diff options
| author |   KP Singh <kpsingh@google.com> | 2020-11-13 00:59:29 +0000 |
|---|---|---|
| committer |   Daniel Borkmann <daniel@iogearbox.net> | 2020-11-13 15:45:54 +0100 |
| commit | 423f16108c9d832bd96059d5c882c8ef6d76eb96 (patch) | |
| tree | 16ffedcef30b76f5c4b93636106581cbcad4b452 /include/linux/bpf_lsm.h | |
| parent | Merge branch 'bpf: Enable bpf_sk_storage for FENTRY/FEXIT/RAW_TP' (diff) | |
| download | wireguard-linux-423f16108c9d832bd96059d5c882c8ef6d76eb96.tar.xz wireguard-linux-423f16108c9d832bd96059d5c882c8ef6d76eb96.zip | |
bpf: Augment the set of sleepable LSM hooks
Update the set of sleepable hooks with the ones that do not trigger
a warning with might_fault() when exercised with the correct kernel
config options enabled, i.e.
DEBUG_ATOMIC_SLEEP=y
LOCKDEP=y
PROVE_LOCKING=y
This means that a sleepable LSM eBPF program can be attached to these
LSM hooks. A new helper method bpf_lsm_is_sleepable_hook is added and
the set is maintained locally in bpf_lsm.c
Signed-off-by: KP Singh <kpsingh@google.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20201113005930.541956-2-kpsingh@chromium.org
Diffstat (limited to 'include/linux/bpf_lsm.h')
| -rw-r--r-- | include/linux/bpf_lsm.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/include/linux/bpf_lsm.h b/include/linux/bpf_lsm.h index 73226181b744..0d1c33ace398 100644 --- a/include/linux/bpf_lsm.h +++ b/include/linux/bpf_lsm.h @@ -27,6 +27,8 @@ extern struct lsm_blob_sizes bpf_lsm_blob_sizes; int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, const struct bpf_prog *prog); +bool bpf_lsm_is_sleepable_hook(u32 btf_id); + static inline struct bpf_storage_blob *bpf_inode( const struct inode *inode) { @@ -54,6 +56,11 @@ void bpf_task_storage_free(struct task_struct *task); #else /* !CONFIG_BPF_LSM */ +static inline bool bpf_lsm_is_sleepable_hook(u32 btf_id) +{ + return false; +} + static inline int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, const struct bpf_prog *prog) { |