1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_
6 #define SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_
8 #include "base/macros.h"
9 #include "build/build_config.h"
10 #include "sandbox/sandbox_export.h"
12 // These are helpers to build seccomp-bpf policies, i.e. policies for a
13 // sandbox that reduces the Linux kernel's attack surface. Given their
14 // nature, they don't have any clear semantics and are completely
15 // "implementation-defined".
19 class SANDBOX_EXPORT SyscallSets
{
21 static bool IsKill(int sysno
);
22 static bool IsAllowedGettime(int sysno
);
23 static bool IsCurrentDirectory(int sysno
);
24 static bool IsUmask(int sysno
);
25 // System calls that directly access the file system. They might acquire
26 // a new file descriptor or otherwise perform an operation directly
28 static bool IsFileSystem(int sysno
);
29 static bool IsAllowedFileSystemAccessViaFd(int sysno
);
30 static bool IsDeniedFileSystemAccessViaFd(int sysno
);
31 static bool IsGetSimpleId(int sysno
);
32 static bool IsProcessPrivilegeChange(int sysno
);
33 static bool IsProcessGroupOrSession(int sysno
);
34 static bool IsAllowedSignalHandling(int sysno
);
35 static bool IsAllowedOperationOnFd(int sysno
);
36 static bool IsKernelInternalApi(int sysno
);
37 // This should be thought through in conjunction with IsFutex().
38 static bool IsAllowedProcessStartOrDeath(int sysno
);
39 // It's difficult to restrict those, but there is attack surface here.
40 static bool IsAllowedFutex(int sysno
);
41 static bool IsAllowedEpoll(int sysno
);
42 static bool IsAllowedGetOrModifySocket(int sysno
);
43 static bool IsDeniedGetOrModifySocket(int sysno
);
45 #if defined(__i386__) || defined(__mips__)
46 // Big multiplexing system call for sockets.
47 static bool IsSocketCall(int sysno
);
50 #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
52 static bool IsNetworkSocketInformation(int sysno
);
55 static bool IsAllowedAddressSpaceAccess(int sysno
);
56 static bool IsAllowedGeneralIo(int sysno
);
57 static bool IsPrctl(int sysno
);
58 static bool IsSeccomp(int sysno
);
59 static bool IsAllowedBasicScheduler(int sysno
);
60 static bool IsAdminOperation(int sysno
);
61 static bool IsKernelModule(int sysno
);
62 static bool IsGlobalFSViewChange(int sysno
);
63 static bool IsFsControl(int sysno
);
64 static bool IsNuma(int sysno
);
65 static bool IsMessageQueue(int sysno
);
66 static bool IsGlobalProcessEnvironment(int sysno
);
67 static bool IsDebug(int sysno
);
68 static bool IsGlobalSystemStatus(int sysno
);
69 static bool IsEventFd(int sysno
);
70 // Asynchronous I/O API.
71 static bool IsAsyncIo(int sysno
);
72 static bool IsKeyManagement(int sysno
);
73 #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
74 static bool IsSystemVSemaphores(int sysno
);
76 #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
77 // These give a lot of ambient authority and bypass the setuid sandbox.
78 static bool IsSystemVSharedMemory(int sysno
);
81 #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
82 static bool IsSystemVMessageQueue(int sysno
);
85 #if defined(__i386__) || defined(__mips__)
86 // Big system V multiplexing system call.
87 static bool IsSystemVIpc(int sysno
);
90 static bool IsAnySystemV(int sysno
);
91 static bool IsAdvancedScheduler(int sysno
);
92 static bool IsInotify(int sysno
);
93 static bool IsFaNotify(int sysno
);
94 static bool IsTimer(int sysno
);
95 static bool IsAdvancedTimer(int sysno
);
96 static bool IsExtendedAttributes(int sysno
);
97 static bool IsMisc(int sysno
);
99 static bool IsArmPciConfig(int sysno
);
100 static bool IsArmPrivate(int sysno
);
101 #endif // defined(__arm__)
102 #if defined(__mips__)
103 static bool IsMipsPrivate(int sysno
);
104 static bool IsMipsMisc(int sysno
);
105 #endif // defined(__mips__)
107 DISALLOW_IMPLICIT_CONSTRUCTORS(SyscallSets
);
110 } // namespace sandbox.
112 #endif // SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_