Linux/samples/seccomp/bpf-fancy.c

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

1 // SPDX-License-Identifier: GPL-2.0 << 2 /* 1 /* 3 * Seccomp BPF example using a macro-based gen 2 * Seccomp BPF example using a macro-based generator. 4 * 3 * 5 * Copyright (c) 2012 The Chromium OS Authors 4 * Copyright (c) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org> 6 * Author: Will Drewry <wad@chromium.org> 5 * Author: Will Drewry <wad@chromium.org> 7 * 6 * 8 * The code may be used by anyone for any purp 7 * The code may be used by anyone for any purpose, 9 * and can serve as a starting point for devel 8 * and can serve as a starting point for developing 10 * applications using prctl(PR_ATTACH_SECCOMP_ 9 * applications using prctl(PR_ATTACH_SECCOMP_FILTER). 11 */ 10 */ 12 11 13 #include <linux/filter.h> 12 #include <linux/filter.h> 14 #include <linux/seccomp.h> 13 #include <linux/seccomp.h> 15 #include <linux/unistd.h> 14 #include <linux/unistd.h> 16 #include <stdio.h> 15 #include <stdio.h> 17 #include <string.h> 16 #include <string.h> 18 #include <sys/prctl.h> 17 #include <sys/prctl.h> 19 #include <unistd.h> 18 #include <unistd.h> 20 19 21 #include "bpf-helper.h" 20 #include "bpf-helper.h" 22 21 23 #ifndef PR_SET_NO_NEW_PRIVS 22 #ifndef PR_SET_NO_NEW_PRIVS 24 #define PR_SET_NO_NEW_PRIVS 38 23 #define PR_SET_NO_NEW_PRIVS 38 25 #endif 24 #endif 26 25 27 int main(int argc, char **argv) 26 int main(int argc, char **argv) 28 { 27 { 29 struct bpf_labels l = { 28 struct bpf_labels l = { 30 .count = 0, 29 .count = 0, 31 }; 30 }; 32 static const char msg1[] = "Please typ 31 static const char msg1[] = "Please type something: "; 33 static const char msg2[] = "You typed: 32 static const char msg2[] = "You typed: "; 34 char buf[256]; 33 char buf[256]; 35 struct sock_filter filter[] = { 34 struct sock_filter filter[] = { 36 /* TODO: LOAD_SYSCALL_NR(arch) 35 /* TODO: LOAD_SYSCALL_NR(arch) and enforce an arch */ 37 LOAD_SYSCALL_NR, 36 LOAD_SYSCALL_NR, 38 SYSCALL(__NR_exit, ALLOW), 37 SYSCALL(__NR_exit, ALLOW), 39 SYSCALL(__NR_exit_group, ALLOW 38 SYSCALL(__NR_exit_group, ALLOW), 40 SYSCALL(__NR_write, JUMP(&l, w 39 SYSCALL(__NR_write, JUMP(&l, write_fd)), 41 SYSCALL(__NR_read, JUMP(&l, re 40 SYSCALL(__NR_read, JUMP(&l, read)), 42 DENY, /* Don't passthrough in 41 DENY, /* Don't passthrough into a label */ 43 42 44 LABEL(&l, read), 43 LABEL(&l, read), 45 ARG(0), 44 ARG(0), 46 JNE(STDIN_FILENO, DENY), 45 JNE(STDIN_FILENO, DENY), 47 ARG(1), 46 ARG(1), 48 JNE((unsigned long)buf, DENY), 47 JNE((unsigned long)buf, DENY), 49 ARG(2), 48 ARG(2), 50 JGE(sizeof(buf), DENY), 49 JGE(sizeof(buf), DENY), 51 ALLOW, 50 ALLOW, 52 51 53 LABEL(&l, write_fd), 52 LABEL(&l, write_fd), 54 ARG(0), 53 ARG(0), 55 JEQ(STDOUT_FILENO, JUMP(&l, wr 54 JEQ(STDOUT_FILENO, JUMP(&l, write_buf)), 56 JEQ(STDERR_FILENO, JUMP(&l, wr 55 JEQ(STDERR_FILENO, JUMP(&l, write_buf)), 57 DENY, 56 DENY, 58 57 59 LABEL(&l, write_buf), 58 LABEL(&l, write_buf), 60 ARG(1), 59 ARG(1), 61 JEQ((unsigned long)msg1, JUMP( 60 JEQ((unsigned long)msg1, JUMP(&l, msg1_len)), 62 JEQ((unsigned long)msg2, JUMP( 61 JEQ((unsigned long)msg2, JUMP(&l, msg2_len)), 63 JEQ((unsigned long)buf, JUMP(& 62 JEQ((unsigned long)buf, JUMP(&l, buf_len)), 64 DENY, 63 DENY, 65 64 66 LABEL(&l, msg1_len), 65 LABEL(&l, msg1_len), 67 ARG(2), 66 ARG(2), 68 JLT(sizeof(msg1), ALLOW), 67 JLT(sizeof(msg1), ALLOW), 69 DENY, 68 DENY, 70 69 71 LABEL(&l, msg2_len), 70 LABEL(&l, msg2_len), 72 ARG(2), 71 ARG(2), 73 JLT(sizeof(msg2), ALLOW), 72 JLT(sizeof(msg2), ALLOW), 74 DENY, 73 DENY, 75 74 76 LABEL(&l, buf_len), 75 LABEL(&l, buf_len), 77 ARG(2), 76 ARG(2), 78 JLT(sizeof(buf), ALLOW), 77 JLT(sizeof(buf), ALLOW), 79 DENY, 78 DENY, 80 }; 79 }; 81 struct sock_fprog prog = { 80 struct sock_fprog prog = { 82 .filter = filter, 81 .filter = filter, 83 .len = (unsigned short)(sizeof 82 .len = (unsigned short)(sizeof(filter)/sizeof(filter[0])), 84 }; 83 }; 85 ssize_t bytes; 84 ssize_t bytes; 86 bpf_resolve_jumps(&l, filter, sizeof(f 85 bpf_resolve_jumps(&l, filter, sizeof(filter)/sizeof(*filter)); 87 86 88 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0 87 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) { 89 perror("prctl(NO_NEW_PRIVS)"); 88 perror("prctl(NO_NEW_PRIVS)"); 90 return 1; 89 return 1; 91 } 90 } 92 91 93 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE 92 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) { 94 perror("prctl(SECCOMP)"); 93 perror("prctl(SECCOMP)"); 95 return 1; 94 return 1; 96 } 95 } 97 syscall(__NR_write, STDOUT_FILENO, msg 96 syscall(__NR_write, STDOUT_FILENO, msg1, strlen(msg1)); 98 bytes = syscall(__NR_read, STDIN_FILEN 97 bytes = syscall(__NR_read, STDIN_FILENO, buf, sizeof(buf)-1); 99 bytes = (bytes > 0 ? bytes : 0); 98 bytes = (bytes > 0 ? bytes : 0); 100 syscall(__NR_write, STDERR_FILENO, msg 99 syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2)); 101 syscall(__NR_write, STDERR_FILENO, buf 100 syscall(__NR_write, STDERR_FILENO, buf, bytes); 102 /* Now get killed */ 101 /* Now get killed */ 103 syscall(__NR_write, STDERR_FILENO, msg 102 syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2)+2); 104 return 0; 103 return 0; 105 } 104 } 106 105

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

TOMOYO Linux Cross Reference
Linux/samples/seccomp/bpf-fancy.c

Diff markup

Differences between /samples/seccomp/bpf-fancy.c (Version linux-6.12-rc7) and /samples/seccomp/bpf-fancy.c (Version linux-4.11.12)

TOMOYO Linux Cross Reference Linux/samples/seccomp/bpf-fancy.c

Diff markup

Differences between /samples/seccomp/bpf-fancy.c (Version linux-6.12-rc7) and /samples/seccomp/bpf-fancy.c (Version linux-4.11.12)

TOMOYO Linux Cross Reference
Linux/samples/seccomp/bpf-fancy.c