// SPDX-License-Identifier: GPL-2.0
/* Copyright (c) 2024 Meta Platforms, Inc. and affiliates. */

#include "vmlinux.h"
#include <bpf/bpf_helpers.h>
#include <bpf/bpf_tracing.h>

char _license[] SEC("license") = "GPL";

int my_pid;
bool reject_capable;
bool reject_cmd;

SEC("lsm/bpf_token_capable")
int BPF_PROG(token_capable, struct bpf_token *token, int cap)
{
	if (my_pid == 0 || my_pid != (bpf_get_current_pid_tgid() >> 32))
		return 0;
	if (reject_capable)
		return -1;
	return 0;
}

SEC("lsm/bpf_token_cmd")
int BPF_PROG(token_cmd, struct bpf_token *token, enum bpf_cmd cmd)
{
	if (my_pid == 0 || my_pid != (bpf_get_current_pid_tgid() >> 32))
		return 0;
	if (reject_cmd)
		return -1;
	return 0;
}