tools/testing/selftests/bpf/progs/dev_cgroup.c

   1 /* Copyright (c) 2017 Facebook
   2  *
   3  * This program is free software; you can redistribute it and/or
   4  * modify it under the terms of version 2 of the GNU General Public
   5  * License as published by the Free Software Foundation.
   6  */
   7
   8 #include <linux/bpf.h>
   9 #include <linux/version.h>
  10 #include "bpf_helpers.h"
  11
  12 SEC("cgroup/dev")
  13 int bpf_prog1(struct bpf_cgroup_dev_ctx *ctx)
  14 {
  15         short type = ctx->access_type & 0xFFFF;
  16 #ifdef DEBUG
  17         short access = ctx->access_type >> 16;
  18         char fmt[] = "  %d:%d    \n";
  19
  20         switch (type) {
  21         case BPF_DEVCG_DEV_BLOCK:
  22                 fmt[0] = 'b';
  23                 break;
  24         case BPF_DEVCG_DEV_CHAR:
  25                 fmt[0] = 'c';
  26                 break;
  27         default:
  28                 fmt[0] = '?';
  29                 break;
  30         }
  31
  32         if (access & BPF_DEVCG_ACC_READ)
  33                 fmt[8] = 'r';
  34
  35         if (access & BPF_DEVCG_ACC_WRITE)
  36                 fmt[9] = 'w';
  37
  38         if (access & BPF_DEVCG_ACC_MKNOD)
  39                 fmt[10] = 'm';
  40
  41         bpf_trace_printk(fmt, sizeof(fmt), ctx->major, ctx->minor);
  42 #endif
  43
  44         /* Allow access to /dev/zero and /dev/random.
  45          * Forbid everything else.
  46          */
  47         if (ctx->major != 1 || type != BPF_DEVCG_DEV_CHAR)
  48                 return 0;
  49
  50         switch (ctx->minor) {
  51         case 5: /* 1:5 /dev/zero */
  52         case 9: /* 1:9 /dev/urandom */
  53                 return 1;
  54         }
  55
  56         return 0;
  57 }
  58
  59 char _license[] SEC("license") = "GPL";
  60 __u32 _version SEC("version") = LINUX_VERSION_CODE;