks/selinux.h>

 /*
 * Export tracepoints that act as a bare tracehook (ie: have no trace event
@@ -259,3 +260,4 @@ EXPORT_TRACEPOINT_SYMBOL_GPL(android_rvh_enqueue_task_fair);
 EXPORT_TRACEPOINT_SYMBOL_GPL(android_rvh_dequeue_task_fair);
 EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_prepare_update_load_avg_se);
 EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_finish_update_load_avg_se);
+EXPORT_TRACEPOINT_SYMBOL_GPL(android_vh_selinux_is_initialized);
--- a/include/trace/hooks/selinux.h
+++ b/include/trace/hooks/selinux.h
@@ -0,0 +1,21 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#undef TRACE_SYSTEM
+#define TRACE_SYSTEM selinux
+
+#define TRACE_INCLUDE_PATH trace/hooks
+#if !defined(_TRACE_HOOK_SELINUX_H) || defined(TRACE_HEADER_MULTI_READ)
+#define _TRACE_HOOK_SELINUX_H
+#include <linux/tracepoint.h>
+#include <trace/hooks/vendor_hooks.h>
+/*
+ * Following tracepoints are not exported in tracefs and provide a
+ * mechanism for vendor modules to hook and extend functionality
+ */
+struct selinux_state;
+DECLARE_HOOK(android_vh_selinux_is_initialized,
+	TP_PROTO(const struct selinux_state *state),
+	TP_ARGS(state));
+
+#endif /* _TRACE_HOOK_SELINUX_H */
+/* This part must be outside protection */
+#include <trace/define_trace.h>
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -66,6 +66,8 @@
 #include "audit.h"
 #include "policycap_names.h"

+#include <trace/hooks/selinux.h>
+
 struct convert_context_args {
 	struct selinux_state *state;
 	struct policydb *oldp;
@@ -2253,6 +2255,7 @@ void selinux_policy_commit(struct selinux_state *state,
 		 */
 		selinux_mark_initialized(state);
 		selinux_complete_init();
+		trace_android_vh_selinux_is_initialized(state);
 	}

 	/* Free the old policy */