Home | History | Annotate | Download | only in jni 
      1 /*
      2  * Copyright (C) 2017 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #include <jni.h>
     18 
     19 #define LOG_TAG "SeccompTest"
     20 
     21 #include <android/log.h>
     22 #include <unistd.h>
     23 #include <sys/types.h>
     24 #include <sys/wait.h>
     25 
     26 #define ALOG(priority, tag, ...) ((void)__android_log_print(ANDROID_##priority, tag, __VA_ARGS__))
     27 
     28 #define ALOGI(...) ALOG(LOG_INFO, LOG_TAG, __VA_ARGS__)
     29 #define ALOGE(...) ALOG(LOG_ERROR, LOG_TAG, __VA_ARGS__)
     30 
     31 /*
     32  * Function: testSyscallBlocked
     33  * Purpose: test that the syscall listed is blocked by seccomp
     34  * Parameters:
     35  *        nr: syscall number
     36  * Returns:
     37  *        1 if blocked, else 0
     38  * Exceptions: None
     39  */
     40 static jboolean testSyscallBlocked(JNIEnv *, jobject, int nr) {
     41     int pid = fork();
     42     if (pid == 0) {
     43         ALOGI("Calling syscall %d", nr);
     44         syscall(nr);
     45         return false;
     46     } else {
     47         int status;
     48         int ret = waitpid(pid, &status, 0);
     49         if (ret != pid) {
     50             ALOGE("Unexpected return result from waitpid");
     51             return false;
     52         }
     53 
     54         if (WIFEXITED(status)) {
     55             ALOGE("syscall was not blocked");
     56             return false;
     57         }
     58 
     59         if (WIFSIGNALED(status)) {
     60             int signal = WTERMSIG(status);
     61             if (signal == 31) {
     62                 ALOGI("syscall caused process termination");
     63                 return true;
     64             }
     65 
     66             ALOGE("Unexpected signal");
     67             return false;
     68         }
     69 
     70         ALOGE("Unexpected status from syscall_exists");
     71         return false;
     72     }
     73 }
     74 
     75 static JNINativeMethod gMethods[] = {
     76     { "testSyscallBlocked", "(I)Z",
     77             (void*) testSyscallBlocked },
     78 };
     79 
     80 int register_android_seccomp_cts_app_SeccompTest(JNIEnv* env)
     81 {
     82     jclass clazz = env->FindClass("android/seccomp/cts/app/SeccompDeviceTest");
     83 
     84     return env->RegisterNatives(clazz, gMethods,
     85             sizeof(gMethods) / sizeof(JNINativeMethod));
     86 }
     87