/* * Naive system call dropper built on seccomp_filter. * * Copyright (c) 2012 The Chromium OS Authors * Author: Will Drewry * * The code may be used by anyone for any purpose, * and can serve as a starting point for developing * applications using prctl(PR_SET_SECCOMP, 2, ...). * * When run, returns the specified errno for the specified * system call number against the given architecture. * */ #include #include #include #include #include #include #include #include #include #include static int install_filter(int nr, int arch, int error) { struct sock_filter filter[] = { BPF_STMT(BPF_LD+BPF_W+BPF_ABS, (offsetof(struct seccomp_data, arch))), BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, arch, 0, 3), BPF_STMT(BPF_LD+BPF_W+BPF_ABS, (offsetof(struct seccomp_data, nr))), BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, nr, 0, 1), BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ERRNO|(error & SECCOMP_RET_DATA)), BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW), }; struct sock_fprog prog = { .len = (unsigned short)(sizeof(filter)/sizeof(filter[0])), .filter = filter, }; if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) { perror("prctl(NO_NEW_PRIVS)"); return 1; } if (prctl(PR_SET_SECCOMP, 2, &prog)) { perror("prctl(PR_SET_SECCOMP)"); return 1; } return 0; } int main(int argc, char **argv) { if (argc < 5) { fprintf(stderr, "Usage:\n" "dropper []\n" "Hint: AUDIT_ARCH_I386: 0x%X\n" " AUDIT_ARCH_X86_64: 0x%X\n" "\n", AUDIT_ARCH_I386, AUDIT_ARCH_X86_64); return 1; } if (install_filter(strtol(argv[1], NULL, 0), strtol(argv[2], NULL, 0), strtol(argv[3], NULL, 0))) return 1; execv(argv[4], &argv[4]); printf("Failed to execv\n"); return 255; } ds-private-remove&id=2ad5d52d42810bed95100a3d912679d8864421ec'>treecommitdiff
path: root/include/dt-bindings
diff options
context:
space:
mode:
authorHelge Deller <deller@gmx.de>2017-01-28 11:52:02 +0100
committerHelge Deller <deller@gmx.de>2017-01-28 21:54:23 +0100
commit2ad5d52d42810bed95100a3d912679d8864421ec (patch)
tree7f93e2f906b1c86f5b76c0f4c0978d41a8a29861 /include/dt-bindings
parent83b5d1e3d3013dbf90645a5d07179d018c8243fa (diff)
parisc: Don't use BITS_PER_LONG in userspace-exported swab.h header
In swab.h the "#if BITS_PER_LONG > 32" breaks compiling userspace programs if BITS_PER_LONG is #defined by userspace with the sizeof() compiler builtin. Solve this problem by using __BITS_PER_LONG instead. Since we now #include asm/bitsperlong.h avoid further potential userspace pollution by moving the #define of SHIFT_PER_LONG to bitops.h which is not exported to userspace. This patch unbreaks compiling qemu on hppa/parisc. Signed-off-by: Helge Deller <deller@gmx.de> Cc: <stable@vger.kernel.org>
Diffstat (limited to 'include/dt-bindings')