Linux 3.15-rc1
[linux/fpc-iii.git] / samples / seccomp / bpf-fancy.c
blob8eb483aaec465efcc1f40c70a8c76d179eb094a2
1 /*
2 * Seccomp BPF example using a macro-based generator.
4 * Copyright (c) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org>
5 * Author: Will Drewry <wad@chromium.org>
7 * The code may be used by anyone for any purpose,
8 * and can serve as a starting point for developing
9 * applications using prctl(PR_ATTACH_SECCOMP_FILTER).
12 #include <linux/filter.h>
13 #include <linux/seccomp.h>
14 #include <linux/unistd.h>
15 #include <stdio.h>
16 #include <string.h>
17 #include <sys/prctl.h>
18 #include <unistd.h>
20 #include "bpf-helper.h"
22 #ifndef PR_SET_NO_NEW_PRIVS
23 #define PR_SET_NO_NEW_PRIVS 38
24 #endif
26 int main(int argc, char **argv)
28 struct bpf_labels l;
29 static const char msg1[] = "Please type something: ";
30 static const char msg2[] = "You typed: ";
31 char buf[256];
32 struct sock_filter filter[] = {
33 /* TODO: LOAD_SYSCALL_NR(arch) and enforce an arch */
34 LOAD_SYSCALL_NR,
35 SYSCALL(__NR_exit, ALLOW),
36 SYSCALL(__NR_exit_group, ALLOW),
37 SYSCALL(__NR_write, JUMP(&l, write_fd)),
38 SYSCALL(__NR_read, JUMP(&l, read)),
39 DENY, /* Don't passthrough into a label */
41 LABEL(&l, read),
42 ARG(0),
43 JNE(STDIN_FILENO, DENY),
44 ARG(1),
45 JNE((unsigned long)buf, DENY),
46 ARG(2),
47 JGE(sizeof(buf), DENY),
48 ALLOW,
50 LABEL(&l, write_fd),
51 ARG(0),
52 JEQ(STDOUT_FILENO, JUMP(&l, write_buf)),
53 JEQ(STDERR_FILENO, JUMP(&l, write_buf)),
54 DENY,
56 LABEL(&l, write_buf),
57 ARG(1),
58 JEQ((unsigned long)msg1, JUMP(&l, msg1_len)),
59 JEQ((unsigned long)msg2, JUMP(&l, msg2_len)),
60 JEQ((unsigned long)buf, JUMP(&l, buf_len)),
61 DENY,
63 LABEL(&l, msg1_len),
64 ARG(2),
65 JLT(sizeof(msg1), ALLOW),
66 DENY,
68 LABEL(&l, msg2_len),
69 ARG(2),
70 JLT(sizeof(msg2), ALLOW),
71 DENY,
73 LABEL(&l, buf_len),
74 ARG(2),
75 JLT(sizeof(buf), ALLOW),
76 DENY,
78 struct sock_fprog prog = {
79 .filter = filter,
80 .len = (unsigned short)(sizeof(filter)/sizeof(filter[0])),
82 ssize_t bytes;
83 bpf_resolve_jumps(&l, filter, sizeof(filter)/sizeof(*filter));
85 if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
86 perror("prctl(NO_NEW_PRIVS)");
87 return 1;
90 if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) {
91 perror("prctl(SECCOMP)");
92 return 1;
94 syscall(__NR_write, STDOUT_FILENO, msg1, strlen(msg1));
95 bytes = syscall(__NR_read, STDIN_FILENO, buf, sizeof(buf)-1);
96 bytes = (bytes > 0 ? bytes : 0);
97 syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2));
98 syscall(__NR_write, STDERR_FILENO, buf, bytes);
99 /* Now get killed */
100 syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2)+2);
101 return 0;