projects / linux-2.6-block.git / blame
| Commit | Line | Data |
|---|---|---|
| 9d3fdea7 KS |
1 | /* SPDX-License-Identifier: GPL-2.0 */ |
| 2 | ||
| 3 | /* | |
| 4 | * Copyright (C) 2020 Google LLC. | |
| 5 | */ | |
| 6 | ||
| 7 | #ifndef _LINUX_BPF_LSM_H | |
| 8 | #define _LINUX_BPF_LSM_H | |
| 9 | ||
| 4cf1bc1f | 10 | #include <linux/sched.h> |
| 9d3fdea7 KS |
11 | #include <linux/bpf.h> |
| 12 | #include <linux/lsm_hooks.h> | |
| 13 | ||
| 14 | #ifdef CONFIG_BPF_LSM | |
| 15 | ||
| 16 | #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ | |
| 17 | RET bpf_lsm_##NAME(__VA_ARGS__); | |
| 18 | #include <linux/lsm_hook_defs.h> | |
| 19 | #undef LSM_HOOK | |
| 20 | ||
| 8ea63684 KS |
21 | struct bpf_storage_blob { |
| 22 | struct bpf_local_storage __rcu *storage; | |
| 23 | }; | |
| 24 | ||
| 25 | extern struct lsm_blob_sizes bpf_lsm_blob_sizes; | |
| 26 | ||
| 9e4e01df KS |
27 | int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, |
| 28 | const struct bpf_prog *prog); | |
| 29 | ||
| 423f1610 KS |
30 | bool bpf_lsm_is_sleepable_hook(u32 btf_id); |
| 31 | ||
| 8ea63684 KS |
32 | static inline struct bpf_storage_blob *bpf_inode( |
| 33 | const struct inode *inode) | |
| 34 | { | |
| 35 | if (unlikely(!inode->i_security)) | |
| 36 | return NULL; | |
| 37 | ||
| 38 | return inode->i_security + bpf_lsm_blob_sizes.lbs_inode; | |
| 39 | } | |
| 40 | ||
| 4cf1bc1f KS |
41 | static inline struct bpf_storage_blob *bpf_task( |
| 42 | const struct task_struct *task) | |
| 43 | { | |
| 44 | if (unlikely(!task->security)) | |
| 45 | return NULL; | |
| 46 | ||
| 47 | return task->security + bpf_lsm_blob_sizes.lbs_task; | |
| 48 | } | |
| 49 | ||
| 8ea63684 KS |
50 | extern const struct bpf_func_proto bpf_inode_storage_get_proto; |
| 51 | extern const struct bpf_func_proto bpf_inode_storage_delete_proto; | |
| 4cf1bc1f KS |
52 | extern const struct bpf_func_proto bpf_task_storage_get_proto; |
| 53 | extern const struct bpf_func_proto bpf_task_storage_delete_proto; | |
| 8ea63684 | 54 | void bpf_inode_storage_free(struct inode *inode); |
| 4cf1bc1f | 55 | void bpf_task_storage_free(struct task_struct *task); |
| 8ea63684 | 56 | |
| 9e4e01df KS |
57 | #else /* !CONFIG_BPF_LSM */ |
| 58 | ||
| 423f1610 KS |
59 | static inline bool bpf_lsm_is_sleepable_hook(u32 btf_id) |
| 60 | { | |
| 61 | return false; | |
| 62 | } | |
| 63 | ||
| 9e4e01df KS |
64 | static inline int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, |
| 65 | const struct bpf_prog *prog) | |
| 66 | { | |
| 67 | return -EOPNOTSUPP; | |
| 68 | } | |
| 69 | ||
| 8ea63684 KS |
70 | static inline struct bpf_storage_blob *bpf_inode( |
| 71 | const struct inode *inode) | |
| 72 | { | |
| 73 | return NULL; | |
| 74 | } | |
| 75 | ||
| 4cf1bc1f KS |
76 | static inline struct bpf_storage_blob *bpf_task( |
| 77 | const struct task_struct *task) | |
| 78 | { | |
| 79 | return NULL; | |
| 80 | } | |
| 81 | ||
| 8ea63684 KS |
82 | static inline void bpf_inode_storage_free(struct inode *inode) |
| 83 | { | |
| 84 | } | |
| 85 | ||
| 4cf1bc1f KS |
86 | static inline void bpf_task_storage_free(struct task_struct *task) |
| 87 | { | |
| 88 | } | |
| 89 | ||
| 9d3fdea7 KS |
90 | #endif /* CONFIG_BPF_LSM */ |
| 91 | ||
| 92 | #endif /* _LINUX_BPF_LSM_H */ |