1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_
6 #define SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_
8 #include "base/basictypes.h"
9 #include "build/build_config.h"
11 // These are helpers to build seccomp-bpf policies, i.e. policies for a
12 // sandbox that reduces the Linux kernel's attack surface. Given their
13 // nature, they don't have any clear semantics and are completely
14 // "implementation-defined".
20 static bool IsKill(int sysno);
21 static bool IsAllowedGettime(int sysno);
22 static bool IsCurrentDirectory(int sysno);
23 static bool IsUmask(int sysno);
24 // System calls that directly access the file system. They might acquire
25 // a new file descriptor or otherwise perform an operation directly
27 static bool IsFileSystem(int sysno);
28 static bool IsAllowedFileSystemAccessViaFd(int sysno);
29 static bool IsDeniedFileSystemAccessViaFd(int sysno);
30 static bool IsGetSimpleId(int sysno);
31 static bool IsProcessPrivilegeChange(int sysno);
32 static bool IsProcessGroupOrSession(int sysno);
33 static bool IsAllowedSignalHandling(int sysno);
34 static bool IsAllowedOperationOnFd(int sysno);
35 static bool IsKernelInternalApi(int sysno);
36 // This should be thought through in conjunction with IsFutex().
37 static bool IsAllowedProcessStartOrDeath(int sysno);
38 // It's difficult to restrict those, but there is attack surface here.
39 static bool IsFutex(int sysno);
40 static bool IsAllowedEpoll(int sysno);
41 static bool IsAllowedGetOrModifySocket(int sysno);
42 static bool IsDeniedGetOrModifySocket(int sysno);
45 // Big multiplexing system call for sockets.
46 static bool IsSocketCall(int sysno);
49 #if defined(__x86_64__) || defined(__arm__)
50 static bool IsNetworkSocketInformation(int sysno);
53 static bool IsAllowedAddressSpaceAccess(int sysno);
54 static bool IsAllowedGeneralIo(int sysno);
55 static bool IsAllowedPrctl(int sysno);
56 static bool IsAllowedBasicScheduler(int sysno);
57 static bool IsAdminOperation(int sysno);
58 static bool IsKernelModule(int sysno);
59 static bool IsGlobalFSViewChange(int sysno);
60 static bool IsFsControl(int sysno);
61 static bool IsNuma(int sysno);
62 static bool IsMessageQueue(int sysno);
63 static bool IsGlobalProcessEnvironment(int sysno);
64 static bool IsDebug(int sysno);
65 static bool IsGlobalSystemStatus(int sysno);
66 static bool IsEventFd(int sysno);
67 // Asynchronous I/O API.
68 static bool IsAsyncIo(int sysno);
69 static bool IsKeyManagement(int sysno);
70 #if defined(__x86_64__) || defined(__arm__)
71 static bool IsSystemVSemaphores(int sysno);
73 #if defined(__x86_64__) || defined(__arm__)
74 // These give a lot of ambient authority and bypass the setuid sandbox.
75 static bool IsSystemVSharedMemory(int sysno);
78 #if defined(__x86_64__) || defined(__arm__)
79 static bool IsSystemVMessageQueue(int sysno);
83 // Big system V multiplexing system call.
84 static bool IsSystemVIpc(int sysno);
87 static bool IsAnySystemV(int sysno);
88 static bool IsAdvancedScheduler(int sysno);
89 static bool IsInotify(int sysno);
90 static bool IsFaNotify(int sysno);
91 static bool IsTimer(int sysno);
92 static bool IsAdvancedTimer(int sysno);
93 static bool IsExtendedAttributes(int sysno);
94 static bool IsMisc(int sysno);
96 static bool IsArmPciConfig(int sysno);
97 static bool IsArmPrivate(int sysno);
98 #endif // defined(__arm__)
100 DISALLOW_IMPLICIT_CONSTRUCTORS(SyscallSets);
103 } // namespace sandbox.
105 #endif // SANDBOX_LINUX_SECCOMP_BPF_HELPERS_SYSCALL_SETS_H_