dev_cgroup.c - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt

dev_cgroup.c (1184B)

      1/* Copyright (c) 2017 Facebook
      2 *
      3 * This program is free software; you can redistribute it and/or
      4 * modify it under the terms of version 2 of the GNU General Public
      5 * License as published by the Free Software Foundation.
      6 */
      7
      8#include <linux/bpf.h>
      9#include <linux/version.h>
     10#include <bpf/bpf_helpers.h>
     11
     12SEC("cgroup/dev")
     13int bpf_prog1(struct bpf_cgroup_dev_ctx *ctx)
     14{
     15	short type = ctx->access_type & 0xFFFF;
     16#ifdef DEBUG
     17	short access = ctx->access_type >> 16;
     18	char fmt[] = "  %d:%d    \n";
     19
     20	switch (type) {
     21	case BPF_DEVCG_DEV_BLOCK:
     22		fmt[0] = 'b';
     23		break;
     24	case BPF_DEVCG_DEV_CHAR:
     25		fmt[0] = 'c';
     26		break;
     27	default:
     28		fmt[0] = '?';
     29		break;
     30	}
     31
     32	if (access & BPF_DEVCG_ACC_READ)
     33		fmt[8] = 'r';
     34
     35	if (access & BPF_DEVCG_ACC_WRITE)
     36		fmt[9] = 'w';
     37
     38	if (access & BPF_DEVCG_ACC_MKNOD)
     39		fmt[10] = 'm';
     40
     41	bpf_trace_printk(fmt, sizeof(fmt), ctx->major, ctx->minor);
     42#endif
     43
     44	/* Allow access to /dev/zero and /dev/random.
     45	 * Forbid everything else.
     46	 */
     47	if (ctx->major != 1 || type != BPF_DEVCG_DEV_CHAR)
     48		return 0;
     49
     50	switch (ctx->minor) {
     51	case 5: /* 1:5 /dev/zero */
     52	case 9: /* 1:9 /dev/urandom */
     53		return 1;
     54	}
     55
     56	return 0;
     57}
     58
     59char _license[] SEC("license") = "GPL";