RubyGems - script_core - Versions diffs - 0.2.6 → 0.2.7 - Mend

script_core 0.2.6 → 0.2.7

Files changed (191) hide show

data/ext/enterprise_script_service/libseccomp/src/arch-aarch64.h CHANGED

@@ -22,16 +22,8 @@
 #ifndef _ARCH_AARCH64_H
 #define _ARCH_AARCH64_H
-#include <inttypes.h>
 #include "arch.h"
-#include "system.h"
-extern const struct arch_def arch_def_aarch64;
-int aarch64_syscall_resolve_name(const char *name);
-const char *aarch64_syscall_resolve_num(int num);
-const struct arch_syscall_def *aarch64_syscall_iterate(unsigned int spot);
+ARCH_DECL(aarch64)
 #endif

data/ext/enterprise_script_service/libseccomp/src/arch-arm.c CHANGED

@@ -26,13 +26,58 @@
 #include "arch.h"
 #include "arch-arm.h"
+#define __SCMP_NR_OABI_SYSCALL_BASE     0x900000
+#define __SCMP_ARM_NR_BASE              0x0f0000
+/* NOTE: we currently only support the ARM EABI, more info at the URL below:
+ *       -> http://wiki.embeddedarm.com/wiki/EABI_vs_OABI */
+#if 1
+#define __SCMP_NR_BASE                  0
+#else
+#define __SCMP_NR_BASE                  __SCMP_NR_OABI_SYSCALL_BASE
+#endif
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int arm_syscall_resolve_name_munge(const char *name)
+{
+	int sys;
+	sys = arm_syscall_resolve_name(name);
+	if (sys == __NR_SCMP_ERROR)
+		return sys;
+	return (sys | __SCMP_NR_BASE);
+}
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the syscall table.
+ * Returns a pointer to the syscall name string on success, including pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *arm_syscall_resolve_num_munge(int num)
+{
+	return arm_syscall_resolve_num(num & (~__SCMP_NR_BASE));
+}
 const struct arch_def arch_def_arm = {
 	.token = SCMP_ARCH_ARM,
 	.token_bpf = AUDIT_ARCH_ARM,
 	.size = ARCH_SIZE_32,
 	.endian = ARCH_ENDIAN_LITTLE,
-	.syscall_resolve_name = arm_syscall_resolve_name,
-	.syscall_resolve_num = arm_syscall_resolve_num,
+	.syscall_resolve_name = arm_syscall_resolve_name_munge,
+	.syscall_resolve_num = arm_syscall_resolve_num_munge,
 	.syscall_rewrite = NULL,
 	.rule_add = NULL,
 };

data/ext/enterprise_script_service/libseccomp/src/arch-arm.h CHANGED

@@ -22,16 +22,8 @@
 #ifndef _ARCH_ARM_H
 #define _ARCH_ARM_H
-#include <inttypes.h>
 #include "arch.h"
-#include "system.h"
-extern const struct arch_def arch_def_arm;
-int arm_syscall_resolve_name(const char *name);
-const char *arm_syscall_resolve_num(int num);
-const struct arch_syscall_def *arm_syscall_iterate(unsigned int spot);
+ARCH_DECL(arm)
 #endif

data/ext/enterprise_script_service/libseccomp/src/arch-gperf-generate ADDED

@@ -0,0 +1,40 @@
+#!/bin/bash
+# NOTE: changes to the arch_syscall_table struct in syscalls.h will affect
+#       this script/gperf - BEWARE!
+###
+# helper functions
+function exit_usage() {
+	echo "usage: $0 <syscall_csv_file> <gperf_template>"
+	exit 1
+}
+###
+# main
+# sanity check
+[[ ! -r "$1" || ! -r "$2" ]] && exit_usage
+sys_csv=$1
+gperf_tmpl=$2
+sys_csv_tmp=$(mktemp -t generate_syscalls_XXXXXX)
+# filter and prepare the syscall csv file
+cat $sys_csv | grep -v '^#' | nl -ba -s, -v0 | \
+    sed -e 's/^[[:space:]]\+\([0-9]\+\),\([^,]\+\),\(.*\)/\2,\1,\3/' \
+        -e ':repeat; {s|\([^,]\+\)\(.*\)[^_]PNR|\1\2,__PNR_\1|g;}; t repeat' \
+         > $sys_csv_tmp
+[[ $? -ne 0 ]] && exit 1
+# create the gperf file
+sed -e "/@@SYSCALLS_TABLE@@/r $sys_csv_tmp" \
+    -e '/@@SYSCALLS_TABLE@@/d' \
+    $gperf_tmpl > syscalls.perf
+[[ $? -ne 0 ]] && exit 1
+# cleanup
+rm -f $sys_csv_tmp
+exit 0

data/ext/enterprise_script_service/libseccomp/src/arch-mips.c CHANGED

@@ -27,13 +27,50 @@
 #include "arch.h"
 #include "arch-mips.h"
+/* O32 ABI */
+#define __SCMP_NR_BASE			4000
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int mips_syscall_resolve_name_munge(const char *name)
+{
+	int sys;
+	sys = mips_syscall_resolve_name(name);
+	if (sys == __NR_SCMP_ERROR)
+		return sys;
+	return sys + __SCMP_NR_BASE;
+}
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the syscall table.
+ * Returns a pointer to the syscall name string on success, including pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *mips_syscall_resolve_num_munge(int num)
+{
+	return mips_syscall_resolve_num(num - __SCMP_NR_BASE);
+}
 const struct arch_def arch_def_mips = {
 	.token = SCMP_ARCH_MIPS,
 	.token_bpf = AUDIT_ARCH_MIPS,
 	.size = ARCH_SIZE_32,
 	.endian = ARCH_ENDIAN_BIG,
-	.syscall_resolve_name = mips_syscall_resolve_name,
-	.syscall_resolve_num = mips_syscall_resolve_num,
+	.syscall_resolve_name = mips_syscall_resolve_name_munge,
+	.syscall_resolve_num = mips_syscall_resolve_num_munge,
 	.syscall_rewrite = NULL,
 	.rule_add = NULL,
 };
@@ -43,8 +80,8 @@ const struct arch_def arch_def_mipsel = {
 	.token_bpf = AUDIT_ARCH_MIPSEL,
 	.size = ARCH_SIZE_32,
 	.endian = ARCH_ENDIAN_LITTLE,
-	.syscall_resolve_name = mips_syscall_resolve_name,
-	.syscall_resolve_num = mips_syscall_resolve_num,
+	.syscall_resolve_name = mips_syscall_resolve_name_munge,
+	.syscall_resolve_num = mips_syscall_resolve_num_munge,
 	.syscall_rewrite = NULL,
 	.rule_add = NULL,
 };

data/ext/enterprise_script_service/libseccomp/src/arch-mips.h CHANGED

@@ -23,17 +23,9 @@
 #ifndef _ARCH_MIPS_H
 #define _ARCH_MIPS_H
-#include <inttypes.h>
 #include "arch.h"
-#include "system.h"
-extern const struct arch_def arch_def_mips;
-extern const struct arch_def arch_def_mipsel;
-int mips_syscall_resolve_name(const char *name);
-const char *mips_syscall_resolve_num(int num);
-const struct arch_syscall_def *mips_syscall_iterate(unsigned int spot);
+ARCH_DECL(mips)
+ARCH_DECL(mipsel)
 #endif

data/ext/enterprise_script_service/libseccomp/src/arch-mips64.c CHANGED

@@ -25,13 +25,50 @@
 #include "arch.h"
 #include "arch-mips64.h"
+/* 64 ABI */
+#define __SCMP_NR_BASE			5000
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int mips64_syscall_resolve_name_munge(const char *name)
+{
+	int sys;
+	sys = mips64_syscall_resolve_name(name);
+	if (sys == __NR_SCMP_ERROR)
+		return sys;
+	return sys + __SCMP_NR_BASE;
+}
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the syscall table.
+ * Returns a pointer to the syscall name string on success, including pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *mips64_syscall_resolve_num_munge(int num)
+{
+	return mips64_syscall_resolve_num(num - __SCMP_NR_BASE);
+}
 const struct arch_def arch_def_mips64 = {
 	.token = SCMP_ARCH_MIPS64,
 	.token_bpf = AUDIT_ARCH_MIPS64,
 	.size = ARCH_SIZE_64,
 	.endian = ARCH_ENDIAN_BIG,
-	.syscall_resolve_name = mips64_syscall_resolve_name,
-	.syscall_resolve_num = mips64_syscall_resolve_num,
+	.syscall_resolve_name = mips64_syscall_resolve_name_munge,
+	.syscall_resolve_num = mips64_syscall_resolve_num_munge,
 	.syscall_rewrite = NULL,
 	.rule_add = NULL,
 };
@@ -41,8 +78,8 @@ const struct arch_def arch_def_mipsel64 = {
 	.token_bpf = AUDIT_ARCH_MIPSEL64,
 	.size = ARCH_SIZE_64,
 	.endian = ARCH_ENDIAN_LITTLE,
-	.syscall_resolve_name = mips64_syscall_resolve_name,
-	.syscall_resolve_num = mips64_syscall_resolve_num,
+	.syscall_resolve_name = mips64_syscall_resolve_name_munge,
+	.syscall_resolve_num = mips64_syscall_resolve_num_munge,
 	.syscall_rewrite = NULL,
 	.rule_add = NULL,
 };

data/ext/enterprise_script_service/libseccomp/src/arch-mips64.h CHANGED

@@ -23,17 +23,9 @@
 #ifndef _ARCH_MIPS64_H
 #define _ARCH_MIPS64_H
-#include <inttypes.h>
 #include "arch.h"
-#include "system.h"
-extern const struct arch_def arch_def_mips64;
-extern const struct arch_def arch_def_mipsel64;
-int mips64_syscall_resolve_name(const char *name);
-const char *mips64_syscall_resolve_num(int num);
-const struct arch_syscall_def *mips64_syscall_iterate(unsigned int spot);
+ARCH_DECL(mips64)
+ARCH_DECL(mipsel64)
-#endif
+#endif

data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.c CHANGED

@@ -27,13 +27,50 @@
 #include "arch.h"
 #include "arch-mips64n32.h"
+/* N32 ABI */
+#define __SCMP_NR_BASE			6000
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int mips64n32_syscall_resolve_name_munge(const char *name)
+{
+	int sys;
+	sys = mips64n32_syscall_resolve_name(name);
+	if (sys == __NR_SCMP_ERROR)
+		return sys;
+	return sys + __SCMP_NR_BASE;
+}
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the syscall table.
+ * Returns a pointer to the syscall name string on success, including pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *mips64n32_syscall_resolve_num_munge(int num)
+{
+	return mips64n32_syscall_resolve_num(num - __SCMP_NR_BASE);
+}
 const struct arch_def arch_def_mips64n32 = {
 	.token = SCMP_ARCH_MIPS64N32,
 	.token_bpf = AUDIT_ARCH_MIPS64N32,
 	.size = ARCH_SIZE_32,
 	.endian = ARCH_ENDIAN_BIG,
-	.syscall_resolve_name = mips64n32_syscall_resolve_name,
-	.syscall_resolve_num = mips64n32_syscall_resolve_num,
+	.syscall_resolve_name = mips64n32_syscall_resolve_name_munge,
+	.syscall_resolve_num = mips64n32_syscall_resolve_num_munge,
 	.syscall_rewrite = NULL,
 	.rule_add = NULL,
 };
@@ -43,8 +80,8 @@ const struct arch_def arch_def_mipsel64n32 = {
 	.token_bpf = AUDIT_ARCH_MIPSEL64N32,
 	.size = ARCH_SIZE_32,
 	.endian = ARCH_ENDIAN_LITTLE,
-	.syscall_resolve_name = mips64n32_syscall_resolve_name,
-	.syscall_resolve_num = mips64n32_syscall_resolve_num,
+	.syscall_resolve_name = mips64n32_syscall_resolve_name_munge,
+	.syscall_resolve_num = mips64n32_syscall_resolve_num_munge,
 	.syscall_rewrite = NULL,
 	.rule_add = NULL,
 };

data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.h CHANGED

@@ -23,17 +23,9 @@
 #ifndef _ARCH_MIPS64N32_H
 #define _ARCH_MIPS64N32_H
-#include <inttypes.h>
 #include "arch.h"
-#include "system.h"
-extern const struct arch_def arch_def_mips64n32;
-extern const struct arch_def arch_def_mipsel64n32;
-int mips64n32_syscall_resolve_name(const char *name);
-const char *mips64n32_syscall_resolve_num(int num);
-const struct arch_syscall_def *mips64n32_syscall_iterate(unsigned int spot);
+ARCH_DECL(mips64n32)
+ARCH_DECL(mipsel64n32)
 #endif

data/ext/enterprise_script_service/libseccomp/src/arch-parisc.h CHANGED

@@ -22,17 +22,8 @@
 #ifndef _ARCH_PARISC_H
 #define _ARCH_PARISC_H
-#include <inttypes.h>
 #include "arch.h"
-#include "system.h"
-extern const struct arch_def arch_def_parisc;
-extern const struct arch_def arch_def_parisc64;
-int parisc_syscall_resolve_name(const char *name);
-const char *parisc_syscall_resolve_num(int num);
-const struct arch_syscall_def *parisc_syscall_iterate(unsigned int spot);
+ARCH_DECL(parisc)
 #endif

data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.c CHANGED

@@ -8,15 +8,15 @@
 #include <linux/audit.h>
 #include "arch.h"
-#include "arch-parisc.h"
+#include "arch-parisc64.h"
 const struct arch_def arch_def_parisc64 = {
 	.token = SCMP_ARCH_PARISC64,
 	.token_bpf = AUDIT_ARCH_PARISC64,
 	.size = ARCH_SIZE_64,
 	.endian = ARCH_ENDIAN_BIG,
-	.syscall_resolve_name = parisc_syscall_resolve_name,
-	.syscall_resolve_num = parisc_syscall_resolve_num,
+	.syscall_resolve_name = parisc64_syscall_resolve_name,
+	.syscall_resolve_num = parisc64_syscall_resolve_num,
 	.syscall_rewrite = NULL,
 	.rule_add = NULL,
 };

data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.h ADDED

@@ -0,0 +1,29 @@
+/**
+ * Enhanced Seccomp PARISC Specific Code
+ *
+ * Copyright (c) 2016 Helge Deller <deller@gmx.de>
+ *
+ */
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+#ifndef _ARCH_PARISC64_H
+#define _ARCH_PARISC64_H
+#include "arch.h"
+ARCH_DECL(parisc64)
+#endif