samples/seccomp/user-trap.c
Source file repositories/reference/linux-study-clean/samples/seccomp/user-trap.c
File Facts
- System
- Linux kernel
- Corpus path
samples/seccomp/user-trap.c- Extension
.c- Size
- 8187 bytes
- Lines
- 380
- Domain
- Support Tooling And Documentation
- Bucket
- samples
- Inferred role
- Support Tooling And Documentation: implementation source
- Status
- source implementation candidate
Why This File Exists
Repository support layer: documentation, build tooling, samples, user-space helper tools, generated initramfs support, licenses, and validation utilities.
- Repository support layer: documentation, build tooling, samples, user-space helper tools, generated initramfs support, licenses, and validation utilities.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
signal.hstdio.hstdlib.hunistd.herrno.hfcntl.hstring.hstddef.hsys/sysmacros.hsys/types.hsys/wait.hsys/socket.hsys/stat.hsys/mman.hsys/syscall.hsys/user.hsys/ioctl.hsys/ptrace.hsys/mount.hlinux/limits.hlinux/filter.hlinux/seccomp.h
Detected Declarations
function seccompfunction send_fdfunction recv_fdfunction user_trap_syscallfunction handle_reqfunction main
Annotated Snippet
if (mount(source, target, NULL, req->data.args[3], NULL) < 0) {
ret = -1;
perror("actual mount");
goto out;
}
resp->error = 0;
}
/* Even if we didn't allow it because of policy, generating the
* response was be a success, because we want to tell the worker EPERM.
*/
ret = 0;
out:
close(mem);
return ret;
}
int main(void)
{
int sk_pair[2], ret = 1, status, listener;
pid_t worker = 0 , tracer = 0;
if (socketpair(PF_LOCAL, SOCK_SEQPACKET, 0, sk_pair) < 0) {
perror("socketpair");
return 1;
}
worker = fork();
if (worker < 0) {
perror("fork");
goto close_pair;
}
if (worker == 0) {
listener = user_trap_syscall(__NR_mount,
SECCOMP_FILTER_FLAG_NEW_LISTENER);
if (listener < 0) {
perror("seccomp");
exit(1);
}
/*
* Drop privileges. We definitely can't mount as uid 1000.
*/
if (setuid(1000) < 0) {
perror("setuid");
exit(1);
}
/*
* Send the listener to the parent; also serves as
* synchronization.
*/
if (send_fd(sk_pair[1], listener) < 0)
exit(1);
close(listener);
if (mkdir("/tmp/foo", 0755) < 0) {
perror("mkdir");
exit(1);
}
/*
* Try a bad mount just for grins.
*/
if (mount("/dev/sda", "/tmp/foo", NULL, 0, NULL) != -1) {
fprintf(stderr, "huh? mounted /dev/sda?\n");
exit(1);
}
if (errno != EPERM) {
perror("bad error from mount");
exit(1);
}
/*
* Ok, we expect this one to succeed.
*/
if (mount("/tmp/foo", "/tmp/foo", NULL, MS_BIND, NULL) < 0) {
perror("mount");
exit(1);
}
exit(0);
}
/*
* Get the listener from the child.
*/
Annotation
- Immediate include surface: `signal.h`, `stdio.h`, `stdlib.h`, `unistd.h`, `errno.h`, `fcntl.h`, `string.h`, `stddef.h`.
- Detected declarations: `function seccomp`, `function send_fd`, `function recv_fd`, `function user_trap_syscall`, `function handle_req`, `function main`.
- Atlas domain: Support Tooling And Documentation / samples.
- Implementation status: source implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.