]>
Commit | Line | Data |
---|---|---|
520b7aa0 KS |
1 | // SPDX-License-Identifier: GPL-2.0 |
2 | ||
3 | /* | |
4 | * Copyright (C) 2020 Google LLC. | |
5 | */ | |
6 | #include <linux/lsm_hooks.h> | |
7 | #include <linux/bpf_lsm.h> | |
8 | ||
9 | static struct security_hook_list bpf_lsm_hooks[] __lsm_ro_after_init = { | |
10 | #define LSM_HOOK(RET, DEFAULT, NAME, ...) \ | |
11 | LSM_HOOK_INIT(NAME, bpf_lsm_##NAME), | |
12 | #include <linux/lsm_hook_defs.h> | |
13 | #undef LSM_HOOK | |
8ea63684 | 14 | LSM_HOOK_INIT(inode_free_security, bpf_inode_storage_free), |
4cf1bc1f | 15 | LSM_HOOK_INIT(task_free, bpf_task_storage_free), |
520b7aa0 KS |
16 | }; |
17 | ||
18 | static int __init bpf_lsm_init(void) | |
19 | { | |
20 | security_add_hooks(bpf_lsm_hooks, ARRAY_SIZE(bpf_lsm_hooks), "bpf"); | |
21 | pr_info("LSM support for eBPF active\n"); | |
22 | return 0; | |
23 | } | |
24 | ||
8ea63684 KS |
25 | struct lsm_blob_sizes bpf_lsm_blob_sizes __lsm_ro_after_init = { |
26 | .lbs_inode = sizeof(struct bpf_storage_blob), | |
4cf1bc1f | 27 | .lbs_task = sizeof(struct bpf_storage_blob), |
8ea63684 KS |
28 | }; |
29 | ||
520b7aa0 KS |
30 | DEFINE_LSM(bpf) = { |
31 | .name = "bpf", | |
32 | .init = bpf_lsm_init, | |
8ea63684 | 33 | .blobs = &bpf_lsm_blob_sizes |
520b7aa0 | 34 | }; |