seccomp.c revision 77c3ff8e0644f1e120e4b2ebc7222150b0446f3b
12af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin/* 277c3ff8e0644f1e120e4b2ebc7222150b0446f3bElliott Hughes * Copyright (c) 2015-2017 Dmitry V. Levin <ldv@altlinux.org> 32af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * All rights reserved. 42af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * 52af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * Redistribution and use in source and binary forms, with or without 62af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * modification, are permitted provided that the following conditions 72af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * are met: 82af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * 1. Redistributions of source code must retain the above copyright 92af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * notice, this list of conditions and the following disclaimer. 102af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * 2. Redistributions in binary form must reproduce the above copyright 112af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * notice, this list of conditions and the following disclaimer in the 122af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * documentation and/or other materials provided with the distribution. 132af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * 3. The name of the author may not be used to endorse or promote products 142af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * derived from this software without specific prior written permission. 152af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * 162af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 172af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 182af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 192af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 202af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 212af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 222af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 232af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 242af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 252af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 262af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin */ 272af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin 282af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin#include "defs.h" 292af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin 302af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin#ifdef HAVE_LINUX_SECCOMP_H 312af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin# include <linux/seccomp.h> 322af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin#endif 332af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin#include "xlat/seccomp_ops.h" 342af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin#include "xlat/seccomp_filter_flags.h" 352af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin 362af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levinstatic void 37d35df493b4e7684c50d2d2fa032ee3a7ac228009Elliott Hughesdecode_seccomp_set_mode_strict(const unsigned int flags, 38d35df493b4e7684c50d2d2fa032ee3a7ac228009Elliott Hughes const kernel_ulong_t addr) 392af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin{ 402af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin tprintf("%u, ", flags); 41931ebbfd920728ad65fc3711833928e181a58c72Dmitry V. Levin printaddr(addr); 422af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin} 432af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin 44a0bd3749fc6fdf6364c1e269a4c02e8c153eb84bDmitry V. LevinSYS_FUNC(seccomp) 452af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin{ 461252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin unsigned int op = tcp->u_arg[0]; 472af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin 481252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin printxval(seccomp_ops, op, "SECCOMP_SET_MODE_???"); 491252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin tprints(", "); 502af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin 511252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin if (op == SECCOMP_SET_MODE_FILTER) { 521252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin printflags(seccomp_filter_flags, tcp->u_arg[1], 531252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin "SECCOMP_FILTER_FLAG_???"); 541252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin tprints(", "); 5577c3ff8e0644f1e120e4b2ebc7222150b0446f3bElliott Hughes decode_seccomp_fprog(tcp, tcp->u_arg[2]); 561252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin } else { 571252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin decode_seccomp_set_mode_strict(tcp->u_arg[1], 581252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin tcp->u_arg[2]); 592af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin } 601252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin 611252d26db8cf2eddb5acb8b62b1aba8f903b7827Dmitry V. Levin return RVAL_DECODED; 622af6903f456b549fd57ba8beceddec961803cb3dDmitry V. Levin} 63