| skipped 256 lines |
257 | 257 | | /// let mut policy_manager = PolicyManager::new(Path::new("/sys/fs/bpf/mypolicies")).unwrap(); |
258 | 258 | | /// ``` |
259 | 259 | | pub fn new<P: AsRef<Path>>(bpf_path: P) -> Result<Self, EbpfguardError> { |
| 260 | + | let bpf_lsm_enabled = std::fs::read_to_string("/sys/kernel/security/lsm")? |
| 261 | + | .split(',') |
| 262 | + | .any(|x| x.to_lowercase() == "bpf"); |
| 263 | + | if !bpf_lsm_enabled { |
| 264 | + | return Err(EbpfguardError::BpfLsmModuleDisabled); |
| 265 | + | } |
| 266 | + | |
260 | 267 | | #[cfg(debug_assertions)] |
261 | 268 | | let bpf = BpfLoader::new() |
262 | 269 | | .map_pin_path(&bpf_path) |
| skipped 285 lines |