1 files changed, 32 insertions, 0 deletions
diff --git a/security/security.c b/security/security.c
index 4bf0f571b4ef..1cd8526cb0b7 100644
--- a/security/security.c
+++ b/security/security.c
@@ -12,6 +12,7 @@
 *      (at your option) any later version.
 */
+#include <linux/bpf.h>
 #include <linux/capability.h>
 #include <linux/dcache.h>
 #include <linux/module.h>
@@ -1703,3 +1704,34 @@ int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
                                actx);
 }
 #endif /* CONFIG_AUDIT */
+#ifdef CONFIG_BPF_SYSCALL
+int security_bpf(int cmd, union bpf_attr *attr, unsigned int size)
+{
+        return call_int_hook(bpf, 0, cmd, attr, size);
+}
+int security_bpf_map(struct bpf_map *map, fmode_t fmode)
+{
+        return call_int_hook(bpf_map, 0, map, fmode);
+}
+int security_bpf_prog(struct bpf_prog *prog)
+{
+        return call_int_hook(bpf_prog, 0, prog);
+}
+int security_bpf_map_alloc(struct bpf_map *map)
+{
+        return call_int_hook(bpf_map_alloc_security, 0, map);
+}
+int security_bpf_prog_alloc(struct bpf_prog_aux *aux)
+{
+        return call_int_hook(bpf_prog_alloc_security, 0, aux);
+}
+void security_bpf_map_free(struct bpf_map *map)
+{
+        call_void_hook(bpf_map_free_security, map);
+}
+void security_bpf_prog_free(struct bpf_prog_aux *aux)
+{
+        call_void_hook(bpf_prog_free_security, aux);
+}
+#endif /* CONFIG_BPF_SYSCALL */

diff --git a/security/security.c b/security/security.c index 4bf0f571b4ef..1cd8526cb0b7 100644 --- a/security/security.c +++ b/security/security.c
@@ -12,6 +12,7 @@
12	* (at your option) any later version.	12	* (at your option) any later version.
13	*/	13	*/
14		14
		15	#include <linux/bpf.h>
15	#include <linux/capability.h>	16	#include <linux/capability.h>
16	#include <linux/dcache.h>	17	#include <linux/dcache.h>
17	#include <linux/module.h>	18	#include <linux/module.h>
@@ -1703,3 +1704,34 @@ int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
1703	actx);	1704	actx);
1704	}	1705	}
1705	#endif /* CONFIG_AUDIT */	1706	#endif /* CONFIG_AUDIT */
		1707
		1708	#ifdef CONFIG_BPF_SYSCALL
		1709	int security_bpf(int cmd, union bpf_attr *attr, unsigned int size)
		1710	{
		1711	return call_int_hook(bpf, 0, cmd, attr, size);
		1712	}
		1713	int security_bpf_map(struct bpf_map *map, fmode_t fmode)
		1714	{
		1715	return call_int_hook(bpf_map, 0, map, fmode);
		1716	}
		1717	int security_bpf_prog(struct bpf_prog *prog)
		1718	{
		1719	return call_int_hook(bpf_prog, 0, prog);
		1720	}
		1721	int security_bpf_map_alloc(struct bpf_map *map)
		1722	{
		1723	return call_int_hook(bpf_map_alloc_security, 0, map);
		1724	}
		1725	int security_bpf_prog_alloc(struct bpf_prog_aux *aux)
		1726	{
		1727	return call_int_hook(bpf_prog_alloc_security, 0, aux);
		1728	}
		1729	void security_bpf_map_free(struct bpf_map *map)
		1730	{
		1731	call_void_hook(bpf_map_free_security, map);
		1732	}
		1733	void security_bpf_prog_free(struct bpf_prog_aux *aux)
		1734	{
		1735	call_void_hook(bpf_prog_free_security, aux);
		1736	}
		1737	#endif /* CONFIG_BPF_SYSCALL */