script_core 0.2.6 → 0.2.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ext/enterprise_script_service/libseccomp/.travis.yml +21 -7
- data/ext/enterprise_script_service/libseccomp/CHANGELOG +22 -0
- data/ext/enterprise_script_service/libseccomp/CONTRIBUTING.md +37 -26
- data/ext/enterprise_script_service/libseccomp/CREDITS +8 -0
- data/ext/enterprise_script_service/libseccomp/README.md +3 -1
- data/ext/enterprise_script_service/libseccomp/configure.ac +13 -8
- data/ext/enterprise_script_service/libseccomp/doc/Makefile.am +6 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_api_get.3 +12 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_arch_add.3 +38 -6
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_attr_set.3 +53 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_export_bpf.3 +20 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_init.3 +9 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_load.3 +32 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_merge.3 +16 -2
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_alloc.3 +113 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_fd.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_free.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_id_valid.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_receive.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_respond.3 +1 -0
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_rule_add.3 +64 -3
- data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_syscall_priority.3 +18 -3
- data/ext/enterprise_script_service/libseccomp/include/seccomp-syscalls.h +12 -0
- data/ext/enterprise_script_service/libseccomp/include/seccomp.h.in +116 -0
- data/ext/enterprise_script_service/libseccomp/src/.gitignore +2 -0
- data/ext/enterprise_script_service/libseccomp/src/Makefile.am +31 -17
- data/ext/enterprise_script_service/libseccomp/src/api.c +254 -58
- data/ext/enterprise_script_service/libseccomp/src/arch-aarch64.h +1 -9
- data/ext/enterprise_script_service/libseccomp/src/arch-arm.c +47 -2
- data/ext/enterprise_script_service/libseccomp/src/arch-arm.h +1 -9
- data/ext/enterprise_script_service/libseccomp/src/arch-gperf-generate +40 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-mips.c +41 -4
- data/ext/enterprise_script_service/libseccomp/src/arch-mips.h +2 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64.c +41 -4
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64.h +3 -11
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.c +41 -4
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.h +2 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-parisc.h +1 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.c +3 -3
- data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.h +29 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc.h +1 -9
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.c +606 -8
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.h +2 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.c +31 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.h +22 -0
- data/ext/enterprise_script_service/libseccomp/src/arch-s390.c +171 -12
- data/ext/enterprise_script_service/libseccomp/src/arch-s390.h +1 -17
- data/ext/enterprise_script_service/libseccomp/src/arch-s390x.c +166 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-s390x.h +1 -20
- data/ext/enterprise_script_service/libseccomp/src/arch-syscall-dump.c +8 -1
- data/ext/enterprise_script_service/libseccomp/src/arch-syscall-validate +359 -143
- data/ext/enterprise_script_service/libseccomp/src/arch-x32.c +36 -2
- data/ext/enterprise_script_service/libseccomp/src/arch-x32.h +2 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-x86.c +172 -10
- data/ext/enterprise_script_service/libseccomp/src/arch-x86.h +1 -14
- data/ext/enterprise_script_service/libseccomp/src/arch-x86_64.h +1 -9
- data/ext/enterprise_script_service/libseccomp/src/arch.c +11 -3
- data/ext/enterprise_script_service/libseccomp/src/arch.h +7 -0
- data/ext/enterprise_script_service/libseccomp/src/db.c +268 -57
- data/ext/enterprise_script_service/libseccomp/src/db.h +16 -2
- data/ext/enterprise_script_service/libseccomp/src/gen_bpf.c +503 -148
- data/ext/enterprise_script_service/libseccomp/src/gen_bpf.h +2 -1
- data/ext/enterprise_script_service/libseccomp/src/gen_pfc.c +165 -37
- data/ext/enterprise_script_service/libseccomp/src/python/libseccomp.pxd +37 -1
- data/ext/enterprise_script_service/libseccomp/src/python/seccomp.pyx +295 -5
- data/ext/enterprise_script_service/libseccomp/src/syscalls.c +56 -0
- data/ext/enterprise_script_service/libseccomp/src/syscalls.csv +470 -0
- data/ext/enterprise_script_service/libseccomp/src/syscalls.h +62 -0
- data/ext/enterprise_script_service/libseccomp/src/syscalls.perf.template +82 -0
- data/ext/enterprise_script_service/libseccomp/src/system.c +196 -16
- data/ext/enterprise_script_service/libseccomp/src/system.h +68 -13
- data/ext/enterprise_script_service/libseccomp/tests/.gitignore +9 -2
- data/ext/enterprise_script_service/libseccomp/tests/06-sim-actions.tests +1 -1
- data/ext/enterprise_script_service/libseccomp/tests/11-basic-basic_errors.c +5 -5
- data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.c +35 -1
- data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.py +10 -1
- data/ext/enterprise_script_service/libseccomp/tests/15-basic-resolver.c +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.c +12 -0
- data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.py +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.c → 18-sim-basic_allowlist.c} +0 -0
- data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.py → 18-sim-basic_allowlist.py} +0 -0
- data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_allowlist.tests +32 -0
- data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.c +3 -0
- data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.py +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.c +3 -0
- data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.py +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.tests +33 -17
- data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.c → 34-sim-basic_denylist.c} +0 -0
- data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.py → 34-sim-basic_denylist.py} +0 -0
- data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_denylist.tests +32 -0
- data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.c +3 -0
- data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.py +1 -0
- data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.tests +25 -25
- data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.c +24 -3
- data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.py +16 -1
- data/ext/enterprise_script_service/libseccomp/tests/47-live-kill_process.c +3 -3
- data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.c +112 -0
- data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.py +60 -0
- data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.c +156 -0
- data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.py +95 -0
- data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.tests +65 -0
- data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.c +128 -0
- data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.py +95 -0
- data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.c +134 -0
- data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.sh +46 -0
- data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.c +90 -0
- data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.py +65 -0
- data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.c +64 -0
- data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.py +46 -0
- data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.c +116 -0
- data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.py +61 -0
- data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.tests +11 -0
- data/ext/enterprise_script_service/libseccomp/tests/Makefile.am +31 -10
- data/ext/enterprise_script_service/libseccomp/tests/regression +6 -3
- data/ext/enterprise_script_service/libseccomp/tests/util.c +3 -3
- data/ext/enterprise_script_service/libseccomp/tools/check-syntax +1 -1
- data/ext/enterprise_script_service/libseccomp/tools/scmp_arch_detect.c +3 -0
- data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_disasm.c +4 -2
- data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_sim.c +2 -0
- data/ext/enterprise_script_service/libseccomp/tools/util.c +14 -12
- data/ext/enterprise_script_service/libseccomp/tools/util.h +7 -0
- data/ext/enterprise_script_service/mruby/.github/workflows/codeql-analysis.yml +51 -0
- data/ext/enterprise_script_service/mruby/Doxyfile +1 -1
- data/ext/enterprise_script_service/mruby/README.md +1 -1
- data/ext/enterprise_script_service/mruby/doc/guides/debugger.md +1 -1
- data/ext/enterprise_script_service/mruby/doc/limitations.md +10 -10
- data/ext/enterprise_script_service/mruby/include/mruby.h +13 -0
- data/ext/enterprise_script_service/mruby/include/mruby/boxing_word.h +0 -1
- data/ext/enterprise_script_service/mruby/include/mruby/proc.h +13 -8
- data/ext/enterprise_script_service/mruby/include/mruby/value.h +25 -29
- data/ext/enterprise_script_service/mruby/include/mruby/version.h +3 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/src/array.c +5 -8
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c +2 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mrbc/tools/mrbc/mrbc.c +17 -10
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/mrblib/complex.rb +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/src/complex.c +1 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-eval/src/eval.c +1 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-fiber/src/fiber.c +1 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-inline-struct/test/inline.c +3 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file.c +1 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file_test.c +9 -26
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/io.c +1 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-kernel-ext/src/kernel.c +6 -8
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/src/method.c +3 -4
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-objectspace/src/mruby_objectspace.c +0 -1
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-print/src/print.c +1 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-range-ext/src/range.c +1 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/mrblib/rational.rb +1 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/src/sprintf.c +3 -3
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-string-ext/src/string.c +1 -2
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-struct/src/struct.c +5 -11
- data/ext/enterprise_script_service/mruby/mrbgems/mruby-time/src/time.c +5 -10
- data/ext/enterprise_script_service/mruby/mrblib/00class.rb +10 -0
- data/ext/enterprise_script_service/mruby/src/array.c +14 -11
- data/ext/enterprise_script_service/mruby/src/class.c +22 -21
- data/ext/enterprise_script_service/mruby/src/error.c +1 -2
- data/ext/enterprise_script_service/mruby/src/etc.c +0 -1
- data/ext/enterprise_script_service/mruby/src/gc.c +5 -5
- data/ext/enterprise_script_service/mruby/src/hash.c +8 -15
- data/ext/enterprise_script_service/mruby/src/kernel.c +4 -7
- data/ext/enterprise_script_service/mruby/src/numeric.c +28 -60
- data/ext/enterprise_script_service/mruby/src/object.c +11 -1
- data/ext/enterprise_script_service/mruby/src/proc.c +7 -8
- data/ext/enterprise_script_service/mruby/src/range.c +4 -12
- data/ext/enterprise_script_service/mruby/src/string.c +24 -21
- data/ext/enterprise_script_service/mruby/src/symbol.c +1 -2
- data/ext/enterprise_script_service/mruby/src/vm.c +28 -24
- data/ext/enterprise_script_service/mruby/test/t/kernel.rb +7 -0
- data/lib/script_core/version.rb +1 -1
- metadata +45 -21
- data/ext/enterprise_script_service/libseccomp/src/arch-aarch64-syscalls.c +0 -559
- data/ext/enterprise_script_service/libseccomp/src/arch-arm-syscalls.c +0 -570
- data/ext/enterprise_script_service/libseccomp/src/arch-mips-syscalls.c +0 -562
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64-syscalls.c +0 -562
- data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32-syscalls.c +0 -562
- data/ext/enterprise_script_service/libseccomp/src/arch-parisc-syscalls.c +0 -542
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc-syscalls.c +0 -559
- data/ext/enterprise_script_service/libseccomp/src/arch-ppc64-syscalls.c +0 -559
- data/ext/enterprise_script_service/libseccomp/src/arch-s390-syscalls.c +0 -642
- data/ext/enterprise_script_service/libseccomp/src/arch-s390x-syscalls.c +0 -642
- data/ext/enterprise_script_service/libseccomp/src/arch-x32-syscalls.c +0 -558
- data/ext/enterprise_script_service/libseccomp/src/arch-x86-syscalls.c +0 -692
- data/ext/enterprise_script_service/libseccomp/src/arch-x86_64-syscalls.c +0 -559
- data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_whitelist.tests +0 -32
- data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_blacklist.tests +0 -32
@@ -22,16 +22,8 @@
|
|
22
22
|
#ifndef _ARCH_AARCH64_H
|
23
23
|
#define _ARCH_AARCH64_H
|
24
24
|
|
25
|
-
#include <inttypes.h>
|
26
|
-
|
27
25
|
#include "arch.h"
|
28
|
-
#include "system.h"
|
29
|
-
|
30
|
-
extern const struct arch_def arch_def_aarch64;
|
31
|
-
|
32
|
-
int aarch64_syscall_resolve_name(const char *name);
|
33
|
-
const char *aarch64_syscall_resolve_num(int num);
|
34
26
|
|
35
|
-
|
27
|
+
ARCH_DECL(aarch64)
|
36
28
|
|
37
29
|
#endif
|
@@ -26,13 +26,58 @@
|
|
26
26
|
#include "arch.h"
|
27
27
|
#include "arch-arm.h"
|
28
28
|
|
29
|
+
#define __SCMP_NR_OABI_SYSCALL_BASE 0x900000
|
30
|
+
#define __SCMP_ARM_NR_BASE 0x0f0000
|
31
|
+
|
32
|
+
/* NOTE: we currently only support the ARM EABI, more info at the URL below:
|
33
|
+
* -> http://wiki.embeddedarm.com/wiki/EABI_vs_OABI */
|
34
|
+
#if 1
|
35
|
+
#define __SCMP_NR_BASE 0
|
36
|
+
#else
|
37
|
+
#define __SCMP_NR_BASE __SCMP_NR_OABI_SYSCALL_BASE
|
38
|
+
#endif
|
39
|
+
|
40
|
+
/**
|
41
|
+
* Resolve a syscall name to a number
|
42
|
+
* @param name the syscall name
|
43
|
+
*
|
44
|
+
* Resolve the given syscall name to the syscall number using the syscall table.
|
45
|
+
* Returns the syscall number on success, including negative pseudo syscall
|
46
|
+
* numbers; returns __NR_SCMP_ERROR on failure.
|
47
|
+
*
|
48
|
+
*/
|
49
|
+
int arm_syscall_resolve_name_munge(const char *name)
|
50
|
+
{
|
51
|
+
int sys;
|
52
|
+
|
53
|
+
sys = arm_syscall_resolve_name(name);
|
54
|
+
if (sys == __NR_SCMP_ERROR)
|
55
|
+
return sys;
|
56
|
+
|
57
|
+
return (sys | __SCMP_NR_BASE);
|
58
|
+
}
|
59
|
+
|
60
|
+
/**
|
61
|
+
* Resolve a syscall number to a name
|
62
|
+
* @param num the syscall number
|
63
|
+
*
|
64
|
+
* Resolve the given syscall number to the syscall name using the syscall table.
|
65
|
+
* Returns a pointer to the syscall name string on success, including pseudo
|
66
|
+
* syscall names; returns NULL on failure.
|
67
|
+
*
|
68
|
+
*/
|
69
|
+
const char *arm_syscall_resolve_num_munge(int num)
|
70
|
+
{
|
71
|
+
return arm_syscall_resolve_num(num & (~__SCMP_NR_BASE));
|
72
|
+
}
|
73
|
+
|
29
74
|
const struct arch_def arch_def_arm = {
|
30
75
|
.token = SCMP_ARCH_ARM,
|
31
76
|
.token_bpf = AUDIT_ARCH_ARM,
|
32
77
|
.size = ARCH_SIZE_32,
|
33
78
|
.endian = ARCH_ENDIAN_LITTLE,
|
34
|
-
.syscall_resolve_name =
|
35
|
-
.syscall_resolve_num =
|
79
|
+
.syscall_resolve_name = arm_syscall_resolve_name_munge,
|
80
|
+
.syscall_resolve_num = arm_syscall_resolve_num_munge,
|
36
81
|
.syscall_rewrite = NULL,
|
37
82
|
.rule_add = NULL,
|
38
83
|
};
|
@@ -22,16 +22,8 @@
|
|
22
22
|
#ifndef _ARCH_ARM_H
|
23
23
|
#define _ARCH_ARM_H
|
24
24
|
|
25
|
-
#include <inttypes.h>
|
26
|
-
|
27
25
|
#include "arch.h"
|
28
|
-
#include "system.h"
|
29
|
-
|
30
|
-
extern const struct arch_def arch_def_arm;
|
31
|
-
|
32
|
-
int arm_syscall_resolve_name(const char *name);
|
33
|
-
const char *arm_syscall_resolve_num(int num);
|
34
26
|
|
35
|
-
|
27
|
+
ARCH_DECL(arm)
|
36
28
|
|
37
29
|
#endif
|
@@ -0,0 +1,40 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
# NOTE: changes to the arch_syscall_table struct in syscalls.h will affect
|
4
|
+
# this script/gperf - BEWARE!
|
5
|
+
|
6
|
+
###
|
7
|
+
# helper functions
|
8
|
+
|
9
|
+
function exit_usage() {
|
10
|
+
echo "usage: $0 <syscall_csv_file> <gperf_template>"
|
11
|
+
exit 1
|
12
|
+
}
|
13
|
+
|
14
|
+
###
|
15
|
+
# main
|
16
|
+
|
17
|
+
# sanity check
|
18
|
+
[[ ! -r "$1" || ! -r "$2" ]] && exit_usage
|
19
|
+
sys_csv=$1
|
20
|
+
gperf_tmpl=$2
|
21
|
+
|
22
|
+
sys_csv_tmp=$(mktemp -t generate_syscalls_XXXXXX)
|
23
|
+
|
24
|
+
# filter and prepare the syscall csv file
|
25
|
+
cat $sys_csv | grep -v '^#' | nl -ba -s, -v0 | \
|
26
|
+
sed -e 's/^[[:space:]]\+\([0-9]\+\),\([^,]\+\),\(.*\)/\2,\1,\3/' \
|
27
|
+
-e ':repeat; {s|\([^,]\+\)\(.*\)[^_]PNR|\1\2,__PNR_\1|g;}; t repeat' \
|
28
|
+
> $sys_csv_tmp
|
29
|
+
[[ $? -ne 0 ]] && exit 1
|
30
|
+
|
31
|
+
# create the gperf file
|
32
|
+
sed -e "/@@SYSCALLS_TABLE@@/r $sys_csv_tmp" \
|
33
|
+
-e '/@@SYSCALLS_TABLE@@/d' \
|
34
|
+
$gperf_tmpl > syscalls.perf
|
35
|
+
[[ $? -ne 0 ]] && exit 1
|
36
|
+
|
37
|
+
# cleanup
|
38
|
+
rm -f $sys_csv_tmp
|
39
|
+
|
40
|
+
exit 0
|
@@ -27,13 +27,50 @@
|
|
27
27
|
#include "arch.h"
|
28
28
|
#include "arch-mips.h"
|
29
29
|
|
30
|
+
/* O32 ABI */
|
31
|
+
#define __SCMP_NR_BASE 4000
|
32
|
+
|
33
|
+
/**
|
34
|
+
* Resolve a syscall name to a number
|
35
|
+
* @param name the syscall name
|
36
|
+
*
|
37
|
+
* Resolve the given syscall name to the syscall number using the syscall table.
|
38
|
+
* Returns the syscall number on success, including negative pseudo syscall
|
39
|
+
* numbers; returns __NR_SCMP_ERROR on failure.
|
40
|
+
*
|
41
|
+
*/
|
42
|
+
int mips_syscall_resolve_name_munge(const char *name)
|
43
|
+
{
|
44
|
+
int sys;
|
45
|
+
|
46
|
+
sys = mips_syscall_resolve_name(name);
|
47
|
+
if (sys == __NR_SCMP_ERROR)
|
48
|
+
return sys;
|
49
|
+
|
50
|
+
return sys + __SCMP_NR_BASE;
|
51
|
+
}
|
52
|
+
|
53
|
+
/**
|
54
|
+
* Resolve a syscall number to a name
|
55
|
+
* @param num the syscall number
|
56
|
+
*
|
57
|
+
* Resolve the given syscall number to the syscall name using the syscall table.
|
58
|
+
* Returns a pointer to the syscall name string on success, including pseudo
|
59
|
+
* syscall names; returns NULL on failure.
|
60
|
+
*
|
61
|
+
*/
|
62
|
+
const char *mips_syscall_resolve_num_munge(int num)
|
63
|
+
{
|
64
|
+
return mips_syscall_resolve_num(num - __SCMP_NR_BASE);
|
65
|
+
}
|
66
|
+
|
30
67
|
const struct arch_def arch_def_mips = {
|
31
68
|
.token = SCMP_ARCH_MIPS,
|
32
69
|
.token_bpf = AUDIT_ARCH_MIPS,
|
33
70
|
.size = ARCH_SIZE_32,
|
34
71
|
.endian = ARCH_ENDIAN_BIG,
|
35
|
-
.syscall_resolve_name =
|
36
|
-
.syscall_resolve_num =
|
72
|
+
.syscall_resolve_name = mips_syscall_resolve_name_munge,
|
73
|
+
.syscall_resolve_num = mips_syscall_resolve_num_munge,
|
37
74
|
.syscall_rewrite = NULL,
|
38
75
|
.rule_add = NULL,
|
39
76
|
};
|
@@ -43,8 +80,8 @@ const struct arch_def arch_def_mipsel = {
|
|
43
80
|
.token_bpf = AUDIT_ARCH_MIPSEL,
|
44
81
|
.size = ARCH_SIZE_32,
|
45
82
|
.endian = ARCH_ENDIAN_LITTLE,
|
46
|
-
.syscall_resolve_name =
|
47
|
-
.syscall_resolve_num =
|
83
|
+
.syscall_resolve_name = mips_syscall_resolve_name_munge,
|
84
|
+
.syscall_resolve_num = mips_syscall_resolve_num_munge,
|
48
85
|
.syscall_rewrite = NULL,
|
49
86
|
.rule_add = NULL,
|
50
87
|
};
|
@@ -23,17 +23,9 @@
|
|
23
23
|
#ifndef _ARCH_MIPS_H
|
24
24
|
#define _ARCH_MIPS_H
|
25
25
|
|
26
|
-
#include <inttypes.h>
|
27
|
-
|
28
26
|
#include "arch.h"
|
29
|
-
#include "system.h"
|
30
|
-
|
31
|
-
extern const struct arch_def arch_def_mips;
|
32
|
-
extern const struct arch_def arch_def_mipsel;
|
33
|
-
|
34
|
-
int mips_syscall_resolve_name(const char *name);
|
35
|
-
const char *mips_syscall_resolve_num(int num);
|
36
27
|
|
37
|
-
|
28
|
+
ARCH_DECL(mips)
|
29
|
+
ARCH_DECL(mipsel)
|
38
30
|
|
39
31
|
#endif
|
@@ -25,13 +25,50 @@
|
|
25
25
|
#include "arch.h"
|
26
26
|
#include "arch-mips64.h"
|
27
27
|
|
28
|
+
/* 64 ABI */
|
29
|
+
#define __SCMP_NR_BASE 5000
|
30
|
+
|
31
|
+
/**
|
32
|
+
* Resolve a syscall name to a number
|
33
|
+
* @param name the syscall name
|
34
|
+
*
|
35
|
+
* Resolve the given syscall name to the syscall number using the syscall table.
|
36
|
+
* Returns the syscall number on success, including negative pseudo syscall
|
37
|
+
* numbers; returns __NR_SCMP_ERROR on failure.
|
38
|
+
*
|
39
|
+
*/
|
40
|
+
int mips64_syscall_resolve_name_munge(const char *name)
|
41
|
+
{
|
42
|
+
int sys;
|
43
|
+
|
44
|
+
sys = mips64_syscall_resolve_name(name);
|
45
|
+
if (sys == __NR_SCMP_ERROR)
|
46
|
+
return sys;
|
47
|
+
|
48
|
+
return sys + __SCMP_NR_BASE;
|
49
|
+
}
|
50
|
+
|
51
|
+
/**
|
52
|
+
* Resolve a syscall number to a name
|
53
|
+
* @param num the syscall number
|
54
|
+
*
|
55
|
+
* Resolve the given syscall number to the syscall name using the syscall table.
|
56
|
+
* Returns a pointer to the syscall name string on success, including pseudo
|
57
|
+
* syscall names; returns NULL on failure.
|
58
|
+
*
|
59
|
+
*/
|
60
|
+
const char *mips64_syscall_resolve_num_munge(int num)
|
61
|
+
{
|
62
|
+
return mips64_syscall_resolve_num(num - __SCMP_NR_BASE);
|
63
|
+
}
|
64
|
+
|
28
65
|
const struct arch_def arch_def_mips64 = {
|
29
66
|
.token = SCMP_ARCH_MIPS64,
|
30
67
|
.token_bpf = AUDIT_ARCH_MIPS64,
|
31
68
|
.size = ARCH_SIZE_64,
|
32
69
|
.endian = ARCH_ENDIAN_BIG,
|
33
|
-
.syscall_resolve_name =
|
34
|
-
.syscall_resolve_num =
|
70
|
+
.syscall_resolve_name = mips64_syscall_resolve_name_munge,
|
71
|
+
.syscall_resolve_num = mips64_syscall_resolve_num_munge,
|
35
72
|
.syscall_rewrite = NULL,
|
36
73
|
.rule_add = NULL,
|
37
74
|
};
|
@@ -41,8 +78,8 @@ const struct arch_def arch_def_mipsel64 = {
|
|
41
78
|
.token_bpf = AUDIT_ARCH_MIPSEL64,
|
42
79
|
.size = ARCH_SIZE_64,
|
43
80
|
.endian = ARCH_ENDIAN_LITTLE,
|
44
|
-
.syscall_resolve_name =
|
45
|
-
.syscall_resolve_num =
|
81
|
+
.syscall_resolve_name = mips64_syscall_resolve_name_munge,
|
82
|
+
.syscall_resolve_num = mips64_syscall_resolve_num_munge,
|
46
83
|
.syscall_rewrite = NULL,
|
47
84
|
.rule_add = NULL,
|
48
85
|
};
|
@@ -23,17 +23,9 @@
|
|
23
23
|
#ifndef _ARCH_MIPS64_H
|
24
24
|
#define _ARCH_MIPS64_H
|
25
25
|
|
26
|
-
#include <inttypes.h>
|
27
|
-
|
28
26
|
#include "arch.h"
|
29
|
-
#include "system.h"
|
30
|
-
|
31
|
-
extern const struct arch_def arch_def_mips64;
|
32
|
-
extern const struct arch_def arch_def_mipsel64;
|
33
|
-
|
34
|
-
int mips64_syscall_resolve_name(const char *name);
|
35
|
-
const char *mips64_syscall_resolve_num(int num);
|
36
27
|
|
37
|
-
|
28
|
+
ARCH_DECL(mips64)
|
29
|
+
ARCH_DECL(mipsel64)
|
38
30
|
|
39
|
-
#endif
|
31
|
+
#endif
|
@@ -27,13 +27,50 @@
|
|
27
27
|
#include "arch.h"
|
28
28
|
#include "arch-mips64n32.h"
|
29
29
|
|
30
|
+
/* N32 ABI */
|
31
|
+
#define __SCMP_NR_BASE 6000
|
32
|
+
|
33
|
+
/**
|
34
|
+
* Resolve a syscall name to a number
|
35
|
+
* @param name the syscall name
|
36
|
+
*
|
37
|
+
* Resolve the given syscall name to the syscall number using the syscall table.
|
38
|
+
* Returns the syscall number on success, including negative pseudo syscall
|
39
|
+
* numbers; returns __NR_SCMP_ERROR on failure.
|
40
|
+
*
|
41
|
+
*/
|
42
|
+
int mips64n32_syscall_resolve_name_munge(const char *name)
|
43
|
+
{
|
44
|
+
int sys;
|
45
|
+
|
46
|
+
sys = mips64n32_syscall_resolve_name(name);
|
47
|
+
if (sys == __NR_SCMP_ERROR)
|
48
|
+
return sys;
|
49
|
+
|
50
|
+
return sys + __SCMP_NR_BASE;
|
51
|
+
}
|
52
|
+
|
53
|
+
/**
|
54
|
+
* Resolve a syscall number to a name
|
55
|
+
* @param num the syscall number
|
56
|
+
*
|
57
|
+
* Resolve the given syscall number to the syscall name using the syscall table.
|
58
|
+
* Returns a pointer to the syscall name string on success, including pseudo
|
59
|
+
* syscall names; returns NULL on failure.
|
60
|
+
*
|
61
|
+
*/
|
62
|
+
const char *mips64n32_syscall_resolve_num_munge(int num)
|
63
|
+
{
|
64
|
+
return mips64n32_syscall_resolve_num(num - __SCMP_NR_BASE);
|
65
|
+
}
|
66
|
+
|
30
67
|
const struct arch_def arch_def_mips64n32 = {
|
31
68
|
.token = SCMP_ARCH_MIPS64N32,
|
32
69
|
.token_bpf = AUDIT_ARCH_MIPS64N32,
|
33
70
|
.size = ARCH_SIZE_32,
|
34
71
|
.endian = ARCH_ENDIAN_BIG,
|
35
|
-
.syscall_resolve_name =
|
36
|
-
.syscall_resolve_num =
|
72
|
+
.syscall_resolve_name = mips64n32_syscall_resolve_name_munge,
|
73
|
+
.syscall_resolve_num = mips64n32_syscall_resolve_num_munge,
|
37
74
|
.syscall_rewrite = NULL,
|
38
75
|
.rule_add = NULL,
|
39
76
|
};
|
@@ -43,8 +80,8 @@ const struct arch_def arch_def_mipsel64n32 = {
|
|
43
80
|
.token_bpf = AUDIT_ARCH_MIPSEL64N32,
|
44
81
|
.size = ARCH_SIZE_32,
|
45
82
|
.endian = ARCH_ENDIAN_LITTLE,
|
46
|
-
.syscall_resolve_name =
|
47
|
-
.syscall_resolve_num =
|
83
|
+
.syscall_resolve_name = mips64n32_syscall_resolve_name_munge,
|
84
|
+
.syscall_resolve_num = mips64n32_syscall_resolve_num_munge,
|
48
85
|
.syscall_rewrite = NULL,
|
49
86
|
.rule_add = NULL,
|
50
87
|
};
|
@@ -23,17 +23,9 @@
|
|
23
23
|
#ifndef _ARCH_MIPS64N32_H
|
24
24
|
#define _ARCH_MIPS64N32_H
|
25
25
|
|
26
|
-
#include <inttypes.h>
|
27
|
-
|
28
26
|
#include "arch.h"
|
29
|
-
#include "system.h"
|
30
|
-
|
31
|
-
extern const struct arch_def arch_def_mips64n32;
|
32
|
-
extern const struct arch_def arch_def_mipsel64n32;
|
33
|
-
|
34
|
-
int mips64n32_syscall_resolve_name(const char *name);
|
35
|
-
const char *mips64n32_syscall_resolve_num(int num);
|
36
27
|
|
37
|
-
|
28
|
+
ARCH_DECL(mips64n32)
|
29
|
+
ARCH_DECL(mipsel64n32)
|
38
30
|
|
39
31
|
#endif
|
@@ -22,17 +22,8 @@
|
|
22
22
|
#ifndef _ARCH_PARISC_H
|
23
23
|
#define _ARCH_PARISC_H
|
24
24
|
|
25
|
-
#include <inttypes.h>
|
26
|
-
|
27
25
|
#include "arch.h"
|
28
|
-
#include "system.h"
|
29
|
-
|
30
|
-
extern const struct arch_def arch_def_parisc;
|
31
|
-
extern const struct arch_def arch_def_parisc64;
|
32
|
-
|
33
|
-
int parisc_syscall_resolve_name(const char *name);
|
34
|
-
const char *parisc_syscall_resolve_num(int num);
|
35
26
|
|
36
|
-
|
27
|
+
ARCH_DECL(parisc)
|
37
28
|
|
38
29
|
#endif
|
@@ -8,15 +8,15 @@
|
|
8
8
|
#include <linux/audit.h>
|
9
9
|
|
10
10
|
#include "arch.h"
|
11
|
-
#include "arch-
|
11
|
+
#include "arch-parisc64.h"
|
12
12
|
|
13
13
|
const struct arch_def arch_def_parisc64 = {
|
14
14
|
.token = SCMP_ARCH_PARISC64,
|
15
15
|
.token_bpf = AUDIT_ARCH_PARISC64,
|
16
16
|
.size = ARCH_SIZE_64,
|
17
17
|
.endian = ARCH_ENDIAN_BIG,
|
18
|
-
.syscall_resolve_name =
|
19
|
-
.syscall_resolve_num =
|
18
|
+
.syscall_resolve_name = parisc64_syscall_resolve_name,
|
19
|
+
.syscall_resolve_num = parisc64_syscall_resolve_num,
|
20
20
|
.syscall_rewrite = NULL,
|
21
21
|
.rule_add = NULL,
|
22
22
|
};
|
@@ -0,0 +1,29 @@
|
|
1
|
+
/**
|
2
|
+
* Enhanced Seccomp PARISC Specific Code
|
3
|
+
*
|
4
|
+
* Copyright (c) 2016 Helge Deller <deller@gmx.de>
|
5
|
+
*
|
6
|
+
*/
|
7
|
+
|
8
|
+
/*
|
9
|
+
* This library is free software; you can redistribute it and/or modify it
|
10
|
+
* under the terms of version 2.1 of the GNU Lesser General Public License as
|
11
|
+
* published by the Free Software Foundation.
|
12
|
+
*
|
13
|
+
* This library is distributed in the hope that it will be useful, but WITHOUT
|
14
|
+
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
15
|
+
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
|
16
|
+
* for more details.
|
17
|
+
*
|
18
|
+
* You should have received a copy of the GNU Lesser General Public License
|
19
|
+
* along with this library; if not, see <http://www.gnu.org/licenses>.
|
20
|
+
*/
|
21
|
+
|
22
|
+
#ifndef _ARCH_PARISC64_H
|
23
|
+
#define _ARCH_PARISC64_H
|
24
|
+
|
25
|
+
#include "arch.h"
|
26
|
+
|
27
|
+
ARCH_DECL(parisc64)
|
28
|
+
|
29
|
+
#endif
|