projects / linux-block.git / blame
| Commit | Line | Data |
|---|---|---|
| fd1740b6 JK |
1 | /* SPDX-License-Identifier: GPL-2.0 */ |
| 2 | #ifndef _BPF_CGROUP_DEFS_H | |
| 3 | #define _BPF_CGROUP_DEFS_H | |
| 4 | ||
| 5 | #ifdef CONFIG_CGROUP_BPF | |
| 6 | ||
| 7 | #include <linux/list.h> | |
| 8 | #include <linux/percpu-refcount.h> | |
| 9 | #include <linux/workqueue.h> | |
| 10 | ||
| 11 | struct bpf_prog_array; | |
| 12 | ||
| 69fd337a | 13 | #ifdef CONFIG_BPF_LSM |
| c0e19f2c SF |
14 | /* Maximum number of concurrently attachable per-cgroup LSM hooks. */ |
| 15 | #define CGROUP_LSM_NUM 10 | |
| 69fd337a SF |
16 | #else |
| 17 | #define CGROUP_LSM_NUM 0 | |
| 18 | #endif | |
| 19 | ||
| fd1740b6 JK |
20 | enum cgroup_bpf_attach_type { |
| 21 | CGROUP_BPF_ATTACH_TYPE_INVALID = -1, | |
| 22 | CGROUP_INET_INGRESS = 0, | |
| 23 | CGROUP_INET_EGRESS, | |
| 24 | CGROUP_INET_SOCK_CREATE, | |
| 25 | CGROUP_SOCK_OPS, | |
| 26 | CGROUP_DEVICE, | |
| 27 | CGROUP_INET4_BIND, | |
| 28 | CGROUP_INET6_BIND, | |
| 29 | CGROUP_INET4_CONNECT, | |
| 30 | CGROUP_INET6_CONNECT, | |
| 31 | CGROUP_INET4_POST_BIND, | |
| 32 | CGROUP_INET6_POST_BIND, | |
| 33 | CGROUP_UDP4_SENDMSG, | |
| 34 | CGROUP_UDP6_SENDMSG, | |
| 35 | CGROUP_SYSCTL, | |
| 36 | CGROUP_UDP4_RECVMSG, | |
| 37 | CGROUP_UDP6_RECVMSG, | |
| 38 | CGROUP_GETSOCKOPT, | |
| 39 | CGROUP_SETSOCKOPT, | |
| 40 | CGROUP_INET4_GETPEERNAME, | |
| 41 | CGROUP_INET6_GETPEERNAME, | |
| 42 | CGROUP_INET4_GETSOCKNAME, | |
| 43 | CGROUP_INET6_GETSOCKNAME, | |
| 44 | CGROUP_INET_SOCK_RELEASE, | |
| 69fd337a SF |
45 | CGROUP_LSM_START, |
| 46 | CGROUP_LSM_END = CGROUP_LSM_START + CGROUP_LSM_NUM - 1, | |
| fd1740b6 JK |
47 | MAX_CGROUP_BPF_ATTACH_TYPE |
| 48 | }; | |
| 49 | ||
| 50 | struct cgroup_bpf { | |
| 51 | /* array of effective progs in this cgroup */ | |
| 52 | struct bpf_prog_array __rcu *effective[MAX_CGROUP_BPF_ATTACH_TYPE]; | |
| 53 | ||
| 54 | /* attached progs to this cgroup and attach flags | |
| 55 | * when flags == 0 or BPF_F_ALLOW_OVERRIDE the progs list will | |
| 56 | * have either zero or one element | |
| 57 | * when BPF_F_ALLOW_MULTI the list can have up to BPF_CGROUP_MAX_PROGS | |
| 58 | */ | |
| 00442143 SF |
59 | struct hlist_head progs[MAX_CGROUP_BPF_ATTACH_TYPE]; |
| 60 | u8 flags[MAX_CGROUP_BPF_ATTACH_TYPE]; | |
| fd1740b6 JK |
61 | |
| 62 | /* list of cgroup shared storages */ | |
| 63 | struct list_head storages; | |
| 64 | ||
| 65 | /* temp storage for effective prog array used by prog_attach/detach */ | |
| 66 | struct bpf_prog_array *inactive; | |
| 67 | ||
| 68 | /* reference counter used to detach bpf programs after cgroup removal */ | |
| 69 | struct percpu_ref refcnt; | |
| 70 | ||
| 71 | /* cgroup_bpf is released using a work queue */ | |
| 72 | struct work_struct release_work; | |
| 73 | }; | |
| 74 | ||
| 75 | #else /* CONFIG_CGROUP_BPF */ | |
| 76 | struct cgroup_bpf {}; | |
| 77 | #endif /* CONFIG_CGROUP_BPF */ | |
| 78 | ||
| 79 | #endif |