1 /* 2 * Check how seccomp SECCOMP_SET_MODE_STRICT is decoded. 3 * 4 * Copyright (c) 2016 Dmitry V. Levin <ldv@altlinux.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. The name of the author may not be used to endorse or promote products 16 * derived from this software without specific prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 #include "tests.h" 31 #include <asm/unistd.h> 32 33 #if defined __NR_seccomp && defined __NR_exit 34 35 # include <stdio.h> 36 # include <unistd.h> 37 38 int 39 main(void) 40 { 41 static const char text1[] = 42 "seccomp(SECCOMP_SET_MODE_STRICT, 0, NULL) = 0\n"; 43 static const char text2[] = "+++ exited with 0 +++\n"; 44 const kernel_ulong_t addr = (kernel_ulong_t) 0xfacefeeddeadbeefULL; 45 long rc; 46 47 rc = syscall(__NR_seccomp, -1L, -1L, addr); 48 printf("seccomp(%#x /* SECCOMP_SET_MODE_??? */, %u, %#llx)" 49 " = %s\n", -1, -1, (unsigned long long) addr, sprintrc(rc)); 50 fflush(stdout); 51 52 rc = syscall(__NR_seccomp, 0, 0, 0); 53 if (rc) { 54 printf("seccomp(SECCOMP_SET_MODE_STRICT, 0, NULL) = %s\n", 55 sprintrc(rc)); 56 fflush(stdout); 57 rc = 0; 58 } else { 59 /* 60 * If kernel implementaton of SECCOMP_MODE_STRICT is buggy, 61 * the following syscall will result to SIGKILL. 62 */ 63 rc = write(1, text1, LENGTH_OF(text1)) != LENGTH_OF(text1); 64 } 65 66 rc += write(1, text2, LENGTH_OF(text2)) != LENGTH_OF(text2); 67 return !!syscall(__NR_exit, rc); 68 } 69 70 #else 71 72 SKIP_MAIN_UNDEFINED("__NR_seccomp && __NR_exit") 73 74 #endif 75