bpf-fancy.c - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
bpf-fancy.c (2540B)
      1// SPDX-License-Identifier: GPL-2.0
      2/*
      3 * Seccomp BPF example using a macro-based generator.
      4 *
      5 * Copyright (c) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org>
      6 * Author: Will Drewry <wad@chromium.org>
      7 *
      8 * The code may be used by anyone for any purpose,
      9 * and can serve as a starting point for developing
     10 * applications using prctl(PR_ATTACH_SECCOMP_FILTER).
     11 */
     12
     13#include <linux/filter.h>
     14#include <linux/seccomp.h>
     15#include <linux/unistd.h>
     16#include <stdio.h>
     17#include <string.h>
     18#include <sys/prctl.h>
     19#include <unistd.h>
     20
     21#include "bpf-helper.h"
     22
     23#ifndef PR_SET_NO_NEW_PRIVS
     24#define PR_SET_NO_NEW_PRIVS 38
     25#endif
     26
     27int main(int argc, char **argv)
     28{
     29	struct bpf_labels l = {
     30		.count = 0,
     31	};
     32	static const char msg1[] = "Please type something: ";
     33	static const char msg2[] = "You typed: ";
     34	char buf[256];
     35	struct sock_filter filter[] = {
     36		/* TODO: LOAD_SYSCALL_NR(arch) and enforce an arch */
     37		LOAD_SYSCALL_NR,
     38		SYSCALL(__NR_exit, ALLOW),
     39		SYSCALL(__NR_exit_group, ALLOW),
     40		SYSCALL(__NR_write, JUMP(&l, write_fd)),
     41		SYSCALL(__NR_read, JUMP(&l, read)),
     42		DENY,  /* Don't passthrough into a label */
     43
     44		LABEL(&l, read),
     45		ARG(0),
     46		JNE(STDIN_FILENO, DENY),
     47		ARG(1),
     48		JNE((unsigned long)buf, DENY),
     49		ARG(2),
     50		JGE(sizeof(buf), DENY),
     51		ALLOW,
     52
     53		LABEL(&l, write_fd),
     54		ARG(0),
     55		JEQ(STDOUT_FILENO, JUMP(&l, write_buf)),
     56		JEQ(STDERR_FILENO, JUMP(&l, write_buf)),
     57		DENY,
     58
     59		LABEL(&l, write_buf),
     60		ARG(1),
     61		JEQ((unsigned long)msg1, JUMP(&l, msg1_len)),
     62		JEQ((unsigned long)msg2, JUMP(&l, msg2_len)),
     63		JEQ((unsigned long)buf, JUMP(&l, buf_len)),
     64		DENY,
     65
     66		LABEL(&l, msg1_len),
     67		ARG(2),
     68		JLT(sizeof(msg1), ALLOW),
     69		DENY,
     70
     71		LABEL(&l, msg2_len),
     72		ARG(2),
     73		JLT(sizeof(msg2), ALLOW),
     74		DENY,
     75
     76		LABEL(&l, buf_len),
     77		ARG(2),
     78		JLT(sizeof(buf), ALLOW),
     79		DENY,
     80	};
     81	struct sock_fprog prog = {
     82		.filter = filter,
     83		.len = (unsigned short)(sizeof(filter)/sizeof(filter[0])),
     84	};
     85	ssize_t bytes;
     86	bpf_resolve_jumps(&l, filter, sizeof(filter)/sizeof(*filter));
     87
     88	if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
     89		perror("prctl(NO_NEW_PRIVS)");
     90		return 1;
     91	}
     92
     93	if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog)) {
     94		perror("prctl(SECCOMP)");
     95		return 1;
     96	}
     97	syscall(__NR_write, STDOUT_FILENO, msg1, strlen(msg1));
     98	bytes = syscall(__NR_read, STDIN_FILENO, buf, sizeof(buf)-1);
     99	bytes = (bytes > 0 ? bytes : 0);
    100	syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2));
    101	syscall(__NR_write, STDERR_FILENO, buf, bytes);
    102	/* Now get killed */
    103	syscall(__NR_write, STDERR_FILENO, msg2, strlen(msg2)+2);
    104	return 0;
    105}