^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * Seccomp BPF example using a macro-based generator.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) * Copyright (c) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) * Author: Will Drewry <wad@chromium.org>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) * The code may be used by anyone for any purpose,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) * and can serve as a starting point for developing
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) * applications using prctl(PR_ATTACH_SECCOMP_FILTER).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) #include <linux/filter.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) #include <linux/seccomp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) #include <linux/unistd.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) #include <stdio.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) #include <string.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) #include <sys/prctl.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) #include <unistd.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) #include "bpf-helper.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) #ifndef PR_SET_NO_NEW_PRIVS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) #define PR_SET_NO_NEW_PRIVS 38
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) int main(int argc, char **argv)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) struct bpf_labels l = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) .count = 0,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) static const char msg1[] = "Please type something: ";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) static const char msg2[] = "You typed: ";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) char buf[256];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) struct sock_filter filter[] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) /* TODO: LOAD_SYSCALL_NR(arch) and enforce an arch */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) LOAD_SYSCALL_NR,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) SYSCALL(__NR_exit, ALLOW),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) SYSCALL(__NR_exit_group, ALLOW),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) SYSCALL(__NR_write, JUMP(&l, write_fd)),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) SYSCALL(__NR_read, JUMP(&l, read)),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) DENY, /* Don't passthrough into a label */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) LABEL(&l, read),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) ARG(0),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) JNE(STDIN_FILENO, DENY),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) ARG(1),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) JNE((unsigned long)buf, DENY),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) ARG(2),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) JGE(sizeof(buf), DENY),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) ALLOW,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) LABEL(&l, write_fd),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) ARG(0),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) JEQ(STDOUT_FILENO, JUMP(&l, write_buf)),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) JEQ(STDERR_FILENO, JUMP(&l, write_buf)),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) DENY,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) LABEL(&l, write_buf),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) ARG(1),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) JEQ((unsigned long)msg1, JUMP(&l, msg1_len)),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) JEQ((unsigned long)msg2, JUMP(&l, msg2_len)),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) JEQ((unsigned long)buf, JUMP(&l, buf_len)),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) DENY,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) LABEL(&l, msg1_len),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) ARG(2),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) JLT(sizeof(msg1), ALLOW),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) DENY,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) LABEL(&l, msg2_len),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) ARG(2),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) JLT(sizeof(msg2), ALLOW),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) DENY,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) LABEL(&l, buf_len),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) ARG(2),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) JLT(sizeof(buf), ALLOW),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) DENY,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) struct sock_fprog prog = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) .filter = filter,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) .len = (unsigned short)(sizeof(filter)/sizeof(filter[0])),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) ssize_t bytes;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) bpf_resolve_jumps(&l, filter, sizeof(filter)/sizeof(*filter));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) perror("prctl(NO_NEW_PRIVS)");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) perror("prctl(SECCOMP)");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) return 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) syscall(__NR_write, STDOUT_FILENO, msg1, strlen(msg1));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) bytes = syscall(__NR_read, STDIN_FILENO, buf, sizeof(buf)-1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) bytes = (bytes > 0 ? bytes : 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) syscall(__NR_write, STDERR_FILENO, buf, bytes);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) /* Now get killed */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2)+2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) }
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags