| blob | 3fe9f59ef86729e0826b824ca77bc84ff32d4227 |
1 // SPDX-License-Identifier: GPL-2.0
2 /* Copyright (c) 2024 Google LLC. */
4 #include <linux/bpf.h>
5 #include <linux/btf.h>
6 #include <linux/btf_ids.h>
7 #include <linux/dcache.h>
8 #include <linux/fs.h>
9 #include <linux/file.h>
10 #include <linux/mm.h>
11 #include <linux/xattr.h>
15 /**
16 * bpf_get_task_exe_file - get a reference on the exe_file struct file member of
17 * the mm_struct that is nested within the supplied
18 * task_struct
19 * @task: task_struct of which the nested mm_struct exe_file member to get a
20 * reference on
21 *
22 * Get a reference on the exe_file struct file member field of the mm_struct
23 * nested within the supplied *task*. The referenced file pointer acquired by
24 * this BPF kfunc must be released using bpf_put_file(). Failing to call
25 * bpf_put_file() on the returned referenced struct file pointer that has been
26 * acquired by this BPF kfunc will result in the BPF program being rejected by
27 * the BPF verifier.
28 *
29 * This BPF kfunc may only be called from BPF LSM programs.
30 *
31 * Internally, this BPF kfunc leans on get_task_exe_file(), such that calling
32 * bpf_get_task_exe_file() would be analogous to calling get_task_exe_file()
33 * directly in kernel context.
34 *
35 * Return: A referenced struct file pointer to the exe_file member of the
36 * mm_struct that is nested within the supplied *task*. On error, NULL is
37 * returned.
38 */
40 {
42 }
44 /**
45 * bpf_put_file - put a reference on the supplied file
46 * @file: file to put a reference on
47 *
48 * Put a reference on the supplied *file*. Only referenced file pointers may be
49 * passed to this BPF kfunc. Attempting to pass an unreferenced file pointer, or
50 * any other arbitrary pointer for that matter, will result in the BPF program
51 * being rejected by the BPF verifier.
52 *
53 * This BPF kfunc may only be called from BPF LSM programs.
54 */
56 {
58 }
60 /**
61 * bpf_path_d_path - resolve the pathname for the supplied path
62 * @path: path to resolve the pathname for
63 * @buf: buffer to return the resolved pathname in
64 * @buf__sz: length of the supplied buffer
65 *
66 * Resolve the pathname for the supplied *path* and store it in *buf*. This BPF
67 * kfunc is the safer variant of the legacy bpf_d_path() helper and should be
68 * used in place of bpf_d_path() whenever possible. It enforces KF_TRUSTED_ARGS
69 * semantics, meaning that the supplied *path* must itself hold a valid
70 * reference, or else the BPF program will be outright rejected by the BPF
71 * verifier.
72 *
73 * This BPF kfunc may only be called from BPF LSM programs.
74 *
75 * Return: A positive integer corresponding to the length of the resolved
76 * pathname in *buf*, including the NUL termination character. On error, a
77 * negative integer is returned.
78 */
80 {
94 }
96 /**
97 * bpf_get_dentry_xattr - get xattr of a dentry
98 * @dentry: dentry to get xattr from
99 * @name__str: name of the xattr
100 * @value_p: output buffer of the xattr value
101 *
102 * Get xattr *name__str* of *dentry* and store the output in *value_ptr*.
103 *
104 * For security reasons, only *name__str* with prefix "user." is allowed.
105 *
106 * Return: 0 on success, a negative value on error.
107 */
110 {
113 u32 value_len;
132 }
134 /**
135 * bpf_get_file_xattr - get xattr of a file
136 * @file: file to get xattr from
137 * @name__str: name of the xattr
138 * @value_p: output buffer of the xattr value
139 *
140 * Get xattr *name__str* of *file* and store the output in *value_ptr*.
141 *
142 * For security reasons, only *name__str* with prefix "user." is allowed.
143 *
144 * Return: 0 on success, a negative value on error.
145 */
148 {
153 }
167 {
172 }
178 };
181 {
183 }