1*ecce368dSRoberto Sassu // SPDX-License-Identifier: GPL-2.0 2*ecce368dSRoberto Sassu 3*ecce368dSRoberto Sassu /* 4*ecce368dSRoberto Sassu * Copyright (C) 2022 Huawei Technologies Duesseldorf GmbH 5*ecce368dSRoberto Sassu * 6*ecce368dSRoberto Sassu * Author: Roberto Sassu <roberto.sassu@huawei.com> 7*ecce368dSRoberto Sassu */ 8*ecce368dSRoberto Sassu 9*ecce368dSRoberto Sassu #include "vmlinux.h" 10*ecce368dSRoberto Sassu #include <errno.h> 11*ecce368dSRoberto Sassu #include <bpf/bpf_helpers.h> 12*ecce368dSRoberto Sassu #include <bpf/bpf_tracing.h> 13*ecce368dSRoberto Sassu 14*ecce368dSRoberto Sassu char _license[] SEC("license") = "GPL"; 15*ecce368dSRoberto Sassu 16*ecce368dSRoberto Sassu __u32 monitored_pid; 17*ecce368dSRoberto Sassu __u32 key_serial; 18*ecce368dSRoberto Sassu __u32 key_id; 19*ecce368dSRoberto Sassu __u64 flags; 20*ecce368dSRoberto Sassu 21*ecce368dSRoberto Sassu extern struct bpf_key *bpf_lookup_user_key(__u32 serial, __u64 flags) __ksym; 22*ecce368dSRoberto Sassu extern struct bpf_key *bpf_lookup_system_key(__u64 id) __ksym; 23*ecce368dSRoberto Sassu extern void bpf_key_put(struct bpf_key *key) __ksym; 24*ecce368dSRoberto Sassu 25*ecce368dSRoberto Sassu SEC("lsm.s/bpf") BPF_PROG(bpf,int cmd,union bpf_attr * attr,unsigned int size)26*ecce368dSRoberto Sassuint BPF_PROG(bpf, int cmd, union bpf_attr *attr, unsigned int size) 27*ecce368dSRoberto Sassu { 28*ecce368dSRoberto Sassu struct bpf_key *bkey; 29*ecce368dSRoberto Sassu __u32 pid; 30*ecce368dSRoberto Sassu 31*ecce368dSRoberto Sassu pid = bpf_get_current_pid_tgid() >> 32; 32*ecce368dSRoberto Sassu if (pid != monitored_pid) 33*ecce368dSRoberto Sassu return 0; 34*ecce368dSRoberto Sassu 35*ecce368dSRoberto Sassu if (key_serial) 36*ecce368dSRoberto Sassu bkey = bpf_lookup_user_key(key_serial, flags); 37*ecce368dSRoberto Sassu else 38*ecce368dSRoberto Sassu bkey = bpf_lookup_system_key(key_id); 39*ecce368dSRoberto Sassu 40*ecce368dSRoberto Sassu if (!bkey) 41*ecce368dSRoberto Sassu return -ENOENT; 42*ecce368dSRoberto Sassu 43*ecce368dSRoberto Sassu bpf_key_put(bkey); 44*ecce368dSRoberto Sassu 45*ecce368dSRoberto Sassu return 0; 46*ecce368dSRoberto Sassu } 47