1 /*
2 * Copyright (c) 2015-2021 Dmitry V. Levin <ldv@strace.io>
3 * All rights reserved.
4 *
5 * SPDX-License-Identifier: LGPL-2.1-or-later
6 */
7
8 #include "defs.h"
9
10 #include <linux/seccomp.h>
11 #include "xlat/seccomp_ops.h"
12 #include "xlat/seccomp_filter_flags.h"
13
14 SYS_FUNC(seccomp)
15 {
16 unsigned int op = tcp->u_arg[0];
17 unsigned int flags = tcp->u_arg[1];
18 unsigned int act;
19
20 /* operation */
21 if (entering(tcp)) {
22 printxval(seccomp_ops, op, "SECCOMP_SET_MODE_???");
23 tprint_arg_next();
24 }
25
26 switch (op) {
27 case SECCOMP_GET_ACTION_AVAIL:
28 /* flags */
29 PRINT_VAL_X(flags);
30 tprint_arg_next();
31
32 /* args */
33 if (!umove_or_printaddr(tcp, tcp->u_arg[2], &act)) {
34 tprint_indirect_begin();
35 printxval(seccomp_ret_action, act, "SECCOMP_RET_???");
36 tprint_indirect_end();
37 }
38 break;
39
40 case SECCOMP_GET_NOTIF_SIZES:
41 if (entering(tcp)) {
42 /* flags */
43 PRINT_VAL_X(flags);
44 tprint_arg_next();
45
46 return 0;
47 } else {
48 struct seccomp_notif_sizes szs;
49
50 /* args */
51 if (!umove_or_printaddr(tcp, tcp->u_arg[2], &szs)) {
52 tprint_struct_begin();
53 PRINT_FIELD_U(szs, seccomp_notif);
54 tprint_struct_next();
55 PRINT_FIELD_U(szs, seccomp_notif_resp);
56 tprint_struct_next();
57 PRINT_FIELD_U(szs, seccomp_data);
58 tprint_struct_end();
59 }
60 }
61 break;
62
63 case SECCOMP_SET_MODE_FILTER:
64 /* flags */
65 printflags(seccomp_filter_flags, flags,
66 "SECCOMP_FILTER_FLAG_???");
67 tprint_arg_next();
68
69 /* args */
70 decode_seccomp_fprog(tcp, tcp->u_arg[2]);
71 break;
72
73 case SECCOMP_SET_MODE_STRICT:
74 default:
75 /* flags */
76 PRINT_VAL_X(flags);
77 tprint_arg_next();
78
79 /* args */
80 printaddr(tcp->u_arg[2]);
81 break;
82 }
83
84 return RVAL_DECODED;
85 }