Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / mainline / linux / 7f016b35ca7623c71b31facdde080e8ce171a697 / . / samples / seccomp / bpf-fancy.c
blob: 1ccb435025b678d0f116004dabd7756ee1437a70 [file] [log] [blame]
Greg Kroah-Hartmanb2441312017-11-01 15:07:57 +0100[diff] [blame]1// SPDX-License-Identifier: GPL-2.0
Will Drewry8ac270d2012-04-12 16:48:04 -0500[diff] [blame]2/*
3 * Seccomp BPF example using a macro-based generator.
4 *
5 * Copyright (c) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org>
6 * Author: Will Drewry <wad@chromium.org>
7 *
8 * The code may be used by anyone for any purpose,
9 * and can serve as a starting point for developing
10 * applications using prctl(PR_ATTACH_SECCOMP_FILTER).
11 */
12
13#include <linux/filter.h>
14#include <linux/seccomp.h>
15#include <linux/unistd.h>
16#include <stdio.h>
17#include <string.h>
18#include <sys/prctl.h>
19#include <unistd.h>
20
21#include "bpf-helper.h"
22
23#ifndef PR_SET_NO_NEW_PRIVS
24#define PR_SET_NO_NEW_PRIVS 38
25#endif
26
27int main(int argc, char **argv)
28{
Kees Cook3a9af0b2015-02-17 13:47:58 -0800[diff] [blame]29 struct bpf_labels l = {
30 .count = 0,
31 };
Will Drewry8ac270d2012-04-12 16:48:04 -0500[diff] [blame]32 static const char msg1[] = "Please type something: ";
33 static const char msg2[] = "You typed: ";
34 char buf[256];
35 struct sock_filter filter[] = {
36 /* TODO: LOAD_SYSCALL_NR(arch) and enforce an arch */
37 LOAD_SYSCALL_NR,
38 SYSCALL(__NR_exit, ALLOW),
39 SYSCALL(__NR_exit_group, ALLOW),
40 SYSCALL(__NR_write, JUMP(&l, write_fd)),
41 SYSCALL(__NR_read, JUMP(&l, read)),
42 DENY, /* Don't passthrough into a label */
43
44 LABEL(&l, read),
45 ARG(0),
46 JNE(STDIN_FILENO, DENY),
47 ARG(1),
48 JNE((unsigned long)buf, DENY),
49 ARG(2),
50 JGE(sizeof(buf), DENY),
51 ALLOW,
52
53 LABEL(&l, write_fd),
54 ARG(0),
55 JEQ(STDOUT_FILENO, JUMP(&l, write_buf)),
56 JEQ(STDERR_FILENO, JUMP(&l, write_buf)),
57 DENY,
58
59 LABEL(&l, write_buf),
60 ARG(1),
61 JEQ((unsigned long)msg1, JUMP(&l, msg1_len)),
62 JEQ((unsigned long)msg2, JUMP(&l, msg2_len)),
63 JEQ((unsigned long)buf, JUMP(&l, buf_len)),
64 DENY,
65
66 LABEL(&l, msg1_len),
67 ARG(2),
68 JLT(sizeof(msg1), ALLOW),
69 DENY,
70
71 LABEL(&l, msg2_len),
72 ARG(2),
73 JLT(sizeof(msg2), ALLOW),
74 DENY,
75
76 LABEL(&l, buf_len),
77 ARG(2),
78 JLT(sizeof(buf), ALLOW),
79 DENY,
80 };
81 struct sock_fprog prog = {
82 .filter = filter,
83 .len = (unsigned short)(sizeof(filter)/sizeof(filter[0])),
84 };
85 ssize_t bytes;
86 bpf_resolve_jumps(&l, filter, sizeof(filter)/sizeof(*filter));
87
88 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
89 perror("prctl(NO_NEW_PRIVS)");
90 return 1;
91 }
92
93 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) {
94 perror("prctl(SECCOMP)");
95 return 1;
96 }
97 syscall(__NR_write, STDOUT_FILENO, msg1, strlen(msg1));
98 bytes = syscall(__NR_read, STDIN_FILENO, buf, sizeof(buf)-1);
99 bytes = (bytes > 0 ? bytes : 0);
100 syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2));
101 syscall(__NR_write, STDERR_FILENO, buf, bytes);
102 /* Now get killed */
103 syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2)+2);
104 return 0;
105}