From 164c87383f016db422341a35eaaf3abf63c8478a Mon Sep 17 00:00:00 2001 From: rpm-build Date: Thu, 21 Sep 2023 18:21:01 +0800 Subject: [PATCH] add sw_64 support not upstream modified files --- README.md | 1 + doc/man/man1/scmp_sys_resolver.1 | 2 +- doc/man/man3/seccomp_arch_add.3 | 1 + include/seccomp-syscalls.h | 12 ++++++++++++ include/seccomp.h | 10 ++++++++++ include/seccomp.h.in | 10 ++++++++++ src/Makefile.am | 1 + src/Makefile.in | 18 ++++++++++++++++++ src/arch-syscall-dump.c | 4 ++++ src/arch-syscall-validate | 21 ++++++++++++++++++++- src/arch.c | 7 +++++++ src/gen_pfc.c | 2 ++ src/python/libseccomp.pxd | 1 + src/python/seccomp.pyx | 4 ++++ src/syscalls.h | 2 ++ src/system.c | 1 + tools/scmp_arch_detect.c | 3 +++ tools/scmp_bpf_sim.c | 2 ++ tools/util.c | 2 ++ tools/util.h | 9 +++++++++ 20 files changed, 111 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a83a54a..61fe179 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,7 @@ The libseccomp library currently supports the architectures listed below: * 64-bit x86 x32 ABI (x32) * 32-bit ARM EABI (arm) * 64-bit ARM (aarch64) +* 64-bit SW (sw_64) * 32-bit MIPS (mips) * 32-bit MIPS little endian (mipsel) * 64-bit MIPS (mips64) diff --git a/doc/man/man1/scmp_sys_resolver.1 b/doc/man/man1/scmp_sys_resolver.1 index a223607..98c1e67 100644 --- a/doc/man/man1/scmp_sys_resolver.1 +++ b/doc/man/man1/scmp_sys_resolver.1 @@ -34,7 +34,7 @@ special manner by libseccomp depending on the operation. .B \-a \fIARCH The architecture to use for resolving the system call. Valid .I ARCH -values are "x86", "x86_64", "x32", "arm", "aarch64", "mips", "mipsel", "mips64", +values are "x86", "x86_64", "x32", "arm","sw_64", "aarch64", "mips", "mipsel", "mips64", "mipsel64", "mips64n32", "mipsel64n32", "parisc", "parisc64", "ppc", "ppc64", "ppc64le", "s390" and "s390x". .TP diff --git a/doc/man/man3/seccomp_arch_add.3 b/doc/man/man3/seccomp_arch_add.3 index da6ee76..92fdbfa 100644 --- a/doc/man/man3/seccomp_arch_add.3 +++ b/doc/man/man3/seccomp_arch_add.3 @@ -17,6 +17,7 @@ seccomp_arch_add, seccomp_arch_remove, seccomp_arch_exist, seccomp_arch_native \ .B #define SCMP_ARCH_X32 .B #define SCMP_ARCH_ARM .B #define SCMP_ARCH_AARCH64 +.B #define SCMP_ARCH_SW_64 .B #define SCMP_ARCH_MIPS .B #define SCMP_ARCH_MIPS64 .B #define SCMP_ARCH_MIPS64N32 diff --git a/include/seccomp-syscalls.h b/include/seccomp-syscalls.h index 8019d29..83f8282 100644 --- a/include/seccomp-syscalls.h +++ b/include/seccomp-syscalls.h @@ -376,6 +376,8 @@ #ifdef __NR_breakpoint #ifdef __ARM_NR_breakpoint #define __SNR_breakpoint __ARM_NR_breakpoint +#elif defined __SW_64_NR_breakpoint +#define __SNR_breakpoint __SW_64_NR_breakpoint #else #define __SNR_breakpoint __NR_breakpoint #endif @@ -394,6 +396,8 @@ #ifdef __NR_cacheflush #ifdef __ARM_NR_cacheflush #define __SNR_cacheflush __ARM_NR_cacheflush +#elif defined __SW_64_NR_cacheflush +#define __SNR_cacheflush __SW_64_NR_cacheflush #else #define __SNR_cacheflush __NR_cacheflush #endif @@ -752,6 +756,8 @@ #ifdef __NR_get_tls #ifdef __ARM_NR_get_tls #define __SNR_get_tls __ARM_NR_get_tls +#elif defined __SW_64_NR_get_tls +#define __SNR_get_tls __SW_64_NR_get_tls #else #define __SNR_get_tls __NR_get_tls #endif @@ -1736,6 +1742,8 @@ #ifdef __NR_set_tls #ifdef __ARM_NR_set_tls #define __SNR_set_tls __ARM_NR_set_tls +#elif defined __SW_64_NR_set_tls +#define __SNR_set_tls __SW_64_NR_set_tls #else #define __SNR_set_tls __NR_set_tls #endif @@ -2248,6 +2256,8 @@ #ifdef __NR_usr26 #ifdef __ARM_NR_usr26 #define __SNR_usr26 __NR_usr26 +#elif defined __SW_64_NR_usr26 +#define __SNR_usr26 __NR_usr26 #else #define __SNR_usr26 __NR_usr26 #endif @@ -2258,6 +2268,8 @@ #ifdef __NR_usr32 #ifdef __ARM_NR_usr32 #define __SNR_usr32 __NR_usr32 +#elif defined __SW_64_NR_usr32 +#define __SNR_usr32 __NR_usr32 #else #define __SNR_usr32 __NR_usr32 #endif diff --git a/include/seccomp.h b/include/seccomp.h index 1fdecb3..e9fadee 100644 --- a/include/seccomp.h +++ b/include/seccomp.h @@ -141,6 +141,16 @@ struct scmp_arg_cmp { * The ARM architecture tokens */ #define SCMP_ARCH_ARM AUDIT_ARCH_ARM + +/* Sw_64 support for audit was merged in 3.17-rc1 */ +#ifndef AUDIT_ARCH_SW_64 +#ifndef EM_SW_64 +#define EM_SW_64 0x9916 +#endif /* EM_SW_64 */ +#define AUDIT_ARCH_SW_64 (EM_SW_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) +#endif /* AUDIT_ARCH_SW_64 */ +#define SCMP_ARCH_SW_64 AUDIT_ARCH_SW_64 + /* AArch64 support for audit was merged in 3.17-rc1 */ #ifndef AUDIT_ARCH_AARCH64 #ifndef EM_AARCH64 diff --git a/include/seccomp.h.in b/include/seccomp.h.in index ef4c6e4..5364c62 100644 --- a/include/seccomp.h.in +++ b/include/seccomp.h.in @@ -141,6 +141,16 @@ struct scmp_arg_cmp { * The ARM architecture tokens */ #define SCMP_ARCH_ARM AUDIT_ARCH_ARM + +/* Sw_64 support for audit was merged in 3.17-rc1 */ +#ifndef AUDIT_ARCH_SW_64 +#ifndef EM_SW_64 +#define EM_SW_64 0x9916 +#endif /* EM_SW_64 */ +#define AUDIT_ARCH_SW_64 (EM_SW_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) +#endif /* AUDIT_ARCH_SW_64 */ +#define SCMP_ARCH_SW_64 AUDIT_ARCH_SW_64 + /* AArch64 support for audit was merged in 3.17-rc1 */ #ifndef AUDIT_ARCH_AARCH64 #ifndef EM_AARCH64 diff --git a/src/Makefile.am b/src/Makefile.am index 1e5c092..4bca273 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -31,6 +31,7 @@ SOURCES_ALL = \ arch-x86_64.h arch-x86_64.c \ arch-x32.h arch-x32.c \ arch-arm.h arch-arm.c \ + arch-sw_64.h arch-sw_64.c \ arch-aarch64.h arch-aarch64.c \ arch-mips.h arch-mips.c \ arch-mips64.h arch-mips64.c \ diff --git a/src/Makefile.in b/src/Makefile.in index 1e10b51..de0538e 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -158,6 +158,7 @@ am__objects_1 = libseccomp_la-api.lo libseccomp_la-system.lo \ libseccomp_la-arch-x86.lo libseccomp_la-arch-x86_64.lo \ libseccomp_la-arch-x32.lo libseccomp_la-arch-arm.lo \ libseccomp_la-arch-aarch64.lo libseccomp_la-arch-mips.lo \ + libseccomp_la-arch-sw_64.lo \ libseccomp_la-arch-mips64.lo libseccomp_la-arch-mips64n32.lo \ libseccomp_la-arch-parisc.lo libseccomp_la-arch-parisc64.lo \ libseccomp_la-arch-ppc.lo libseccomp_la-arch-ppc64.lo \ @@ -178,6 +179,7 @@ am__objects_2 = api.$(OBJEXT) system.$(OBJEXT) helper.$(OBJEXT) \ db.$(OBJEXT) arch.$(OBJEXT) arch-x86.$(OBJEXT) \ arch-x86_64.$(OBJEXT) arch-x32.$(OBJEXT) arch-arm.$(OBJEXT) \ arch-aarch64.$(OBJEXT) arch-mips.$(OBJEXT) \ + arch-sw_64.$(OBJEXT) \ arch-mips64.$(OBJEXT) arch-mips64n32.$(OBJEXT) \ arch-parisc.$(OBJEXT) arch-parisc64.$(OBJEXT) \ arch-ppc.$(OBJEXT) arch-ppc64.$(OBJEXT) arch-riscv64.$(OBJEXT) \ @@ -204,6 +206,7 @@ depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp am__maybe_remake_depfiles = depfiles am__depfiles_remade = ./$(DEPDIR)/api.Po ./$(DEPDIR)/arch-aarch64.Po \ ./$(DEPDIR)/arch-arm.Po ./$(DEPDIR)/arch-mips.Po \ + ./$(DEPDIR)/arch-sw_64.Po \ ./$(DEPDIR)/arch-mips64.Po ./$(DEPDIR)/arch-mips64n32.Po \ ./$(DEPDIR)/arch-parisc.Po ./$(DEPDIR)/arch-parisc64.Po \ ./$(DEPDIR)/arch-ppc.Po ./$(DEPDIR)/arch-ppc64.Po \ @@ -216,6 +219,7 @@ am__depfiles_remade = ./$(DEPDIR)/api.Po ./$(DEPDIR)/arch-aarch64.Po \ ./$(DEPDIR)/helper.Po ./$(DEPDIR)/libseccomp_la-api.Plo \ ./$(DEPDIR)/libseccomp_la-arch-aarch64.Plo \ ./$(DEPDIR)/libseccomp_la-arch-arm.Plo \ + ./$(DEPDIR)/libseccomp_la-arch-sw_64.Plo \ ./$(DEPDIR)/libseccomp_la-arch-mips.Plo \ ./$(DEPDIR)/libseccomp_la-arch-mips64.Plo \ ./$(DEPDIR)/libseccomp_la-arch-mips64n32.Plo \ @@ -505,6 +509,7 @@ SOURCES_ALL = \ arch-x86_64.h arch-x86_64.c \ arch-x32.h arch-x32.c \ arch-arm.h arch-arm.c \ + arch-sw_64.h arch-sw_64.c \ arch-aarch64.h arch-aarch64.c \ arch-mips.h arch-mips.c \ arch-mips64.h arch-mips64.c \ @@ -627,6 +632,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/api.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/arch-aarch64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/arch-arm.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/arch-sw_64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/arch-mips.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/arch-mips64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/arch-mips64n32.Po@am__quote@ # am--include-marker @@ -650,6 +656,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libseccomp_la-api.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libseccomp_la-arch-aarch64.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libseccomp_la-arch-arm.Plo@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libseccomp_la-arch-sw_64.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libseccomp_la-arch-mips.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libseccomp_la-arch-mips64.Plo@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libseccomp_la-arch-mips64n32.Plo@am__quote@ # am--include-marker @@ -790,6 +797,13 @@ libseccomp_la-arch-arm.lo: arch-arm.c @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libseccomp_la_CPPFLAGS) $(CPPFLAGS) $(libseccomp_la_CFLAGS) $(CFLAGS) -c -o libseccomp_la-arch-arm.lo `test -f 'arch-arm.c' || echo '$(srcdir)/'`arch-arm.c +libseccomp_la-arch-sw_64.lo: arch-sw_64.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libseccomp_la_CPPFLAGS) $(CPPFLAGS) $(libseccomp_la_CFLAGS) $(CFLAGS) -MT libseccomp_la-arch-sw_64.lo -MD -MP -MF $(DEPDIR)/libseccomp_la-arch-sw_64.Tpo -c -o libseccomp_la-arch-sw_64.lo `test -f 'arch-sw_64.c' || echo '$(srcdir)/'`arch-sw_64.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libseccomp_la-arch-sw_64.Tpo $(DEPDIR)/libseccomp_la-arch-sw_64.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='arch-sw_64.c' object='libseccomp_la-arch-sw_64.lo'libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libseccomp_la_CPPFLAGS) $(CPPFLAGS) $(libseccomp_la_CFLAGS) $(CFLAGS) -c -o libseccomp_la-arch-sw_64.lo `test -f 'arch-sw_64.c' || echo '$(srcdir)/'`arch-sw_64.c + libseccomp_la-arch-aarch64.lo: arch-aarch64.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libseccomp_la_CPPFLAGS) $(CPPFLAGS) $(libseccomp_la_CFLAGS) $(CFLAGS) -MT libseccomp_la-arch-aarch64.lo -MD -MP -MF $(DEPDIR)/libseccomp_la-arch-aarch64.Tpo -c -o libseccomp_la-arch-aarch64.lo `test -f 'arch-aarch64.c' || echo '$(srcdir)/'`arch-aarch64.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libseccomp_la-arch-aarch64.Tpo $(DEPDIR)/libseccomp_la-arch-aarch64.Plo @@ -1187,6 +1201,7 @@ distclean: distclean-recursive -rm -f ./$(DEPDIR)/api.Po -rm -f ./$(DEPDIR)/arch-aarch64.Po -rm -f ./$(DEPDIR)/arch-arm.Po + -rm -f ./$(DEPDIR)/arch-sw_64.Po -rm -f ./$(DEPDIR)/arch-mips.Po -rm -f ./$(DEPDIR)/arch-mips64.Po -rm -f ./$(DEPDIR)/arch-mips64n32.Po @@ -1210,6 +1225,7 @@ distclean: distclean-recursive -rm -f ./$(DEPDIR)/libseccomp_la-api.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-aarch64.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-arm.Plo + -rm -f ./$(DEPDIR)/libseccomp_la-arch-sw_64.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-mips.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-mips64.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-mips64n32.Plo @@ -1283,6 +1299,7 @@ maintainer-clean: maintainer-clean-recursive -rm -f ./$(DEPDIR)/api.Po -rm -f ./$(DEPDIR)/arch-aarch64.Po -rm -f ./$(DEPDIR)/arch-arm.Po + -rm -f ./$(DEPDIR)/arch-sw_64.Po -rm -f ./$(DEPDIR)/arch-mips.Po -rm -f ./$(DEPDIR)/arch-mips64.Po -rm -f ./$(DEPDIR)/arch-mips64n32.Po @@ -1306,6 +1323,7 @@ maintainer-clean: maintainer-clean-recursive -rm -f ./$(DEPDIR)/libseccomp_la-api.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-aarch64.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-arm.Plo + -rm -f ./$(DEPDIR)/libseccomp_la-arch-sw_64.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-mips.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-mips64.Plo -rm -f ./$(DEPDIR)/libseccomp_la-arch-mips64n32.Plo diff --git a/src/arch-syscall-dump.c b/src/arch-syscall-dump.c index 2055d34..216958a 100644 --- a/src/arch-syscall-dump.c +++ b/src/arch-syscall-dump.c @@ -34,6 +34,7 @@ #include "arch-x86_64.h" #include "arch-x32.h" #include "arch-arm.h" +#include "arch-sw_64.h" #include "arch-mips.h" #include "arch-mips64.h" #include "arch-mips64n32.h" @@ -103,6 +104,9 @@ int main(int argc, char *argv[]) case SCMP_ARCH_ARM: sys = arm_syscall_iterate(iter); break; + case SCMP_ARCH_SW_64: + sys = sw_64_syscall_iterate(iter); + break; case SCMP_ARCH_AARCH64: sys = aarch64_syscall_iterate(iter); break; diff --git a/src/arch-syscall-validate b/src/arch-syscall-validate index 91b6bef..647833b 100755 --- a/src/arch-syscall-validate +++ b/src/arch-syscall-validate @@ -174,6 +174,13 @@ function dump_sys_x86() { grep -v "^#" | awk '{ print $3","$1 }' | \ sort } +function dump_sys_sw_64() { + cat $1/arch/sw_64/kernel/syscalls/syscall.tbl | \ + grep -v "^#" | awk '{ print $3"\t"$1 }' | sed '/^[ \t]*$/d' | \ + sort +} + + # # Dump the x86 library syscall table @@ -567,6 +574,10 @@ function dump_lib_s390x() { dump_lib_arch s390x | mangle_lib_syscall s390x } +function dump_lib_sw_64() { + dump_lib_arch sw_64 +} + # # Dump the system syscall table # @@ -623,6 +634,9 @@ function dump_sys() { s390x) dump_sys_s390x "$2" ;; + sw_64) + dump_sys_sw_64 "$2" + ;; *) echo "" return 1 @@ -687,6 +701,9 @@ function dump_lib() { s390x) dump_lib_s390x ;; + sw_64) + dump_lib_sw_64 + ;; *) echo "" return 1 @@ -722,6 +739,7 @@ function gen_csv() { abi_list+=" ppc ppc64" abi_list+=" riscv64" abi_list+=" s390 s390x" + abi_list+=" sw_64" # get the full syscall list for abi in $abi_list; do @@ -809,7 +827,8 @@ if [[ $opt_arches == "" ]]; then mips mips64 mips64n32 \ parisc parisc64 \ ppc ppc64 \ - s390 s390x" + s390 s390x \ + sw_64" fi # sanity checks diff --git a/src/arch.c b/src/arch.c index 8ef77b1..13ba0bd 100644 --- a/src/arch.c +++ b/src/arch.c @@ -35,6 +35,7 @@ #include "arch-x32.h" #include "arch-arm.h" #include "arch-aarch64.h" +#include "arch-sw_64.h" #include "arch-mips.h" #include "arch-mips64.h" #include "arch-mips64n32.h" @@ -60,6 +61,8 @@ const struct arch_def *arch_def_native = &arch_def_x86_64; #endif /* __ILP32__ */ #elif __arm__ const struct arch_def *arch_def_native = &arch_def_arm; +#elif __sw_64__ +const struct arch_def *arch_def_native = &arch_def_sw_64; #elif __aarch64__ const struct arch_def *arch_def_native = &arch_def_aarch64; #elif __mips__ && _MIPS_SIM == _MIPS_SIM_ABI32 @@ -132,6 +135,8 @@ const struct arch_def *arch_def_lookup(uint32_t token) return &arch_def_x32; case SCMP_ARCH_ARM: return &arch_def_arm; + case SCMP_ARCH_SW_64: + return &arch_def_sw_64; case SCMP_ARCH_AARCH64: return &arch_def_aarch64; case SCMP_ARCH_MIPS: @@ -184,6 +189,8 @@ const struct arch_def *arch_def_lookup_name(const char *arch_name) return &arch_def_x32; else if (strcmp(arch_name, "arm") == 0) return &arch_def_arm; + else if (strcmp(arch_name, "sw_64") == 0) + return &arch_def_sw_64; else if (strcmp(arch_name, "aarch64") == 0) return &arch_def_aarch64; else if (strcmp(arch_name, "mips") == 0) diff --git a/src/gen_pfc.c b/src/gen_pfc.c index 2e38eb6..1ce5adf 100644 --- a/src/gen_pfc.c +++ b/src/gen_pfc.c @@ -59,6 +59,8 @@ static const char *_pfc_arch(const struct arch_def *arch) return "x32"; case SCMP_ARCH_ARM: return "arm"; + case SCMP_ARCH_SW_64: + return "sw_64"; case SCMP_ARCH_AARCH64: return "aarch64"; case SCMP_ARCH_MIPS: diff --git a/src/python/libseccomp.pxd b/src/python/libseccomp.pxd index 0629bf1..d51ebad 100644 --- a/src/python/libseccomp.pxd +++ b/src/python/libseccomp.pxd @@ -37,6 +37,7 @@ cdef extern from "seccomp.h": SCMP_ARCH_X86_64 SCMP_ARCH_X32 SCMP_ARCH_ARM + SCMP_ARCH_SW_64 SCMP_ARCH_AARCH64 SCMP_ARCH_MIPS SCMP_ARCH_MIPS64 diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx index 2eeabc1..0095f43 100644 --- a/src/python/seccomp.pyx +++ b/src/python/seccomp.pyx @@ -203,6 +203,7 @@ cdef class Arch: X86_64 - 64-bit x86 X32 - 64-bit x86 using the x32 ABI ARM - ARM + SW_64 - SW_64 AARCH64 - 64-bit ARM MIPS - MIPS O32 ABI MIPS64 - MIPS 64-bit ABI @@ -224,6 +225,7 @@ cdef class Arch: X86_64 = libseccomp.SCMP_ARCH_X86_64 X32 = libseccomp.SCMP_ARCH_X32 ARM = libseccomp.SCMP_ARCH_ARM + SW_64 = libseccomp.SCMP_ARCH_SW_64 AARCH64 = libseccomp.SCMP_ARCH_AARCH64 MIPS = libseccomp.SCMP_ARCH_MIPS MIPS64 = libseccomp.SCMP_ARCH_MIPS64 @@ -260,6 +262,8 @@ cdef class Arch: self._token = libseccomp.SCMP_ARCH_X32 elif arch == libseccomp.SCMP_ARCH_ARM: self._token = libseccomp.SCMP_ARCH_ARM + elif arch == libseccomp.SCMP_ARCH_SW_64: + self._token = libseccomp.SCMP_ARCH_SW_64 elif arch == libseccomp.SCMP_ARCH_AARCH64: self._token = libseccomp.SCMP_ARCH_AARCH64 elif arch == libseccomp.SCMP_ARCH_MIPS: diff --git a/src/syscalls.h b/src/syscalls.h index af468a1..17c6f21 100644 --- a/src/syscalls.h +++ b/src/syscalls.h @@ -27,6 +27,7 @@ #include "arch-x86.h" #include "arch-x86.h" #include "arch-riscv64.h" +#include "arch-sw_64.h" /* NOTE: changes to the arch_syscall_table layout may require changes to the * generate_syscalls_perf.sh and arch-syscall-validate scripts */ @@ -51,6 +52,7 @@ struct arch_syscall_table { int riscv64; int s390; int s390x; + int sw_64; }; #define OFFSET_ARCH(NAME) offsetof(struct arch_syscall_table, NAME) diff --git a/src/system.c b/src/system.c index ae445bf..f35da74 100644 --- a/src/system.c +++ b/src/system.c @@ -125,6 +125,7 @@ int sys_chk_seccomp_syscall(void) switch (arch_def_native->token) { case SCMP_ARCH_X86_64: case SCMP_ARCH_ARM: + case SCMP_ARCH_SW_64: case SCMP_ARCH_AARCH64: case SCMP_ARCH_PPC64: case SCMP_ARCH_PPC64LE: diff --git a/tools/scmp_arch_detect.c b/tools/scmp_arch_detect.c index b844a68..21233d4 100644 --- a/tools/scmp_arch_detect.c +++ b/tools/scmp_arch_detect.c @@ -78,6 +78,9 @@ int main(int argc, char *argv[]) case SCMP_ARCH_ARM: printf("arm\n"); break; + case SCMP_ARCH_SW_64: + printf("sw_64\n"); + break; case SCMP_ARCH_AARCH64: printf("aarch64\n"); break; diff --git a/tools/scmp_bpf_sim.c b/tools/scmp_bpf_sim.c index a381314..c86e451 100644 --- a/tools/scmp_bpf_sim.c +++ b/tools/scmp_bpf_sim.c @@ -257,6 +257,8 @@ int main(int argc, char *argv[]) arch = AUDIT_ARCH_X86_64; else if (strcmp(optarg, "arm") == 0) arch = AUDIT_ARCH_ARM; + else if (strcmp(optarg, "sw_64") == 0) + arch = AUDIT_ARCH_SW_64; else if (strcmp(optarg, "aarch64") == 0) arch = AUDIT_ARCH_AARCH64; else if (strcmp(optarg, "mips") == 0) diff --git a/tools/util.c b/tools/util.c index 5687b30..07c86ad 100644 --- a/tools/util.c +++ b/tools/util.c @@ -42,6 +42,8 @@ #endif /* __ILP32__ */ #elif __arm__ #define ARCH_NATIVE AUDIT_ARCH_ARM +#elif __sw_64__ +#define ARCH_NATIVE AUDIT_ARCH_SW_64 #elif __aarch64__ #define ARCH_NATIVE AUDIT_ARCH_AARCH64 #elif __mips__ && _MIPS_SIM == _MIPS_SIM_ABI32 diff --git a/tools/util.h b/tools/util.h index 6c2ca33..ac3a238 100644 --- a/tools/util.h +++ b/tools/util.h @@ -26,6 +26,15 @@ #include #include +/* Sw_64 support for audit was merged in 3.17-rc1 */ +#ifndef AUDIT_ARCH_SW_64 +#ifndef EM_SW_64 +#define EM_SW_64 0x9916 +#endif /* EM_SW_64 */ +#define AUDIT_ARCH_SW_64 (EM_SW_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) +#endif /* AUDIT_ARCH_SW_64 */ + + /** * The ARM architecture tokens */ -- 2.33.0