From 1401ac7e7bc26fa979b6f90d4d6d2e03e556a617 Mon Sep 17 00:00:00 2001 From: utam0k Date: Wed, 17 Apr 2024 21:54:50 +0900 Subject: [PATCH 1/2] seccomp: Use offset_of! Signed-off-by: utam0k --- experiment/seccomp/src/instruction/arch.rs | 2 +- experiment/seccomp/src/instruction/consts.rs | 51 ++++++++++++++++++-- 2 files changed, 49 insertions(+), 4 deletions(-) diff --git a/experiment/seccomp/src/instruction/arch.rs b/experiment/seccomp/src/instruction/arch.rs index b7f209701..521a0828b 100644 --- a/experiment/seccomp/src/instruction/arch.rs +++ b/experiment/seccomp/src/instruction/arch.rs @@ -11,7 +11,7 @@ pub fn gen_validate(arc: &Arch) -> Vec { }; vec![ - Instruction::stmt(BPF_LD | BPF_W | BPF_ABS, SECCOMP_DATA_ARCH_OFFSET as u32), + Instruction::stmt(BPF_LD | BPF_W | BPF_ABS, seccomp_data_arch_offset() as u32), Instruction::jump(BPF_JMP | BPF_JEQ | BPF_K, 1, 0, arch), Instruction::stmt(BPF_RET | BPF_K, SECCOMP_RET_KILL_PROCESS), ] diff --git a/experiment/seccomp/src/instruction/consts.rs b/experiment/seccomp/src/instruction/consts.rs index ddd2c250a..447af71d2 100644 --- a/experiment/seccomp/src/instruction/consts.rs +++ b/experiment/seccomp/src/instruction/consts.rs @@ -1,3 +1,5 @@ +use std::{mem::offset_of, os::raw::c_int}; + // BPF Instruction classes. // See /usr/include/linux/bpf_common.h . // Load operation. @@ -56,8 +58,51 @@ pub const AUDIT_ARCH_AARCH64: u32 = 183 | 0x8000_0000 | 0x4000_0000; // __u64 args[6]; // }; // ``` -pub const SECCOMP_DATA_ARCH_OFFSET: u8 = 4; -pub const SECCOMP_DATA_ARGS_OFFSET: u8 = 16; -pub const SECCOMP_DATA_ARG_SIZE: u8 = 8; + +#[repr(C)] +struct SeccompData { + nr: c_int, + arch: u32, + instruction_pointer: u64, + args: [u64; 6], +} + +pub const fn seccomp_data_arch_offset() -> u8 { + offset_of!(SeccompData, arch) as u8 +} + +pub const fn seccomp_data_arg_size_offset() -> u8 { + 8 +} + +pub const fn seccomp_data_args_offset() -> u8 { + offset_of!(SeccompData, args) as u8 +} pub const SECCOMP_IOC_MAGIC: u8 = b'!'; + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_seccomp_data_arch_offset() { + if cfg!(target_arch = "x86_64") { + assert_eq!(seccomp_data_arch_offset(), 4); + } + } + + #[test] + fn test_seccomp_data_arg_size_offset() { + if cfg!(target_arch = "x86_64") { + assert_eq!(seccomp_data_arg_size_offset(), 8); + } + } + + #[test] + fn test_seccomp_data_args_offset() { + if cfg!(target_arch = "x86_64") { + assert_eq!(seccomp_data_args_offset(), 16); + } + } +} From 2e4bc5f1b7a7ead5cd5931122b719a6dcf2d29b6 Mon Sep 17 00:00:00 2001 From: Toru Komatsu Date: Thu, 18 Apr 2024 21:11:26 +0900 Subject: [PATCH 2/2] Update experiment/seccomp/src/instruction/consts.rs Co-authored-by: Yashodhan <54112038+YJDoc2@users.noreply.github.com> --- experiment/seccomp/src/instruction/consts.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/experiment/seccomp/src/instruction/consts.rs b/experiment/seccomp/src/instruction/consts.rs index 447af71d2..4bd199363 100644 --- a/experiment/seccomp/src/instruction/consts.rs +++ b/experiment/seccomp/src/instruction/consts.rs @@ -71,7 +71,7 @@ pub const fn seccomp_data_arch_offset() -> u8 { offset_of!(SeccompData, arch) as u8 } -pub const fn seccomp_data_arg_size_offset() -> u8 { +pub const fn seccomp_data_arg_size() -> u8 { 8 }