Home | History | Annotate | Download | only in seccomp-bpf-helpers
      1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_
      6 #define SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_
      7 
      8 #include "base/macros.h"
      9 #include "build/build_config.h"
     10 #include "sandbox/sandbox_export.h"
     11 
     12 // These are helpers to build seccomp-bpf policies, i.e. policies for a
     13 // sandbox that reduces the Linux kernel's attack surface. Given their
     14 // nature, they don't have any clear semantics and are completely
     15 // "implementation-defined".
     16 
     17 namespace sandbox {
     18 
     19 class SANDBOX_EXPORT SyscallSets {
     20  public:
     21   static bool IsKill(int sysno);
     22   static bool IsAllowedGettime(int sysno);
     23   static bool IsCurrentDirectory(int sysno);
     24   static bool IsUmask(int sysno);
     25   // System calls that directly access the file system. They might acquire
     26   // a new file descriptor or otherwise perform an operation directly
     27   // via a path.
     28   static bool IsFileSystem(int sysno);
     29   static bool IsAllowedFileSystemAccessViaFd(int sysno);
     30   static bool IsDeniedFileSystemAccessViaFd(int sysno);
     31   static bool IsGetSimpleId(int sysno);
     32   static bool IsProcessPrivilegeChange(int sysno);
     33   static bool IsProcessGroupOrSession(int sysno);
     34   static bool IsAllowedSignalHandling(int sysno);
     35   static bool IsAllowedOperationOnFd(int sysno);
     36   static bool IsKernelInternalApi(int sysno);
     37   // This should be thought through in conjunction with IsFutex().
     38   static bool IsAllowedProcessStartOrDeath(int sysno);
     39   // It's difficult to restrict those, but there is attack surface here.
     40   static bool IsAllowedFutex(int sysno);
     41   static bool IsAllowedEpoll(int sysno);
     42   static bool IsAllowedGetOrModifySocket(int sysno);
     43   static bool IsDeniedGetOrModifySocket(int sysno);
     44 
     45 #if defined(__i386__) || defined(__mips__)
     46   // Big multiplexing system call for sockets.
     47   static bool IsSocketCall(int sysno);
     48 #endif
     49 
     50 #if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
     51     defined(__aarch64__)
     52   static bool IsNetworkSocketInformation(int sysno);
     53 #endif
     54 
     55   static bool IsAllowedAddressSpaceAccess(int sysno);
     56   static bool IsAllowedGeneralIo(int sysno);
     57   static bool IsPrctl(int sysno);
     58   static bool IsSeccomp(int sysno);
     59   static bool IsAllowedBasicScheduler(int sysno);
     60   static bool IsAdminOperation(int sysno);
     61   static bool IsKernelModule(int sysno);
     62   static bool IsGlobalFSViewChange(int sysno);
     63   static bool IsFsControl(int sysno);
     64   static bool IsNuma(int sysno);
     65   static bool IsMessageQueue(int sysno);
     66   static bool IsGlobalProcessEnvironment(int sysno);
     67   static bool IsDebug(int sysno);
     68   static bool IsGlobalSystemStatus(int sysno);
     69   static bool IsEventFd(int sysno);
     70   // Asynchronous I/O API.
     71   static bool IsAsyncIo(int sysno);
     72   static bool IsKeyManagement(int sysno);
     73 #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
     74   static bool IsSystemVSemaphores(int sysno);
     75 #endif
     76 #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
     77   // These give a lot of ambient authority and bypass the setuid sandbox.
     78   static bool IsSystemVSharedMemory(int sysno);
     79 #endif
     80 
     81 #if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__)
     82   static bool IsSystemVMessageQueue(int sysno);
     83 #endif
     84 
     85 #if defined(__i386__) || defined(__mips__)
     86   // Big system V multiplexing system call.
     87   static bool IsSystemVIpc(int sysno);
     88 #endif
     89 
     90   static bool IsAnySystemV(int sysno);
     91   static bool IsAdvancedScheduler(int sysno);
     92   static bool IsInotify(int sysno);
     93   static bool IsFaNotify(int sysno);
     94   static bool IsTimer(int sysno);
     95   static bool IsAdvancedTimer(int sysno);
     96   static bool IsExtendedAttributes(int sysno);
     97   static bool IsMisc(int sysno);
     98 #if defined(__arm__)
     99   static bool IsArmPciConfig(int sysno);
    100   static bool IsArmPrivate(int sysno);
    101 #endif  // defined(__arm__)
    102 #if defined(__mips__)
    103   static bool IsMipsPrivate(int sysno);
    104   static bool IsMipsMisc(int sysno);
    105 #endif  // defined(__mips__)
    106  private:
    107   DISALLOW_IMPLICIT_CONSTRUCTORS(SyscallSets);
    108 };
    109 
    110 }  // namespace sandbox.
    111 
    112 #endif  // SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_
    113