1 files changed, 102 insertions, 0 deletions
diff --git a/src/faudit/syscall.c b/src/faudit/syscall.c
new file mode 100644
index 000000000..4cd2526ba
--- /dev/null
+++ b/src/faudit/syscall.c
@@ -0,0 +1,102 @@
+/*
+ * Copyright (C) 2014-2016 Firejail Authors
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#include "faudit.h"
+#include <sys/ptrace.h>
+#include <sys/swap.h>
+#if defined(__i386__) || defined(__x86_64__)
+#include <sys/io.h>
+#endif
+#include <sys/wait.h>
+extern int init_module(void *module_image, unsigned long len,
+                       const char *param_values);
+extern int finit_module(int fd, const char *param_values,
+                        int flags);
+extern int delete_module(const char *name, int flags);
+extern int pivot_root(const char *new_root, const char *put_old);
+void syscall_helper(int argc, char **argv) {
+        (void) argc;
+        
+        if (strcmp(argv[2], "mount") == 0) {
+                int rv = mount(NULL, NULL, NULL, 0, NULL);
+                (void) rv;
+                printf("\nUGLY: mount syscall permitted.\n");
+        }
+        else if (strcmp(argv[2], "umount2") == 0) {
+                umount2(NULL, 0);
+                printf("\nUGLY: umount2 syscall permitted.\n");
+        }
+        else if (strcmp(argv[2], "ptrace") == 0) {
+                ptrace(0, 0, NULL, NULL);
+                printf("\nUGLY: ptrace syscall permitted.\n");
+        }
+        else if (strcmp(argv[2], "swapon") == 0) {
+                swapon(NULL, 0);
+                printf("\nUGLY: swapon syscall permitted.\n");
+        }
+        else if (strcmp(argv[2], "swapoff") == 0) {
+                swapoff(NULL);
+                printf("\nUGLY: swapoff syscall permitted.\n");
+        }
+        else if (strcmp(argv[2], "init_module") == 0) {
+                init_module(NULL, 0, NULL);
+                printf("\nUGLY: init_module syscall permitted.\n");
+        }
+        else if (strcmp(argv[2], "delete_module") == 0) {
+                delete_module(NULL, 0);
+                printf("\nUGLY: delete_module syscall permitted.\n");
+        }
+        else if (strcmp(argv[2], "chroot") == 0) {
+                int rv = chroot("/blablabla-57281292");
+                (void) rv;
+                printf("\nUGLY: chroot syscall permitted.\n");
+        }
+        else if (strcmp(argv[2], "pivot_root") == 0) {
+                pivot_root(NULL, NULL);
+                printf("\nUGLY: pivot_root syscall permitted.\n");
+        }
+#if defined(__i386__) || defined(__x86_64__)
+        else if (strcmp(argv[2], "iopl") == 0) {
+                iopl(0L);
+                printf("\nUGLY: iopl syscall permitted.\n");
+        }
+        else if (strcmp(argv[2], "ioperm") == 0) {
+                ioperm(0, 0, 0);
+                printf("\nUGLY: ioperm syscall permitted.\n");
+        }
+#endif
+        exit(0);
+}
+void syscall_run(const char *name) {
+        assert(prog);
+        
+        pid_t child = fork();
+        if (child < 0)
+                errExit("fork");
+        if (child == 0) {
+                execl(prog, prog, "syscall", name, NULL);
+                perror("execl");
+                _exit(1);
+        }
+                
+        // wait for the child to finish
+        waitpid(child, NULL, 0);
+}

diff --git a/src/faudit/syscall.c b/src/faudit/syscall.c new file mode 100644 index 000000000..4cd2526ba --- /dev/null +++ b/src/faudit/syscall.c
@@ -0,0 +1,102 @@
	1	/*
	2	* Copyright (C) 2014-2016 Firejail Authors
	3	*
	4	* This file is part of firejail project
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
	10	*
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License along
	17	* with this program; if not, write to the Free Software Foundation, Inc.,
	18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	19	*/
	20	#include "faudit.h"
	21	#include <sys/ptrace.h>
	22	#include <sys/swap.h>
	23	#if defined(__i386__) \|\| defined(__x86_64__)
	24	#include <sys/io.h>
	25	#endif
	26	#include <sys/wait.h>
	27	extern int init_module(void *module_image, unsigned long len,
	28	const char *param_values);
	29	extern int finit_module(int fd, const char *param_values,
	30	int flags);
	31	extern int delete_module(const char *name, int flags);
	32	extern int pivot_root(const char new_root, const char put_old);
	33
	34	void syscall_helper(int argc, char **argv) {
	35	(void) argc;
	36
	37	if (strcmp(argv[2], "mount") == 0) {
	38	int rv = mount(NULL, NULL, NULL, 0, NULL);
	39	(void) rv;
	40	printf("\nUGLY: mount syscall permitted.\n");
	41	}
	42	else if (strcmp(argv[2], "umount2") == 0) {
	43	umount2(NULL, 0);
	44	printf("\nUGLY: umount2 syscall permitted.\n");
	45	}
	46	else if (strcmp(argv[2], "ptrace") == 0) {
	47	ptrace(0, 0, NULL, NULL);
	48	printf("\nUGLY: ptrace syscall permitted.\n");
	49	}
	50	else if (strcmp(argv[2], "swapon") == 0) {
	51	swapon(NULL, 0);
	52	printf("\nUGLY: swapon syscall permitted.\n");
	53	}
	54	else if (strcmp(argv[2], "swapoff") == 0) {
	55	swapoff(NULL);
	56	printf("\nUGLY: swapoff syscall permitted.\n");
	57	}
	58	else if (strcmp(argv[2], "init_module") == 0) {
	59	init_module(NULL, 0, NULL);
	60	printf("\nUGLY: init_module syscall permitted.\n");
	61	}
	62	else if (strcmp(argv[2], "delete_module") == 0) {
	63	delete_module(NULL, 0);
	64	printf("\nUGLY: delete_module syscall permitted.\n");
	65	}
	66	else if (strcmp(argv[2], "chroot") == 0) {
	67	int rv = chroot("/blablabla-57281292");
	68	(void) rv;
	69	printf("\nUGLY: chroot syscall permitted.\n");
	70	}
	71	else if (strcmp(argv[2], "pivot_root") == 0) {
	72	pivot_root(NULL, NULL);
	73	printf("\nUGLY: pivot_root syscall permitted.\n");
	74	}
	75	#if defined(__i386__) \|\| defined(__x86_64__)
	76	else if (strcmp(argv[2], "iopl") == 0) {
	77	iopl(0L);
	78	printf("\nUGLY: iopl syscall permitted.\n");
	79	}
	80	else if (strcmp(argv[2], "ioperm") == 0) {
	81	ioperm(0, 0, 0);
	82	printf("\nUGLY: ioperm syscall permitted.\n");
	83	}
	84	#endif
	85	exit(0);
	86	}
	87
	88	void syscall_run(const char *name) {
	89	assert(prog);
	90
	91	pid_t child = fork();
	92	if (child < 0)
	93	errExit("fork");
	94	if (child == 0) {
	95	execl(prog, prog, "syscall", name, NULL);
	96	perror("execl");
	97	_exit(1);
	98	}
	99
	100	// wait for the child to finish
	101	waitpid(child, NULL, 0);
	102	}