| /* |
| * seccomp example for x86 (32-bit and 64-bit) with BPF macros |
| * |
| * Copyright (c) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org> |
| * Authors: |
| * Will Drewry <wad@chromium.org> |
| * Kees Cook <keescook@chromium.org> |
| * |
| * Use of this source code is governed by a BSD-style license that can be |
| * found in the LICENSE file. |
| * |
| * A stripped down version of the file found in this tutorial: http://outflux.net/teach-seccomp/. |
| */ |
| #ifndef _SECCOMP_BPF_H_ |
| #define _SECCOMP_BPF_H_ |
| |
| #ifndef SK_UNSAFE_BUILD_DESKTOP_ONLY |
| |
| #define _GNU_SOURCE 1 |
| #include <stdio.h> |
| #include <stddef.h> |
| #include <stdlib.h> |
| #include <errno.h> |
| #include <signal.h> |
| #include <string.h> |
| #include <unistd.h> |
| |
| #include <sys/prctl.h> |
| #ifndef PR_SET_NO_NEW_PRIVS |
| # define PR_SET_NO_NEW_PRIVS 38 |
| #endif |
| |
| #include <linux/unistd.h> |
| #include <linux/audit.h> |
| #include <linux/filter.h> |
| #ifdef HAVE_LINUX_SECCOMP_H |
| # include <linux/seccomp.h> |
| #endif |
| #ifndef SECCOMP_MODE_FILTER |
| # define SECCOMP_MODE_FILTER 2 /* uses user-supplied filter. */ |
| # define SECCOMP_RET_KILL 0x00000000U /* kill the task immediately */ |
| # define SECCOMP_RET_TRAP 0x00030000U /* disallow and force a SIGSYS */ |
| # define SECCOMP_RET_ALLOW 0x7fff0000U /* allow */ |
| struct seccomp_data { |
| int nr; |
| __u32 arch; |
| __u64 instruction_pointer; |
| __u64 args[6]; |
| }; |
| #endif |
| #ifndef SYS_SECCOMP |
| # define SYS_SECCOMP 1 |
| #endif |
| |
| #define syscall_nr (offsetof(struct seccomp_data, nr)) |
| |
| #define EXAMINE_SYSCALL \ |
| BPF_STMT(BPF_LD+BPF_W+BPF_ABS, syscall_nr) |
| |
| #define ALLOW_SYSCALL(name) \ |
| BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_##name, 0, 1), \ |
| BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW) |
| |
| #define KILL_PROCESS \ |
| BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL) |
| |
| #endif /* SK_UNSAFE_BUILD_DESKTOP_ONLY */ |
| |
| #endif /* _SECCOMP_BPF_H_ */ |
