about summary refs log tree commit diff
path: root/frida_mode/src/seccomp
diff options
context:
space:
mode:
Diffstat (limited to 'frida_mode/src/seccomp')
-rw-r--r--frida_mode/src/seccomp/seccomp.c140
-rw-r--r--frida_mode/src/seccomp/seccomp_atomic.c12
-rw-r--r--frida_mode/src/seccomp/seccomp_callback.c145
-rw-r--r--frida_mode/src/seccomp/seccomp_child.c31
-rw-r--r--frida_mode/src/seccomp/seccomp_event.c31
-rw-r--r--frida_mode/src/seccomp/seccomp_filter.c87
-rw-r--r--frida_mode/src/seccomp/seccomp_print.c30
-rw-r--r--frida_mode/src/seccomp/seccomp_socket.c35
-rw-r--r--frida_mode/src/seccomp/seccomp_syscall.c15
9 files changed, 309 insertions, 217 deletions
diff --git a/frida_mode/src/seccomp/seccomp.c b/frida_mode/src/seccomp/seccomp.c
index 7683cd71..9d8fdd5d 100644
--- a/frida_mode/src/seccomp/seccomp.c
+++ b/frida_mode/src/seccomp/seccomp.c
@@ -1,123 +1,19 @@
-#include <execinfo.h>
-#include <fcntl.h>
-#include <linux/seccomp.h>
-#include <stdio.h>
-#include <unistd.h>
-
 #include "frida-gumjs.h"
 
-#include "debug.h"
-
 #include "seccomp.h"
 #include "util.h"
 
 char *seccomp_filename = NULL;
 
-static void seccomp_vprint(int fd, char *format, va_list ap) {
-
-  char buffer[4096] = {0};
-  int  len;
-
-  if (vsnprintf(buffer, sizeof(buffer) - 1, format, ap) < 0) { return; }
-
-  len = strnlen(buffer, sizeof(buffer));
-  IGNORED_RETURN(write(fd, buffer, len));
-
-}
-
-void seccomp_print(char *format, ...) {
-
-  va_list ap;
-  va_start(ap, format);
-  seccomp_vprint(SECCOMP_OUTPUT_FILE_FD, format, ap);
-  va_end(ap);
-
-}
-
-static void seccomp_filter_callback(struct seccomp_notif *     req,
-                                    struct seccomp_notif_resp *resp,
-                                    GumReturnAddressArray *    frames) {
-
-  GumDebugSymbolDetails details = {0};
-  if (req->data.nr == SYS_OPENAT) {
-
-    seccomp_print("SYS_OPENAT: (%s)\n", (char *)req->data.args[1]);
-
-  }
-
-  seccomp_print(
-      "\nID (%#llx) for PID %d - %d (%s) [0x%llx 0x%llx 0x%llx 0x%llx 0x%llx "
-      "0x%llx ]\n",
-      req->id, req->pid, req->data.nr, seccomp_syscall_lookup(req->data.nr),
-      req->data.args[0], req->data.args[1], req->data.args[2],
-      req->data.args[3], req->data.args[4], req->data.args[5]);
-
-  seccomp_print("FRAMES: (%u)\n", frames->len);
-  char **syms = backtrace_symbols(frames->items, frames->len);
-  if (syms == NULL) { FATAL("Failed to get symbols"); }
-
-  for (guint i = 0; i < frames->len; i++) {
-
-    if (gum_symbol_details_from_address(frames->items[i], &details)) {
-
-      seccomp_print("\t%3d. %s!%s\n", i, details.module_name,
-                    details.symbol_name);
-
-    } else {
-
-      seccomp_print("\t%3d. %s\n", i, syms[i]);
-
-    }
-
-  }
-
-  free(syms);
-
-  resp->error = 0;
-  resp->val = 0;
-  resp->id = req->id;
-  resp->flags = SECCOMP_USER_NOTIF_FLAG_CONTINUE;
-
-}
-
-static void seccomp_child(int signal_parent, void *ctx) {
-
-  int sock_fd = *((int *)ctx);
-  int fd = seccomp_socket_recv(sock_fd);
-
-  if (close(sock_fd) < 0) { FATAL("child - close"); }
-
-  seccomp_event_signal(signal_parent);
-  seccomp_filter_child_install();
-  seccomp_filter_run(fd, seccomp_filter_callback);
-
-}
-
 void seccomp_on_fork(void) {
 
-  int   sock[2] = {-1, -1};
-  pid_t child = -1;
-  int   child_fd = -1;
-
   if (seccomp_filename == NULL) { return; }
 
-  seccomp_socket_create(sock);
-  seccomp_child_run(seccomp_child, sock, &child, &child_fd);
-
-  if (dup2(child_fd, SECCOMP_PARENT_EVENT_FD) < 0) { FATAL("dup2"); }
-
-  if (close(child_fd) < 0) { FATAL("seccomp_on_fork - close (1)"); }
-
-  if (close(sock[STDIN_FILENO]) < 0) { FATAL("grandparent - close (2)"); }
-
-  int fd = seccomp_filter_install(child);
-  seccomp_socket_send(sock[STDOUT_FILENO], fd);
-
-  if (close(sock[STDOUT_FILENO]) < 0) { FATAL("grandparent - close (3)"); }
-
-  if (close(fd) < 0) { FATAL("grandparent - close (4)"); }
-
-  seccomp_child_wait(SECCOMP_PARENT_EVENT_FD);
+#ifdef __APPLE__
+  FFATAL("Seccomp not supported on OSX");
+#else
+  seccomp_callback_parent();
+#endif
 
 }
 
@@ -129,29 +25,15 @@ void seccomp_config(void) {
 
 void seccomp_init(void) {
 
-  char *path = NULL;
-  int   fd;
-
-  OKF("Seccomp - file [%s]", seccomp_filename);
+  FOKF("Seccomp - file [%s]", seccomp_filename);
 
   if (seccomp_filename == NULL) { return; }
 
-  path = g_canonicalize_filename(seccomp_filename, g_get_current_dir());
-
-  OKF("Seccomp - path [%s]", path);
-
-  fd = open(path, O_RDWR | O_CREAT | O_TRUNC,
-            S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
-
-  if (dup2(fd, SECCOMP_OUTPUT_FILE_FD) < 0) {
-
-    FATAL("Failed to duplicate seccomp output file");
-
-  }
-
-  if (close(fd) < 0) { FATAL("Failed to close seccomp output file fd"); }
-
-  g_free(path);
+#ifdef __APPLE__
+  FFATAL("Seccomp not supported on OSX");
+#else
+  seccomp_callback_initialize();
+#endif
 
 }
 
diff --git a/frida_mode/src/seccomp/seccomp_atomic.c b/frida_mode/src/seccomp/seccomp_atomic.c
index 1720a726..18cb6724 100644
--- a/frida_mode/src/seccomp/seccomp_atomic.c
+++ b/frida_mode/src/seccomp/seccomp_atomic.c
@@ -1,13 +1,15 @@
-#include <stdbool.h>
-#include <stdio.h>
+#if defined(__linux__) && !defined(__ANDROID__)
 
-#include "debug.h"
+  #include <stdbool.h>
+  #include <stdio.h>
+
+  #include "util.h"
 
 void seccomp_atomic_set(volatile bool *ptr, bool val) {
 
   if (!__sync_bool_compare_and_swap(ptr, !val, val)) {
 
-    FATAL("Failed to set event");
+    FFATAL("Failed to set event");
 
   }
 
@@ -26,3 +28,5 @@ void seccomp_atomic_wait(volatile bool *ptr, bool val) {
 
 }
 
+#endif
+
diff --git a/frida_mode/src/seccomp/seccomp_callback.c b/frida_mode/src/seccomp/seccomp_callback.c
new file mode 100644
index 00000000..f7aaf78b
--- /dev/null
+++ b/frida_mode/src/seccomp/seccomp_callback.c
@@ -0,0 +1,145 @@
+#if defined(__linux__) && !defined(__ANDROID__)
+
+  #if !defined(__MUSL__)
+    #include <execinfo.h>
+  #endif
+  #include <fcntl.h>
+
+  #include "seccomp.h"
+  #include "util.h"
+
+static void seccomp_callback_filter(struct seccomp_notif *     req,
+                                    struct seccomp_notif_resp *resp,
+                                    GumReturnAddressArray *    frames) {
+
+  GumDebugSymbolDetails details = {0};
+  if (req->data.nr == SYS_OPENAT) {
+
+  #if UINTPTR_MAX == 0xffffffffffffffffu
+    seccomp_print("SYS_OPENAT: (%s)\n", (char *)req->data.args[1]);
+  #endif
+  #if UINTPTR_MAX == 0xffffffff
+    seccomp_print("SYS_OPENAT: (%s)\n", (char *)(__u32)req->data.args[1]);
+  #endif
+
+  }
+
+  seccomp_print(
+      "\nID (%#llx) for PID %d - %d (%s) [0x%llx 0x%llx 0x%llx 0x%llx 0x%llx "
+      "0x%llx ]\n",
+      req->id, req->pid, req->data.nr, seccomp_syscall_lookup(req->data.nr),
+      req->data.args[0], req->data.args[1], req->data.args[2],
+      req->data.args[3], req->data.args[4], req->data.args[5]);
+
+  #if !defined(__MUSL__)
+  seccomp_print("FRAMES: (%u)\n", frames->len);
+  char **syms = backtrace_symbols(frames->items, frames->len);
+  if (syms == NULL) { FFATAL("Failed to get symbols"); }
+
+  for (guint i = 0; i < frames->len; i++) {
+
+    if (gum_symbol_details_from_address(frames->items[i], &details)) {
+
+      seccomp_print("\t%3d. %s!%s\n", i, details.module_name,
+                    details.symbol_name);
+
+    } else {
+
+      seccomp_print("\t%3d. %s\n", i, syms[i]);
+
+    }
+
+  }
+
+  free(syms);
+  #else
+  void **syms = (void **)__builtin_frame_address(0);
+  void * framep = __builtin_frame_address(1);
+  int    i = 0;
+
+  syms = framep;
+  while (syms) {
+
+    framep = *syms;
+    syms = framep;
+
+    if (!syms) break;
+
+    seccomp_print("\%3d. %s\n", i++, (char *)framep);
+
+  }
+
+  #endif
+
+  resp->error = 0;
+  resp->val = 0;
+  resp->id = req->id;
+  resp->flags = SECCOMP_USER_NOTIF_FLAG_CONTINUE;
+
+}
+
+static void seccomp_callback_child(int signal_parent, void *ctx) {
+
+  int sock_fd = *((int *)ctx);
+  int fd = seccomp_socket_recv(sock_fd);
+
+  if (close(sock_fd) < 0) { FFATAL("child - close"); }
+
+  seccomp_event_signal(signal_parent);
+  seccomp_filter_child_install();
+  seccomp_filter_run(fd, seccomp_callback_filter);
+
+}
+
+void seccomp_callback_parent(void) {
+
+  int   sock[2] = {-1, -1};
+  pid_t child = -1;
+  int   child_fd = -1;
+
+  seccomp_socket_create(sock);
+  seccomp_child_run(seccomp_callback_child, sock, &child, &child_fd);
+
+  if (dup2(child_fd, SECCOMP_PARENT_EVENT_FD) < 0) { FFATAL("dup2"); }
+
+  if (close(child_fd) < 0) { FFATAL("seccomp_on_fork - close (1)"); }
+
+  if (close(sock[STDIN_FILENO]) < 0) { FFATAL("grandparent - close (2)"); }
+
+  int fd = seccomp_filter_install(child);
+  seccomp_socket_send(sock[STDOUT_FILENO], fd);
+
+  if (close(sock[STDOUT_FILENO]) < 0) { FFATAL("grandparent - close (3)"); }
+
+  if (close(fd) < 0) { FFATAL("grandparent - close (4)"); }
+
+  seccomp_child_wait(SECCOMP_PARENT_EVENT_FD);
+
+}
+
+void seccomp_callback_initialize(void) {
+
+  char *path = NULL;
+  int   fd;
+
+  path = g_canonicalize_filename(seccomp_filename, g_get_current_dir());
+
+  FOKF("Seccomp - path [%s]", path);
+
+  fd = open(path, O_RDWR | O_CREAT | O_TRUNC,
+            S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);
+
+  if (dup2(fd, SECCOMP_OUTPUT_FILE_FD) < 0) {
+
+    FFATAL("Failed to duplicate seccomp output file");
+
+  }
+
+  if (close(fd) < 0) { FFATAL("Failed to close seccomp output file fd"); }
+
+  g_free(path);
+
+}
+
+#endif
+
diff --git a/frida_mode/src/seccomp/seccomp_child.c b/frida_mode/src/seccomp/seccomp_child.c
index 4d494137..c02ef67c 100644
--- a/frida_mode/src/seccomp/seccomp_child.c
+++ b/frida_mode/src/seccomp/seccomp_child.c
@@ -1,18 +1,19 @@
-#include <fcntl.h>
-#include <sched.h>
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/mman.h>
-#include <sys/prctl.h>
-#include <sys/types.h>
-#include <unistd.h>
+#if defined(__linux__) && !defined(__ANDROID__)
 
-#include "debug.h"
+  #include <fcntl.h>
+  #include <sched.h>
+  #include <signal.h>
+  #include <stdio.h>
+  #include <stdlib.h>
+  #include <sys/mman.h>
+  #include <sys/prctl.h>
+  #include <sys/types.h>
+  #include <unistd.h>
 
-#include "seccomp.h"
+  #include "seccomp.h"
+  #include "util.h"
 
-#define SECCOMP_CHILD_STACK_SIZE (1UL << 20)
+  #define SECCOMP_CHILD_STACK_SIZE (1UL << 20)
 
 typedef void (*seccomp_child_func_t)(int event_fd, void *ctx);
 
@@ -49,11 +50,11 @@ void seccomp_child_run(seccomp_child_func_t child_func, void *ctx, pid_t *child,
   char *stack =
       (char *)mmap(NULL, SECCOMP_CHILD_STACK_SIZE, PROT_READ | PROT_WRITE,
                    MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
-  if (stack == MAP_FAILED) { FATAL("mmap"); }
+  if (stack == MAP_FAILED) { FFATAL("mmap"); }
 
   pid_t child_pid = clone(seccomp_child_func, &stack[SECCOMP_CHILD_STACK_SIZE],
                           flags, child_ctx, NULL, NULL, NULL);
-  if (child_pid < 0) { FATAL("clone"); }
+  if (child_pid < 0) { FFATAL("clone"); }
 
   if (child != NULL) { *child = child_pid; }
   if (event_fd != NULL) { *event_fd = fd; }
@@ -67,3 +68,5 @@ void seccomp_child_wait(int event_fd) {
 
 }
 
+#endif
+
diff --git a/frida_mode/src/seccomp/seccomp_event.c b/frida_mode/src/seccomp/seccomp_event.c
index ecb9be32..e6585f1d 100644
--- a/frida_mode/src/seccomp/seccomp_event.c
+++ b/frida_mode/src/seccomp/seccomp_event.c
@@ -1,16 +1,23 @@
-#include <stdint.h>
-#include <stdio.h>
-#include <sys/eventfd.h>
-#include <unistd.h>
+#if defined(__linux__) && !defined(__ANDROID__)
 
-#include "debug.h"
+  #include <stdint.h>
+  #include <stdio.h>
+  #include <sys/syscall.h>
+  #include <unistd.h>
 
-#include "seccomp.h"
+  #include "seccomp.h"
+  #include "util.h"
 
 int seccomp_event_create(void) {
 
-  int fd = eventfd(0, 0);
-  if (fd < 0) { FATAL("seccomp_event_create"); }
+  #ifdef SYS_eventfd
+  int fd = syscall(SYS_eventfd, 0, 0);
+  #else
+    #ifdef SYS_eventfd2
+  int fd = syscall(SYS_eventfd2, 0, 0);
+    #endif
+  #endif
+  if (fd < 0) { FFATAL("seccomp_event_create"); }
   return fd;
 
 }
@@ -20,7 +27,7 @@ void seccomp_event_signal(int fd) {
   uint64_t val = 1;
   if (write(fd, &val, sizeof(uint64_t)) != sizeof(uint64_t)) {
 
-    FATAL("seccomp_event_signal");
+    FFATAL("seccomp_event_signal");
 
   }
 
@@ -31,7 +38,7 @@ void seccomp_event_wait(int fd) {
   uint64_t val = 1;
   if (read(fd, &val, sizeof(uint64_t)) != sizeof(uint64_t)) {
 
-    FATAL("seccomp_event_wait");
+    FFATAL("seccomp_event_wait");
 
   }
 
@@ -39,7 +46,9 @@ void seccomp_event_wait(int fd) {
 
 void seccomp_event_destroy(int fd) {
 
-  if (close(fd) < 0) { FATAL("seccomp_event_destroy"); }
+  if (close(fd) < 0) { FFATAL("seccomp_event_destroy"); }
 
 }
 
+#endif
+
diff --git a/frida_mode/src/seccomp/seccomp_filter.c b/frida_mode/src/seccomp/seccomp_filter.c
index c16e7ebd..1d050303 100644
--- a/frida_mode/src/seccomp/seccomp_filter.c
+++ b/frida_mode/src/seccomp/seccomp_filter.c
@@ -1,27 +1,28 @@
-#include <alloca.h>
-#include <errno.h>
-#include <execinfo.h>
-#include <linux/filter.h>
-#include <linux/seccomp.h>
-#include <sys/ioctl.h>
-#include <sys/prctl.h>
-#include <sys/syscall.h>
-#include <signal.h>
-#include <stdbool.h>
-#include <stddef.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-#include "debug.h"
-
-#include "frida-gumjs.h"
-
-#include "seccomp.h"
-#include "util.h"
-
-#define SECCOMP_FILTER_NUM_FRAMES 512
+#if defined(__linux__) && !defined(__ANDROID__)
+
+  #include <alloca.h>
+  #include <errno.h>
+  #if !defined(__MUSL__)
+    #include <execinfo.h>
+  #endif
+  #include <linux/filter.h>
+  #include <sys/ioctl.h>
+  #include <sys/prctl.h>
+  #include <sys/syscall.h>
+  #include <signal.h>
+  #include <stdbool.h>
+  #include <stddef.h>
+  #include <stdio.h>
+  #include <stdlib.h>
+  #include <string.h>
+  #include <unistd.h>
+
+  #include "frida-gumjs.h"
+
+  #include "seccomp.h"
+  #include "util.h"
+
+  #define SECCOMP_FILTER_NUM_FRAMES 512
 
 extern void gum_linux_parse_ucontext(const ucontext_t *uc, GumCpuContext *ctx);
 
@@ -71,7 +72,13 @@ static struct sock_filter filter[] = {
 
     /* Allow us to make anonymous maps */
     BPF_STMT(BPF_LD | BPF_W | BPF_ABS, (offsetof(struct seccomp_data, nr))),
+  #ifdef __NR_mmap
     BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, __NR_mmap, 0, 3),
+  #else
+    #ifdef __NR_mmap2
+    BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, __NR_mmap2, 0, 3),
+    #endif
+  #endif
     BPF_STMT(BPF_LD | BPF_W | BPF_ABS,
              (offsetof(struct seccomp_data, args[4]))),
     BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, -1, 0, 1),
@@ -127,7 +134,10 @@ static GumBacktracer *       seccomp_filter_backtracer = NULL;
 static void seccomp_filter_child_handler(int sig, siginfo_t *info,
                                          void *ucontext) {
 
-  GumCpuContext cpu_context;
+  UNUSED_PARAMETER(sig);
+  UNUSED_PARAMETER(info);
+  UNUSED_PARAMETER(ucontext);
+
   if (seccomp_filter_backtracer == NULL) {
 
     seccomp_filter_backtracer = gum_backtracer_make_fuzzy();
@@ -150,9 +160,10 @@ static void seccomp_filter_parent_handler(int sig, siginfo_t *info,
   ucontext_t *uc = (ucontext_t *)ucontext;
   gum_linux_parse_ucontext(uc, &seccomp_filter_cpu_context);
 
-  if (tgkill(seccomp_filter_child, seccomp_filter_child, SIGUSR1) < 0) {
+  if (syscall(SYS_tgkill, seccomp_filter_child, seccomp_filter_child, SIGUSR1) <
+      0) {
 
-    FATAL("kill");
+    FFATAL("kill");
 
   }
 
@@ -165,7 +176,7 @@ void seccomp_filter_child_install(void) {
 
   const struct sigaction sa = {.sa_sigaction = seccomp_filter_child_handler,
                                .sa_flags = SA_SIGINFO | SA_RESTART};
-  if (sigaction(SIGUSR1, &sa, NULL) < 0) { FATAL("sigaction"); }
+  if (sigaction(SIGUSR1, &sa, NULL) < 0) { FFATAL("sigaction"); }
 
 }
 
@@ -180,17 +191,17 @@ int seccomp_filter_install(pid_t child) {
 
       .len = sizeof(filter) / sizeof(struct sock_filter), .filter = filter};
 
-  if (sigaction(SIGUSR1, &sa, NULL) < 0) { FATAL("sigaction"); }
+  if (sigaction(SIGUSR1, &sa, NULL) < 0) { FFATAL("sigaction"); }
 
   if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
 
-    FATAL("PR_SET_NO_NEW_PRIVS %d", errno);
+    FFATAL("PR_SET_NO_NEW_PRIVS %d", errno);
 
   }
 
   int fd = syscall(SYS_seccomp, SECCOMP_SET_MODE_FILTER,
                    SECCOMP_FILTER_FLAG_NEW_LISTENER, &filter_prog);
-  if (fd < 0) { FATAL("SYS_seccomp %d", fd); }
+  if (fd < 0) { FFATAL("SYS_seccomp %d", fd); }
 
   return fd;
 
@@ -204,19 +215,19 @@ void seccomp_filter_run(int fd, seccomp_filter_callback_t callback) {
 
   if (syscall(SYS_seccomp, SECCOMP_GET_NOTIF_SIZES, 0, &sizes) == -1) {
 
-    FATAL("seccomp-SECCOMP_GET_NOTIF_SIZES");
+    FFATAL("seccomp-SECCOMP_GET_NOTIF_SIZES");
 
   }
 
   if (sizes.seccomp_notif != sizeof(struct seccomp_notif)) {
 
-    FATAL("size - seccomp_notif");
+    FFATAL("size - seccomp_notif");
 
   }
 
   if (sizes.seccomp_notif_resp != sizeof(struct seccomp_notif_resp)) {
 
-    FATAL("size - seccomp_notif");
+    FFATAL("size - seccomp_notif");
 
   }
 
@@ -230,7 +241,7 @@ void seccomp_filter_run(int fd, seccomp_filter_callback_t callback) {
     if (ioctl(fd, SECCOMP_IOCTL_NOTIF_RECV, req) < 0) {
 
       if (errno == EINTR) { continue; }
-      FATAL("SECCOMP_IOCTL_NOTIF_RECV: %d\n", fd);
+      FFATAL("SECCOMP_IOCTL_NOTIF_RECV: %d\n", fd);
 
     }
 
@@ -240,14 +251,14 @@ void seccomp_filter_run(int fd, seccomp_filter_callback_t callback) {
 
     } else {
 
-      if (kill(req->pid, SIGUSR1) < 0) { FATAL("kill"); }
+      if (kill(req->pid, SIGUSR1) < 0) { FFATAL("kill"); }
 
     }
 
     if (ioctl(fd, SECCOMP_IOCTL_NOTIF_SEND, resp) < 0) {
 
       if (errno == ENOENT) { continue; }
-      OKF("SECCOMP_IOCTL_NOTIF_SEND");
+      FOKF("SECCOMP_IOCTL_NOTIF_SEND");
       continue;
 
     }
@@ -256,3 +267,5 @@ void seccomp_filter_run(int fd, seccomp_filter_callback_t callback) {
 
 }
 
+#endif
+
diff --git a/frida_mode/src/seccomp/seccomp_print.c b/frida_mode/src/seccomp/seccomp_print.c
new file mode 100644
index 00000000..3cea1239
--- /dev/null
+++ b/frida_mode/src/seccomp/seccomp_print.c
@@ -0,0 +1,30 @@
+#if defined(__linux__) && !defined(__ANDROID__)
+
+  #include <stdarg.h>
+
+  #include "seccomp.h"
+  #include "util.h"
+
+static void seccomp_print_v(int fd, char *format, va_list ap) {
+
+  char buffer[4096] = {0};
+  int  len;
+
+  if (vsnprintf(buffer, sizeof(buffer) - 1, format, ap) < 0) { return; }
+
+  len = strnlen(buffer, sizeof(buffer));
+  IGNORED_RETURN(write(fd, buffer, len));
+
+}
+
+void seccomp_print(char *format, ...) {
+
+  va_list ap;
+  va_start(ap, format);
+  seccomp_print_v(SECCOMP_OUTPUT_FILE_FD, format, ap);
+  va_end(ap);
+
+}
+
+#endif
+
diff --git a/frida_mode/src/seccomp/seccomp_socket.c b/frida_mode/src/seccomp/seccomp_socket.c
index ca42e158..a01e88ee 100644
--- a/frida_mode/src/seccomp/seccomp_socket.c
+++ b/frida_mode/src/seccomp/seccomp_socket.c
@@ -1,11 +1,12 @@
-#include <stdio.h>
-#include <string.h>
-#include <sys/socket.h>
-#include <unistd.h>
+#if defined(__linux__) && !defined(__ANDROID__)
 
-#include "debug.h"
+  #include <stdio.h>
+  #include <string.h>
+  #include <sys/socket.h>
+  #include <unistd.h>
 
-#include "seccomp.h"
+  #include "seccomp.h"
+  #include "util.h"
 
 union cmsg {
 
@@ -19,31 +20,31 @@ void seccomp_socket_create(int *sock) {
   int tmp_sock[2] = {-1, -1};
   if (socketpair(AF_UNIX, SOCK_STREAM, 0, tmp_sock) < 0) {
 
-    FATAL("socketpair");
+    FFATAL("socketpair");
 
   }
 
   if (dup2(tmp_sock[STDIN_FILENO], SECCOMP_SOCKET_RECV_FD) < 0) {
 
-    FATAL("seccomp_socket_create - dup2 (1)");
+    FFATAL("seccomp_socket_create - dup2 (1)");
 
   }
 
   if (dup2(tmp_sock[STDOUT_FILENO], SECCOMP_SOCKET_SEND_FD) < 0) {
 
-    FATAL("seccomp_socket_create - dup2 (1)");
+    FFATAL("seccomp_socket_create - dup2 (1)");
 
   }
 
   if (close(tmp_sock[STDIN_FILENO]) < 0) {
 
-    FATAL("seccomp_socket_create - close (1)");
+    FFATAL("seccomp_socket_create - close (1)");
 
   }
 
   if (close(tmp_sock[STDOUT_FILENO]) < 0) {
 
-    FATAL("seccomp_socket_create - close (2)");
+    FFATAL("seccomp_socket_create - close (2)");
 
   }
 
@@ -74,7 +75,7 @@ void seccomp_socket_send(int sockfd, int fd) {
 
   memcpy(CMSG_DATA(&control_msg.hdr), &fd, sizeof(int));
 
-  if (sendmsg(sockfd, &message, 0) == -1) { FATAL("sendmsg"); }
+  if (sendmsg(sockfd, &message, 0) == -1) { FFATAL("sendmsg"); }
 
 }
 
@@ -93,23 +94,23 @@ int seccomp_socket_recv(int sockfd) {
 
   int fd;
 
-  if (recvmsg(sockfd, &message, 0) < 0) { FATAL("recvmsg"); }
+  if (recvmsg(sockfd, &message, 0) < 0) { FFATAL("recvmsg"); }
 
   if (control_msg.hdr.cmsg_len != CMSG_LEN(sizeof(int))) {
 
-    FATAL("control_msg.hdr.cmsg_len");
+    FFATAL("control_msg.hdr.cmsg_len");
 
   }
 
   if (control_msg.hdr.cmsg_level != SOL_SOCKET) {
 
-    FATAL("control_msg.hdr.cmsg_level");
+    FFATAL("control_msg.hdr.cmsg_level");
 
   }
 
   if (control_msg.hdr.cmsg_type != SCM_RIGHTS) {
 
-    FATAL("control_msg.hdr.cmsg_type");
+    FFATAL("control_msg.hdr.cmsg_type");
 
   }
 
@@ -119,3 +120,5 @@ int seccomp_socket_recv(int sockfd) {
 
 }
 
+#endif
+
diff --git a/frida_mode/src/seccomp/seccomp_syscall.c b/frida_mode/src/seccomp/seccomp_syscall.c
index b2c084c8..2eac1af3 100644
--- a/frida_mode/src/seccomp/seccomp_syscall.c
+++ b/frida_mode/src/seccomp/seccomp_syscall.c
@@ -1,9 +1,10 @@
-#include <limits.h>
-#include <stdio.h>
+#if defined(__linux__) && !defined(__ANDROID__)
 
-#include "debug.h"
+  #include <limits.h>
+  #include <stdio.h>
 
-#include "seccomp.h"
+  #include "seccomp.h"
+  #include "util.h"
 
 typedef struct {
 
@@ -322,10 +323,10 @@ static syscall_entry_t seccomp_syscall_table[] = {
 
 char *seccomp_syscall_lookup(int id) {
 
-  if (id < 0) { FATAL("Invalid id: %d", id); }
+  if (id < 0) { FFATAL("Invalid id: %d", id); }
   if ((uint32_t)id >= sizeof(seccomp_syscall_table) / sizeof(syscall_entry_t)) {
 
-    FATAL("Invalid id: %d", id);
+    FFATAL("Invalid id: %d", id);
 
   }
 
@@ -333,3 +334,5 @@ char *seccomp_syscall_lookup(int id) {
 
 }
 
+#endif
+
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-08-11 21:27:38 +0000