File: seccomp.c

package info (click to toggle)
trinity 1.9%2Bgit20200331.4d2343bd18c7b-2%2Bdeb11u1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 3,080 kB
  • sloc: ansic: 32,746; sh: 536; makefile: 164
file content (41 lines) | stat: -rw-r--r-- 897 bytes parent folder | download | duplicates (5) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
/*
 * SYSCALL_DEFINE3(seccomp, unsigned int, op, unsigned int, flags,
 *                          const char __user *, uargs)
 */
#include <errno.h>
#include "sanitise.h"

#define SECCOMP_SET_MODE_STRICT 0
#define SECCOMP_SET_MODE_FILTER 1

#define SECCOMP_FILTER_FLAG_TSYNC 1

static void sanitise_seccomp(struct syscallrecord *rec)
{
	if (rec->a1 == SECCOMP_SET_MODE_STRICT) {
		rec->a2 = 0;
		rec->a3 = 0;
	}
}

static unsigned long seccomp_ops[] = {
	SECCOMP_SET_MODE_STRICT, SECCOMP_SET_MODE_FILTER,
};

static unsigned long seccomp_flags[] = {
	SECCOMP_FILTER_FLAG_TSYNC,
};

struct syscallentry syscall_seccomp = {
	.name = "seccomp",
	.num_args = 3,
	.arg1name = "op",
	.arg1type = ARG_OP,
	.arg1list = ARGLIST(seccomp_ops),
	.arg2name = "flags",
	.arg2type = ARG_LIST,
	.arg2list = ARGLIST(seccomp_flags),
	.arg3name = "uargs",
	.arg3type = ARG_ADDRESS,
	.sanitise = sanitise_seccomp,
};