| Index: sandbox/linux/bpf_dsl/seccomp_macros.h
|
| diff --git a/sandbox/linux/seccomp-bpf/linux_seccomp.h b/sandbox/linux/bpf_dsl/seccomp_macros.h
|
| similarity index 73%
|
| rename from sandbox/linux/seccomp-bpf/linux_seccomp.h
|
| rename to sandbox/linux/bpf_dsl/seccomp_macros.h
|
| index c13ef20bb363027b20b681d79420532e86fc2db2..b72357ae75fb002543283d8952dad1afdcca3cd0 100644
|
| --- a/sandbox/linux/seccomp-bpf/linux_seccomp.h
|
| +++ b/sandbox/linux/bpf_dsl/seccomp_macros.h
|
| @@ -2,16 +2,8 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#ifndef SANDBOX_LINUX_SECCOMP_BPF_LINUX_SECCOMP_H__
|
| -#define SANDBOX_LINUX_SECCOMP_BPF_LINUX_SECCOMP_H__
|
| -
|
| -// The Seccomp2 kernel ABI is not part of older versions of glibc.
|
| -// As we can't break compilation with these versions of the library,
|
| -// we explicitly define all missing symbols.
|
| -// If we ever decide that we can now rely on system headers, the following
|
| -// include files should be enabled:
|
| -// #include <linux/audit.h>
|
| -// #include <linux/seccomp.h>
|
| +#ifndef SANDBOX_LINUX_BPF_DSL_SECCOMP_MACROS_H_
|
| +#define SANDBOX_LINUX_BPF_DSL_SECCOMP_MACROS_H_
|
|
|
| #include <asm/unistd.h>
|
| #include <linux/filter.h>
|
| @@ -29,113 +21,12 @@
|
| #endif
|
| #endif
|
|
|
| -// For audit.h
|
| -#ifndef EM_ARM
|
| -#define EM_ARM 40
|
| -#endif
|
| -#ifndef EM_386
|
| -#define EM_386 3
|
| -#endif
|
| -#ifndef EM_X86_64
|
| -#define EM_X86_64 62
|
| -#endif
|
| -#ifndef EM_MIPS
|
| -#define EM_MIPS 8
|
| -#endif
|
| -#ifndef EM_AARCH64
|
| -#define EM_AARCH64 183
|
| -#endif
|
| -
|
| -#ifndef __AUDIT_ARCH_64BIT
|
| -#define __AUDIT_ARCH_64BIT 0x80000000
|
| -#endif
|
| -#ifndef __AUDIT_ARCH_LE
|
| -#define __AUDIT_ARCH_LE 0x40000000
|
| -#endif
|
| -#ifndef AUDIT_ARCH_ARM
|
| -#define AUDIT_ARCH_ARM (EM_ARM|__AUDIT_ARCH_LE)
|
| -#endif
|
| -#ifndef AUDIT_ARCH_I386
|
| -#define AUDIT_ARCH_I386 (EM_386|__AUDIT_ARCH_LE)
|
| -#endif
|
| -#ifndef AUDIT_ARCH_X86_64
|
| -#define AUDIT_ARCH_X86_64 (EM_X86_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
|
| -#endif
|
| -#ifndef AUDIT_ARCH_MIPSEL
|
| -#define AUDIT_ARCH_MIPSEL (EM_MIPS|__AUDIT_ARCH_LE)
|
| -#endif
|
| -#ifndef AUDIT_ARCH_AARCH64
|
| -#define AUDIT_ARCH_AARCH64 (EM_AARCH64 | __AUDIT_ARCH_64BIT | __AUDIT_ARCH_LE)
|
| -#endif
|
| -
|
| -// For prctl.h
|
| -#ifndef PR_SET_SECCOMP
|
| -#define PR_SET_SECCOMP 22
|
| -#define PR_GET_SECCOMP 21
|
| -#endif
|
| -#ifndef PR_SET_NO_NEW_PRIVS
|
| -#define PR_SET_NO_NEW_PRIVS 38
|
| -#define PR_GET_NO_NEW_PRIVS 39
|
| -#endif
|
| -#ifndef IPC_64
|
| -#define IPC_64 0x0100
|
| -#endif
|
| -
|
| -#ifndef BPF_MOD
|
| -#define BPF_MOD 0x90
|
| -#endif
|
| -#ifndef BPF_XOR
|
| -#define BPF_XOR 0xA0
|
| -#endif
|
| -
|
| -// In order to build will older tool chains, we currently have to avoid
|
| -// including <linux/seccomp.h>. Until that can be fixed (if ever). Rely on
|
| -// our own definitions of the seccomp kernel ABI.
|
| -#ifndef SECCOMP_MODE_FILTER
|
| -#define SECCOMP_MODE_DISABLED 0
|
| -#define SECCOMP_MODE_STRICT 1
|
| -#define SECCOMP_MODE_FILTER 2 // User user-supplied filter
|
| -#endif
|
| -
|
| -#ifndef SECCOMP_SET_MODE_STRICT
|
| -#define SECCOMP_SET_MODE_STRICT 0
|
| -#endif
|
| -#ifndef SECCOMP_SET_MODE_FILTER
|
| -#define SECCOMP_SET_MODE_FILTER 1
|
| -#endif
|
| -#ifndef SECCOMP_FILTER_FLAG_TSYNC
|
| -#define SECCOMP_FILTER_FLAG_TSYNC 1
|
| -#endif
|
| -
|
| -#ifndef SECCOMP_RET_KILL
|
| -// Return values supported for BPF filter programs. Please note that the
|
| -// "illegal" SECCOMP_RET_INVALID is not supported by the kernel, should only
|
| -// ever be used internally, and would result in the kernel killing our process.
|
| -#define SECCOMP_RET_KILL 0x00000000U // Kill the task immediately
|
| -#define SECCOMP_RET_INVALID 0x00010000U // Illegal return value
|
| -#define SECCOMP_RET_TRAP 0x00030000U // Disallow and force a SIGSYS
|
| -#define SECCOMP_RET_ERRNO 0x00050000U // Returns an errno
|
| -#define SECCOMP_RET_TRACE 0x7ff00000U // Pass to a tracer or disallow
|
| -#define SECCOMP_RET_ALLOW 0x7fff0000U // Allow
|
| -#define SECCOMP_RET_ACTION 0xffff0000U // Masks for the return value
|
| -#define SECCOMP_RET_DATA 0x0000ffffU // sections
|
| -#else
|
| -#define SECCOMP_RET_INVALID 0x00010000U // Illegal return value
|
| -#endif
|
| -
|
| -#ifndef SYS_SECCOMP
|
| -#define SYS_SECCOMP 1
|
| -#endif
|
| -
|
| // Impose some reasonable maximum BPF program size. Realistically, the
|
| // kernel probably has much lower limits. But by limiting to less than
|
| // 30 bits, we can ease requirements on some of our data types.
|
| #define SECCOMP_MAX_PROGRAM_SIZE (1<<30)
|
|
|
| #if defined(__i386__)
|
| -#define MIN_SYSCALL 0u
|
| -#define MAX_PUBLIC_SYSCALL 1024u
|
| -#define MAX_SYSCALL MAX_PUBLIC_SYSCALL
|
| #define SECCOMP_ARCH AUDIT_ARCH_I386
|
|
|
| #define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.gregs[(_reg)])
|
| @@ -198,9 +89,6 @@ typedef user_regs_struct regs_struct;
|
| #define SECCOMP_PT_PARM6(_regs) (_regs).ebp
|
|
|
| #elif defined(__x86_64__)
|
| -#define MIN_SYSCALL 0u
|
| -#define MAX_PUBLIC_SYSCALL 1024u
|
| -#define MAX_SYSCALL MAX_PUBLIC_SYSCALL
|
| #define SECCOMP_ARCH AUDIT_ARCH_X86_64
|
|
|
| #define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.gregs[(_reg)])
|
| @@ -236,17 +124,6 @@ typedef user_regs_struct regs_struct;
|
| #define SECCOMP_PT_PARM6(_regs) (_regs).r9
|
|
|
| #elif defined(__arm__) && (defined(__thumb__) || defined(__ARM_EABI__))
|
| -// ARM EABI includes "ARM private" system calls starting at |__ARM_NR_BASE|,
|
| -// and a "ghost syscall private to the kernel", cmpxchg,
|
| -// at |__ARM_NR_BASE+0x00fff0|.
|
| -// See </arch/arm/include/asm/unistd.h> in the Linux kernel.
|
| -#define MIN_SYSCALL ((unsigned int)__NR_SYSCALL_BASE)
|
| -#define MAX_PUBLIC_SYSCALL (MIN_SYSCALL + 1024u)
|
| -#define MIN_PRIVATE_SYSCALL ((unsigned int)__ARM_NR_BASE)
|
| -#define MAX_PRIVATE_SYSCALL (MIN_PRIVATE_SYSCALL + 16u)
|
| -#define MIN_GHOST_SYSCALL ((unsigned int)__ARM_NR_BASE + 0xfff0u)
|
| -#define MAX_SYSCALL (MIN_GHOST_SYSCALL + 4u)
|
| -
|
| #define SECCOMP_ARCH AUDIT_ARCH_ARM
|
|
|
| // ARM sigcontext_t is different from i386/x86_64.
|
| @@ -314,9 +191,6 @@ typedef user_regs regs_struct;
|
| #define SECCOMP_PT_PARM6(_regs) (_regs).REG_r5
|
|
|
| #elif defined(__mips__) && (_MIPS_SIM == _MIPS_SIM_ABI32)
|
| -#define MIN_SYSCALL __NR_O32_Linux
|
| -#define MAX_PUBLIC_SYSCALL (MIN_SYSCALL + __NR_Linux_syscalls)
|
| -#define MAX_SYSCALL MAX_PUBLIC_SYSCALL
|
| #define SECCOMP_ARCH AUDIT_ARCH_MIPSEL
|
| #define SYSCALL_EIGHT_ARGS
|
| // MIPS sigcontext_t is different from i386/x86_64 and ARM.
|
| @@ -378,9 +252,6 @@ struct regs_struct {
|
| unsigned long long pstate;
|
| };
|
|
|
| -#define MIN_SYSCALL 0u
|
| -#define MAX_PUBLIC_SYSCALL 279u
|
| -#define MAX_SYSCALL MAX_PUBLIC_SYSCALL
|
| #define SECCOMP_ARCH AUDIT_ARCH_AARCH64
|
|
|
| #define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.regs[_reg])
|
| @@ -420,4 +291,4 @@ struct regs_struct {
|
|
|
| #endif
|
|
|
| -#endif // SANDBOX_LINUX_SECCOMP_BPF_LINUX_SECCOMP_H__
|
| +#endif // SANDBOX_LINUX_BPF_DSL_SECCOMP_MACROS_H_
|
|
|
Chromium Code Reviews
Issue 935333002:
Update from https://crrev.com/316786 (Closed)
Base URL: git@github.com:domokit/mojo.git@master