1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "sandbox/linux/bpf_dsl/dump_bpf.h"
6
7 #include <inttypes.h>
8 #include <stddef.h>
9 #include <stdint.h>
10 #include <stdio.h>
11
12 #include <string>
13
14 #include "base/strings/stringprintf.h"
15 #include "sandbox/linux/bpf_dsl/codegen.h"
16 #include "sandbox/linux/bpf_dsl/seccomp_macros.h"
17 #include "sandbox/linux/bpf_dsl/trap_registry.h"
18 #include "sandbox/linux/system_headers/linux_filter.h"
19 #include "sandbox/linux/system_headers/linux_seccomp.h"
20
21 namespace sandbox {
22 namespace bpf_dsl {
23
24 namespace {
25
AluOpToken(uint32_t code)26 const char* AluOpToken(uint32_t code) {
27 switch (BPF_OP(code)) {
28 case BPF_ADD:
29 return "+";
30 case BPF_SUB:
31 return "-";
32 case BPF_MUL:
33 return "*";
34 case BPF_DIV:
35 return "/";
36 case BPF_MOD:
37 return "%";
38 case BPF_OR:
39 return "|";
40 case BPF_XOR:
41 return "^";
42 case BPF_AND:
43 return "&";
44 case BPF_LSH:
45 return "<<";
46 case BPF_RSH:
47 return ">>";
48 default:
49 return "???";
50 }
51 }
52
JmpOpToken(uint32_t code)53 const char* JmpOpToken(uint32_t code) {
54 switch (BPF_OP(code)) {
55 case BPF_JSET:
56 return "&";
57 case BPF_JEQ:
58 return "==";
59 case BPF_JGE:
60 return ">=";
61 default:
62 return "???";
63 }
64 }
65
DataOffsetName(size_t off)66 const char* DataOffsetName(size_t off) {
67 switch (off) {
68 case SECCOMP_NR_IDX:
69 return "System call number";
70 case SECCOMP_ARCH_IDX:
71 return "Architecture";
72 case SECCOMP_IP_LSB_IDX:
73 return "Instruction pointer (LSB)";
74 case SECCOMP_IP_MSB_IDX:
75 return "Instruction pointer (MSB)";
76 default:
77 return "???";
78 }
79 }
80
AppendInstruction(std::string * dst,size_t pc,const sock_filter & insn)81 void AppendInstruction(std::string* dst, size_t pc, const sock_filter& insn) {
82 base::StringAppendF(dst, "%3zu) ", pc);
83 switch (BPF_CLASS(insn.code)) {
84 case BPF_LD:
85 if (insn.code == BPF_LD + BPF_W + BPF_ABS) {
86 base::StringAppendF(dst, "LOAD %" PRIu32 " // ", insn.k);
87 size_t maybe_argno =
88 (insn.k - offsetof(struct arch_seccomp_data, args)) /
89 sizeof(uint64_t);
90 if (maybe_argno < 6 && insn.k == SECCOMP_ARG_LSB_IDX(maybe_argno)) {
91 base::StringAppendF(dst, "Argument %zu (LSB)\n", maybe_argno);
92 } else if (maybe_argno < 6 &&
93 insn.k == SECCOMP_ARG_MSB_IDX(maybe_argno)) {
94 base::StringAppendF(dst, "Argument %zu (MSB)\n", maybe_argno);
95 } else {
96 base::StringAppendF(dst, "%s\n", DataOffsetName(insn.k));
97 }
98 } else {
99 base::StringAppendF(dst, "Load ???\n");
100 }
101 break;
102 case BPF_JMP:
103 if (BPF_OP(insn.code) == BPF_JA) {
104 base::StringAppendF(dst, "JMP %zu\n", pc + insn.k + 1);
105 } else {
106 base::StringAppendF(
107 dst, "if A %s 0x%" PRIx32 "; then JMP %zu else JMP %zu\n",
108 JmpOpToken(insn.code), insn.k, pc + insn.jt + 1, pc + insn.jf + 1);
109 }
110 break;
111 case BPF_RET:
112 base::StringAppendF(dst, "RET 0x%" PRIx32 " // ", insn.k);
113 if ((insn.k & SECCOMP_RET_ACTION) == SECCOMP_RET_TRAP) {
114 base::StringAppendF(dst, "Trap #%" PRIu32 "\n",
115 insn.k & SECCOMP_RET_DATA);
116 } else if ((insn.k & SECCOMP_RET_ACTION) == SECCOMP_RET_ERRNO) {
117 base::StringAppendF(dst, "errno = %" PRIu32 "\n",
118 insn.k & SECCOMP_RET_DATA);
119 } else if ((insn.k & SECCOMP_RET_ACTION) == SECCOMP_RET_TRACE) {
120 base::StringAppendF(dst, "Trace #%" PRIu32 "\n",
121 insn.k & SECCOMP_RET_DATA);
122 } else if (insn.k == SECCOMP_RET_ALLOW) {
123 base::StringAppendF(dst, "Allowed\n");
124 } else if (insn.k == SECCOMP_RET_KILL) {
125 base::StringAppendF(dst, "Kill\n");
126 } else {
127 base::StringAppendF(dst, "???\n");
128 }
129 break;
130 case BPF_ALU:
131 if (BPF_OP(insn.code) == BPF_NEG) {
132 base::StringAppendF(dst, "A := -A\n");
133 } else {
134 base::StringAppendF(dst, "A := A %s 0x%" PRIx32 "\n",
135 AluOpToken(insn.code), insn.k);
136 }
137 break;
138 default:
139 base::StringAppendF(dst, "???\n");
140 break;
141 }
142 }
143
144 } // namespace
145
PrintProgram(const CodeGen::Program & program)146 void DumpBPF::PrintProgram(const CodeGen::Program& program) {
147 fputs(StringPrintProgram(program).c_str(), stderr);
148 }
149
StringPrintProgram(const CodeGen::Program & program)150 std::string DumpBPF::StringPrintProgram(const CodeGen::Program& program) {
151 std::string res;
152 for (size_t i = 0; i < program.size(); i++) {
153 AppendInstruction(&res, i + 1, program[i]);
154 }
155 return res;
156 }
157
158 } // namespace bpf_dsl
159 } // namespace sandbox
160