Root/
| 1 | /* |
| 2 | * Naive system call dropper built on seccomp_filter. |
| 3 | * |
| 4 | * Copyright (c) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org> |
| 5 | * Author: Will Drewry <wad@chromium.org> |
| 6 | * |
| 7 | * The code may be used by anyone for any purpose, |
| 8 | * and can serve as a starting point for developing |
| 9 | * applications using prctl(PR_SET_SECCOMP, 2, ...). |
| 10 | * |
| 11 | * When run, returns the specified errno for the specified |
| 12 | * system call number against the given architecture. |
| 13 | * |
| 14 | * Run this one as root as PR_SET_NO_NEW_PRIVS is not called. |
| 15 | */ |
| 16 | |
| 17 | #include <errno.h> |
| 18 | #include <linux/audit.h> |
| 19 | #include <linux/filter.h> |
| 20 | #include <linux/seccomp.h> |
| 21 | #include <linux/unistd.h> |
| 22 | #include <stdio.h> |
| 23 | #include <stddef.h> |
| 24 | #include <stdlib.h> |
| 25 | #include <sys/prctl.h> |
| 26 | #include <unistd.h> |
| 27 | |
| 28 | static int install_filter(int nr, int arch, int error) |
| 29 | { |
| 30 | struct sock_filter filter[] = { |
| 31 | BPF_STMT(BPF_LD+BPF_W+BPF_ABS, |
| 32 | (offsetof(struct seccomp_data, arch))), |
| 33 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, arch, 0, 3), |
| 34 | BPF_STMT(BPF_LD+BPF_W+BPF_ABS, |
| 35 | (offsetof(struct seccomp_data, nr))), |
| 36 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, nr, 0, 1), |
| 37 | BPF_STMT(BPF_RET+BPF_K, |
| 38 | SECCOMP_RET_ERRNO|(error & SECCOMP_RET_DATA)), |
| 39 | BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW), |
| 40 | }; |
| 41 | struct sock_fprog prog = { |
| 42 | .len = (unsigned short)(sizeof(filter)/sizeof(filter[0])), |
| 43 | .filter = filter, |
| 44 | }; |
| 45 | if (prctl(PR_SET_SECCOMP, 2, &prog)) { |
| 46 | perror("prctl"); |
| 47 | return 1; |
| 48 | } |
| 49 | return 0; |
| 50 | } |
| 51 | |
| 52 | int main(int argc, char **argv) |
| 53 | { |
| 54 | if (argc < 5) { |
| 55 | fprintf(stderr, "Usage:\n" |
| 56 | "dropper <syscall_nr> <arch> <errno> <prog> [<args>]\n" |
| 57 | "Hint: AUDIT_ARCH_I386: 0x%X\n" |
| 58 | " AUDIT_ARCH_X86_64: 0x%X\n" |
| 59 | "\n", AUDIT_ARCH_I386, AUDIT_ARCH_X86_64); |
| 60 | return 1; |
| 61 | } |
| 62 | if (install_filter(strtol(argv[1], NULL, 0), strtol(argv[2], NULL, 0), |
| 63 | strtol(argv[3], NULL, 0))) |
| 64 | return 1; |
| 65 | execv(argv[4], &argv[4]); |
| 66 | printf("Failed to execv\n"); |
| 67 | return 255; |
| 68 | } |
| 69 |
Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master
Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9
