On Fri, 20 Dec 2019, KP Singh wrote: > From: KP Singh <kpsingh@xxxxxxxxxx> > > The LSM creates files in securityfs for each hook registered with the > LSM. > > /sys/kernel/security/bpf/<h_name> > > The list of LSM hooks are maintained in an internal header "hooks.h" > Eventually, this list should either be defined collectively in > include/linux/lsm_hooks.h or auto-generated from it. > > * Creation of a file for the hook in the securityfs. > * Allocation of a bpf_lsm_hook data structure which stores > a pointer to the dentry of the newly created file in securityfs. > * Creation of a typedef for the hook so that BTF information > can be generated for the LSM hooks to: > > - Make them "Compile Once, Run Everywhere". > - Pass the right arguments when the attached programs are run. > - Verify the accesses made by the program by using the BTF > information. > > Signed-off-by: KP Singh <kpsingh@xxxxxxxxxx> Reviewed-by: James Morris <jamorris@xxxxxxxxxxxxxxxxxxx> -- James Morris <jmorris@xxxxxxxxx>
