security/capsicum_syscall_table.h - chromiumos/third_party/kernel-capsicum - Git at Google

 /*
  * System call permission table for Capsicum, a capability API for UNIX.
  *
  * Copyright (C) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2, as
  * published by the Free Software Foundation.
  *
  * This file is generated by capsicum_table.js. It should not live in the
  * repository in the long term: eventually, capsicum_table.js will be
  * rewritten in Perl, and will be invoked automatically by the build system,
  * and this file will be removed from the repository.
  */
 #include <linux/audit.h>
 #include <linux/mman.h>
 #include <asm/prctl.h>

 int capsicum_run_syscall_table(int arch, int call, unsigned long *args)
 {
 	if (arch != AUDIT_ARCH_X86_64)
 		return -ECAPMODE;

 	switch (call) {
 	case (__NR_accept):
 		return require_rights(args[0], CAP_ACCEPT);

 	case (__NR_accept4):
 		return require_rights(args[0], CAP_ACCEPT);

 	case (__NR_bind):
 		return require_rights(args[0], CAP_BIND);

 	case (__NR_connect):
 		return require_rights(args[0], CAP_CONNECT);

 	case (__NR_sendto):
 		return require_rights(args[0], CAP_WRITE
 					| (((void *)args[4] != NULL) ? CAP_CONNECT : 0));

 	case (__NR_fremovexattr):
 		return require_rights(args[0], CAP_EXTATTR_DELETE);

 	case (__NR_fgetxattr):
 		return require_rights(args[0], CAP_EXTATTR_GET);

 	case (__NR_flistxattr):
 		return require_rights(args[0], CAP_EXTATTR_LIST);

 	case (__NR_fsetxattr):
 		return require_rights(args[0], CAP_EXTATTR_SET);

 	case (__NR_fchdir):
 		return require_rights(args[0], CAP_FCHDIR);

 	case (__NR_fchmod):
 		return require_rights(args[0], CAP_FCHMOD);

 	case (__NR_fchown):
 		return require_rights(args[0], CAP_FCHOWN);

 	case (__NR_fcntl):
 		return require_rights(args[0], CAP_FCNTL);

 	case (__NR_flock):
 		return require_rights(args[0], CAP_FLOCK);

 	case (__NR_fstat):
 		return require_rights(args[0], CAP_FSTAT);

 	case (__NR_fsync):
 		return require_rights(args[0], CAP_FSYNC);

 	case (__NR_fdatasync):
 		return require_rights(args[0], CAP_FSYNC);

 	case (__NR_ftruncate):
 		return require_rights(args[0], CAP_FTRUNCATE);

 	case (__NR_utimensat):
 		return require_rights(args[0], CAP_FUTIMES
 					| (((void *)args[1] != NULL) ? CAP_LOOKUP : 0));

 	case (__NR_getpeername):
 		return require_rights(args[0], CAP_GETPEERNAME);

 	case (__NR_getsockname):
 		return require_rights(args[0], CAP_GETSOCKNAME);

 	case (__NR_getsockopt):
 		return require_rights(args[0], CAP_GETSOCKOPT);

 	case (__NR_ioctl):
 		return require_rights(args[0], CAP_IOCTL);

 	case (__NR_listen):
 		return require_rights(args[0], CAP_LISTEN);

 	case (__NR_openat):
 		return require_rights(args[0], CAP_LOOKUP
 					| (args[2] & O_WRONLY ? CAP_WRITE : CAP_READ)
 					| (args[2] & O_RDWR ? CAP_READ|CAP_WRITE : 0)
 					| (args[2] & O_CREAT ? CAP_WRITE : 0)
 					| (args[2] & O_EXCL ? CAP_WRITE : 0)
 					| (args[2] & O_TRUNC ? CAP_WRITE : 0))
 			?: (args[2] & ~(O_WRONLY|O_RDWR|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|O_CLOEXEC|O_DIRECT|O_DIRECTORY|O_LARGEFILE|O_NOATIME|O_NOCTTY|O_NOFOLLOW|O_NONBLOCK|O_SYNC) ? -ECAPMODE : 0);

 	case (__NR_faccessat):
 		return require_rights(args[0], CAP_LOOKUP);

 	case (__NR_fchmodat):
 		return require_rights(args[0], CAP_LOOKUP|CAP_FCHMOD);

 	case (__NR_fchownat):
 		return require_rights(args[0], CAP_LOOKUP|CAP_FCHOWN);

 	case (__NR_newfstatat):
 		return require_rights(args[0], CAP_LOOKUP|CAP_FSTAT);

 	case (__NR_futimesat):
 		return require_rights(args[0], CAP_LOOKUP|CAP_FUTIMES);

 	case (__NR_linkat):
 		return require_rights(args[0], CAP_LOOKUP)
 			?: require_rights(args[2], CAP_LOOKUP|CAP_CREATE);

 	case (__NR_mkdirat):
 		return require_rights(args[0], CAP_LOOKUP|CAP_MKDIR);

 	case (__NR_readlinkat):
 		return require_rights(args[0], CAP_LOOKUP|CAP_READ);

 	case (__NR_renameat):
 		return require_rights(args[0], CAP_LOOKUP|CAP_DELETE)
 			?: require_rights(args[2], CAP_LOOKUP|CAP_CREATE);

 	case (__NR_symlinkat):
 		return require_rights(args[1], CAP_LOOKUP|CAP_CREATE);

 	case (__NR_unlinkat):
 		return require_rights(args[0], CAP_LOOKUP|CAP_DELETE);

 	case (__NR_mmap):
 		return check_mmap(arch, call, args);

 	case (__NR_munmap):
 		return 0;

 	case (__NR_pread64):
 		return require_rights(args[0], CAP_READ);

 	case (__NR_read):
 		return require_rights(args[0], CAP_READ|CAP_SEEK);

 	case (__NR_recvfrom):
 		return require_rights(args[0], CAP_READ);

 	case (__NR_lseek):
 		return require_rights(args[0], CAP_SEEK);

 	case (__NR_setsockopt):
 		return require_rights(args[0], CAP_SETSOCKOPT);

 	case (__NR_shutdown):
 		return require_rights(args[0], CAP_SHUTDOWN);

 	case (__NR_write):
 		return require_rights(args[0], CAP_WRITE|CAP_SEEK);

 	case (__NR_pwrite64):
 		return require_rights(args[0], CAP_WRITE);

 	case (__NR_uname):
 		return 0;

 	case (__NR_brk):
 		return 0;

 	case (__NR_arch_prctl):
 		return (args[0] & ~(ARCH_SET_FS|ARCH_GET_FS|ARCH_SET_GS|ARCH_GET_GS) ? -ECAPMODE : 0);

 	case (__NR_rt_sigaction):
 		return 0;

 	case (__NR_fexecve):
 		return require_rights(args[0], CAP_FEXECVE);

 	case (__NR_pdfork):
 		return (args[1] & ~(0) ? -ECAPMODE : 0);

 	case (__NR_pdkill):
 		return 0;

 	case (__NR_close):
 		return 0;

 	case (__NR_cap_new):
 		return 0;

 	case (__NR_exit):
 		return 0;

 	case (__NR_exit_group):
 		return 0;

 	default:
 		return -ECAPMODE;
 	}
 }
	/*
	* System call permission table for Capsicum, a capability API for UNIX.
	*
	* Copyright (C) 2012 The Chromium OS Authors <chromium-os-dev@chromium.org>
	*
	* This program is free software; you can redistribute it and/or modify
	* it under the terms of the GNU General Public License version 2, as
	* published by the Free Software Foundation.
	*
	* This file is generated by capsicum_table.js. It should not live in the
	* repository in the long term: eventually, capsicum_table.js will be
	* rewritten in Perl, and will be invoked automatically by the build system,
	* and this file will be removed from the repository.
	*/
	#include <linux/audit.h>
	#include <linux/mman.h>
	#include <asm/prctl.h>

	int capsicum_run_syscall_table(int arch, int call, unsigned long *args)
	{
	if (arch != AUDIT_ARCH_X86_64)
	return -ECAPMODE;

	switch (call) {
	case (__NR_accept):
	return require_rights(args[0], CAP_ACCEPT);

	case (__NR_accept4):
	return require_rights(args[0], CAP_ACCEPT);

	case (__NR_bind):
	return require_rights(args[0], CAP_BIND);

	case (__NR_connect):
	return require_rights(args[0], CAP_CONNECT);

	case (__NR_sendto):
	return require_rights(args[0], CAP_WRITE
	\| (((void *)args[4] != NULL) ? CAP_CONNECT : 0));

	case (__NR_fremovexattr):
	return require_rights(args[0], CAP_EXTATTR_DELETE);

	case (__NR_fgetxattr):
	return require_rights(args[0], CAP_EXTATTR_GET);

	case (__NR_flistxattr):
	return require_rights(args[0], CAP_EXTATTR_LIST);

	case (__NR_fsetxattr):
	return require_rights(args[0], CAP_EXTATTR_SET);

	case (__NR_fchdir):
	return require_rights(args[0], CAP_FCHDIR);

	case (__NR_fchmod):
	return require_rights(args[0], CAP_FCHMOD);

	case (__NR_fchown):
	return require_rights(args[0], CAP_FCHOWN);

	case (__NR_fcntl):
	return require_rights(args[0], CAP_FCNTL);

	case (__NR_flock):
	return require_rights(args[0], CAP_FLOCK);

	case (__NR_fstat):
	return require_rights(args[0], CAP_FSTAT);

	case (__NR_fsync):
	return require_rights(args[0], CAP_FSYNC);

	case (__NR_fdatasync):
	return require_rights(args[0], CAP_FSYNC);

	case (__NR_ftruncate):
	return require_rights(args[0], CAP_FTRUNCATE);

	case (__NR_utimensat):
	return require_rights(args[0], CAP_FUTIMES
	\| (((void *)args[1] != NULL) ? CAP_LOOKUP : 0));

	case (__NR_getpeername):
	return require_rights(args[0], CAP_GETPEERNAME);

	case (__NR_getsockname):
	return require_rights(args[0], CAP_GETSOCKNAME);

	case (__NR_getsockopt):
	return require_rights(args[0], CAP_GETSOCKOPT);

	case (__NR_ioctl):
	return require_rights(args[0], CAP_IOCTL);

	case (__NR_listen):
	return require_rights(args[0], CAP_LISTEN);

	case (__NR_openat):
	return require_rights(args[0], CAP_LOOKUP
	\| (args[2] & O_WRONLY ? CAP_WRITE : CAP_READ)
	\| (args[2] & O_RDWR ? CAP_READ\|CAP_WRITE : 0)
	\| (args[2] & O_CREAT ? CAP_WRITE : 0)
	\| (args[2] & O_EXCL ? CAP_WRITE : 0)
	\| (args[2] & O_TRUNC ? CAP_WRITE : 0))
	?: (args[2] & ~(O_WRONLY\|O_RDWR\|O_CREAT\|O_EXCL\|O_TRUNC\|O_APPEND\|FASYNC\|O_CLOEXEC\|O_DIRECT\|O_DIRECTORY\|O_LARGEFILE\|O_NOATIME\|O_NOCTTY\|O_NOFOLLOW\|O_NONBLOCK\|O_SYNC) ? -ECAPMODE : 0);

	case (__NR_faccessat):
	return require_rights(args[0], CAP_LOOKUP);

	case (__NR_fchmodat):
	return require_rights(args[0], CAP_LOOKUP\|CAP_FCHMOD);

	case (__NR_fchownat):
	return require_rights(args[0], CAP_LOOKUP\|CAP_FCHOWN);

	case (__NR_newfstatat):
	return require_rights(args[0], CAP_LOOKUP\|CAP_FSTAT);

	case (__NR_futimesat):
	return require_rights(args[0], CAP_LOOKUP\|CAP_FUTIMES);

	case (__NR_linkat):
	return require_rights(args[0], CAP_LOOKUP)
	?: require_rights(args[2], CAP_LOOKUP\|CAP_CREATE);

	case (__NR_mkdirat):
	return require_rights(args[0], CAP_LOOKUP\|CAP_MKDIR);

	case (__NR_readlinkat):
	return require_rights(args[0], CAP_LOOKUP\|CAP_READ);

	case (__NR_renameat):
	return require_rights(args[0], CAP_LOOKUP\|CAP_DELETE)
	?: require_rights(args[2], CAP_LOOKUP\|CAP_CREATE);

	case (__NR_symlinkat):
	return require_rights(args[1], CAP_LOOKUP\|CAP_CREATE);

	case (__NR_unlinkat):
	return require_rights(args[0], CAP_LOOKUP\|CAP_DELETE);

	case (__NR_mmap):
	return check_mmap(arch, call, args);

	case (__NR_munmap):
	return 0;

	case (__NR_pread64):
	return require_rights(args[0], CAP_READ);

	case (__NR_read):
	return require_rights(args[0], CAP_READ\|CAP_SEEK);

	case (__NR_recvfrom):
	return require_rights(args[0], CAP_READ);

	case (__NR_lseek):
	return require_rights(args[0], CAP_SEEK);

	case (__NR_setsockopt):
	return require_rights(args[0], CAP_SETSOCKOPT);

	case (__NR_shutdown):
	return require_rights(args[0], CAP_SHUTDOWN);

	case (__NR_write):
	return require_rights(args[0], CAP_WRITE\|CAP_SEEK);

	case (__NR_pwrite64):
	return require_rights(args[0], CAP_WRITE);

	case (__NR_uname):
	return 0;

	case (__NR_brk):
	return 0;

	case (__NR_arch_prctl):
	return (args[0] & ~(ARCH_SET_FS\|ARCH_GET_FS\|ARCH_SET_GS\|ARCH_GET_GS) ? -ECAPMODE : 0);

	case (__NR_rt_sigaction):
	return 0;

	case (__NR_fexecve):
	return require_rights(args[0], CAP_FEXECVE);

	case (__NR_pdfork):
	return (args[1] & ~(0) ? -ECAPMODE : 0);

	case (__NR_pdkill):
	return 0;

	case (__NR_close):
	return 0;

	case (__NR_cap_new):
	return 0;

	case (__NR_exit):
	return 0;

	case (__NR_exit_group):
	return 0;

	default:
	return -ECAPMODE;
	}
	}