W dniu 26.05.2014 11:15, Marcin Juszkiewicz pisze:
> Hi
>
> As part of my work I was working on porting libseccomp to AArch64
> (64-bit ARM) architecture. It builds but does not pass tests properly
> yet ("make check" log included).
>
> As AArch64 audit support is not yet merged into mainline kernel I had to
> add one #ifndef/#define/#endif block to make it build on other platforms:
>
> /* AArch64 support for audit is still not in mainline */
> #ifndef AUDIT_ARCH_AARCH64
> #define AUDIT_ARCH_AARCH64
> (EM_AARCH64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
> #endif
>
> I used ARM files as a base and 3.13-rc7 kernel as source of list of
> syscalls.
>From e1b1737379ec9dc08f11d3e6317049cbec216eed Mon Sep 17 00:00:00 2001
From: Marcin Juszkiewicz <[email protected]>
Date: Fri, 23 May 2014 15:03:50 +0200
Subject: [PATCH 2/2] AArch64 support
---
include/seccomp.h.in | 11 ++
src/Makefile | 1 +
src/arch-aarch64-syscalls.c | 414
++++++++++++++++++++++++++++++++++++++++++++
src/arch-aarch64.c | 34 ++++
src/arch-aarch64.h | 37 ++++
src/arch.c | 3 +
6 files changed, 500 insertions(+)
create mode 100644 src/arch-aarch64-syscalls.c
create mode 100644 src/arch-aarch64.c
create mode 100644 src/arch-aarch64.h
diff --git a/include/seccomp.h.in b/include/seccomp.h.in
index e150fbd..b41a6b1 100644
--- a/include/seccomp.h.in
+++ b/include/seccomp.h.in
@@ -122,6 +122,17 @@ struct scmp_arg_cmp {
#define SCMP_ARCH_ARM AUDIT_ARCH_ARM
/**
+ * The AARCH64 architecture token
+ */
+
+/* AArch64 support for audit is still not in mainline */
+#ifndef AUDIT_ARCH_AARCH64
+#define AUDIT_ARCH_AARCH64
(EM_AARCH64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
+#endif
+
+#define SCMP_ARCH_AARCH64 AUDIT_ARCH_AARCH64
+
+/**
* Convert a syscall name into the associated syscall number
* @param x the syscall name
*/
diff --git a/src/Makefile b/src/Makefile
index 7b980ab..47173e4 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -42,6 +42,7 @@ OBJS = \
arch-x86_64.o arch-x86_64-syscalls.o \
arch-x32.o arch-x32-syscalls.o \
arch-arm.o arch-arm-syscalls.o \
+ arch-aarch64.o arch-aarch64-syscalls.o \
hash.o \
gen_pfc.o gen_bpf.o
diff --git a/src/arch-aarch64-syscalls.c b/src/arch-aarch64-syscalls.c
new file mode 100644
index 0000000..d6f99eb
--- /dev/null
+++ b/src/arch-aarch64-syscalls.c
@@ -0,0 +1,414 @@
+/**
+ * Enhanced Seccomp AArch64 Syscall Table
+ *
+ * Copyright (c) 2014 Red Hat <[email protected]>
+ * Author: Marcin Juszkiewicz <[email protected]>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public
License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but
WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <string.h>
+
+#include <seccomp.h>
+
+#include "arch.h"
+#include "arch-aarch64.h"
+
+#define __NR_SYSCALL_BASE 0
+
+/* NOTE: based on Linux 3.13.0-rc7 */
+const struct arch_syscall_def aarch64_syscall_table[] = { \
+ { "accept", (__NR_SYSCALL_BASE + 285) },
+ { "accept4", (__NR_SYSCALL_BASE + 366) },
+ { "access", (__NR_SYSCALL_BASE + 33) },
+ { "acct", (__NR_SYSCALL_BASE + 51) },
+ { "add_key", (__NR_SYSCALL_BASE + 309) },
+ { "adjtimex", (__NR_SYSCALL_BASE + 124) },
+ { "arm_fadvise64_64", (__NR_SYSCALL_BASE + 270) },
+ { "bdflush", (__NR_SYSCALL_BASE + 134) },
+ { "bind", (__NR_SYSCALL_BASE + 282) },
+ { "brk", (__NR_SYSCALL_BASE + 45) },
+ { "capget", (__NR_SYSCALL_BASE + 184) },
+ { "capset", (__NR_SYSCALL_BASE + 185) },
+ { "chdir", (__NR_SYSCALL_BASE + 12) },
+ { "chmod", (__NR_SYSCALL_BASE + 15) },
+ { "chown", (__NR_SYSCALL_BASE + 182) },
+ { "chown32", (__NR_SYSCALL_BASE + 212) },
+ { "chroot", (__NR_SYSCALL_BASE + 61) },
+ { "clock_adjtime", (__NR_SYSCALL_BASE + 372) },
+ { "clock_getres", (__NR_SYSCALL_BASE + 264) },
+ { "clock_gettime", (__NR_SYSCALL_BASE + 263) },
+ { "clock_nanosleep", (__NR_SYSCALL_BASE + 265) },
+ { "clock_settime", (__NR_SYSCALL_BASE + 262) },
+ { "clone", (__NR_SYSCALL_BASE + 120) },
+ { "close", (__NR_SYSCALL_BASE + 6) },
+ { "connect", (__NR_SYSCALL_BASE + 283) },
+ { "creat", (__NR_SYSCALL_BASE + 8) },
+ { "delete_module", (__NR_SYSCALL_BASE + 129) },
+ { "dup", (__NR_SYSCALL_BASE + 41) },
+ { "dup2", (__NR_SYSCALL_BASE + 63) },
+ { "dup3", (__NR_SYSCALL_BASE + 358) },
+ { "epoll_create", (__NR_SYSCALL_BASE + 250) },
+ { "epoll_create1", (__NR_SYSCALL_BASE + 357) },
+ { "epoll_ctl", (__NR_SYSCALL_BASE + 251) },
+ { "epoll_pwait", (__NR_SYSCALL_BASE + 346) },
+ { "epoll_wait", (__NR_SYSCALL_BASE + 252) },
+ { "eventfd", (__NR_SYSCALL_BASE + 351) },
+ { "eventfd2", (__NR_SYSCALL_BASE + 356) },
+ { "execve", (__NR_SYSCALL_BASE + 11) },
+ { "exit", (__NR_SYSCALL_BASE + 1) },
+ { "exit_group", (__NR_SYSCALL_BASE + 248) },
+ { "faccessat", (__NR_SYSCALL_BASE + 334) },
+ { "fallocate", (__NR_SYSCALL_BASE + 352) },
+ { "fanotify_init", (__NR_SYSCALL_BASE + 367) },
+ { "fanotify_mark", (__NR_SYSCALL_BASE + 368) },
+ { "fchdir", (__NR_SYSCALL_BASE + 133) },
+ { "fchmod", (__NR_SYSCALL_BASE + 94) },
+ { "fchmodat", (__NR_SYSCALL_BASE + 333) },
+ { "fchown", (__NR_SYSCALL_BASE + 95) },
+ { "fchown32", (__NR_SYSCALL_BASE + 207) },
+ { "fchownat", (__NR_SYSCALL_BASE + 325) },
+ { "fcntl", (__NR_SYSCALL_BASE + 55) },
+ { "fcntl64", (__NR_SYSCALL_BASE + 221) },
+ { "fdatasync", (__NR_SYSCALL_BASE + 148) },
+ { "fgetxattr", (__NR_SYSCALL_BASE + 231) },
+ { "flistxattr", (__NR_SYSCALL_BASE + 234) },
+ { "flock", (__NR_SYSCALL_BASE + 143) },
+ { "fork", (__NR_SYSCALL_BASE + 2) },
+ { "fremovexattr", (__NR_SYSCALL_BASE + 237) },
+ { "fsetxattr", (__NR_SYSCALL_BASE + 228) },
+ { "fstat", (__NR_SYSCALL_BASE + 108) },
+ { "fstat64", (__NR_SYSCALL_BASE + 197) },
+ { "fstatat64", (__NR_SYSCALL_BASE + 327) },
+ { "fstatfs", (__NR_SYSCALL_BASE + 100) },
+ { "fstatfs64", (__NR_SYSCALL_BASE + 267) },
+ { "fsync", (__NR_SYSCALL_BASE + 118) },
+ { "ftruncate", (__NR_SYSCALL_BASE + 93) },
+ { "ftruncate64", (__NR_SYSCALL_BASE + 194) },
+ { "futex", (__NR_SYSCALL_BASE + 240) },
+ { "futimesat", (__NR_SYSCALL_BASE + 326) },
+ { "getcpu", (__NR_SYSCALL_BASE + 345) },
+ { "getcwd", (__NR_SYSCALL_BASE + 183) },
+ { "getdents", (__NR_SYSCALL_BASE + 141) },
+ { "getdents64", (__NR_SYSCALL_BASE + 217) },
+ { "getegid", (__NR_SYSCALL_BASE + 50) },
+ { "getegid32", (__NR_SYSCALL_BASE + 202) },
+ { "geteuid", (__NR_SYSCALL_BASE + 49) },
+ { "geteuid32", (__NR_SYSCALL_BASE + 201) },
+ { "getgid", (__NR_SYSCALL_BASE + 47) },
+ { "getgid32", (__NR_SYSCALL_BASE + 200) },
+ { "getgroups", (__NR_SYSCALL_BASE + 80) },
+ { "getgroups32", (__NR_SYSCALL_BASE + 205) },
+ { "getitimer", (__NR_SYSCALL_BASE + 105) },
+ { "get_mempolicy", (__NR_SYSCALL_BASE + 320) },
+ { "getpeername", (__NR_SYSCALL_BASE + 287) },
+ { "getpgid", (__NR_SYSCALL_BASE + 132) },
+ { "getpgrp", (__NR_SYSCALL_BASE + 65) },
+ { "getpid", (__NR_SYSCALL_BASE + 20) },
+ { "getppid", (__NR_SYSCALL_BASE + 64) },
+ { "getpriority", (__NR_SYSCALL_BASE + 96) },
+ { "getresgid", (__NR_SYSCALL_BASE + 171) },
+ { "getresgid32", (__NR_SYSCALL_BASE + 211) },
+ { "getresuid", (__NR_SYSCALL_BASE + 165) },
+ { "getresuid32", (__NR_SYSCALL_BASE + 209) },
+ { "get_robust_list", (__NR_SYSCALL_BASE + 339) },
+ { "getrusage", (__NR_SYSCALL_BASE + 77) },
+ { "getsid", (__NR_SYSCALL_BASE + 147) },
+ { "getsockname", (__NR_SYSCALL_BASE + 286) },
+ { "getsockopt", (__NR_SYSCALL_BASE + 295) },
+ { "gettid", (__NR_SYSCALL_BASE + 224) },
+ { "gettimeofday", (__NR_SYSCALL_BASE + 78) },
+ { "getuid", (__NR_SYSCALL_BASE + 24) },
+ { "getuid32", (__NR_SYSCALL_BASE + 199) },
+ { "getxattr", (__NR_SYSCALL_BASE + 229) },
+ { "init_module", (__NR_SYSCALL_BASE + 128) },
+ { "inotify_add_watch", (__NR_SYSCALL_BASE + 317) },
+ { "inotify_init", (__NR_SYSCALL_BASE + 316) },
+ { "inotify_init1", (__NR_SYSCALL_BASE + 360) },
+ { "inotify_rm_watch", (__NR_SYSCALL_BASE + 318) },
+ { "io_cancel", (__NR_SYSCALL_BASE + 247) },
+ { "ioctl", (__NR_SYSCALL_BASE + 54) },
+ { "io_destroy", (__NR_SYSCALL_BASE + 244) },
+ { "io_getevents", (__NR_SYSCALL_BASE + 245) },
+ { "ioprio_get", (__NR_SYSCALL_BASE + 315) },
+ { "ioprio_set", (__NR_SYSCALL_BASE + 314) },
+ { "io_setup", (__NR_SYSCALL_BASE + 243) },
+ { "io_submit", (__NR_SYSCALL_BASE + 246) },
+ { "kexec_load", (__NR_SYSCALL_BASE + 347) },
+ { "keyctl", (__NR_SYSCALL_BASE + 311) },
+ { "kill", (__NR_SYSCALL_BASE + 37) },
+ { "lchown", (__NR_SYSCALL_BASE + 16) },
+ { "lchown32", (__NR_SYSCALL_BASE + 198) },
+ { "lgetxattr", (__NR_SYSCALL_BASE + 230) },
+ { "link", (__NR_SYSCALL_BASE + 9) },
+ { "linkat", (__NR_SYSCALL_BASE + 330) },
+ { "listen", (__NR_SYSCALL_BASE + 284) },
+ { "listxattr", (__NR_SYSCALL_BASE + 232) },
+ { "llistxattr", (__NR_SYSCALL_BASE + 233) },
+ { "_llseek", (__NR_SYSCALL_BASE + 140) },
+ { "lookup_dcookie", (__NR_SYSCALL_BASE + 249) },
+ { "lremovexattr", (__NR_SYSCALL_BASE + 236) },
+ { "lseek", (__NR_SYSCALL_BASE + 19) },
+ { "lsetxattr", (__NR_SYSCALL_BASE + 227) },
+ { "lstat", (__NR_SYSCALL_BASE + 107) },
+ { "lstat64", (__NR_SYSCALL_BASE + 196) },
+ { "madvise", (__NR_SYSCALL_BASE + 220) },
+ { "mbind", (__NR_SYSCALL_BASE + 319) },
+ { "mincore", (__NR_SYSCALL_BASE + 219) },
+ { "mkdir", (__NR_SYSCALL_BASE + 39) },
+ { "mkdirat", (__NR_SYSCALL_BASE + 323) },
+ { "mknod", (__NR_SYSCALL_BASE + 14) },
+ { "mknodat", (__NR_SYSCALL_BASE + 324) },
+ { "mlock", (__NR_SYSCALL_BASE + 150) },
+ { "mlockall", (__NR_SYSCALL_BASE + 152) },
+ { "mmap2", (__NR_SYSCALL_BASE + 192) },
+ { "mount", (__NR_SYSCALL_BASE + 21) },
+ { "move_pages", (__NR_SYSCALL_BASE + 344) },
+ { "mprotect", (__NR_SYSCALL_BASE + 125) },
+ { "mq_getsetattr", (__NR_SYSCALL_BASE + 279) },
+ { "mq_notify", (__NR_SYSCALL_BASE + 278) },
+ { "mq_open", (__NR_SYSCALL_BASE + 274) },
+ { "mq_timedreceive", (__NR_SYSCALL_BASE + 277) },
+ { "mq_timedsend", (__NR_SYSCALL_BASE + 276) },
+ { "mq_unlink", (__NR_SYSCALL_BASE + 275) },
+ { "mremap", (__NR_SYSCALL_BASE + 163) },
+ { "msgctl", (__NR_SYSCALL_BASE + 304) },
+ { "msgget", (__NR_SYSCALL_BASE + 303) },
+ { "msgrcv", (__NR_SYSCALL_BASE + 302) },
+ { "msgsnd", (__NR_SYSCALL_BASE + 301) },
+ { "msync", (__NR_SYSCALL_BASE + 144) },
+ { "munlock", (__NR_SYSCALL_BASE + 151) },
+ { "munlockall", (__NR_SYSCALL_BASE + 153) },
+ { "munmap", (__NR_SYSCALL_BASE + 91) },
+ { "name_to_handle_at", (__NR_SYSCALL_BASE + 370) },
+ { "nanosleep", (__NR_SYSCALL_BASE + 162) },
+ { "_newselect", (__NR_SYSCALL_BASE + 142) },
+ { "nfsservctl", (__NR_SYSCALL_BASE + 169) },
+ { "nice", (__NR_SYSCALL_BASE + 34) },
+ { "open", (__NR_SYSCALL_BASE + 5) },
+ { "openat", (__NR_SYSCALL_BASE + 322) },
+ { "open_by_handle_at", (__NR_SYSCALL_BASE + 371) },
+ { "pause", (__NR_SYSCALL_BASE + 29) },
+ { "pciconfig_iobase", (__NR_SYSCALL_BASE + 271) },
+ { "pciconfig_read", (__NR_SYSCALL_BASE + 272) },
+ { "pciconfig_write", (__NR_SYSCALL_BASE + 273) },
+ { "perf_event_open", (__NR_SYSCALL_BASE + 364) },
+ { "personality", (__NR_SYSCALL_BASE + 136) },
+ { "pipe", (__NR_SYSCALL_BASE + 42) },
+ { "pipe2", (__NR_SYSCALL_BASE + 359) },
+ { "pivot_root", (__NR_SYSCALL_BASE + 218) },
+ { "poll", (__NR_SYSCALL_BASE + 168) },
+ { "ppoll", (__NR_SYSCALL_BASE + 336) },
+ { "prctl", (__NR_SYSCALL_BASE + 172) },
+ { "pread64", (__NR_SYSCALL_BASE + 180) },
+ { "preadv", (__NR_SYSCALL_BASE + 361) },
+ { "prlimit64", (__NR_SYSCALL_BASE + 369) },
+ { "process_vm_readv", (__NR_SYSCALL_BASE + 376) },
+ { "process_vm_writev", (__NR_SYSCALL_BASE + 377) },
+ { "pselect6", (__NR_SYSCALL_BASE + 335) },
+ { "ptrace", (__NR_SYSCALL_BASE + 26) },
+ { "pwrite64", (__NR_SYSCALL_BASE + 181) },
+ { "pwritev", (__NR_SYSCALL_BASE + 362) },
+ { "quotactl", (__NR_SYSCALL_BASE + 131) },
+ { "read", (__NR_SYSCALL_BASE + 3) },
+ { "readahead", (__NR_SYSCALL_BASE + 225) },
+ { "readlink", (__NR_SYSCALL_BASE + 85) },
+ { "readlinkat", (__NR_SYSCALL_BASE + 332) },
+ { "readv", (__NR_SYSCALL_BASE + 145) },
+ { "reboot", (__NR_SYSCALL_BASE + 88) },
+ { "recv", (__NR_SYSCALL_BASE + 291) },
+ { "recvfrom", (__NR_SYSCALL_BASE + 292) },
+ { "recvmmsg", (__NR_SYSCALL_BASE + 365) },
+ { "recvmsg", (__NR_SYSCALL_BASE + 297) },
+ { "remap_file_pages", (__NR_SYSCALL_BASE + 253) },
+ { "removexattr", (__NR_SYSCALL_BASE + 235) },
+ { "rename", (__NR_SYSCALL_BASE + 38) },
+ { "renameat", (__NR_SYSCALL_BASE + 329) },
+ { "request_key", (__NR_SYSCALL_BASE + 310) },
+ { "restart_syscall", (__NR_SYSCALL_BASE + 0) },
+ { "rmdir", (__NR_SYSCALL_BASE + 40) },
+ { "rt_sigaction", (__NR_SYSCALL_BASE + 174) },
+ { "rt_sigpending", (__NR_SYSCALL_BASE + 176) },
+ { "rt_sigprocmask", (__NR_SYSCALL_BASE + 175) },
+ { "rt_sigqueueinfo", (__NR_SYSCALL_BASE + 178) },
+ { "rt_sigreturn", (__NR_SYSCALL_BASE + 173) },
+ { "rt_sigsuspend", (__NR_SYSCALL_BASE + 179) },
+ { "rt_sigtimedwait", (__NR_SYSCALL_BASE + 177) },
+ { "rt_tgsigqueueinfo", (__NR_SYSCALL_BASE + 363) },
+ { "sched_getaffinity", (__NR_SYSCALL_BASE + 242) },
+ { "sched_getparam", (__NR_SYSCALL_BASE + 155) },
+ { "sched_get_priority_max", (__NR_SYSCALL_BASE + 159) },
+ { "sched_get_priority_min", (__NR_SYSCALL_BASE + 160) },
+ { "sched_getscheduler", (__NR_SYSCALL_BASE + 157) },
+ { "sched_rr_get_interval", (__NR_SYSCALL_BASE + 161) },
+ { "sched_setaffinity", (__NR_SYSCALL_BASE + 241) },
+ { "sched_setparam", (__NR_SYSCALL_BASE + 154) },
+ { "sched_setscheduler", (__NR_SYSCALL_BASE + 156) },
+ { "sched_yield", (__NR_SYSCALL_BASE + 158) },
+ { "semctl", (__NR_SYSCALL_BASE + 300) },
+ { "semget", (__NR_SYSCALL_BASE + 299) },
+ { "semop", (__NR_SYSCALL_BASE + 298) },
+ { "semtimedop", (__NR_SYSCALL_BASE + 312) },
+ { "send", (__NR_SYSCALL_BASE + 289) },
+ { "sendfile", (__NR_SYSCALL_BASE + 187) },
+ { "sendfile64", (__NR_SYSCALL_BASE + 239) },
+ { "sendmmsg", (__NR_SYSCALL_BASE + 374) },
+ { "sendmsg", (__NR_SYSCALL_BASE + 296) },
+ { "sendto", (__NR_SYSCALL_BASE + 290) },
+ { "setdomainname", (__NR_SYSCALL_BASE + 121) },
+ { "setfsgid", (__NR_SYSCALL_BASE + 139) },
+ { "setfsgid32", (__NR_SYSCALL_BASE + 216) },
+ { "setfsuid", (__NR_SYSCALL_BASE + 138) },
+ { "setfsuid32", (__NR_SYSCALL_BASE + 215) },
+ { "setgid", (__NR_SYSCALL_BASE + 46) },
+ { "setgid32", (__NR_SYSCALL_BASE + 214) },
+ { "setgroups", (__NR_SYSCALL_BASE + 81) },
+ { "setgroups32", (__NR_SYSCALL_BASE + 206) },
+ { "sethostname", (__NR_SYSCALL_BASE + 74) },
+ { "setitimer", (__NR_SYSCALL_BASE + 104) },
+ { "set_mempolicy", (__NR_SYSCALL_BASE + 321) },
+ { "setns", (__NR_SYSCALL_BASE + 375) },
+ { "setpgid", (__NR_SYSCALL_BASE + 57) },
+ { "setpriority", (__NR_SYSCALL_BASE + 97) },
+ { "setregid", (__NR_SYSCALL_BASE + 71) },
+ { "setregid32", (__NR_SYSCALL_BASE + 204) },
+ { "setresgid", (__NR_SYSCALL_BASE + 170) },
+ { "setresgid32", (__NR_SYSCALL_BASE + 210) },
+ { "setresuid", (__NR_SYSCALL_BASE + 164) },
+ { "setresuid32", (__NR_SYSCALL_BASE + 208) },
+ { "setreuid", (__NR_SYSCALL_BASE + 70) },
+ { "setreuid32", (__NR_SYSCALL_BASE + 203) },
+ { "setrlimit", (__NR_SYSCALL_BASE + 75) },
+ { "set_robust_list", (__NR_SYSCALL_BASE + 338) },
+ { "setsid", (__NR_SYSCALL_BASE + 66) },
+ { "setsockopt", (__NR_SYSCALL_BASE + 294) },
+ { "set_tid_address", (__NR_SYSCALL_BASE + 256) },
+ { "settimeofday", (__NR_SYSCALL_BASE + 79) },
+ { "setuid", (__NR_SYSCALL_BASE + 23) },
+ { "setuid32", (__NR_SYSCALL_BASE + 213) },
+ { "setxattr", (__NR_SYSCALL_BASE + 226) },
+ { "shmat", (__NR_SYSCALL_BASE + 305) },
+ { "shmctl", (__NR_SYSCALL_BASE + 308) },
+ { "shmdt", (__NR_SYSCALL_BASE + 306) },
+ { "shmget", (__NR_SYSCALL_BASE + 307) },
+ { "shutdown", (__NR_SYSCALL_BASE + 293) },
+ { "sigaction", (__NR_SYSCALL_BASE + 67) },
+ { "sigaltstack", (__NR_SYSCALL_BASE + 186) },
+ { "signalfd", (__NR_SYSCALL_BASE + 349) },
+ { "signalfd4", (__NR_SYSCALL_BASE + 355) },
+ { "sigpending", (__NR_SYSCALL_BASE + 73) },
+ { "sigprocmask", (__NR_SYSCALL_BASE + 126) },
+ { "sigreturn", (__NR_SYSCALL_BASE + 119) },
+ { "sigsuspend", (__NR_SYSCALL_BASE + 72) },
+ { "socket", (__NR_SYSCALL_BASE + 281) },
+ { "socketpair", (__NR_SYSCALL_BASE + 288) },
+ { "splice", (__NR_SYSCALL_BASE + 340) },
+ { "stat", (__NR_SYSCALL_BASE + 106) },
+ { "stat64", (__NR_SYSCALL_BASE + 195) },
+ { "statfs", (__NR_SYSCALL_BASE + 99) },
+ { "statfs64", (__NR_SYSCALL_BASE + 266) },
+ { "swapoff", (__NR_SYSCALL_BASE + 115) },
+ { "swapon", (__NR_SYSCALL_BASE + 87) },
+ { "symlink", (__NR_SYSCALL_BASE + 83) },
+ { "symlinkat", (__NR_SYSCALL_BASE + 331) },
+ { "sync", (__NR_SYSCALL_BASE + 36) },
+ { "sync_file_range2", (__NR_SYSCALL_BASE + 341) },
+ { "syncfs", (__NR_SYSCALL_BASE + 373) },
+ { "_sysctl", (__NR_SYSCALL_BASE + 149) },
+ { "sysfs", (__NR_SYSCALL_BASE + 135) },
+ { "sysinfo", (__NR_SYSCALL_BASE + 116) },
+ { "syslog", (__NR_SYSCALL_BASE + 103) },
+ { "tee", (__NR_SYSCALL_BASE + 342) },
+ { "tgkill", (__NR_SYSCALL_BASE + 268) },
+ { "timer_create", (__NR_SYSCALL_BASE + 257) },
+ { "timer_delete", (__NR_SYSCALL_BASE + 261) },
+ { "timerfd_create", (__NR_SYSCALL_BASE + 350) },
+ { "timerfd_gettime", (__NR_SYSCALL_BASE + 354) },
+ { "timerfd_settime", (__NR_SYSCALL_BASE + 353) },
+ { "timer_getoverrun", (__NR_SYSCALL_BASE + 260) },
+ { "timer_gettime", (__NR_SYSCALL_BASE + 259) },
+ { "timer_settime", (__NR_SYSCALL_BASE + 258) },
+ { "times", (__NR_SYSCALL_BASE + 43) },
+ { "tkill", (__NR_SYSCALL_BASE + 238) },
+ { "truncate", (__NR_SYSCALL_BASE + 92) },
+ { "truncate64", (__NR_SYSCALL_BASE + 193) },
+ { "umask", (__NR_SYSCALL_BASE + 60) },
+ { "umount2", (__NR_SYSCALL_BASE + 52) },
+ { "uname", (__NR_SYSCALL_BASE + 122) },
+ { "unlink", (__NR_SYSCALL_BASE + 10) },
+ { "unlinkat", (__NR_SYSCALL_BASE + 328) },
+ { "unshare", (__NR_SYSCALL_BASE + 337) },
+ { "uselib", (__NR_SYSCALL_BASE + 86) },
+ { "ustat", (__NR_SYSCALL_BASE + 62) },
+ { "utimensat", (__NR_SYSCALL_BASE + 348) },
+ { "utimes", (__NR_SYSCALL_BASE + 269) },
+ { "vfork", (__NR_SYSCALL_BASE + 190) },
+ { "vhangup", (__NR_SYSCALL_BASE + 111) },
+ { "vmsplice", (__NR_SYSCALL_BASE + 343) },
+ { "vserver", (__NR_SYSCALL_BASE + 313) },
+ { "wait4", (__NR_SYSCALL_BASE + 114) },
+ { "waitid", (__NR_SYSCALL_BASE + 280) },
+ { "write", (__NR_SYSCALL_BASE + 4) },
+ { "writev", (__NR_SYSCALL_BASE + 146) },
+ { "ugetrlimit", (__NR_SYSCALL_BASE + 191) }, /* SuS compliant
getrlimit */
+ { NULL, __NR_SCMP_ERROR },
+};
+
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the
syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int aarch64_syscall_resolve_name(const char *name)
+{
+ unsigned int iter;
+ const struct arch_syscall_def *table = aarch64_syscall_table;
+
+ /* XXX - plenty of room for future improvement here */
+ for (iter = 0; table[iter].name != NULL; iter++) {
+ if (strcmp(name, table[iter].name) == 0)
+ return table[iter].num;
+ }
+
+ return __NR_SCMP_ERROR;
+}
+
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the
syscall table.
+ * Returns a pointer to the syscall name string on success, including
pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *aarch64_syscall_resolve_num(int num)
+{
+ unsigned int iter;
+ const struct arch_syscall_def *table = aarch64_syscall_table;
+
+ /* XXX - plenty of room for future improvement here */
+ for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
+ if (num == table[iter].num)
+ return table[iter].name;
+ }
+
+ return NULL;
+}
+
diff --git a/src/arch-aarch64.c b/src/arch-aarch64.c
new file mode 100644
index 0000000..a4fbffb
--- /dev/null
+++ b/src/arch-aarch64.c
@@ -0,0 +1,34 @@
+/**
+ * Enhanced Seccomp AArch64 Syscall Table
+ *
+ * Copyright (c) 2014 Red Hat <[email protected]>
+ * Author: Marcin Juszkiewicz <[email protected]>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public
License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but
WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <stdlib.h>
+#include <errno.h>
+#include <linux/audit.h>
+
+#include "arch.h"
+#include "arch-aarch64.h"
+
+const struct arch_def arch_def_aarch64 = {
+ .token = SCMP_ARCH_AARCH64,
+ .token_bpf = AUDIT_ARCH_AARCH64,
+ .size = ARCH_SIZE_64,
+ .endian = ARCH_ENDIAN_LITTLE,
+};
diff --git a/src/arch-aarch64.h b/src/arch-aarch64.h
new file mode 100644
index 0000000..9c1c0d3
--- /dev/null
+++ b/src/arch-aarch64.h
@@ -0,0 +1,37 @@
+/**
+ * Enhanced Seccomp AArch64 Syscall Table
+ *
+ * Copyright (c) 2014 Red Hat <[email protected]>
+ * Author: Marcin Juszkiewicz <[email protected]>
+ */
+
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public
License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but
WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#ifndef _ARCH_AARCH64_H
+#define _ARCH_AARCH64_H
+
+#include <inttypes.h>
+
+#include "arch.h"
+#include "system.h"
+
+#define aarch64_arg_count_max 6
+
+extern const struct arch_def arch_def_aarch64;
+
+int aarch64_syscall_resolve_name(const char *name);
+const char *aarch64_syscall_resolve_num(int num);
+
+#endif
diff --git a/src/arch.c b/src/arch.c
index 47a539d..c0eaf74 100644
--- a/src/arch.c
+++ b/src/arch.c
@@ -34,6 +34,7 @@
#include "arch-x86_64.h"
#include "arch-x32.h"
#include "arch-arm.h"
+#include "arch-aarch64.h"
#include "system.h"
#if __i386__
@@ -46,6 +47,8 @@ const struct arch_def *arch_def_native = &arch_def_x86_64;
#endif /* __ILP32__ */
#elif __arm__
const struct arch_def *arch_def_native = &arch_def_arm;
+#elif __aarch64__
+const struct arch_def *arch_def_native = &arch_def_aarch64;
#else
#error the arch code needs to know about your machine type
#endif /* machine type guess */
--
1.9.3
------------------------------------------------------------------------------
Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet
_______________________________________________
libseccomp-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/libseccomp-discuss
