1/* SPDX-License-Identifier: GPL-2.0 */ 2 3/* 4 * Copyright (C) 2020 Google LLC. 5 */ 6 7#ifndef _LINUX_BPF_LSM_H 8#define _LINUX_BPF_LSM_H 9 10#include <linux/sched.h> 11#include <linux/bpf.h> 12#include <linux/lsm_hooks.h> 13 14#ifdef CONFIG_BPF_LSM 15 16#define LSM_HOOK(RET, DEFAULT, NAME, ...) \ 17 RET bpf_lsm_##NAME(__VA_ARGS__); 18#include <linux/lsm_hook_defs.h> 19#undef LSM_HOOK 20 21struct bpf_storage_blob { 22 struct bpf_local_storage __rcu *storage; 23}; 24 25extern struct lsm_blob_sizes bpf_lsm_blob_sizes; 26 27int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, 28 const struct bpf_prog *prog); 29 30bool bpf_lsm_is_sleepable_hook(u32 btf_id); 31 32static inline struct bpf_storage_blob *bpf_inode( 33 const struct inode *inode) 34{ 35 if (unlikely(!inode->i_security)) 36 return NULL; 37 38 return inode->i_security + bpf_lsm_blob_sizes.lbs_inode; 39} 40 41extern const struct bpf_func_proto bpf_inode_storage_get_proto; 42extern const struct bpf_func_proto bpf_inode_storage_delete_proto; 43void bpf_inode_storage_free(struct inode *inode); 44 45#else /* !CONFIG_BPF_LSM */ 46 47static inline bool bpf_lsm_is_sleepable_hook(u32 btf_id) 48{ 49 return false; 50} 51 52static inline int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, 53 const struct bpf_prog *prog) 54{ 55 return -EOPNOTSUPP; 56} 57 58static inline struct bpf_storage_blob *bpf_inode( 59 const struct inode *inode) 60{ 61 return NULL; 62} 63 64static inline void bpf_inode_storage_free(struct inode *inode) 65{ 66} 67 68#endif /* CONFIG_BPF_LSM */ 69 70#endif /* _LINUX_BPF_LSM_H */ 71