1f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Copyright 2014 The Chromium Authors. All rights reserved. 2f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Use of this source code is governed by a BSD-style license that can be 3f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// found in the LICENSE file. 4f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 5f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko#ifndef SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_ 6f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko#define SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_ 7f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 8f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko#include <signal.h> 9f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko#include <stdint.h> 10f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko#include <sys/types.h> 11f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 1224854748fba09df2a29f0d08d558c3acea70e7a1Alex Vakulenko#include <cstddef> 1324854748fba09df2a29f0d08d558c3acea70e7a1Alex Vakulenko 14f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko#include "sandbox/sandbox_export.h" 15f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 16f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenkostruct sock_fprog; 17f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenkostruct rlimit64; 18f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenkostruct cap_hdr; 19f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenkostruct cap_data; 20f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 21f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenkonamespace sandbox { 22f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 23f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Provide direct system call wrappers for a few common system calls. 24f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// These are guaranteed to perform a system call and do not rely on things such 25f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// as caching the current pid (c.f. getpid()) unless otherwise specified. 26f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 27f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT pid_t sys_getpid(void); 28f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 29f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT pid_t sys_gettid(void); 30f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 31f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT long sys_clone(unsigned long flags); 32f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 33f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// |regs| is not supported and must be passed as nullptr. |child_stack| must be 34f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// nullptr, since otherwise this function cannot safely return. As a 35f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// consequence, this function does not support CLONE_VM. 36f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT long sys_clone(unsigned long flags, 3724854748fba09df2a29f0d08d558c3acea70e7a1Alex Vakulenko std::nullptr_t child_stack, 38f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko pid_t* ptid, 39f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko pid_t* ctid, 4024854748fba09df2a29f0d08d558c3acea70e7a1Alex Vakulenko std::nullptr_t regs); 41f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 42f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT void sys_exit_group(int status); 43f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 44f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// The official system call takes |args| as void* (in order to be extensible), 45f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// but add more typing for the cases that are currently used. 46f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_seccomp(unsigned int operation, 47f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko unsigned int flags, 48f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko const struct sock_fprog* args); 49f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 50f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Some libcs do not expose a prlimit64 wrapper. 51f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_prlimit64(pid_t pid, 52f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko int resource, 53f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko const struct rlimit64* new_limit, 54f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko struct rlimit64* old_limit); 55f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 56f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Some libcs do not expose capget/capset wrappers. We want to use these 57f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// directly in order to avoid pulling in libcap2. 58f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_capget(struct cap_hdr* hdrp, struct cap_data* datap); 59f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_capset(struct cap_hdr* hdrp, 60f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko const struct cap_data* datap); 61f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 62f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Some libcs do not expose getresuid/getresgid wrappers. 63f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_getresuid(uid_t* ruid, uid_t* euid, uid_t* suid); 64f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_getresgid(gid_t* rgid, gid_t* egid, gid_t* sgid); 65f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 66f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Some libcs do not expose a chroot wrapper. 67f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_chroot(const char* path); 68f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 69f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Some libcs do not expose a unshare wrapper. 70f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_unshare(int flags); 71f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 72f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Some libcs do not expose a sigprocmask. Note that oldset must be a nullptr, 73f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// because of some ABI gap between toolchain's and Linux's. 74f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_sigprocmask(int how, 75f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko const sigset_t* set, 7624854748fba09df2a29f0d08d558c3acea70e7a1Alex Vakulenko std::nullptr_t oldset); 77f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 78f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko// Some libcs do not expose a sigaction(). 79f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex VakulenkoSANDBOX_EXPORT int sys_sigaction(int signum, 80f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko const struct sigaction* act, 81f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko struct sigaction* oldact); 82f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 83f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko} // namespace sandbox 84f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko 85f6024733c0d1eed88f68520b5e6a20b96e212ad6Alex Vakulenko#endif // SANDBOX_LINUX_SERVICES_SYSCALL_WRAPPERS_H_ 86