| // SPDX-License-Identifier: GPL-2.0 |
| #include <stdio.h> |
| #include <linux/bpf.h> |
| #include <unistd.h> |
| #include <linux/filter.h> |
| #include <linux/seccomp.h> |
| #include <sys/prctl.h> |
| #include <bpf/bpf.h> |
| #include "bpf_load.h" |
| #include <sys/resource.h> |
| #include "trace_helpers.h" |
| |
| /* install fake seccomp program to enable seccomp code path inside the kernel, |
| * so that our kprobe attached to seccomp_phase1() can be triggered |
| */ |
| static void install_accept_all_seccomp(void) |
| { |
| struct sock_filter filter[] = { |
| BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW), |
| }; |
| struct sock_fprog prog = { |
| .len = (unsigned short)(sizeof(filter)/sizeof(filter[0])), |
| .filter = filter, |
| }; |
| if (prctl(PR_SET_SECCOMP, 2, &prog)) |
| perror("prctl"); |
| } |
| |
| int main(int ac, char **argv) |
| { |
| FILE *f; |
| char filename[256]; |
| struct rlimit r = {RLIM_INFINITY, RLIM_INFINITY}; |
| |
| snprintf(filename, sizeof(filename), "%s_kern.o", argv[0]); |
| setrlimit(RLIMIT_MEMLOCK, &r); |
| |
| if (load_bpf_file(filename)) { |
| printf("%s", bpf_log_buf); |
| return 1; |
| } |
| |
| install_accept_all_seccomp(); |
| |
| f = popen("dd if=/dev/zero of=/dev/null count=5", "r"); |
| (void) f; |
| |
| read_trace_pipe(); |
| |
| return 0; |
| } |