1 /* SPDX-License-Identifier: GPL-2.0 */ 2 3 /* 4 * Copyright (C) 2020 Google LLC. 5 */ 6 7 #ifndef _LINUX_BPF_LSM_H 8 #define _LINUX_BPF_LSM_H 9 10 #include <linux/bpf.h> 11 #include <linux/lsm_hooks.h> 12 13 #ifdef CONFIG_BPF_LSM 14 15 #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ 16 RET bpf_lsm_##NAME(__VA_ARGS__); 17 #include <linux/lsm_hook_defs.h> 18 #undef LSM_HOOK 19 20 struct bpf_storage_blob { 21 struct bpf_local_storage __rcu *storage; 22 }; 23 24 extern struct lsm_blob_sizes bpf_lsm_blob_sizes; 25 26 int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, 27 const struct bpf_prog *prog); 28 bpf_inode(const struct inode * inode)29static inline struct bpf_storage_blob *bpf_inode( 30 const struct inode *inode) 31 { 32 if (unlikely(!inode->i_security)) 33 return NULL; 34 35 return inode->i_security + bpf_lsm_blob_sizes.lbs_inode; 36 } 37 38 extern const struct bpf_func_proto bpf_inode_storage_get_proto; 39 extern const struct bpf_func_proto bpf_inode_storage_delete_proto; 40 void bpf_inode_storage_free(struct inode *inode); 41 42 #else /* !CONFIG_BPF_LSM */ 43 bpf_lsm_verify_prog(struct bpf_verifier_log * vlog,const struct bpf_prog * prog)44static inline int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, 45 const struct bpf_prog *prog) 46 { 47 return -EOPNOTSUPP; 48 } 49 bpf_inode(const struct inode * inode)50static inline struct bpf_storage_blob *bpf_inode( 51 const struct inode *inode) 52 { 53 return NULL; 54 } 55 bpf_inode_storage_free(struct inode * inode)56static inline void bpf_inode_storage_free(struct inode *inode) 57 { 58 } 59 60 #endif /* CONFIG_BPF_LSM */ 61 62 #endif /* _LINUX_BPF_LSM_H */ 63