can pass UID via map from userland to BPF part

author: Paul Buetow <paul@buetow.org> 2024-02-13 11:50:48 +0200
committer: Paul Buetow <paul@buetow.org> 2024-02-13 11:50:48 +0200
commit: cf73e5aa79cc6f6e147a5df55bad52f30706a5c3 (patch)
tree: f6a808171f18bfb7f022629dc51d6d8f669b1885 /ioriotng.bpf.c
parent: 6c6e3ea33241042e8a1efc04cee3bfb3559dd210 (diff)
1 files changed, 15 insertions, 2 deletions
diff --git a/ioriotng.bpf.c b/ioriotng.bpf.c
index 8f39573..0621851 100644
--- a/ioriotng.bpf.c
+++ b/ioriotng.bpf.c
@@ -9,9 +9,16 @@
 // For now, this is set to my own user for development purposes.
 #define UID_FILTER 1001 
 
+
 SEC("tracepoint/syscalls/sys_enter_open")
 int handle_enter_open(struct trace_event_raw_sys_enter *ctx) {
-    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
+    u32 key = 1;
+    struct config *c = bpf_map_lookup_elem(&config_map, &key);
+    if (!c) {
+        return 0;
+    }
+
+    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != c->x)
         return 0;
 
     u32 tid = bpf_get_current_pid_tgid();
@@ -48,7 +55,13 @@ int handle_exit_open(struct trace_event_raw_sys_exit *ctx) {
 
 SEC("tracepoint/syscalls/sys_enter_openat")
 int handle_enter_openat(struct trace_event_raw_sys_enter *ctx) {
-    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != UID_FILTER)
+    u32 key = 1;
+    struct config *c = bpf_map_lookup_elem(&config_map, &key);
+    if (!c) {
+        return 0;
+    }
+
+    if ((bpf_get_current_uid_gid() & 0xFFFFFFFF) != c->x)
         return 0;
 
     u32 tid = bpf_get_current_pid_tgid();
author	Paul Buetow <paul@buetow.org>	2024-02-13 11:50:48 +0200
committer	Paul Buetow <paul@buetow.org>	2024-02-13 11:50:48 +0200
commit	cf73e5aa79cc6f6e147a5df55bad52f30706a5c3 (patch)
tree	f6a808171f18bfb7f022629dc51d6d8f669b1885 /ioriotng.bpf.c
parent	6c6e3ea33241042e8a1efc04cee3bfb3559dd210 (diff)