1 // Copyright 2022 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 #ifndef SANDBOXED_API_SANDBOX2_UTIL_SYSCALL_TRAP_H_ 16 #define SANDBOXED_API_SANDBOX2_UTIL_SYSCALL_TRAP_H_ 17 18 #include <array> 19 #include <csignal> 20 #include <cstdint> 21 22 namespace sandbox2 { 23 24 // Helper class for intercepting syscalls via SECCCOMP_RET_TRAP. 25 class SyscallTrap { 26 public: 27 static constexpr int kSyscallArgs = 6; 28 using Args = std::array<uintptr_t, kSyscallArgs>; 29 30 // Installs the syscall trap handler. 31 // Returns false if the handler could not be installed. 32 static bool Install(bool (*handler)(int nr, Args args, uintptr_t* result)); 33 34 private: 35 static void SignalHandler(int nr, siginfo_t* info, void* context); 36 SyscallTrap(bool (* handler)(int nr,Args args,uintptr_t * result))37 explicit SyscallTrap(bool (*handler)(int nr, Args args, uintptr_t* result)) 38 : handler_(handler) {} 39 void InvokeOldAct(int nr, siginfo_t* info, void* context); 40 void SignalHandlerImpl(int nr, siginfo_t* info, void* context); 41 42 struct sigaction oldact_; 43 bool (*handler_)(int nr, Args args, uintptr_t* result); 44 }; 45 46 } // namespace sandbox2 47 48 #endif // SANDBOXED_API_SANDBOX2_UTIL_SYSCALL_TRAP_H_ 49