linux/samples/seccomp/Makefile

# kbuild trick to avoid linker error. Can be omitted if a module is built.
obj- := dummy.o

hostprogs-$(CONFIG_SECCOMP_FILTER) := bpf-fancy dropper bpf-direct

HOSTCFLAGS_bpf-fancy.o += -I$(objtree)/usr/include
HOSTCFLAGS_bpf-fancy.o += -idirafter $(objtree)/include
HOSTCFLAGS_bpf-helper.o += -I$(objtree)/usr/include
HOSTCFLAGS_bpf-helper.o += -idirafter $(objtree)/include
bpf-fancy-objs := bpf-fancy.o bpf-helper.o

HOSTCFLAGS_dropper.o += -I$(objtree)/usr/include
HOSTCFLAGS_dropper.o += -idirafter $(objtree)/include
dropper-objs := dropper.o

HOSTCFLAGS_bpf-direct.o += -I$(objtree)/usr/include
HOSTCFLAGS_bpf-direct.o += -idirafter $(objtree)/include
bpf-direct-objs := bpf-direct.o

# Try to match the kernel target.
ifndef CROSS_COMPILE
ifndef CONFIG_64BIT

# s390 has -m31 flag to build 31 bit binaries
ifndef CONFIG_S390
MFLAG = -m32
else
MFLAG = -m31
endif

HOSTCFLAGS_bpf-direct.o += $(MFLAG)
HOSTCFLAGS_dropper.o += $(MFLAG)
HOSTCFLAGS_bpf-helper.o += $(MFLAG)
HOSTCFLAGS_bpf-fancy.o += $(MFLAG)
HOSTLOADLIBES_bpf-direct += $(MFLAG)
HOSTLOADLIBES_bpf-fancy += $(MFLAG)
HOSTLOADLIBES_dropper += $(MFLAG)
endif
always := $(hostprogs-y)
else
# MIPS system calls are defined based on the -mabi that is passed
# to the toolchain which may or may not be a valid option
# for the host toolchain. So disable tests if target architecture
# is MIPS but the host isn't.
ifndef CONFIG_MIPS
always := $(hostprogs-y)
endif
endif
Documentation: prctl/seccomp_filter Documents how system call filtering using Berkeley Packet Filter programs works and how it may be used. Includes an example for x86 and a semi-generic example using a macro-based code generator. Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> v18: - added acked by - update no new privs numbers v17: - remove @compat note and add Pitfalls section for arch checking (keescook@chromium.org) v16: - v15: - v14: - rebase/nochanges v13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc v12: - comment on the ptrace_event use - update arch support comment - note the behavior of SECCOMP_RET_DATA when there are multiple filters (keescook@chromium.org) - lots of samples/ clean up incl 64-bit bpf-direct support (markus@chromium.org) - rebase to linux-next v11: - overhaul return value language, updates (keescook@chromium.org) - comment on do_exit(SIGSYS) v10: - update for SIGSYS - update for new seccomp_data layout - update for ptrace option use v9: - updated bpf-direct.c for SIGILL v8: - add PR_SET_NO_NEW_PRIVS to the samples. v7: - updated for all the new stuff in v7: TRAP, TRACE - only talk about PR_SET_SECCOMP now - fixed bad JLE32 check (coreyb@linux.vnet.ibm.com) - adds dropper.c: a simple system call disabler v6: - tweak the language to note the requirement of PR_SET_NO_NEW_PRIVS being called prior to use. (luto@mit.edu) v5: - update sample to use system call arguments - adds a "fancy" example using a macro-based generator - cleaned up bpf in the sample - update docs to mention arguments - fix prctl value (eparis@redhat.com) - language cleanup (rdunlap@xenotime.net) v4: - update for no_new_privs use - minor tweaks v3: - call out BPF <-> Berkeley Packet Filter (rdunlap@xenotime.net) - document use of tentative always-unprivileged - guard sample compilation for i386 and x86_64 v2: - move code to samples (corbet@lwn.net) Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-04-12 23:48:04 +02:00			`# kbuild trick to avoid linker error. Can be omitted if a module is built.`
			`obj- := dummy.o`

samples/seccomp: fix dependencies on arch macros This change fixes the compilation error triggered here for i386 allmodconfig in linux-next: http://kisskb.ellerman.id.au/kisskb/buildresult/6123842/ Logic attempting to predict the host architecture has been removed from the Makefile. Instead, the bpf-direct sample should now compile on any architecture, but if the architecture is not supported, it will compile a minimal main() function. This change also ensures the samples are not compiled when there is no seccomp filter support. (Note, I wasn't able to reproduce the error locally, but the existing approach was clearly flawed. This tweak should resolve your issue and avoid other future weirdness.) Reported-by: Paul Gortmaker <paul.gortmaker@windriver.com> Suggested-by: Kees Cook <keescook@chromium.org> Signed-off-by: Will Drewry <wad@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-04-19 02:50:25 +02:00			`hostprogs-$(CONFIG_SECCOMP_FILTER) := bpf-fancy dropper bpf-direct`
Documentation: prctl/seccomp_filter Documents how system call filtering using Berkeley Packet Filter programs works and how it may be used. Includes an example for x86 and a semi-generic example using a macro-based code generator. Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> v18: - added acked by - update no new privs numbers v17: - remove @compat note and add Pitfalls section for arch checking (keescook@chromium.org) v16: - v15: - v14: - rebase/nochanges v13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc v12: - comment on the ptrace_event use - update arch support comment - note the behavior of SECCOMP_RET_DATA when there are multiple filters (keescook@chromium.org) - lots of samples/ clean up incl 64-bit bpf-direct support (markus@chromium.org) - rebase to linux-next v11: - overhaul return value language, updates (keescook@chromium.org) - comment on do_exit(SIGSYS) v10: - update for SIGSYS - update for new seccomp_data layout - update for ptrace option use v9: - updated bpf-direct.c for SIGILL v8: - add PR_SET_NO_NEW_PRIVS to the samples. v7: - updated for all the new stuff in v7: TRAP, TRACE - only talk about PR_SET_SECCOMP now - fixed bad JLE32 check (coreyb@linux.vnet.ibm.com) - adds dropper.c: a simple system call disabler v6: - tweak the language to note the requirement of PR_SET_NO_NEW_PRIVS being called prior to use. (luto@mit.edu) v5: - update sample to use system call arguments - adds a "fancy" example using a macro-based generator - cleaned up bpf in the sample - update docs to mention arguments - fix prctl value (eparis@redhat.com) - language cleanup (rdunlap@xenotime.net) v4: - update for no_new_privs use - minor tweaks v3: - call out BPF <-> Berkeley Packet Filter (rdunlap@xenotime.net) - document use of tentative always-unprivileged - guard sample compilation for i386 and x86_64 v2: - move code to samples (corbet@lwn.net) Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-04-12 23:48:04 +02:00
			`HOSTCFLAGS_bpf-fancy.o += -I$(objtree)/usr/include`
			`HOSTCFLAGS_bpf-fancy.o += -idirafter $(objtree)/include`
			`HOSTCFLAGS_bpf-helper.o += -I$(objtree)/usr/include`
			`HOSTCFLAGS_bpf-helper.o += -idirafter $(objtree)/include`
samples/seccomp: fix dependencies on arch macros This change fixes the compilation error triggered here for i386 allmodconfig in linux-next: http://kisskb.ellerman.id.au/kisskb/buildresult/6123842/ Logic attempting to predict the host architecture has been removed from the Makefile. Instead, the bpf-direct sample should now compile on any architecture, but if the architecture is not supported, it will compile a minimal main() function. This change also ensures the samples are not compiled when there is no seccomp filter support. (Note, I wasn't able to reproduce the error locally, but the existing approach was clearly flawed. This tweak should resolve your issue and avoid other future weirdness.) Reported-by: Paul Gortmaker <paul.gortmaker@windriver.com> Suggested-by: Kees Cook <keescook@chromium.org> Signed-off-by: Will Drewry <wad@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-04-19 02:50:25 +02:00			`bpf-fancy-objs := bpf-fancy.o bpf-helper.o`
Documentation: prctl/seccomp_filter Documents how system call filtering using Berkeley Packet Filter programs works and how it may be used. Includes an example for x86 and a semi-generic example using a macro-based code generator. Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> v18: - added acked by - update no new privs numbers v17: - remove @compat note and add Pitfalls section for arch checking (keescook@chromium.org) v16: - v15: - v14: - rebase/nochanges v13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc v12: - comment on the ptrace_event use - update arch support comment - note the behavior of SECCOMP_RET_DATA when there are multiple filters (keescook@chromium.org) - lots of samples/ clean up incl 64-bit bpf-direct support (markus@chromium.org) - rebase to linux-next v11: - overhaul return value language, updates (keescook@chromium.org) - comment on do_exit(SIGSYS) v10: - update for SIGSYS - update for new seccomp_data layout - update for ptrace option use v9: - updated bpf-direct.c for SIGILL v8: - add PR_SET_NO_NEW_PRIVS to the samples. v7: - updated for all the new stuff in v7: TRAP, TRACE - only talk about PR_SET_SECCOMP now - fixed bad JLE32 check (coreyb@linux.vnet.ibm.com) - adds dropper.c: a simple system call disabler v6: - tweak the language to note the requirement of PR_SET_NO_NEW_PRIVS being called prior to use. (luto@mit.edu) v5: - update sample to use system call arguments - adds a "fancy" example using a macro-based generator - cleaned up bpf in the sample - update docs to mention arguments - fix prctl value (eparis@redhat.com) - language cleanup (rdunlap@xenotime.net) v4: - update for no_new_privs use - minor tweaks v3: - call out BPF <-> Berkeley Packet Filter (rdunlap@xenotime.net) - document use of tentative always-unprivileged - guard sample compilation for i386 and x86_64 v2: - move code to samples (corbet@lwn.net) Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-04-12 23:48:04 +02:00
			`HOSTCFLAGS_dropper.o += -I$(objtree)/usr/include`
			`HOSTCFLAGS_dropper.o += -idirafter $(objtree)/include`
			`dropper-objs := dropper.o`

			`HOSTCFLAGS_bpf-direct.o += -I$(objtree)/usr/include`
			`HOSTCFLAGS_bpf-direct.o += -idirafter $(objtree)/include`
samples/seccomp: fix dependencies on arch macros This change fixes the compilation error triggered here for i386 allmodconfig in linux-next: http://kisskb.ellerman.id.au/kisskb/buildresult/6123842/ Logic attempting to predict the host architecture has been removed from the Makefile. Instead, the bpf-direct sample should now compile on any architecture, but if the architecture is not supported, it will compile a minimal main() function. This change also ensures the samples are not compiled when there is no seccomp filter support. (Note, I wasn't able to reproduce the error locally, but the existing approach was clearly flawed. This tweak should resolve your issue and avoid other future weirdness.) Reported-by: Paul Gortmaker <paul.gortmaker@windriver.com> Suggested-by: Kees Cook <keescook@chromium.org> Signed-off-by: Will Drewry <wad@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-04-19 02:50:25 +02:00			`bpf-direct-objs := bpf-direct.o`
Documentation: prctl/seccomp_filter Documents how system call filtering using Berkeley Packet Filter programs works and how it may be used. Includes an example for x86 and a semi-generic example using a macro-based code generator. Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> v18: - added acked by - update no new privs numbers v17: - remove @compat note and add Pitfalls section for arch checking (keescook@chromium.org) v16: - v15: - v14: - rebase/nochanges v13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc v12: - comment on the ptrace_event use - update arch support comment - note the behavior of SECCOMP_RET_DATA when there are multiple filters (keescook@chromium.org) - lots of samples/ clean up incl 64-bit bpf-direct support (markus@chromium.org) - rebase to linux-next v11: - overhaul return value language, updates (keescook@chromium.org) - comment on do_exit(SIGSYS) v10: - update for SIGSYS - update for new seccomp_data layout - update for ptrace option use v9: - updated bpf-direct.c for SIGILL v8: - add PR_SET_NO_NEW_PRIVS to the samples. v7: - updated for all the new stuff in v7: TRAP, TRACE - only talk about PR_SET_SECCOMP now - fixed bad JLE32 check (coreyb@linux.vnet.ibm.com) - adds dropper.c: a simple system call disabler v6: - tweak the language to note the requirement of PR_SET_NO_NEW_PRIVS being called prior to use. (luto@mit.edu) v5: - update sample to use system call arguments - adds a "fancy" example using a macro-based generator - cleaned up bpf in the sample - update docs to mention arguments - fix prctl value (eparis@redhat.com) - language cleanup (rdunlap@xenotime.net) v4: - update for no_new_privs use - minor tweaks v3: - call out BPF <-> Berkeley Packet Filter (rdunlap@xenotime.net) - document use of tentative always-unprivileged - guard sample compilation for i386 and x86_64 v2: - move code to samples (corbet@lwn.net) Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-04-12 23:48:04 +02:00
			`# Try to match the kernel target.`
samples/seccomp: be less stupid about cross compiling The seccomp filters are currently built for the build host, not for the machine that they are going to run on, but they are also built for with the -m32 flag if the kernel is built for a 32 bit machine, both of which seems rather odd. It broke allyesconfig on my machine, which is x86-64, but building for 32 bit ARM, with this error message: In file included from /usr/include/stdio.h:28:0, from samples/seccomp/bpf-fancy.c:15: /usr/include/features.h:324:26: fatal error: bits/predefs.h: No such file or directory because there are no 32 bit libc headers installed on this machine. We should really be building all the samples for the target machine rather than the build host, but since the infrastructure for that appears to be missing right now, let's be a little bit smarter and not pass the '-m32' flag to the HOSTCC when cross- compiling. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-by: Kees Cook <keescook@chromium.org> Cc: Heiko Carstens <heiko.carstens@de.ibm.com> Cc: James Morris <james.l.morris@oracle.com> Acked-by: Will Drewry <wad@chromium.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2013-02-04 23:28:52 +01:00			`ifndef CROSS_COMPILE`
samples/seccomp/Makefile: do not build tests if cross-compiling for MIPS The Makefile is designed to use the host toolchain so it may be unsafe to build the tests if the kernel has been configured and built for another architecture. This fixes a build problem when the kernel has been configured and built for the MIPS architecture but the host is not MIPS (cross-compiled). The MIPS syscalls are only defined if one of the following is true: 1) _MIPS_SIM == _MIPS_SIM_ABI64 2) _MIPS_SIM == _MIPS_SIM_ABI32 3) _MIPS_SIM == _MIPS_SIM_NABI32 Of course, none of these make sense on a non-MIPS toolchain and the following build problem occurs when building on a non-MIPS host. linux/usr/include/linux/kexec.h:50: userspace cannot reference function or variable defined in the kernel samples/seccomp/bpf-direct.c: In function `emulator': samples/seccomp/bpf-direct.c:76:17: error: `__NR_write' undeclared (first use in this function) Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Reported-by: Paul Gortmaker <paul.gortmaker@windriver.com> Cc: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2014-04-03 23:48:32 +02:00			`ifndef CONFIG_64BIT`
samples/seccomp: fix 31 bit build on s390 On s390 the flag to force 31 builds is -m31 instead of -m32 unlike on all (?) other architectures. Fixes this compile error: HOSTCC samples/seccomp/bpf-direct.o cc1: error: unrecognized command line option "-m32" make[2]: *** [samples/seccomp/bpf-direct.o] Error 1 Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-09-08 10:23:42 +02:00
			`# s390 has -m31 flag to build 31 bit binaries`
			`ifndef CONFIG_S390`
			`MFLAG = -m32`
			`else`
			`MFLAG = -m31`
			`endif`

			`HOSTCFLAGS_bpf-direct.o += $(MFLAG)`
			`HOSTCFLAGS_dropper.o += $(MFLAG)`
			`HOSTCFLAGS_bpf-helper.o += $(MFLAG)`
			`HOSTCFLAGS_bpf-fancy.o += $(MFLAG)`
			`HOSTLOADLIBES_bpf-direct += $(MFLAG)`
			`HOSTLOADLIBES_bpf-fancy += $(MFLAG)`
			`HOSTLOADLIBES_dropper += $(MFLAG)`
Documentation: prctl/seccomp_filter Documents how system call filtering using Berkeley Packet Filter programs works and how it may be used. Includes an example for x86 and a semi-generic example using a macro-based code generator. Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: Will Drewry <wad@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> v18: - added acked by - update no new privs numbers v17: - remove @compat note and add Pitfalls section for arch checking (keescook@chromium.org) v16: - v15: - v14: - rebase/nochanges v13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc v12: - comment on the ptrace_event use - update arch support comment - note the behavior of SECCOMP_RET_DATA when there are multiple filters (keescook@chromium.org) - lots of samples/ clean up incl 64-bit bpf-direct support (markus@chromium.org) - rebase to linux-next v11: - overhaul return value language, updates (keescook@chromium.org) - comment on do_exit(SIGSYS) v10: - update for SIGSYS - update for new seccomp_data layout - update for ptrace option use v9: - updated bpf-direct.c for SIGILL v8: - add PR_SET_NO_NEW_PRIVS to the samples. v7: - updated for all the new stuff in v7: TRAP, TRACE - only talk about PR_SET_SECCOMP now - fixed bad JLE32 check (coreyb@linux.vnet.ibm.com) - adds dropper.c: a simple system call disabler v6: - tweak the language to note the requirement of PR_SET_NO_NEW_PRIVS being called prior to use. (luto@mit.edu) v5: - update sample to use system call arguments - adds a "fancy" example using a macro-based generator - cleaned up bpf in the sample - update docs to mention arguments - fix prctl value (eparis@redhat.com) - language cleanup (rdunlap@xenotime.net) v4: - update for no_new_privs use - minor tweaks v3: - call out BPF <-> Berkeley Packet Filter (rdunlap@xenotime.net) - document use of tentative always-unprivileged - guard sample compilation for i386 and x86_64 v2: - move code to samples (corbet@lwn.net) Signed-off-by: James Morris <james.l.morris@oracle.com> 2012-04-12 23:48:04 +02:00			`endif`
			`always := $(hostprogs-y)`
samples/seccomp/Makefile: do not build tests if cross-compiling for MIPS The Makefile is designed to use the host toolchain so it may be unsafe to build the tests if the kernel has been configured and built for another architecture. This fixes a build problem when the kernel has been configured and built for the MIPS architecture but the host is not MIPS (cross-compiled). The MIPS syscalls are only defined if one of the following is true: 1) _MIPS_SIM == _MIPS_SIM_ABI64 2) _MIPS_SIM == _MIPS_SIM_ABI32 3) _MIPS_SIM == _MIPS_SIM_NABI32 Of course, none of these make sense on a non-MIPS toolchain and the following build problem occurs when building on a non-MIPS host. linux/usr/include/linux/kexec.h:50: userspace cannot reference function or variable defined in the kernel samples/seccomp/bpf-direct.c: In function `emulator': samples/seccomp/bpf-direct.c:76:17: error: `__NR_write' undeclared (first use in this function) Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Reported-by: Paul Gortmaker <paul.gortmaker@windriver.com> Cc: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2014-04-03 23:48:32 +02:00			`else`
			`# MIPS system calls are defined based on the -mabi that is passed`
			`# to the toolchain which may or may not be a valid option`
			`# for the host toolchain. So disable tests if target architecture`
			`# is MIPS but the host isn't.`
			`ifndef CONFIG_MIPS`
			`always := $(hostprogs-y)`
			`endif`
			`endif`