1*a9c7c18bSRoberto Sassu // SPDX-License-Identifier: GPL-2.0 2*a9c7c18bSRoberto Sassu 3*a9c7c18bSRoberto Sassu /* 4*a9c7c18bSRoberto Sassu * Copyright (C) 2022 Huawei Technologies Duesseldorf GmbH 5*a9c7c18bSRoberto Sassu * 6*a9c7c18bSRoberto Sassu * Author: Roberto Sassu <roberto.sassu@huawei.com> 7*a9c7c18bSRoberto Sassu */ 8*a9c7c18bSRoberto Sassu 9*a9c7c18bSRoberto Sassu #include "vmlinux.h" 10*a9c7c18bSRoberto Sassu #include <errno.h> 11*a9c7c18bSRoberto Sassu #include <bpf/bpf_helpers.h> 12*a9c7c18bSRoberto Sassu #include <bpf/bpf_tracing.h> 13*a9c7c18bSRoberto Sassu 14*a9c7c18bSRoberto Sassu /* From include/linux/mm.h. */ 15*a9c7c18bSRoberto Sassu #define FMODE_WRITE 0x2 16*a9c7c18bSRoberto Sassu 17*a9c7c18bSRoberto Sassu struct { 18*a9c7c18bSRoberto Sassu __uint(type, BPF_MAP_TYPE_ARRAY); 19*a9c7c18bSRoberto Sassu __uint(max_entries, 1); 20*a9c7c18bSRoberto Sassu __type(key, __u32); 21*a9c7c18bSRoberto Sassu __type(value, __u32); 22*a9c7c18bSRoberto Sassu } data_input SEC(".maps"); 23*a9c7c18bSRoberto Sassu 24*a9c7c18bSRoberto Sassu char _license[] SEC("license") = "GPL"; 25*a9c7c18bSRoberto Sassu 26*a9c7c18bSRoberto Sassu SEC("lsm/bpf_map") BPF_PROG(check_access,struct bpf_map * map,fmode_t fmode)27*a9c7c18bSRoberto Sassuint BPF_PROG(check_access, struct bpf_map *map, fmode_t fmode) 28*a9c7c18bSRoberto Sassu { 29*a9c7c18bSRoberto Sassu if (map != (struct bpf_map *)&data_input) 30*a9c7c18bSRoberto Sassu return 0; 31*a9c7c18bSRoberto Sassu 32*a9c7c18bSRoberto Sassu if (fmode & FMODE_WRITE) 33*a9c7c18bSRoberto Sassu return -EACCES; 34*a9c7c18bSRoberto Sassu 35*a9c7c18bSRoberto Sassu return 0; 36*a9c7c18bSRoberto Sassu } 37