1 /* 2 * Copyright (c) 2015-2017 Dmitry V. Levin <ldv (at) altlinux.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. The name of the author may not be used to endorse or promote products 14 * derived from this software without specific prior written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #include "defs.h" 29 30 #ifdef HAVE_LINUX_SECCOMP_H 31 # include <linux/seccomp.h> 32 #endif 33 #include "xlat/seccomp_ops.h" 34 #include "xlat/seccomp_filter_flags.h" 35 36 SYS_FUNC(seccomp) 37 { 38 unsigned int op = tcp->u_arg[0]; 39 unsigned int flags = tcp->u_arg[1]; 40 unsigned int act; 41 42 printxval(seccomp_ops, op, "SECCOMP_SET_MODE_???"); 43 tprints(", "); 44 45 switch (op) { 46 case SECCOMP_GET_ACTION_AVAIL: 47 tprintf("%u, ", flags); 48 if (!umove_or_printaddr(tcp, tcp->u_arg[2], &act)) { 49 tprints("["); 50 printxval(seccomp_ret_action, act, "SECCOMP_RET_???"); 51 tprints("]"); 52 } 53 break; 54 55 case SECCOMP_SET_MODE_FILTER: 56 printflags(seccomp_filter_flags, flags, 57 "SECCOMP_FILTER_FLAG_???"); 58 tprints(", "); 59 decode_seccomp_fprog(tcp, tcp->u_arg[2]); 60 break; 61 62 case SECCOMP_SET_MODE_STRICT: 63 default: 64 tprintf("%u, ", flags); 65 printaddr(tcp->u_arg[2]); 66 break; 67 } 68 69 return RVAL_DECODED; 70 } 71