mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
bd07bd12f2
The underlying lookup_user_key() function uses a signed 32 bit integer for key serial numbers because legitimate serial numbers are positive (and > 3) and keyrings are negative. Using a u32 for the keyring in the bpf function doesn't currently cause any conversion problems but will start to trip the signed to unsigned conversion warnings when the kernel enables them, so convert the argument to signed (and update the tests accordingly) before it acquires more users. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com> Link: https://lore.kernel.org/r/84cdb0775254d297d75e21f577089f64abdfbd28.camel@HansenPartnership.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
46 lines
956 B
C
46 lines
956 B
C
// SPDX-License-Identifier: GPL-2.0
|
|
|
|
/*
|
|
* Copyright (C) 2022 Huawei Technologies Duesseldorf GmbH
|
|
*
|
|
* Author: Roberto Sassu <roberto.sassu@huawei.com>
|
|
*/
|
|
|
|
#include "vmlinux.h"
|
|
#include <errno.h>
|
|
#include <bpf/bpf_helpers.h>
|
|
#include <bpf/bpf_tracing.h>
|
|
|
|
char _license[] SEC("license") = "GPL";
|
|
|
|
__u32 monitored_pid;
|
|
__s32 key_serial;
|
|
__u32 key_id;
|
|
__u64 flags;
|
|
|
|
extern struct bpf_key *bpf_lookup_user_key(__s32 serial, __u64 flags) __ksym;
|
|
extern struct bpf_key *bpf_lookup_system_key(__u64 id) __ksym;
|
|
extern void bpf_key_put(struct bpf_key *key) __ksym;
|
|
|
|
SEC("lsm.s/bpf")
|
|
int BPF_PROG(bpf, int cmd, union bpf_attr *attr, unsigned int size, bool kernel)
|
|
{
|
|
struct bpf_key *bkey;
|
|
__u32 pid;
|
|
|
|
pid = bpf_get_current_pid_tgid() >> 32;
|
|
if (pid != monitored_pid)
|
|
return 0;
|
|
|
|
if (key_serial)
|
|
bkey = bpf_lookup_user_key(key_serial, flags);
|
|
else
|
|
bkey = bpf_lookup_system_key(key_id);
|
|
|
|
if (!bkey)
|
|
return -ENOENT;
|
|
|
|
bpf_key_put(bkey);
|
|
|
|
return 0;
|
|
}
|