Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp443770imm;
        Wed, 3 Oct 2018 19:59:34 -0700 (PDT)
X-Google-Smtp-Source: ACcGV62cG4yQviQmUnviTLsQ+lVT3dFnEjBO8fcgIdYAlytrJNSxfZAOqIFhDlj2LycXQsrettVi
X-Received: by 2002:a62:6d02:: with SMTP id i2-v6mr4635745pfc.218.1538621974503;
        Wed, 03 Oct 2018 19:59:34 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1538621974; cv=none;
        d=google.com; s=arc-20160816;
        b=jnVbNu4pho2I4vDm62H5n1xzR6rzHquGAYev+1grAvZk1AsamB4A0m6b7Rs6OqcNaq
         /yUoOscvdxfp4fi8+fVP4n6iJsDXfbiBaSHl2Is9K+pztE+9sdg0Icy5p7FxpR4OcpqM
         BXvi3fguWXQ/lF0SAbCR2FvFkUC58sOFt+xKfiDEHnVIWlrCDT2tg6Ww990bD1aFOCWE
         zz79pj8r4ikbhOtHUz7TL0ngQop2ocwju7I+HeNUiCeLatVbr2RKm8WvbyG27TbcFwjy
         9NI4Ye+7IZH73NWArXSWBEjX05Y6/xKgnOTlVpcQnMuagLAMpQQ4Y0Gx5rEMznhLicj8
         j5nQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:references:in-reply-to
         :message-id:date:subject:smtp-origin-cluster:cc:to
         :smtp-origin-hostname:from:smtp-origin-hostprefix;
        bh=sJFd3fsWfElV6xUuxzBqGqBUdQh9Zfg/HRaos5fLT1Q=;
        b=t2OTOp2np8FgTv677Xurj3Rj5e6ZFfrbk2kH7IArbCEGFvo9vloSt4amp5eRwQnswK
         ULAm6ausvonY0fYDJeMsSKJKphzqJC+cdUyr9VLzyAb2QwMFIBo5fkHjmL5HIMcDiCqw
         FQ9hccm3T2puGLDu4qcYQ2XA3/XW9HfQd1Vh7ZDnUhsJqxMx1EbAys+CBwdbVHjtV4cW
         m2D5bBFdCqUuXld3JY6RAkTsnYXD96BQ/qOvA7NY/RaCDOvXpEcX+TLWK6qKBPIh+EgY
         MeTgf02f1G8wckcHNoDcmGO5vJKRztONcrKcXuHaY7Xs0baB4QJRxU0UQU0An+bWq98V
         Emig==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id z11-v6si3414160pgs.323.2018.10.03.19.59.19;
        Wed, 03 Oct 2018 19:59:34 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727615AbeJDJte (ORCPT <rfc822;saikripd@gmail.com> + 99 others);
        Thu, 4 Oct 2018 05:49:34 -0400
Received: from mx0b-00082601.pphosted.com ([67.231.153.30]:36968 "EHLO
        mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S1727469AbeJDJtJ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 4 Oct 2018 05:49:09 -0400
Received: from pps.filterd (m0001303.ppops.net [127.0.0.1])
        by m0001303.ppops.net (8.16.0.22/8.16.0.22) with SMTP id w942vPng016755
        for <linux-kernel@vger.kernel.org>; Wed, 3 Oct 2018 19:57:58 -0700
Received: from mail.thefacebook.com ([199.201.64.23])
        by m0001303.ppops.net with ESMTP id 2mw493s2vw-2
        (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT)
        for <linux-kernel@vger.kernel.org>; Wed, 03 Oct 2018 19:57:58 -0700
Received: from mx-out.facebook.com (192.168.52.123) by mail.thefacebook.com
 (192.168.16.21) with Microsoft SMTP Server (TLS) id 14.3.319.2; Wed, 3 Oct
 2018 19:57:57 -0700
Received: by devbig007.ftw2.facebook.com (Postfix, from userid 572438)  id
 02ABF760B50; Wed,  3 Oct 2018 19:57:50 -0700 (PDT)
Smtp-Origin-Hostprefix: devbig
From:   Alexei Starovoitov <ast@kernel.org>
Smtp-Origin-Hostname: devbig007.ftw2.facebook.com
To:     "David S . Miller" <davem@davemloft.net>
CC:     <daniel@iogearbox.net>, <luto@amacapital.net>,
        <viro@zeniv.linux.org.uk>, <netdev@vger.kernel.org>,
        <linux-kernel@vger.kernel.org>, <kernel-team@fb.com>
Smtp-Origin-Cluster: ftw2c04
Subject: [PATCH bpf-next 2/6] fs: wire in BPF_CGROUP_FILE_OPEN hook
Date:   Wed, 3 Oct 2018 19:57:46 -0700
Message-ID: <20181004025750.498303-3-ast@kernel.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20181004025750.498303-1-ast@kernel.org>
References: <20181004025750.498303-1-ast@kernel.org>
X-FB-Internal: Safe
MIME-Version: 1.0
Content-Type: text/plain
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-10-04_01:,,
 signatures=0
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

enable cgroup-bpf BPF_CGROUP_FILE_OPEN hook after security_file_open() LSM hook.
Similarly to other cgroup-bpf hooks it's gated by static key 'cgroup_bpf_enabled'
and has zero overhead until bpf prog is attached to that hook.

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
---
 fs/open.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fs/open.c b/fs/open.c
index 0285ce7dbd51..7e1170863f40 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -759,6 +759,10 @@ static int do_dentry_open(struct file *f,
 	if (error)
 		goto cleanup_all;
 
+	error = BPF_CGROUP_RUN_PROG_FILE_FILTER(f);
+	if (error)
+		goto cleanup_all;
+
 	error = break_lease(locks_inode(f), f->f_flags);
 	if (error)
 		goto cleanup_all;
-- 
2.17.1