From: Alexei Starovoitov <ast@kernel.org>
To: "David S . Miller" <davem@davemloft.net>
Cc: <daniel@iogearbox.net>, <luto@amacapital.net>,
<viro@zeniv.linux.org.uk>, <netdev@vger.kernel.org>,
<linux-kernel@vger.kernel.org>, <kernel-team@fb.com>
Subject: [PATCH bpf-next 2/6] fs: wire in BPF_CGROUP_FILE_OPEN hook
Date: Wed, 3 Oct 2018 19:57:46 -0700 [thread overview]
Message-ID: <20181004025750.498303-3-ast@kernel.org> (raw)
In-Reply-To: <20181004025750.498303-1-ast@kernel.org>
enable cgroup-bpf BPF_CGROUP_FILE_OPEN hook after security_file_open() LSM hook.
Similarly to other cgroup-bpf hooks it's gated by static key 'cgroup_bpf_enabled'
and has zero overhead until bpf prog is attached to that hook.
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
---
fs/open.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/open.c b/fs/open.c
index 0285ce7dbd51..7e1170863f40 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -759,6 +759,10 @@ static int do_dentry_open(struct file *f,
if (error)
goto cleanup_all;
+ error = BPF_CGROUP_RUN_PROG_FILE_FILTER(f);
+ if (error)
+ goto cleanup_all;
+
error = break_lease(locks_inode(f), f->f_flags);
if (error)
goto cleanup_all;
--
2.17.1
next prev parent reply other threads:[~2018-10-04 2:58 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-04 2:57 [PATCH bpf-next 0/6] bpf: introduce BPF_CGROUP_FILE_OPEN Alexei Starovoitov
2018-10-04 2:57 ` [PATCH bpf-next 1/6] bpf: introduce BPF_PROG_TYPE_FILE_FILTER Alexei Starovoitov
2018-10-04 19:41 ` Roman Gushchin
2018-10-04 19:51 ` Andy Lutomirski
2018-10-04 22:23 ` Alexei Starovoitov
2018-10-05 4:46 ` Al Viro
2018-10-05 22:05 ` Alexei Starovoitov
2018-10-05 22:09 ` Andy Lutomirski
2018-10-05 22:27 ` Alexei Starovoitov
2018-10-05 23:47 ` Al Viro
2018-10-06 0:22 ` Alexei Starovoitov
2018-10-08 0:56 ` Jann Horn
2018-10-08 2:22 ` Alexei Starovoitov
2018-10-08 9:06 ` Mickaël Salaün
2018-10-04 2:57 ` Alexei Starovoitov [this message]
2018-10-04 2:57 ` [PATCH bpf-next 3/6] tools/bpf: sync uapi/bpf.h Alexei Starovoitov
2018-10-04 2:57 ` [PATCH bpf-next 4/6] trace/bpf: allow %o modifier in bpf_trace_printk Alexei Starovoitov
2018-10-04 2:57 ` [PATCH bpf-next 5/6] libbpf: support BPF_CGROUP_FILE_OPEN in libbpf Alexei Starovoitov
2018-10-04 2:57 ` [PATCH bpf-next 6/6] selftests/bpf: add a test for BPF_CGROUP_FILE_OPEN Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181004025750.498303-3-ast@kernel.org \
--to=ast@kernel.org \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=kernel-team@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=netdev@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.