| KP Singh | fc611f4 | 2020-03-29 01:43:49 +0100 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0 |
| 2 | |
| 3 | /* |
| 4 | * Copyright (C) 2020 Google LLC. |
| 5 | */ |
| 6 | |
| 7 | #include <linux/filter.h> |
| 8 | #include <linux/bpf.h> |
| 9 | #include <linux/btf.h> |
| KP Singh | 9d3fdea | 2020-03-29 01:43:51 +0100 | [diff] [blame^] | 10 | #include <linux/lsm_hooks.h> |
| 11 | #include <linux/bpf_lsm.h> |
| 12 | |
| 13 | /* For every LSM hook that allows attachment of BPF programs, declare a nop |
| 14 | * function where a BPF program can be attached. |
| 15 | */ |
| 16 | #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ |
| 17 | noinline RET bpf_lsm_##NAME(__VA_ARGS__) \ |
| 18 | { \ |
| 19 | return DEFAULT; \ |
| 20 | } |
| 21 | |
| 22 | #include <linux/lsm_hook_defs.h> |
| 23 | #undef LSM_HOOK |
| KP Singh | fc611f4 | 2020-03-29 01:43:49 +0100 | [diff] [blame] | 24 | |
| 25 | const struct bpf_prog_ops lsm_prog_ops = { |
| 26 | }; |
| 27 | |
| 28 | const struct bpf_verifier_ops lsm_verifier_ops = { |
| 29 | .get_func_proto = bpf_tracing_func_proto, |
| 30 | .is_valid_access = btf_ctx_access, |
| 31 | }; |