script_core 0.2.6 → 0.2.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (191) hide show
  1. checksums.yaml +4 -4
  2. data/ext/enterprise_script_service/libseccomp/.travis.yml +21 -7
  3. data/ext/enterprise_script_service/libseccomp/CHANGELOG +22 -0
  4. data/ext/enterprise_script_service/libseccomp/CONTRIBUTING.md +37 -26
  5. data/ext/enterprise_script_service/libseccomp/CREDITS +8 -0
  6. data/ext/enterprise_script_service/libseccomp/README.md +3 -1
  7. data/ext/enterprise_script_service/libseccomp/configure.ac +13 -8
  8. data/ext/enterprise_script_service/libseccomp/doc/Makefile.am +6 -0
  9. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_api_get.3 +12 -2
  10. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_arch_add.3 +38 -6
  11. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_attr_set.3 +53 -2
  12. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_export_bpf.3 +20 -2
  13. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_init.3 +9 -2
  14. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_load.3 +32 -2
  15. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_merge.3 +16 -2
  16. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_alloc.3 +113 -0
  17. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_fd.3 +1 -0
  18. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_free.3 +1 -0
  19. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_id_valid.3 +1 -0
  20. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_receive.3 +1 -0
  21. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_notify_respond.3 +1 -0
  22. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_rule_add.3 +64 -3
  23. data/ext/enterprise_script_service/libseccomp/doc/man/man3/seccomp_syscall_priority.3 +18 -3
  24. data/ext/enterprise_script_service/libseccomp/include/seccomp-syscalls.h +12 -0
  25. data/ext/enterprise_script_service/libseccomp/include/seccomp.h.in +116 -0
  26. data/ext/enterprise_script_service/libseccomp/src/.gitignore +2 -0
  27. data/ext/enterprise_script_service/libseccomp/src/Makefile.am +31 -17
  28. data/ext/enterprise_script_service/libseccomp/src/api.c +254 -58
  29. data/ext/enterprise_script_service/libseccomp/src/arch-aarch64.h +1 -9
  30. data/ext/enterprise_script_service/libseccomp/src/arch-arm.c +47 -2
  31. data/ext/enterprise_script_service/libseccomp/src/arch-arm.h +1 -9
  32. data/ext/enterprise_script_service/libseccomp/src/arch-gperf-generate +40 -0
  33. data/ext/enterprise_script_service/libseccomp/src/arch-mips.c +41 -4
  34. data/ext/enterprise_script_service/libseccomp/src/arch-mips.h +2 -10
  35. data/ext/enterprise_script_service/libseccomp/src/arch-mips64.c +41 -4
  36. data/ext/enterprise_script_service/libseccomp/src/arch-mips64.h +3 -11
  37. data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.c +41 -4
  38. data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32.h +2 -10
  39. data/ext/enterprise_script_service/libseccomp/src/arch-parisc.h +1 -10
  40. data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.c +3 -3
  41. data/ext/enterprise_script_service/libseccomp/src/arch-parisc64.h +29 -0
  42. data/ext/enterprise_script_service/libseccomp/src/arch-ppc.h +1 -9
  43. data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.c +606 -8
  44. data/ext/enterprise_script_service/libseccomp/src/arch-ppc64.h +2 -10
  45. data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.c +31 -0
  46. data/ext/enterprise_script_service/libseccomp/src/arch-riscv64.h +22 -0
  47. data/ext/enterprise_script_service/libseccomp/src/arch-s390.c +171 -12
  48. data/ext/enterprise_script_service/libseccomp/src/arch-s390.h +1 -17
  49. data/ext/enterprise_script_service/libseccomp/src/arch-s390x.c +166 -10
  50. data/ext/enterprise_script_service/libseccomp/src/arch-s390x.h +1 -20
  51. data/ext/enterprise_script_service/libseccomp/src/arch-syscall-dump.c +8 -1
  52. data/ext/enterprise_script_service/libseccomp/src/arch-syscall-validate +359 -143
  53. data/ext/enterprise_script_service/libseccomp/src/arch-x32.c +36 -2
  54. data/ext/enterprise_script_service/libseccomp/src/arch-x32.h +2 -10
  55. data/ext/enterprise_script_service/libseccomp/src/arch-x86.c +172 -10
  56. data/ext/enterprise_script_service/libseccomp/src/arch-x86.h +1 -14
  57. data/ext/enterprise_script_service/libseccomp/src/arch-x86_64.h +1 -9
  58. data/ext/enterprise_script_service/libseccomp/src/arch.c +11 -3
  59. data/ext/enterprise_script_service/libseccomp/src/arch.h +7 -0
  60. data/ext/enterprise_script_service/libseccomp/src/db.c +268 -57
  61. data/ext/enterprise_script_service/libseccomp/src/db.h +16 -2
  62. data/ext/enterprise_script_service/libseccomp/src/gen_bpf.c +503 -148
  63. data/ext/enterprise_script_service/libseccomp/src/gen_bpf.h +2 -1
  64. data/ext/enterprise_script_service/libseccomp/src/gen_pfc.c +165 -37
  65. data/ext/enterprise_script_service/libseccomp/src/python/libseccomp.pxd +37 -1
  66. data/ext/enterprise_script_service/libseccomp/src/python/seccomp.pyx +295 -5
  67. data/ext/enterprise_script_service/libseccomp/src/syscalls.c +56 -0
  68. data/ext/enterprise_script_service/libseccomp/src/syscalls.csv +470 -0
  69. data/ext/enterprise_script_service/libseccomp/src/syscalls.h +62 -0
  70. data/ext/enterprise_script_service/libseccomp/src/syscalls.perf.template +82 -0
  71. data/ext/enterprise_script_service/libseccomp/src/system.c +196 -16
  72. data/ext/enterprise_script_service/libseccomp/src/system.h +68 -13
  73. data/ext/enterprise_script_service/libseccomp/tests/.gitignore +9 -2
  74. data/ext/enterprise_script_service/libseccomp/tests/06-sim-actions.tests +1 -1
  75. data/ext/enterprise_script_service/libseccomp/tests/11-basic-basic_errors.c +5 -5
  76. data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.c +35 -1
  77. data/ext/enterprise_script_service/libseccomp/tests/13-basic-attrs.py +10 -1
  78. data/ext/enterprise_script_service/libseccomp/tests/15-basic-resolver.c +1 -0
  79. data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.c +12 -0
  80. data/ext/enterprise_script_service/libseccomp/tests/16-sim-arch_basic.py +1 -0
  81. data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.c → 18-sim-basic_allowlist.c} +0 -0
  82. data/ext/enterprise_script_service/libseccomp/tests/{18-sim-basic_whitelist.py → 18-sim-basic_allowlist.py} +0 -0
  83. data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_allowlist.tests +32 -0
  84. data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.c +3 -0
  85. data/ext/enterprise_script_service/libseccomp/tests/23-sim-arch_all_le_basic.py +1 -0
  86. data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.c +3 -0
  87. data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.py +1 -0
  88. data/ext/enterprise_script_service/libseccomp/tests/30-sim-socket_syscalls.tests +33 -17
  89. data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.c → 34-sim-basic_denylist.c} +0 -0
  90. data/ext/enterprise_script_service/libseccomp/tests/{34-sim-basic_blacklist.py → 34-sim-basic_denylist.py} +0 -0
  91. data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_denylist.tests +32 -0
  92. data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.c +3 -0
  93. data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.py +1 -0
  94. data/ext/enterprise_script_service/libseccomp/tests/36-sim-ipc_syscalls.tests +25 -25
  95. data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.c +24 -3
  96. data/ext/enterprise_script_service/libseccomp/tests/39-basic-api_level.py +16 -1
  97. data/ext/enterprise_script_service/libseccomp/tests/47-live-kill_process.c +3 -3
  98. data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.c +112 -0
  99. data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.py +60 -0
  100. data/ext/enterprise_script_service/libseccomp/tests/51-live-user_notification.tests +11 -0
  101. data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.c +156 -0
  102. data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.py +95 -0
  103. data/ext/enterprise_script_service/libseccomp/tests/53-sim-binary_tree.tests +65 -0
  104. data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.c +128 -0
  105. data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.py +95 -0
  106. data/ext/enterprise_script_service/libseccomp/tests/54-live-binary_tree.tests +11 -0
  107. data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.c +134 -0
  108. data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.sh +46 -0
  109. data/ext/enterprise_script_service/libseccomp/tests/55-basic-pfc_binary_tree.tests +11 -0
  110. data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.c +90 -0
  111. data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.py +65 -0
  112. data/ext/enterprise_script_service/libseccomp/tests/56-basic-iterate_syscalls.tests +11 -0
  113. data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.c +64 -0
  114. data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.py +46 -0
  115. data/ext/enterprise_script_service/libseccomp/tests/57-basic-rawsysrc.tests +11 -0
  116. data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.c +116 -0
  117. data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.py +61 -0
  118. data/ext/enterprise_script_service/libseccomp/tests/58-live-tsync_notify.tests +11 -0
  119. data/ext/enterprise_script_service/libseccomp/tests/Makefile.am +31 -10
  120. data/ext/enterprise_script_service/libseccomp/tests/regression +6 -3
  121. data/ext/enterprise_script_service/libseccomp/tests/util.c +3 -3
  122. data/ext/enterprise_script_service/libseccomp/tools/check-syntax +1 -1
  123. data/ext/enterprise_script_service/libseccomp/tools/scmp_arch_detect.c +3 -0
  124. data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_disasm.c +4 -2
  125. data/ext/enterprise_script_service/libseccomp/tools/scmp_bpf_sim.c +2 -0
  126. data/ext/enterprise_script_service/libseccomp/tools/util.c +14 -12
  127. data/ext/enterprise_script_service/libseccomp/tools/util.h +7 -0
  128. data/ext/enterprise_script_service/mruby/.github/workflows/codeql-analysis.yml +51 -0
  129. data/ext/enterprise_script_service/mruby/Doxyfile +1 -1
  130. data/ext/enterprise_script_service/mruby/README.md +1 -1
  131. data/ext/enterprise_script_service/mruby/doc/guides/debugger.md +1 -1
  132. data/ext/enterprise_script_service/mruby/doc/limitations.md +10 -10
  133. data/ext/enterprise_script_service/mruby/include/mruby.h +13 -0
  134. data/ext/enterprise_script_service/mruby/include/mruby/boxing_word.h +0 -1
  135. data/ext/enterprise_script_service/mruby/include/mruby/proc.h +13 -8
  136. data/ext/enterprise_script_service/mruby/include/mruby/value.h +25 -29
  137. data/ext/enterprise_script_service/mruby/include/mruby/version.h +3 -3
  138. data/ext/enterprise_script_service/mruby/mrbgems/mruby-array-ext/src/array.c +5 -8
  139. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mirb/tools/mirb/mirb.c +2 -2
  140. data/ext/enterprise_script_service/mruby/mrbgems/mruby-bin-mrbc/tools/mrbc/mrbc.c +17 -10
  141. data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/mrblib/complex.rb +1 -1
  142. data/ext/enterprise_script_service/mruby/mrbgems/mruby-complex/src/complex.c +1 -2
  143. data/ext/enterprise_script_service/mruby/mrbgems/mruby-eval/src/eval.c +1 -1
  144. data/ext/enterprise_script_service/mruby/mrbgems/mruby-fiber/src/fiber.c +1 -2
  145. data/ext/enterprise_script_service/mruby/mrbgems/mruby-inline-struct/test/inline.c +3 -4
  146. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file.c +1 -2
  147. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/file_test.c +9 -26
  148. data/ext/enterprise_script_service/mruby/mrbgems/mruby-io/src/io.c +1 -2
  149. data/ext/enterprise_script_service/mruby/mrbgems/mruby-kernel-ext/src/kernel.c +6 -8
  150. data/ext/enterprise_script_service/mruby/mrbgems/mruby-method/src/method.c +3 -4
  151. data/ext/enterprise_script_service/mruby/mrbgems/mruby-objectspace/src/mruby_objectspace.c +0 -1
  152. data/ext/enterprise_script_service/mruby/mrbgems/mruby-print/src/print.c +1 -2
  153. data/ext/enterprise_script_service/mruby/mrbgems/mruby-range-ext/src/range.c +1 -3
  154. data/ext/enterprise_script_service/mruby/mrbgems/mruby-rational/mrblib/rational.rb +1 -3
  155. data/ext/enterprise_script_service/mruby/mrbgems/mruby-sprintf/src/sprintf.c +3 -3
  156. data/ext/enterprise_script_service/mruby/mrbgems/mruby-string-ext/src/string.c +1 -2
  157. data/ext/enterprise_script_service/mruby/mrbgems/mruby-struct/src/struct.c +5 -11
  158. data/ext/enterprise_script_service/mruby/mrbgems/mruby-time/src/time.c +5 -10
  159. data/ext/enterprise_script_service/mruby/mrblib/00class.rb +10 -0
  160. data/ext/enterprise_script_service/mruby/src/array.c +14 -11
  161. data/ext/enterprise_script_service/mruby/src/class.c +22 -21
  162. data/ext/enterprise_script_service/mruby/src/error.c +1 -2
  163. data/ext/enterprise_script_service/mruby/src/etc.c +0 -1
  164. data/ext/enterprise_script_service/mruby/src/gc.c +5 -5
  165. data/ext/enterprise_script_service/mruby/src/hash.c +8 -15
  166. data/ext/enterprise_script_service/mruby/src/kernel.c +4 -7
  167. data/ext/enterprise_script_service/mruby/src/numeric.c +28 -60
  168. data/ext/enterprise_script_service/mruby/src/object.c +11 -1
  169. data/ext/enterprise_script_service/mruby/src/proc.c +7 -8
  170. data/ext/enterprise_script_service/mruby/src/range.c +4 -12
  171. data/ext/enterprise_script_service/mruby/src/string.c +24 -21
  172. data/ext/enterprise_script_service/mruby/src/symbol.c +1 -2
  173. data/ext/enterprise_script_service/mruby/src/vm.c +28 -24
  174. data/ext/enterprise_script_service/mruby/test/t/kernel.rb +7 -0
  175. data/lib/script_core/version.rb +1 -1
  176. metadata +45 -21
  177. data/ext/enterprise_script_service/libseccomp/src/arch-aarch64-syscalls.c +0 -559
  178. data/ext/enterprise_script_service/libseccomp/src/arch-arm-syscalls.c +0 -570
  179. data/ext/enterprise_script_service/libseccomp/src/arch-mips-syscalls.c +0 -562
  180. data/ext/enterprise_script_service/libseccomp/src/arch-mips64-syscalls.c +0 -562
  181. data/ext/enterprise_script_service/libseccomp/src/arch-mips64n32-syscalls.c +0 -562
  182. data/ext/enterprise_script_service/libseccomp/src/arch-parisc-syscalls.c +0 -542
  183. data/ext/enterprise_script_service/libseccomp/src/arch-ppc-syscalls.c +0 -559
  184. data/ext/enterprise_script_service/libseccomp/src/arch-ppc64-syscalls.c +0 -559
  185. data/ext/enterprise_script_service/libseccomp/src/arch-s390-syscalls.c +0 -642
  186. data/ext/enterprise_script_service/libseccomp/src/arch-s390x-syscalls.c +0 -642
  187. data/ext/enterprise_script_service/libseccomp/src/arch-x32-syscalls.c +0 -558
  188. data/ext/enterprise_script_service/libseccomp/src/arch-x86-syscalls.c +0 -692
  189. data/ext/enterprise_script_service/libseccomp/src/arch-x86_64-syscalls.c +0 -559
  190. data/ext/enterprise_script_service/libseccomp/tests/18-sim-basic_whitelist.tests +0 -32
  191. data/ext/enterprise_script_service/libseccomp/tests/34-sim-basic_blacklist.tests +0 -32
@@ -22,16 +22,8 @@
22
22
  #ifndef _ARCH_AARCH64_H
23
23
  #define _ARCH_AARCH64_H
24
24
 
25
- #include <inttypes.h>
26
-
27
25
  #include "arch.h"
28
- #include "system.h"
29
-
30
- extern const struct arch_def arch_def_aarch64;
31
-
32
- int aarch64_syscall_resolve_name(const char *name);
33
- const char *aarch64_syscall_resolve_num(int num);
34
26
 
35
- const struct arch_syscall_def *aarch64_syscall_iterate(unsigned int spot);
27
+ ARCH_DECL(aarch64)
36
28
 
37
29
  #endif
@@ -26,13 +26,58 @@
26
26
  #include "arch.h"
27
27
  #include "arch-arm.h"
28
28
 
29
+ #define __SCMP_NR_OABI_SYSCALL_BASE 0x900000
30
+ #define __SCMP_ARM_NR_BASE 0x0f0000
31
+
32
+ /* NOTE: we currently only support the ARM EABI, more info at the URL below:
33
+ * -> http://wiki.embeddedarm.com/wiki/EABI_vs_OABI */
34
+ #if 1
35
+ #define __SCMP_NR_BASE 0
36
+ #else
37
+ #define __SCMP_NR_BASE __SCMP_NR_OABI_SYSCALL_BASE
38
+ #endif
39
+
40
+ /**
41
+ * Resolve a syscall name to a number
42
+ * @param name the syscall name
43
+ *
44
+ * Resolve the given syscall name to the syscall number using the syscall table.
45
+ * Returns the syscall number on success, including negative pseudo syscall
46
+ * numbers; returns __NR_SCMP_ERROR on failure.
47
+ *
48
+ */
49
+ int arm_syscall_resolve_name_munge(const char *name)
50
+ {
51
+ int sys;
52
+
53
+ sys = arm_syscall_resolve_name(name);
54
+ if (sys == __NR_SCMP_ERROR)
55
+ return sys;
56
+
57
+ return (sys | __SCMP_NR_BASE);
58
+ }
59
+
60
+ /**
61
+ * Resolve a syscall number to a name
62
+ * @param num the syscall number
63
+ *
64
+ * Resolve the given syscall number to the syscall name using the syscall table.
65
+ * Returns a pointer to the syscall name string on success, including pseudo
66
+ * syscall names; returns NULL on failure.
67
+ *
68
+ */
69
+ const char *arm_syscall_resolve_num_munge(int num)
70
+ {
71
+ return arm_syscall_resolve_num(num & (~__SCMP_NR_BASE));
72
+ }
73
+
29
74
  const struct arch_def arch_def_arm = {
30
75
  .token = SCMP_ARCH_ARM,
31
76
  .token_bpf = AUDIT_ARCH_ARM,
32
77
  .size = ARCH_SIZE_32,
33
78
  .endian = ARCH_ENDIAN_LITTLE,
34
- .syscall_resolve_name = arm_syscall_resolve_name,
35
- .syscall_resolve_num = arm_syscall_resolve_num,
79
+ .syscall_resolve_name = arm_syscall_resolve_name_munge,
80
+ .syscall_resolve_num = arm_syscall_resolve_num_munge,
36
81
  .syscall_rewrite = NULL,
37
82
  .rule_add = NULL,
38
83
  };
@@ -22,16 +22,8 @@
22
22
  #ifndef _ARCH_ARM_H
23
23
  #define _ARCH_ARM_H
24
24
 
25
- #include <inttypes.h>
26
-
27
25
  #include "arch.h"
28
- #include "system.h"
29
-
30
- extern const struct arch_def arch_def_arm;
31
-
32
- int arm_syscall_resolve_name(const char *name);
33
- const char *arm_syscall_resolve_num(int num);
34
26
 
35
- const struct arch_syscall_def *arm_syscall_iterate(unsigned int spot);
27
+ ARCH_DECL(arm)
36
28
 
37
29
  #endif
@@ -0,0 +1,40 @@
1
+ #!/bin/bash
2
+
3
+ # NOTE: changes to the arch_syscall_table struct in syscalls.h will affect
4
+ # this script/gperf - BEWARE!
5
+
6
+ ###
7
+ # helper functions
8
+
9
+ function exit_usage() {
10
+ echo "usage: $0 <syscall_csv_file> <gperf_template>"
11
+ exit 1
12
+ }
13
+
14
+ ###
15
+ # main
16
+
17
+ # sanity check
18
+ [[ ! -r "$1" || ! -r "$2" ]] && exit_usage
19
+ sys_csv=$1
20
+ gperf_tmpl=$2
21
+
22
+ sys_csv_tmp=$(mktemp -t generate_syscalls_XXXXXX)
23
+
24
+ # filter and prepare the syscall csv file
25
+ cat $sys_csv | grep -v '^#' | nl -ba -s, -v0 | \
26
+ sed -e 's/^[[:space:]]\+\([0-9]\+\),\([^,]\+\),\(.*\)/\2,\1,\3/' \
27
+ -e ':repeat; {s|\([^,]\+\)\(.*\)[^_]PNR|\1\2,__PNR_\1|g;}; t repeat' \
28
+ > $sys_csv_tmp
29
+ [[ $? -ne 0 ]] && exit 1
30
+
31
+ # create the gperf file
32
+ sed -e "/@@SYSCALLS_TABLE@@/r $sys_csv_tmp" \
33
+ -e '/@@SYSCALLS_TABLE@@/d' \
34
+ $gperf_tmpl > syscalls.perf
35
+ [[ $? -ne 0 ]] && exit 1
36
+
37
+ # cleanup
38
+ rm -f $sys_csv_tmp
39
+
40
+ exit 0
@@ -27,13 +27,50 @@
27
27
  #include "arch.h"
28
28
  #include "arch-mips.h"
29
29
 
30
+ /* O32 ABI */
31
+ #define __SCMP_NR_BASE 4000
32
+
33
+ /**
34
+ * Resolve a syscall name to a number
35
+ * @param name the syscall name
36
+ *
37
+ * Resolve the given syscall name to the syscall number using the syscall table.
38
+ * Returns the syscall number on success, including negative pseudo syscall
39
+ * numbers; returns __NR_SCMP_ERROR on failure.
40
+ *
41
+ */
42
+ int mips_syscall_resolve_name_munge(const char *name)
43
+ {
44
+ int sys;
45
+
46
+ sys = mips_syscall_resolve_name(name);
47
+ if (sys == __NR_SCMP_ERROR)
48
+ return sys;
49
+
50
+ return sys + __SCMP_NR_BASE;
51
+ }
52
+
53
+ /**
54
+ * Resolve a syscall number to a name
55
+ * @param num the syscall number
56
+ *
57
+ * Resolve the given syscall number to the syscall name using the syscall table.
58
+ * Returns a pointer to the syscall name string on success, including pseudo
59
+ * syscall names; returns NULL on failure.
60
+ *
61
+ */
62
+ const char *mips_syscall_resolve_num_munge(int num)
63
+ {
64
+ return mips_syscall_resolve_num(num - __SCMP_NR_BASE);
65
+ }
66
+
30
67
  const struct arch_def arch_def_mips = {
31
68
  .token = SCMP_ARCH_MIPS,
32
69
  .token_bpf = AUDIT_ARCH_MIPS,
33
70
  .size = ARCH_SIZE_32,
34
71
  .endian = ARCH_ENDIAN_BIG,
35
- .syscall_resolve_name = mips_syscall_resolve_name,
36
- .syscall_resolve_num = mips_syscall_resolve_num,
72
+ .syscall_resolve_name = mips_syscall_resolve_name_munge,
73
+ .syscall_resolve_num = mips_syscall_resolve_num_munge,
37
74
  .syscall_rewrite = NULL,
38
75
  .rule_add = NULL,
39
76
  };
@@ -43,8 +80,8 @@ const struct arch_def arch_def_mipsel = {
43
80
  .token_bpf = AUDIT_ARCH_MIPSEL,
44
81
  .size = ARCH_SIZE_32,
45
82
  .endian = ARCH_ENDIAN_LITTLE,
46
- .syscall_resolve_name = mips_syscall_resolve_name,
47
- .syscall_resolve_num = mips_syscall_resolve_num,
83
+ .syscall_resolve_name = mips_syscall_resolve_name_munge,
84
+ .syscall_resolve_num = mips_syscall_resolve_num_munge,
48
85
  .syscall_rewrite = NULL,
49
86
  .rule_add = NULL,
50
87
  };
@@ -23,17 +23,9 @@
23
23
  #ifndef _ARCH_MIPS_H
24
24
  #define _ARCH_MIPS_H
25
25
 
26
- #include <inttypes.h>
27
-
28
26
  #include "arch.h"
29
- #include "system.h"
30
-
31
- extern const struct arch_def arch_def_mips;
32
- extern const struct arch_def arch_def_mipsel;
33
-
34
- int mips_syscall_resolve_name(const char *name);
35
- const char *mips_syscall_resolve_num(int num);
36
27
 
37
- const struct arch_syscall_def *mips_syscall_iterate(unsigned int spot);
28
+ ARCH_DECL(mips)
29
+ ARCH_DECL(mipsel)
38
30
 
39
31
  #endif
@@ -25,13 +25,50 @@
25
25
  #include "arch.h"
26
26
  #include "arch-mips64.h"
27
27
 
28
+ /* 64 ABI */
29
+ #define __SCMP_NR_BASE 5000
30
+
31
+ /**
32
+ * Resolve a syscall name to a number
33
+ * @param name the syscall name
34
+ *
35
+ * Resolve the given syscall name to the syscall number using the syscall table.
36
+ * Returns the syscall number on success, including negative pseudo syscall
37
+ * numbers; returns __NR_SCMP_ERROR on failure.
38
+ *
39
+ */
40
+ int mips64_syscall_resolve_name_munge(const char *name)
41
+ {
42
+ int sys;
43
+
44
+ sys = mips64_syscall_resolve_name(name);
45
+ if (sys == __NR_SCMP_ERROR)
46
+ return sys;
47
+
48
+ return sys + __SCMP_NR_BASE;
49
+ }
50
+
51
+ /**
52
+ * Resolve a syscall number to a name
53
+ * @param num the syscall number
54
+ *
55
+ * Resolve the given syscall number to the syscall name using the syscall table.
56
+ * Returns a pointer to the syscall name string on success, including pseudo
57
+ * syscall names; returns NULL on failure.
58
+ *
59
+ */
60
+ const char *mips64_syscall_resolve_num_munge(int num)
61
+ {
62
+ return mips64_syscall_resolve_num(num - __SCMP_NR_BASE);
63
+ }
64
+
28
65
  const struct arch_def arch_def_mips64 = {
29
66
  .token = SCMP_ARCH_MIPS64,
30
67
  .token_bpf = AUDIT_ARCH_MIPS64,
31
68
  .size = ARCH_SIZE_64,
32
69
  .endian = ARCH_ENDIAN_BIG,
33
- .syscall_resolve_name = mips64_syscall_resolve_name,
34
- .syscall_resolve_num = mips64_syscall_resolve_num,
70
+ .syscall_resolve_name = mips64_syscall_resolve_name_munge,
71
+ .syscall_resolve_num = mips64_syscall_resolve_num_munge,
35
72
  .syscall_rewrite = NULL,
36
73
  .rule_add = NULL,
37
74
  };
@@ -41,8 +78,8 @@ const struct arch_def arch_def_mipsel64 = {
41
78
  .token_bpf = AUDIT_ARCH_MIPSEL64,
42
79
  .size = ARCH_SIZE_64,
43
80
  .endian = ARCH_ENDIAN_LITTLE,
44
- .syscall_resolve_name = mips64_syscall_resolve_name,
45
- .syscall_resolve_num = mips64_syscall_resolve_num,
81
+ .syscall_resolve_name = mips64_syscall_resolve_name_munge,
82
+ .syscall_resolve_num = mips64_syscall_resolve_num_munge,
46
83
  .syscall_rewrite = NULL,
47
84
  .rule_add = NULL,
48
85
  };
@@ -23,17 +23,9 @@
23
23
  #ifndef _ARCH_MIPS64_H
24
24
  #define _ARCH_MIPS64_H
25
25
 
26
- #include <inttypes.h>
27
-
28
26
  #include "arch.h"
29
- #include "system.h"
30
-
31
- extern const struct arch_def arch_def_mips64;
32
- extern const struct arch_def arch_def_mipsel64;
33
-
34
- int mips64_syscall_resolve_name(const char *name);
35
- const char *mips64_syscall_resolve_num(int num);
36
27
 
37
- const struct arch_syscall_def *mips64_syscall_iterate(unsigned int spot);
28
+ ARCH_DECL(mips64)
29
+ ARCH_DECL(mipsel64)
38
30
 
39
- #endif
31
+ #endif
@@ -27,13 +27,50 @@
27
27
  #include "arch.h"
28
28
  #include "arch-mips64n32.h"
29
29
 
30
+ /* N32 ABI */
31
+ #define __SCMP_NR_BASE 6000
32
+
33
+ /**
34
+ * Resolve a syscall name to a number
35
+ * @param name the syscall name
36
+ *
37
+ * Resolve the given syscall name to the syscall number using the syscall table.
38
+ * Returns the syscall number on success, including negative pseudo syscall
39
+ * numbers; returns __NR_SCMP_ERROR on failure.
40
+ *
41
+ */
42
+ int mips64n32_syscall_resolve_name_munge(const char *name)
43
+ {
44
+ int sys;
45
+
46
+ sys = mips64n32_syscall_resolve_name(name);
47
+ if (sys == __NR_SCMP_ERROR)
48
+ return sys;
49
+
50
+ return sys + __SCMP_NR_BASE;
51
+ }
52
+
53
+ /**
54
+ * Resolve a syscall number to a name
55
+ * @param num the syscall number
56
+ *
57
+ * Resolve the given syscall number to the syscall name using the syscall table.
58
+ * Returns a pointer to the syscall name string on success, including pseudo
59
+ * syscall names; returns NULL on failure.
60
+ *
61
+ */
62
+ const char *mips64n32_syscall_resolve_num_munge(int num)
63
+ {
64
+ return mips64n32_syscall_resolve_num(num - __SCMP_NR_BASE);
65
+ }
66
+
30
67
  const struct arch_def arch_def_mips64n32 = {
31
68
  .token = SCMP_ARCH_MIPS64N32,
32
69
  .token_bpf = AUDIT_ARCH_MIPS64N32,
33
70
  .size = ARCH_SIZE_32,
34
71
  .endian = ARCH_ENDIAN_BIG,
35
- .syscall_resolve_name = mips64n32_syscall_resolve_name,
36
- .syscall_resolve_num = mips64n32_syscall_resolve_num,
72
+ .syscall_resolve_name = mips64n32_syscall_resolve_name_munge,
73
+ .syscall_resolve_num = mips64n32_syscall_resolve_num_munge,
37
74
  .syscall_rewrite = NULL,
38
75
  .rule_add = NULL,
39
76
  };
@@ -43,8 +80,8 @@ const struct arch_def arch_def_mipsel64n32 = {
43
80
  .token_bpf = AUDIT_ARCH_MIPSEL64N32,
44
81
  .size = ARCH_SIZE_32,
45
82
  .endian = ARCH_ENDIAN_LITTLE,
46
- .syscall_resolve_name = mips64n32_syscall_resolve_name,
47
- .syscall_resolve_num = mips64n32_syscall_resolve_num,
83
+ .syscall_resolve_name = mips64n32_syscall_resolve_name_munge,
84
+ .syscall_resolve_num = mips64n32_syscall_resolve_num_munge,
48
85
  .syscall_rewrite = NULL,
49
86
  .rule_add = NULL,
50
87
  };
@@ -23,17 +23,9 @@
23
23
  #ifndef _ARCH_MIPS64N32_H
24
24
  #define _ARCH_MIPS64N32_H
25
25
 
26
- #include <inttypes.h>
27
-
28
26
  #include "arch.h"
29
- #include "system.h"
30
-
31
- extern const struct arch_def arch_def_mips64n32;
32
- extern const struct arch_def arch_def_mipsel64n32;
33
-
34
- int mips64n32_syscall_resolve_name(const char *name);
35
- const char *mips64n32_syscall_resolve_num(int num);
36
27
 
37
- const struct arch_syscall_def *mips64n32_syscall_iterate(unsigned int spot);
28
+ ARCH_DECL(mips64n32)
29
+ ARCH_DECL(mipsel64n32)
38
30
 
39
31
  #endif
@@ -22,17 +22,8 @@
22
22
  #ifndef _ARCH_PARISC_H
23
23
  #define _ARCH_PARISC_H
24
24
 
25
- #include <inttypes.h>
26
-
27
25
  #include "arch.h"
28
- #include "system.h"
29
-
30
- extern const struct arch_def arch_def_parisc;
31
- extern const struct arch_def arch_def_parisc64;
32
-
33
- int parisc_syscall_resolve_name(const char *name);
34
- const char *parisc_syscall_resolve_num(int num);
35
26
 
36
- const struct arch_syscall_def *parisc_syscall_iterate(unsigned int spot);
27
+ ARCH_DECL(parisc)
37
28
 
38
29
  #endif
@@ -8,15 +8,15 @@
8
8
  #include <linux/audit.h>
9
9
 
10
10
  #include "arch.h"
11
- #include "arch-parisc.h"
11
+ #include "arch-parisc64.h"
12
12
 
13
13
  const struct arch_def arch_def_parisc64 = {
14
14
  .token = SCMP_ARCH_PARISC64,
15
15
  .token_bpf = AUDIT_ARCH_PARISC64,
16
16
  .size = ARCH_SIZE_64,
17
17
  .endian = ARCH_ENDIAN_BIG,
18
- .syscall_resolve_name = parisc_syscall_resolve_name,
19
- .syscall_resolve_num = parisc_syscall_resolve_num,
18
+ .syscall_resolve_name = parisc64_syscall_resolve_name,
19
+ .syscall_resolve_num = parisc64_syscall_resolve_num,
20
20
  .syscall_rewrite = NULL,
21
21
  .rule_add = NULL,
22
22
  };
@@ -0,0 +1,29 @@
1
+ /**
2
+ * Enhanced Seccomp PARISC Specific Code
3
+ *
4
+ * Copyright (c) 2016 Helge Deller <deller@gmx.de>
5
+ *
6
+ */
7
+
8
+ /*
9
+ * This library is free software; you can redistribute it and/or modify it
10
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
11
+ * published by the Free Software Foundation.
12
+ *
13
+ * This library is distributed in the hope that it will be useful, but WITHOUT
14
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
15
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
16
+ * for more details.
17
+ *
18
+ * You should have received a copy of the GNU Lesser General Public License
19
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
20
+ */
21
+
22
+ #ifndef _ARCH_PARISC64_H
23
+ #define _ARCH_PARISC64_H
24
+
25
+ #include "arch.h"
26
+
27
+ ARCH_DECL(parisc64)
28
+
29
+ #endif