Warning: This file is not a C or C++ file. It does not have highlighting.
1 | /* SPDX-License-Identifier: GPL-2.0 */ |
---|---|
2 | |
3 | /* |
4 | * Copyright (C) 2020 Google LLC. |
5 | */ |
6 | |
7 | #ifndef _LINUX_BPF_LSM_H |
8 | #define _LINUX_BPF_LSM_H |
9 | |
10 | #include <linux/sched.h> |
11 | #include <linux/bpf.h> |
12 | #include <linux/lsm_hooks.h> |
13 | |
14 | #ifdef CONFIG_BPF_LSM |
15 | |
16 | #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ |
17 | RET bpf_lsm_##NAME(__VA_ARGS__); |
18 | #include <linux/lsm_hook_defs.h> |
19 | #undef LSM_HOOK |
20 | |
21 | struct bpf_storage_blob { |
22 | struct bpf_local_storage __rcu *storage; |
23 | }; |
24 | |
25 | extern struct lsm_blob_sizes bpf_lsm_blob_sizes; |
26 | |
27 | int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, |
28 | const struct bpf_prog *prog); |
29 | |
30 | bool bpf_lsm_is_sleepable_hook(u32 btf_id); |
31 | bool bpf_lsm_is_trusted(const struct bpf_prog *prog); |
32 | |
33 | static inline struct bpf_storage_blob *bpf_inode( |
34 | const struct inode *inode) |
35 | { |
36 | if (unlikely(!inode->i_security)) |
37 | return NULL; |
38 | |
39 | return inode->i_security + bpf_lsm_blob_sizes.lbs_inode; |
40 | } |
41 | |
42 | extern const struct bpf_func_proto bpf_inode_storage_get_proto; |
43 | extern const struct bpf_func_proto bpf_inode_storage_delete_proto; |
44 | void bpf_inode_storage_free(struct inode *inode); |
45 | |
46 | void bpf_lsm_find_cgroup_shim(const struct bpf_prog *prog, bpf_func_t *bpf_func); |
47 | |
48 | #else /* !CONFIG_BPF_LSM */ |
49 | |
50 | static inline bool bpf_lsm_is_sleepable_hook(u32 btf_id) |
51 | { |
52 | return false; |
53 | } |
54 | |
55 | static inline bool bpf_lsm_is_trusted(const struct bpf_prog *prog) |
56 | { |
57 | return false; |
58 | } |
59 | |
60 | static inline int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, |
61 | const struct bpf_prog *prog) |
62 | { |
63 | return -EOPNOTSUPP; |
64 | } |
65 | |
66 | static inline struct bpf_storage_blob *bpf_inode( |
67 | const struct inode *inode) |
68 | { |
69 | return NULL; |
70 | } |
71 | |
72 | static inline void bpf_inode_storage_free(struct inode *inode) |
73 | { |
74 | } |
75 | |
76 | static inline void bpf_lsm_find_cgroup_shim(const struct bpf_prog *prog, |
77 | bpf_func_t *bpf_func) |
78 | { |
79 | } |
80 | |
81 | #endif /* CONFIG_BPF_LSM */ |
82 | |
83 | #endif /* _LINUX_BPF_LSM_H */ |
84 |
Warning: This file is not a C or C++ file. It does not have highlighting.