linux/include/linux/bpf_lsm.h
<<
>>
Prefs 
   1/* SPDX-License-Identifier: GPL-2.0 */
   2
   3/*
   4 * Copyright (C) 2020 Google LLC.
   5 */
   6
   7#ifndef _LINUX_BPF_LSM_H
   8#define _LINUX_BPF_LSM_H
   9
  10#include <linux/sched.h>
  11#include <linux/bpf.h>
  12#include <linux/lsm_hooks.h>
  13
  14#ifdef CONFIG_BPF_LSM
  15
  16#define LSM_HOOK(RET, DEFAULT, NAME, ...) \
  17        RET bpf_lsm_##NAME(__VA_ARGS__);
  18#include <linux/lsm_hook_defs.h>
  19#undef LSM_HOOK
  20
  21struct bpf_storage_blob {
  22        struct bpf_local_storage __rcu *storage;
  23};
  24
  25extern struct lsm_blob_sizes bpf_lsm_blob_sizes;
  26
  27int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog,
  28                        const struct bpf_prog *prog);
  29
  30bool bpf_lsm_is_sleepable_hook(u32 btf_id);
  31
  32static inline struct bpf_storage_blob *bpf_inode(
  33        const struct inode *inode)
  34{
  35        if (unlikely(!inode->i_security))
  36                return NULL;
  37
  38        return inode->i_security + bpf_lsm_blob_sizes.lbs_inode;
  39}
  40
  41static inline struct bpf_storage_blob *bpf_task(
  42        const struct task_struct *task)
  43{
  44        if (unlikely(!task->security))
  45                return NULL;
  46
  47        return task->security + bpf_lsm_blob_sizes.lbs_task;
  48}
  49
  50extern const struct bpf_func_proto bpf_inode_storage_get_proto;
  51extern const struct bpf_func_proto bpf_inode_storage_delete_proto;
  52extern const struct bpf_func_proto bpf_task_storage_get_proto;
  53extern const struct bpf_func_proto bpf_task_storage_delete_proto;
  54void bpf_inode_storage_free(struct inode *inode);
  55void bpf_task_storage_free(struct task_struct *task);
  56
  57#else /* !CONFIG_BPF_LSM */
  58
  59static inline bool bpf_lsm_is_sleepable_hook(u32 btf_id)
  60{
  61        return false;
  62}
  63
  64static inline int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog,
  65                                      const struct bpf_prog *prog)
  66{
  67        return -EOPNOTSUPP;
  68}
  69
  70static inline struct bpf_storage_blob *bpf_inode(
  71        const struct inode *inode)
  72{
  73        return NULL;
  74}
  75
  76static inline struct bpf_storage_blob *bpf_task(
  77        const struct task_struct *task)
  78{
  79        return NULL;
  80}
  81
  82static inline void bpf_inode_storage_free(struct inode *inode)
  83{
  84}
  85
  86static inline void bpf_task_storage_free(struct task_struct *task)
  87{
  88}
  89
  90#endif /* CONFIG_BPF_LSM */
  91
  92#endif /* _LINUX_BPF_LSM_H */
  93
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.