1 /* 2 * Check decoding of seccomp SECCOMP_GET_ACTION_AVAIL. 3 * 4 * Copyright (c) 2017 Dmitry V. Levin <ldv (at) altlinux.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. The name of the author may not be used to endorse or promote products 16 * derived from this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 #include "tests.h" 31 #include <asm/unistd.h> 32 33 #ifdef __NR_seccomp 34 35 # include <stdio.h> 36 # include <stdint.h> 37 # include <unistd.h> 38 39 # ifdef HAVE_LINUX_SECCOMP_H 40 # include <linux/seccomp.h> 41 # endif 42 43 # ifndef SECCOMP_GET_ACTION_AVAIL 44 # define SECCOMP_GET_ACTION_AVAIL 2 45 # endif 46 47 static const char *errstr; 48 49 static long 50 k_seccomp(const kernel_ulong_t op, const kernel_ulong_t flags, 51 const kernel_ulong_t args) 52 { 53 const long rc = syscall(__NR_seccomp, op, flags, args); 54 errstr = sprintrc(rc); 55 return rc; 56 } 57 58 int 59 main(void) 60 { 61 TAIL_ALLOC_OBJECT_CONST_PTR(uint32_t, act); 62 kernel_ulong_t op = (kernel_ulong_t) 0xfacefeed00000000ULL 63 | SECCOMP_GET_ACTION_AVAIL; 64 kernel_ulong_t flags = (kernel_ulong_t) 0xdeadbeef00000000ULL; 65 unsigned int i; 66 67 struct { 68 uint32_t val; 69 const char *str; 70 } actions [] = { 71 { 0, "SECCOMP_RET_KILL_THREAD" }, 72 # ifdef SECCOMP_RET_KILL_PROCESS 73 { ARG_STR(SECCOMP_RET_KILL_PROCESS) }, 74 # endif 75 # ifdef SECCOMP_RET_TRAP 76 { ARG_STR(SECCOMP_RET_TRAP) }, 77 # endif 78 # ifdef SECCOMP_RET_ERRNO 79 { ARG_STR(SECCOMP_RET_ERRNO) }, 80 # endif 81 # ifdef SECCOMP_RET_TRACE 82 { ARG_STR(SECCOMP_RET_TRACE) }, 83 # endif 84 # ifdef SECCOMP_RET_LOG 85 { ARG_STR(SECCOMP_RET_LOG) }, 86 # endif 87 # ifdef SECCOMP_RET_ALLOW 88 { ARG_STR(SECCOMP_RET_ALLOW) }, 89 # endif 90 { 0xffffffff, "0xffffffff /* SECCOMP_RET_??? */" } 91 }; 92 93 for (i = 0; i < ARRAY_SIZE(actions); ++i) { 94 *act = actions[i].val; 95 k_seccomp(op, flags, (uintptr_t) act); 96 printf("seccomp(SECCOMP_GET_ACTION_AVAIL, 0, [%s]) = %s\n", 97 actions[i].str, errstr); 98 } 99 100 *act = actions[0].val; 101 102 k_seccomp(op, flags, (uintptr_t) (act + 1)); 103 printf("seccomp(SECCOMP_GET_ACTION_AVAIL, 0, %p) = %s\n", 104 act + 1, errstr); 105 106 if (F8ILL_KULONG_SUPPORTED) { 107 k_seccomp(op, flags, f8ill_ptr_to_kulong(act)); 108 printf("seccomp(SECCOMP_GET_ACTION_AVAIL, 0, %#jx) = %s\n", 109 (uintmax_t) f8ill_ptr_to_kulong(act), errstr); 110 } 111 112 flags |= 0xcafef00d; 113 k_seccomp(op, flags, 0); 114 printf("seccomp(SECCOMP_GET_ACTION_AVAIL, %u, NULL) = %s\n", 115 (unsigned int) flags, errstr); 116 117 puts("+++ exited with 0 +++"); 118 return 0; 119 } 120 121 #else 122 123 SKIP_MAIN_UNDEFINED("__NR_seccomp") 124 125 #endif 126
