Don't preload rarely seen large images
[chromium-blink-merge.git] / sandbox / linux / seccomp-bpf-helpers / syscall_sets.h
blob5ba6335a954f5bce36e8eb7d18ec6539145bb2a3
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_
6 #define SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_
8 #include "base/macros.h"
9 #include "build/build_config.h"
10 #include "sandbox/sandbox_export.h"
12 // These are helpers to build seccomp-bpf policies, i.e. policies for a
13 // sandbox that reduces the Linux kernel's attack surface. Given their
14 // nature, they don't have any clear semantics and are completely
15 // "implementation-defined".
17 namespace sandbox {
19 class SANDBOX_EXPORT SyscallSets {
20 public:
21 static bool IsKill(int sysno);
22 static bool IsAllowedGettime(int sysno);
23 static bool IsCurrentDirectory(int sysno);
24 static bool IsUmask(int sysno);
25 // System calls that directly access the file system. They might acquire
26 // a new file descriptor or otherwise perform an operation directly
27 // via a path.
28 static bool IsFileSystem(int sysno);
29 static bool IsAllowedFileSystemAccessViaFd(int sysno);
30 static bool IsDeniedFileSystemAccessViaFd(int sysno);
31 static bool IsGetSimpleId(int sysno);
32 static bool IsProcessPrivilegeChange(int sysno);
33 static bool IsProcessGroupOrSession(int sysno);
34 static bool IsAllowedSignalHandling(int sysno);
35 static bool IsAllowedOperationOnFd(int sysno);
36 static bool IsKernelInternalApi(int sysno);
37 // This should be thought through in conjunction with IsFutex().
38 static bool IsAllowedProcessStartOrDeath(int sysno);
39 // It's difficult to restrict those, but there is attack surface here.
40 static bool IsAllowedFutex(int sysno);
41 static bool IsAllowedEpoll(int sysno);
42 static bool IsAllowedGetOrModifySocket(int sysno);
43 static bool IsDeniedGetOrModifySocket(int sysno);
45 #if defined(__i386__) || defined(__mips__)
46 // Big multiplexing system call for sockets.
47 static bool IsSocketCall(int sysno);
48 #endif
50 #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
51 defined(__aarch64__)
52 static bool IsNetworkSocketInformation(int sysno);
53 #endif
55 static bool IsAllowedAddressSpaceAccess(int sysno);
56 static bool IsAllowedGeneralIo(int sysno);
57 static bool IsPrctl(int sysno);
58 static bool IsSeccomp(int sysno);
59 static bool IsAllowedBasicScheduler(int sysno);
60 static bool IsAdminOperation(int sysno);
61 static bool IsKernelModule(int sysno);
62 static bool IsGlobalFSViewChange(int sysno);
63 static bool IsFsControl(int sysno);
64 static bool IsNuma(int sysno);
65 static bool IsMessageQueue(int sysno);
66 static bool IsGlobalProcessEnvironment(int sysno);
67 static bool IsDebug(int sysno);
68 static bool IsGlobalSystemStatus(int sysno);
69 static bool IsEventFd(int sysno);
70 // Asynchronous I/O API.
71 static bool IsAsyncIo(int sysno);
72 static bool IsKeyManagement(int sysno);
73 #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
74 static bool IsSystemVSemaphores(int sysno);
75 #endif
76 #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
77 // These give a lot of ambient authority and bypass the setuid sandbox.
78 static bool IsSystemVSharedMemory(int sysno);
79 #endif
81 #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
82 static bool IsSystemVMessageQueue(int sysno);
83 #endif
85 #if defined(__i386__) || defined(__mips__)
86 // Big system V multiplexing system call.
87 static bool IsSystemVIpc(int sysno);
88 #endif
90 static bool IsAnySystemV(int sysno);
91 static bool IsAdvancedScheduler(int sysno);
92 static bool IsInotify(int sysno);
93 static bool IsFaNotify(int sysno);
94 static bool IsTimer(int sysno);
95 static bool IsAdvancedTimer(int sysno);
96 static bool IsExtendedAttributes(int sysno);
97 static bool IsMisc(int sysno);
98 #if defined(__arm__)
99 static bool IsArmPciConfig(int sysno);
100 static bool IsArmPrivate(int sysno);
101 #endif // defined(__arm__)
102 #if defined(__mips__)
103 static bool IsMipsPrivate(int sysno);
104 static bool IsMipsMisc(int sysno);
105 #endif // defined(__mips__)
106 private:
107 DISALLOW_IMPLICIT_CONSTRUCTORS(SyscallSets);
110 } // namespace sandbox.
112 #endif // SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_