diff options
Diffstat (limited to 'kernel/seccomp.c')
-rw-r--r-- | kernel/seccomp.c | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/kernel/seccomp.c b/kernel/seccomp.c new file mode 100644 index 000000000000..c3391b6020e8 --- /dev/null +++ b/kernel/seccomp.c | |||
@@ -0,0 +1,56 @@ | |||
1 | /* | ||
2 | * linux/kernel/seccomp.c | ||
3 | * | ||
4 | * Copyright 2004-2005 Andrea Arcangeli <andrea@cpushare.com> | ||
5 | * | ||
6 | * This defines a simple but solid secure-computing mode. | ||
7 | */ | ||
8 | |||
9 | #include <linux/seccomp.h> | ||
10 | #include <linux/sched.h> | ||
11 | |||
12 | /* #define SECCOMP_DEBUG 1 */ | ||
13 | |||
14 | /* | ||
15 | * Secure computing mode 1 allows only read/write/exit/sigreturn. | ||
16 | * To be fully secure this must be combined with rlimit | ||
17 | * to limit the stack allocations too. | ||
18 | */ | ||
19 | static int mode1_syscalls[] = { | ||
20 | __NR_seccomp_read, __NR_seccomp_write, __NR_seccomp_exit, __NR_seccomp_sigreturn, | ||
21 | 0, /* null terminated */ | ||
22 | }; | ||
23 | |||
24 | #ifdef TIF_32BIT | ||
25 | static int mode1_syscalls_32[] = { | ||
26 | __NR_seccomp_read_32, __NR_seccomp_write_32, __NR_seccomp_exit_32, __NR_seccomp_sigreturn_32, | ||
27 | 0, /* null terminated */ | ||
28 | }; | ||
29 | #endif | ||
30 | |||
31 | void __secure_computing(int this_syscall) | ||
32 | { | ||
33 | int mode = current->seccomp.mode; | ||
34 | int * syscall; | ||
35 | |||
36 | switch (mode) { | ||
37 | case 1: | ||
38 | syscall = mode1_syscalls; | ||
39 | #ifdef TIF_32BIT | ||
40 | if (test_thread_flag(TIF_32BIT)) | ||
41 | syscall = mode1_syscalls_32; | ||
42 | #endif | ||
43 | do { | ||
44 | if (*syscall == this_syscall) | ||
45 | return; | ||
46 | } while (*++syscall); | ||
47 | break; | ||
48 | default: | ||
49 | BUG(); | ||
50 | } | ||
51 | |||
52 | #ifdef SECCOMP_DEBUG | ||
53 | dump_stack(); | ||
54 | #endif | ||
55 | do_exit(SIGKILL); | ||
56 | } | ||