| KP Singh | 520b7aa | 2020-03-29 01:43:53 +0100 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0 |
| 2 | |
| 3 | /* |
| 4 | * Copyright (C) 2020 Google LLC. |
| 5 | */ |
| 6 | #include <linux/lsm_hooks.h> |
| 7 | #include <linux/bpf_lsm.h> |
| 8 | |
| 9 | static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { |
| 10 | #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ |
| 11 | LSM_HOOK_INIT(NAME, bpf_lsm_##NAME), |
| 12 | #include <linux/lsm_hook_defs.h> |
| 13 | #undef LSM_HOOK |
| KP Singh | 8ea6368 | 2020-08-25 20:29:17 +0200 | [diff] [blame] | 14 | LSM_HOOK_INIT(inode_free_security, bpf_inode_storage_free), |
| KP Singh | 4cf1bc1 | 2020-11-06 10:37:40 +0000 | [diff] [blame] | 15 | LSM_HOOK_INIT(task_free, bpf_task_storage_free), |
| KP Singh | 520b7aa | 2020-03-29 01:43:53 +0100 | [diff] [blame] | 16 | }; |
| 17 | |
| 18 | static int __init bpf_lsm_init(void) |
| 19 | { |
| 20 | security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); |
| 21 | pr_info("LSM support for eBPF active\n"); |
| 22 | return 0; |
| 23 | } |
| 24 | |
| KP Singh | 8ea6368 | 2020-08-25 20:29:17 +0200 | [diff] [blame] | 25 | struct lsm_blob_sizes bpf_lsm_blob_sizes __lsm_ro_after_init = { |
| 26 | .lbs_inode = sizeof(struct bpf_storage_blob), |
| KP Singh | 4cf1bc1 | 2020-11-06 10:37:40 +0000 | [diff] [blame] | 27 | .lbs_task = sizeof(struct bpf_storage_blob), |
| KP Singh | 8ea6368 | 2020-08-25 20:29:17 +0200 | [diff] [blame] | 28 | }; |
| 29 | |
| KP Singh | 520b7aa | 2020-03-29 01:43:53 +0100 | [diff] [blame] | 30 | DEFINE_LSM(bpf) = { |
| 31 | .name = "bpf", |
| 32 | .init = bpf_lsm_init, |
| KP Singh | 8ea6368 | 2020-08-25 20:29:17 +0200 | [diff] [blame] | 33 | .blobs = &bpf_lsm_blob_sizes |
| KP Singh | 520b7aa | 2020-03-29 01:43:53 +0100 | [diff] [blame] | 34 | }; |