bpf: Define sock security related BTF IDs under CONFIG_SECURITY_NETWORK

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

There are warnings reported from resolve_btfids when building vmlinux
with CONFIG_SECURITY_NETWORK disabled:

WARN: resolve_btfids: unresolved symbol bpf_lsm_sk_free_security
WARN: resolve_btfids: unresolved symbol bpf_lsm_sk_alloc_security

So only define BTF IDs for these LSM hooks when CONFIG_SECURITY_NETWORK
is enabled.

Fixes: c0c852dd1876 ("bpf: Do not mark certain LSM hook arguments as trusted")
Signed-off-by: Hou Tao <houtao1@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Yonghong Song <yhs@fb.com>
Link: https://lore.kernel.org/bpf/20221217062144.2507222-1-houtao@huaweicloud.com

authored by

Hou Tao and committed by

Daniel Borkmann 3 years ago cc074822 2856a627

1 changed file

expand all

kernel

bpf

bpf_lsm.c

kernel/bpf/bpf_lsm.c

··· 351 351 BTF_ID(func, bpf_lsm_bpf_prog_free_security) 352 352 BTF_ID(func, bpf_lsm_file_alloc_security) 353 353 BTF_ID(func, bpf_lsm_file_free_security) 354 + #ifdef CONFIG_SECURITY_NETWORK 354 355 BTF_ID(func, bpf_lsm_sk_alloc_security) 355 356 BTF_ID(func, bpf_lsm_sk_free_security) 357 + #endif /* CONFIG_SECURITY_NETWORK */ 356 358 BTF_ID(func, bpf_lsm_task_free) 357 359 BTF_SET_END(untrusted_lsm_hooks) 358 360