1*ec63e07aSXin Li// Copyright 2019 Google LLC 2*ec63e07aSXin Li// 3*ec63e07aSXin Li// Licensed under the Apache License, Version 2.0 (the "License"); 4*ec63e07aSXin Li// you may not use this file except in compliance with the License. 5*ec63e07aSXin Li// You may obtain a copy of the License at 6*ec63e07aSXin Li// 7*ec63e07aSXin Li// https://www.apache.org/licenses/LICENSE-2.0 8*ec63e07aSXin Li// 9*ec63e07aSXin Li// Unless required by applicable law or agreed to in writing, software 10*ec63e07aSXin Li// distributed under the License is distributed on an "AS IS" BASIS, 11*ec63e07aSXin Li// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*ec63e07aSXin Li// See the License for the specific language governing permissions and 13*ec63e07aSXin Li// limitations under the License. 14*ec63e07aSXin Li 15*ec63e07aSXin Lisyntax = "proto3"; 16*ec63e07aSXin Li 17*ec63e07aSXin Lipackage sandbox2; 18*ec63e07aSXin Li 19*ec63e07aSXin Liimport "sandboxed_api/sandbox2/mount_tree.proto"; 20*ec63e07aSXin Li 21*ec63e07aSXin Lienum PBViolationType { 22*ec63e07aSXin Li VIOLATION_TYPE_UNSPECIFIED = 0; 23*ec63e07aSXin Li DISALLOWED_SYSCALL = 1; 24*ec63e07aSXin Li RESOURCE_LIMIT_EXCEEDED = 2; 25*ec63e07aSXin Li SYSCALL_ARCHITECTURE_MISMATCH = 3; 26*ec63e07aSXin Li} 27*ec63e07aSXin Li 28*ec63e07aSXin Limessage RegisterX8664 { 29*ec63e07aSXin Li uint64 r15 = 1; 30*ec63e07aSXin Li uint64 r14 = 2; 31*ec63e07aSXin Li uint64 r13 = 3; 32*ec63e07aSXin Li uint64 r12 = 4; 33*ec63e07aSXin Li uint64 rbp = 5; 34*ec63e07aSXin Li uint64 rbx = 6; 35*ec63e07aSXin Li uint64 r11 = 7; 36*ec63e07aSXin Li uint64 r10 = 8; 37*ec63e07aSXin Li uint64 r9 = 9; 38*ec63e07aSXin Li uint64 r8 = 10; 39*ec63e07aSXin Li uint64 rax = 11; 40*ec63e07aSXin Li uint64 rcx = 12; 41*ec63e07aSXin Li uint64 rdx = 13; 42*ec63e07aSXin Li uint64 rsi = 14; 43*ec63e07aSXin Li uint64 rdi = 15; 44*ec63e07aSXin Li uint64 orig_rax = 16; 45*ec63e07aSXin Li uint64 rip = 17; 46*ec63e07aSXin Li uint64 cs = 18; 47*ec63e07aSXin Li uint64 eflags = 19; 48*ec63e07aSXin Li uint64 rsp = 20; 49*ec63e07aSXin Li uint64 ss = 21; 50*ec63e07aSXin Li uint64 fs_base = 22; 51*ec63e07aSXin Li uint64 gs_base = 23; 52*ec63e07aSXin Li uint64 ds = 24; 53*ec63e07aSXin Li uint64 es = 25; 54*ec63e07aSXin Li uint64 fs = 26; 55*ec63e07aSXin Li uint64 gs = 27; 56*ec63e07aSXin Li} 57*ec63e07aSXin Li 58*ec63e07aSXin Limessage RegisterPowerpc64 { 59*ec63e07aSXin Li repeated uint64 gpr = 1; 60*ec63e07aSXin Li uint64 nip = 2; 61*ec63e07aSXin Li uint64 msr = 3; 62*ec63e07aSXin Li uint64 orig_gpr3 = 4; 63*ec63e07aSXin Li uint64 ctr = 5; 64*ec63e07aSXin Li uint64 link = 6; 65*ec63e07aSXin Li uint64 xer = 7; 66*ec63e07aSXin Li uint64 ccr = 8; 67*ec63e07aSXin Li uint64 softe = 9; 68*ec63e07aSXin Li uint64 trap = 10; 69*ec63e07aSXin Li uint64 dar = 11; 70*ec63e07aSXin Li uint64 dsisr = 12; 71*ec63e07aSXin Li uint64 result = 13; 72*ec63e07aSXin Li 73*ec63e07aSXin Li uint64 zero0 = 14; 74*ec63e07aSXin Li uint64 zero1 = 15; 75*ec63e07aSXin Li uint64 zero2 = 16; 76*ec63e07aSXin Li uint64 zero3 = 17; 77*ec63e07aSXin Li} 78*ec63e07aSXin Li 79*ec63e07aSXin Limessage RegisterAarch64 { 80*ec63e07aSXin Li repeated uint64 regs = 1; 81*ec63e07aSXin Li uint64 sp = 2; 82*ec63e07aSXin Li uint64 pc = 3; 83*ec63e07aSXin Li uint64 pstate = 4; 84*ec63e07aSXin Li} 85*ec63e07aSXin Li 86*ec63e07aSXin Limessage RegisterArm { 87*ec63e07aSXin Li repeated uint32 regs = 1; 88*ec63e07aSXin Li uint32 pc = 2; 89*ec63e07aSXin Li uint32 cpsr = 3; 90*ec63e07aSXin Li uint32 orig_x0 = 4; 91*ec63e07aSXin Li} 92*ec63e07aSXin Li 93*ec63e07aSXin Limessage RegisterValues { 94*ec63e07aSXin Li // Architecture architecture = 1; 95*ec63e07aSXin Li oneof register_values { 96*ec63e07aSXin Li RegisterX8664 register_x86_64 = 2; 97*ec63e07aSXin Li RegisterPowerpc64 register_powerpc64 = 3; 98*ec63e07aSXin Li RegisterAarch64 register_aarch64 = 4; 99*ec63e07aSXin Li RegisterArm register_arm = 5; 100*ec63e07aSXin Li } 101*ec63e07aSXin Li} 102*ec63e07aSXin Li 103*ec63e07aSXin Limessage SyscallDescription { 104*ec63e07aSXin Li int32 syscall = 1; 105*ec63e07aSXin Li // Should we have a second one with the raw value? 106*ec63e07aSXin Li // This would be redundant (We dump all registers) + should not be as useful 107*ec63e07aSXin Li // for debugging as the decoded values. 108*ec63e07aSXin Li repeated string argument = 2; 109*ec63e07aSXin Li // Store the architecture of the desired syscall in here as well? Might be 110*ec63e07aSXin Li // useful when the violation type was a change in syscall architecture. 111*ec63e07aSXin Li} 112*ec63e07aSXin Li 113*ec63e07aSXin Limessage PolicyBuilderDescription { 114*ec63e07aSXin Li repeated int32 handled_syscalls = 1; 115*ec63e07aSXin Li repeated string bind_mounts = 2; 116*ec63e07aSXin Li string built_at_sloc = 3; 117*ec63e07aSXin Li} 118*ec63e07aSXin Li 119*ec63e07aSXin Limessage NamespaceDescription { 120*ec63e07aSXin Li int32 clone_flags = 1; 121*ec63e07aSXin Li // Do we want to have the mount tree in here? 122*ec63e07aSXin Li MountTree mount_tree_mounts = 2; 123*ec63e07aSXin Li} 124*ec63e07aSXin Li 125*ec63e07aSXin Limessage PolicyDescription { 126*ec63e07aSXin Li bytes user_bpf_policy = 1; 127*ec63e07aSXin Li reserved 2 to 5; 128*ec63e07aSXin Li // This requires additional fields. (e.g. allowed syscall numbers) 129*ec63e07aSXin Li PolicyBuilderDescription policy_builder_description = 6; 130*ec63e07aSXin Li 131*ec63e07aSXin Li // namespace 132*ec63e07aSXin Li NamespaceDescription namespace_description = 7; 133*ec63e07aSXin Li 134*ec63e07aSXin Li repeated int32 capabilities = 8; 135*ec63e07aSXin Li} 136*ec63e07aSXin Li 137*ec63e07aSXin Limessage Violation { 138*ec63e07aSXin Li string legacy_fatal_message = 1; 139*ec63e07aSXin Li PBViolationType violation_type = 2; 140*ec63e07aSXin Li int32 pid = 3; 141*ec63e07aSXin Li string prog_name = 4; 142*ec63e07aSXin Li PolicyDescription policy = 5; 143*ec63e07aSXin Li string stack_trace = 6; 144*ec63e07aSXin Li SyscallDescription syscall_information = 7; 145*ec63e07aSXin Li RegisterValues register_values = 8; 146*ec63e07aSXin Li reserved 9; 147*ec63e07aSXin Li string proc_maps = 10; 148*ec63e07aSXin Li // Contains the received signal that caused the death if applicable. 149*ec63e07aSXin Li int32 signal = 11; 150*ec63e07aSXin Li} 151