1 /* 2 * Check decoding of seccomp SECCOMP_SET_MODE_FILTER. 3 * 4 * Copyright (c) 2016 Dmitry V. Levin <ldv (at) altlinux.org> 5 * Copyright (c) 2016-2018 The strace developers. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. The name of the author may not be used to endorse or promote products 17 * derived from this software without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #include "tests.h" 32 33 #include <stdio.h> 34 #include <asm/unistd.h> 35 #include <unistd.h> 36 37 #ifdef HAVE_LINUX_SECCOMP_H 38 # include <linux/seccomp.h> 39 #endif 40 #include <linux/filter.h> 41 42 #if defined __NR_seccomp && defined SECCOMP_SET_MODE_FILTER 43 44 # define N 7 45 46 int 47 main(void) 48 { 49 struct sock_filter *const filter = tail_alloc(sizeof(*filter) * N); 50 const void *const efault = tail_alloc(1); 51 TAIL_ALLOC_OBJECT_CONST_PTR(struct sock_fprog, prog); 52 long rc; 53 54 prog->filter = filter; 55 prog->len = N; 56 rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -1, prog); 57 printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, {len=%u, filter=%p})" 58 " = %ld %s (%m)\n", 59 "SECCOMP_FILTER_FLAG_TSYNC|SECCOMP_FILTER_FLAG_LOG|" 60 "SECCOMP_FILTER_FLAG_SPEC_ALLOW|0xfffffff8", 61 prog->len, prog->filter, rc, errno2name()); 62 63 rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -8L, efault); 64 printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, %p) = %ld %s (%m)\n", 65 "0xfffffff8 /* SECCOMP_FILTER_FLAG_??? */", 66 efault, rc, errno2name()); 67 68 puts("+++ exited with 0 +++"); 69 return 0; 70 } 71 72 #else 73 74 SKIP_MAIN_UNDEFINED("__NR_seccomp && SECCOMP_SET_MODE_FILTER") 75 76 #endif 77
