woj-sandbox/rules/lang_c_cpp.c

#include "rules.h"

#include <seccomp.h>

void setup_lang_c_cpp(scmp_filter_ctx ctx) {
    // some more syscall(s) that glibc uses
    int white[] = {
        SCMP_SYS(clone),           // 56
        SCMP_SYS(futex),           // 202
        SCMP_SYS(set_tid_address), // 218
        SCMP_SYS(set_robust_list), // 273
        SCMP_SYS(get_robust_list), // 274
        SCMP_SYS(rseq),            // 334
    };
    ADD_RULE_LIST(white, SCMP_ACT_ALLOW);
}

struct rule lang_c_rule = {
    .name  = "c",
    .setup = setup_lang_c_cpp,
};

struct rule lang_cpp_rule = {
    .name  = "cpp",
    .setup = setup_lang_c_cpp,
};

void __attribute__((constructor(101))) register_lang_c_cpp(void) {
    register_rule(&lang_c_rule);
    register_rule(&lang_cpp_rule);
}
feat: tiny sandbox 2022-10-02 14:09:25 +08:00			`#include "rules.h"`

			`#include <seccomp.h>`

feat: sync language name with runner 2022-10-09 20:19:25 +08:00			`void setup_lang_c_cpp(scmp_filter_ctx ctx) {`
feat: refactor, drop LD_PRELOAD method 2024-01-01 17:31:21 +08:00			`// some more syscall(s) that glibc uses`
feat: add resource limit 2022-10-02 16:06:27 +08:00			`int white[] = {`
fix: enhanced syscall list 2022-10-20 15:44:03 +08:00			`SCMP_SYS(clone), // 56`
chore: comment for syscall nr 2022-10-04 14:30:11 +08:00			`SCMP_SYS(futex), // 202`
feat: refactor, drop LD_PRELOAD method 2024-01-01 17:31:21 +08:00			`SCMP_SYS(set_tid_address), // 218`
fix: enhanced syscall list 2022-10-20 15:44:03 +08:00			`SCMP_SYS(set_robust_list), // 273`
			`SCMP_SYS(get_robust_list), // 274`
feat: refactor, drop LD_PRELOAD method 2024-01-01 17:31:21 +08:00			`SCMP_SYS(rseq), // 334`
feat: add resource limit 2022-10-02 16:06:27 +08:00			`};`
feat: refactor, drop LD_PRELOAD method 2024-01-01 17:31:21 +08:00			`ADD_RULE_LIST(white, SCMP_ACT_ALLOW);`
feat: tiny sandbox 2022-10-02 14:09:25 +08:00			`}`

			`struct rule lang_c_rule = {`
feat: sync language name with runner 2022-10-09 20:19:25 +08:00			`.name = "c",`
			`.setup = setup_lang_c_cpp,`
feat: tiny sandbox 2022-10-02 14:09:25 +08:00			`};`

feat: sync language name with runner 2022-10-09 20:19:25 +08:00			`struct rule lang_cpp_rule = {`
			`.name = "cpp",`
			`.setup = setup_lang_c_cpp,`
			`};`

feat: refactor, drop LD_PRELOAD method 2024-01-01 17:31:21 +08:00			`void __attribute__((constructor(101))) register_lang_c_cpp(void) {`
feat: sync language name with runner 2022-10-09 20:19:25 +08:00			`register_rule(&lang_c_rule);`
			`register_rule(&lang_cpp_rule);`
			`}`