diff options
Diffstat (limited to 'samples/seccomp/bpf-helper.h')
-rw-r--r-- | samples/seccomp/bpf-helper.h | 125 |
1 files changed, 72 insertions, 53 deletions
diff --git a/samples/seccomp/bpf-helper.h b/samples/seccomp/bpf-helper.h index 38ee70f3cd5b..1d8de9edd858 100644 --- a/samples/seccomp/bpf-helper.h +++ b/samples/seccomp/bpf-helper.h | |||
@@ -138,7 +138,7 @@ union arg64 { | |||
138 | #define ARG_32(idx) \ | 138 | #define ARG_32(idx) \ |
139 | BPF_STMT(BPF_LD+BPF_W+BPF_ABS, LO_ARG(idx)) | 139 | BPF_STMT(BPF_LD+BPF_W+BPF_ABS, LO_ARG(idx)) |
140 | 140 | ||
141 | /* Loads hi into A and lo in X */ | 141 | /* Loads lo into M[0] and hi into M[1] and A */ |
142 | #define ARG_64(idx) \ | 142 | #define ARG_64(idx) \ |
143 | BPF_STMT(BPF_LD+BPF_W+BPF_ABS, LO_ARG(idx)), \ | 143 | BPF_STMT(BPF_LD+BPF_W+BPF_ABS, LO_ARG(idx)), \ |
144 | BPF_STMT(BPF_ST, 0), /* lo -> M[0] */ \ | 144 | BPF_STMT(BPF_ST, 0), /* lo -> M[0] */ \ |
@@ -153,88 +153,107 @@ union arg64 { | |||
153 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (value), 1, 0), \ | 153 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (value), 1, 0), \ |
154 | jt | 154 | jt |
155 | 155 | ||
156 | /* Checks the lo, then swaps to check the hi. A=lo,X=hi */ | 156 | #define JA32(value, jt) \ |
157 | BPF_JUMP(BPF_JMP+BPF_JSET+BPF_K, (value), 0, 1), \ | ||
158 | jt | ||
159 | |||
160 | #define JGE32(value, jt) \ | ||
161 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (value), 0, 1), \ | ||
162 | jt | ||
163 | |||
164 | #define JGT32(value, jt) \ | ||
165 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (value), 0, 1), \ | ||
166 | jt | ||
167 | |||
168 | #define JLE32(value, jt) \ | ||
169 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (value), 1, 0), \ | ||
170 | jt | ||
171 | |||
172 | #define JLT32(value, jt) \ | ||
173 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (value), 1, 0), \ | ||
174 | jt | ||
175 | |||
176 | /* | ||
177 | * All the JXX64 checks assume lo is saved in M[0] and hi is saved in both | ||
178 | * A and M[1]. This invariant is kept by restoring A if necessary. | ||
179 | */ | ||
157 | #define JEQ64(lo, hi, jt) \ | 180 | #define JEQ64(lo, hi, jt) \ |
181 | /* if (hi != arg.hi) goto NOMATCH; */ \ | ||
158 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 5), \ | 182 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 5), \ |
159 | BPF_STMT(BPF_LD+BPF_MEM, 0), /* swap in lo */ \ | 183 | BPF_STMT(BPF_LD+BPF_MEM, 0), /* swap in lo */ \ |
184 | /* if (lo != arg.lo) goto NOMATCH; */ \ | ||
160 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (lo), 0, 2), \ | 185 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (lo), 0, 2), \ |
161 | BPF_STMT(BPF_LD+BPF_MEM, 1), /* passed: swap hi back in */ \ | 186 | BPF_STMT(BPF_LD+BPF_MEM, 1), \ |
162 | jt, \ | 187 | jt, \ |
163 | BPF_STMT(BPF_LD+BPF_MEM, 1) /* failed: swap hi back in */ | 188 | BPF_STMT(BPF_LD+BPF_MEM, 1) |
164 | 189 | ||
165 | #define JNE64(lo, hi, jt) \ | 190 | #define JNE64(lo, hi, jt) \ |
166 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 5, 0), \ | 191 | /* if (hi != arg.hi) goto MATCH; */ \ |
167 | BPF_STMT(BPF_LD+BPF_MEM, 0), /* swap in lo */ \ | 192 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 3), \ |
193 | BPF_STMT(BPF_LD+BPF_MEM, 0), \ | ||
194 | /* if (lo != arg.lo) goto MATCH; */ \ | ||
168 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (lo), 2, 0), \ | 195 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (lo), 2, 0), \ |
169 | BPF_STMT(BPF_LD+BPF_MEM, 1), /* passed: swap hi back in */ \ | 196 | BPF_STMT(BPF_LD+BPF_MEM, 1), \ |
170 | jt, \ | 197 | jt, \ |
171 | BPF_STMT(BPF_LD+BPF_MEM, 1) /* failed: swap hi back in */ | 198 | BPF_STMT(BPF_LD+BPF_MEM, 1) |
172 | |||
173 | #define JA32(value, jt) \ | ||
174 | BPF_JUMP(BPF_JMP+BPF_JSET+BPF_K, (value), 0, 1), \ | ||
175 | jt | ||
176 | 199 | ||
177 | #define JA64(lo, hi, jt) \ | 200 | #define JA64(lo, hi, jt) \ |
201 | /* if (hi & arg.hi) goto MATCH; */ \ | ||
178 | BPF_JUMP(BPF_JMP+BPF_JSET+BPF_K, (hi), 3, 0), \ | 202 | BPF_JUMP(BPF_JMP+BPF_JSET+BPF_K, (hi), 3, 0), \ |
179 | BPF_STMT(BPF_LD+BPF_MEM, 0), /* swap in lo */ \ | 203 | BPF_STMT(BPF_LD+BPF_MEM, 0), \ |
204 | /* if (lo & arg.lo) goto MATCH; */ \ | ||
180 | BPF_JUMP(BPF_JMP+BPF_JSET+BPF_K, (lo), 0, 2), \ | 205 | BPF_JUMP(BPF_JMP+BPF_JSET+BPF_K, (lo), 0, 2), \ |
181 | BPF_STMT(BPF_LD+BPF_MEM, 1), /* passed: swap hi back in */ \ | 206 | BPF_STMT(BPF_LD+BPF_MEM, 1), \ |
182 | jt, \ | 207 | jt, \ |
183 | BPF_STMT(BPF_LD+BPF_MEM, 1) /* failed: swap hi back in */ | 208 | BPF_STMT(BPF_LD+BPF_MEM, 1) |
184 | 209 | ||
185 | #define JGE32(value, jt) \ | ||
186 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (value), 0, 1), \ | ||
187 | jt | ||
188 | |||
189 | #define JLT32(value, jt) \ | ||
190 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (value), 1, 0), \ | ||
191 | jt | ||
192 | |||
193 | /* Shortcut checking if hi > arg.hi. */ | ||
194 | #define JGE64(lo, hi, jt) \ | 210 | #define JGE64(lo, hi, jt) \ |
211 | /* if (hi > arg.hi) goto MATCH; */ \ | ||
195 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (hi), 4, 0), \ | 212 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (hi), 4, 0), \ |
213 | /* if (hi != arg.hi) goto NOMATCH; */ \ | ||
196 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 5), \ | 214 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 5), \ |
197 | BPF_STMT(BPF_LD+BPF_MEM, 0), /* swap in lo */ \ | 215 | BPF_STMT(BPF_LD+BPF_MEM, 0), \ |
216 | /* if (lo >= arg.lo) goto MATCH; */ \ | ||
198 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (lo), 0, 2), \ | 217 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (lo), 0, 2), \ |
199 | BPF_STMT(BPF_LD+BPF_MEM, 1), /* passed: swap hi back in */ \ | 218 | BPF_STMT(BPF_LD+BPF_MEM, 1), \ |
200 | jt, \ | ||
201 | BPF_STMT(BPF_LD+BPF_MEM, 1) /* failed: swap hi back in */ | ||
202 | |||
203 | #define JLT64(lo, hi, jt) \ | ||
204 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (hi), 0, 4), \ | ||
205 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 5), \ | ||
206 | BPF_STMT(BPF_LD+BPF_MEM, 0), /* swap in lo */ \ | ||
207 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (lo), 2, 0), \ | ||
208 | BPF_STMT(BPF_LD+BPF_MEM, 1), /* passed: swap hi back in */ \ | ||
209 | jt, \ | 219 | jt, \ |
210 | BPF_STMT(BPF_LD+BPF_MEM, 1) /* failed: swap hi back in */ | 220 | BPF_STMT(BPF_LD+BPF_MEM, 1) |
211 | 221 | ||
212 | #define JGT32(value, jt) \ | ||
213 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (value), 0, 1), \ | ||
214 | jt | ||
215 | |||
216 | #define JLE32(value, jt) \ | ||
217 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (value), 1, 0), \ | ||
218 | jt | ||
219 | |||
220 | /* Check hi > args.hi first, then do the GE checking */ | ||
221 | #define JGT64(lo, hi, jt) \ | 222 | #define JGT64(lo, hi, jt) \ |
223 | /* if (hi > arg.hi) goto MATCH; */ \ | ||
222 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (hi), 4, 0), \ | 224 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (hi), 4, 0), \ |
225 | /* if (hi != arg.hi) goto NOMATCH; */ \ | ||
223 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 5), \ | 226 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 5), \ |
224 | BPF_STMT(BPF_LD+BPF_MEM, 0), /* swap in lo */ \ | 227 | BPF_STMT(BPF_LD+BPF_MEM, 0), \ |
228 | /* if (lo > arg.lo) goto MATCH; */ \ | ||
225 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (lo), 0, 2), \ | 229 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (lo), 0, 2), \ |
226 | BPF_STMT(BPF_LD+BPF_MEM, 1), /* passed: swap hi back in */ \ | 230 | BPF_STMT(BPF_LD+BPF_MEM, 1), \ |
227 | jt, \ | 231 | jt, \ |
228 | BPF_STMT(BPF_LD+BPF_MEM, 1) /* failed: swap hi back in */ | 232 | BPF_STMT(BPF_LD+BPF_MEM, 1) |
229 | 233 | ||
230 | #define JLE64(lo, hi, jt) \ | 234 | #define JLE64(lo, hi, jt) \ |
231 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (hi), 6, 0), \ | 235 | /* if (hi < arg.hi) goto MATCH; */ \ |
232 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 3), \ | 236 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (hi), 0, 4), \ |
233 | BPF_STMT(BPF_LD+BPF_MEM, 0), /* swap in lo */ \ | 237 | /* if (hi != arg.hi) goto NOMATCH; */ \ |
238 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 5), \ | ||
239 | BPF_STMT(BPF_LD+BPF_MEM, 0), \ | ||
240 | /* if (lo <= arg.lo) goto MATCH; */ \ | ||
234 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (lo), 2, 0), \ | 241 | BPF_JUMP(BPF_JMP+BPF_JGT+BPF_K, (lo), 2, 0), \ |
235 | BPF_STMT(BPF_LD+BPF_MEM, 1), /* passed: swap hi back in */ \ | 242 | BPF_STMT(BPF_LD+BPF_MEM, 1), \ |
243 | jt, \ | ||
244 | BPF_STMT(BPF_LD+BPF_MEM, 1) | ||
245 | |||
246 | #define JLT64(lo, hi, jt) \ | ||
247 | /* if (hi < arg.hi) goto MATCH; */ \ | ||
248 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (hi), 0, 4), \ | ||
249 | /* if (hi != arg.hi) goto NOMATCH; */ \ | ||
250 | BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, (hi), 0, 5), \ | ||
251 | BPF_STMT(BPF_LD+BPF_MEM, 0), \ | ||
252 | /* if (lo < arg.lo) goto MATCH; */ \ | ||
253 | BPF_JUMP(BPF_JMP+BPF_JGE+BPF_K, (lo), 2, 0), \ | ||
254 | BPF_STMT(BPF_LD+BPF_MEM, 1), \ | ||
236 | jt, \ | 255 | jt, \ |
237 | BPF_STMT(BPF_LD+BPF_MEM, 1) /* failed: swap hi back in */ | 256 | BPF_STMT(BPF_LD+BPF_MEM, 1) |
238 | 257 | ||
239 | #define LOAD_SYSCALL_NR \ | 258 | #define LOAD_SYSCALL_NR \ |
240 | BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ | 259 | BPF_STMT(BPF_LD+BPF_W+BPF_ABS, \ |