Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
torvalds
GitHub Repository: torvalds/linux
 Path: blob/master/samples/seccomp/bpf-fancy.c
26278 views
1
// SPDX-License-Identifier: GPL-2.0

2
/*

3
 * Seccomp BPF example using a macro-based generator.

4
 *

5
 * Copyright (c) 2012 The Chromium OS Authors <[email protected]>

6
 * Author: Will Drewry <[email protected]>

7
 *

8
 * The code may be used by anyone for any purpose,

9
 * and can serve as a starting point for developing

10
 * applications using prctl(PR_ATTACH_SECCOMP_FILTER).

11
 */

12


13
#include <linux/filter.h>

14
#include <linux/seccomp.h>

15
#include <linux/unistd.h>

16
#include <stdio.h>

17
#include <string.h>

18
#include <sys/prctl.h>

19
#include <unistd.h>

20


21
#include "bpf-helper.h"

22


23
#ifndef PR_SET_NO_NEW_PRIVS

24
#define PR_SET_NO_NEW_PRIVS 38

25
#endif

26


27
int main(int argc, char **argv)

28
{

29
	struct bpf_labels l = {

30
		.count = 0,

31
	};

32
	static const char msg1[] = "Please type something: ";

33
	static const char msg2[] = "You typed: ";

34
	char buf[256];

35
	struct sock_filter filter[] = {

36
		/* TODO: LOAD_SYSCALL_NR(arch) and enforce an arch */

37
		LOAD_SYSCALL_NR,

38
		SYSCALL(__NR_exit, ALLOW),

39
		SYSCALL(__NR_exit_group, ALLOW),

40
		SYSCALL(__NR_write, JUMP(&l, write_fd)),

41
		SYSCALL(__NR_read, JUMP(&l, read)),

42
		DENY,  /* Don't passthrough into a label */

43


44
		LABEL(&l, read),

45
		ARG(0),

46
		JNE(STDIN_FILENO, DENY),

47
		ARG(1),

48
		JNE((unsigned long)buf, DENY),

49
		ARG(2),

50
		JGE(sizeof(buf), DENY),

51
		ALLOW,

52


53
		LABEL(&l, write_fd),

54
		ARG(0),

55
		JEQ(STDOUT_FILENO, JUMP(&l, write_buf)),

56
		JEQ(STDERR_FILENO, JUMP(&l, write_buf)),

57
		DENY,

58


59
		LABEL(&l, write_buf),

60
		ARG(1),

61
		JEQ((unsigned long)msg1, JUMP(&l, msg1_len)),

62
		JEQ((unsigned long)msg2, JUMP(&l, msg2_len)),

63
		JEQ((unsigned long)buf, JUMP(&l, buf_len)),

64
		DENY,

65


66
		LABEL(&l, msg1_len),

67
		ARG(2),

68
		JLT(sizeof(msg1), ALLOW),

69
		DENY,

70


71
		LABEL(&l, msg2_len),

72
		ARG(2),

73
		JLT(sizeof(msg2), ALLOW),

74
		DENY,

75


76
		LABEL(&l, buf_len),

77
		ARG(2),

78
		JLT(sizeof(buf), ALLOW),

79
		DENY,

80
	};

81
	struct sock_fprog prog = {

82
		.filter = filter,

83
		.len = (unsigned short)(sizeof(filter)/sizeof(filter[0])),

84
	};

85
	ssize_t bytes;

86
	bpf_resolve_jumps(&l, filter, sizeof(filter)/sizeof(*filter));

87


88
	if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {

89
		perror("prctl(NO_NEW_PRIVS)");

90
		return 1;

91
	}

92


93
	if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) {

94
		perror("prctl(SECCOMP)");

95
		return 1;

96
	}

97
	syscall(__NR_write, STDOUT_FILENO, msg1, strlen(msg1));

98
	bytes = syscall(__NR_read, STDIN_FILENO, buf, sizeof(buf)-1);

99
	bytes = (bytes > 0 ? bytes : 0);

100
	syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2));

101
	syscall(__NR_write, STDERR_FILENO, buf, bytes);

102
	/* Now get killed */

103
	syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2)+2);

104
	return 0;

105
}

106


107