1  /*
       2   * Check decoding of seccomp SECCOMP_SET_MODE_FILTER.
       3   *
       4   * Copyright (c) 2016 Dmitry V. Levin <ldv@strace.io>
       5   * Copyright (c) 2016-2022 The strace developers.
       6   * All rights reserved.
       7   *
       8   * SPDX-License-Identifier: GPL-2.0-or-later
       9   */
      10  
      11  #include "tests.h"
      12  #include "scno.h"
      13  #include <stdio.h>
      14  #include <unistd.h>
      15  #include <linux/seccomp.h>
      16  #include <linux/filter.h>
      17  
      18  #define N 7
      19  
      20  int
      21  main(void)
      22  {
      23  	struct sock_filter *const filter = tail_alloc(sizeof(*filter) * N);
      24  	const void *const efault = tail_alloc(1);
      25  	TAIL_ALLOC_OBJECT_CONST_PTR(struct sock_fprog, prog);
      26  	long rc;
      27  
      28  	prog->filter = filter;
      29  	prog->len = N;
      30  	rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -1, prog);
      31  	printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, {len=%u, filter=%p})"
      32  	       " = %ld %s (%m)\n",
      33  	       "SECCOMP_FILTER_FLAG_TSYNC|SECCOMP_FILTER_FLAG_LOG|"
      34  	       "SECCOMP_FILTER_FLAG_SPEC_ALLOW|"
      35  	       "SECCOMP_FILTER_FLAG_NEW_LISTENER|"
      36  	       "SECCOMP_FILTER_FLAG_TSYNC_ESRCH|"
      37  	       "SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV|"
      38  	       "0xffffffc0",
      39  	       prog->len, prog->filter, rc, errno2name());
      40  
      41  	rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -64L, efault);
      42  	printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, %p) = %ld %s (%m)\n",
      43  	       "0xffffffc0 /* SECCOMP_FILTER_FLAG_??? */",
      44  	       efault, rc, errno2name());
      45  
      46  	puts("+++ exited with 0 +++");
      47  	return 0;
      48  }