Andrew Geissler | 5f35090 | 2021-07-23 13:09:54 -0400 | [diff] [blame] | 1 | From 6d127a0463ea2d7bb5021562678324e28e0407e5 Mon Sep 17 00:00:00 2001 |
| 2 | From: Khem Raj <raj.khem@gmail.com> |
| 3 | Date: Tue, 8 Jun 2021 19:45:34 -0700 |
| 4 | Subject: [PATCH 1/2] arch: Add riscv32 architecture support |
| 5 | |
| 6 | Support for rv32 was upstreamed into 5.4+ kernel |
| 7 | |
| 8 | Upstream-Status: Submitted [https://github.com/seccomp/libseccomp/pull/327] |
| 9 | Signed-off-by: Khem Raj <raj.khem@gmail.com> |
| 10 | --- |
| 11 | CREDITS | 1 + |
| 12 | README.md | 1 + |
| 13 | doc/man/man1/scmp_sys_resolver.1 | 2 +- |
| 14 | doc/man/man3/seccomp_arch_add.3 | 1 + |
| 15 | include/seccomp-syscalls.h | 31 ++++++++++++++++++ |
| 16 | include/seccomp.h.in | 9 ++++++ |
| 17 | src/Makefile.am | 1 + |
| 18 | src/arch-riscv32.c | 31 ++++++++++++++++++ |
| 19 | src/arch-riscv32.h | 22 +++++++++++++ |
| 20 | src/arch-syscall-dump.c | 4 +++ |
| 21 | src/arch-syscall-validate | 51 +++++++++++++++++++++++++++++- |
| 22 | src/arch.c | 11 ++++++- |
| 23 | src/gen_pfc.c | 2 ++ |
| 24 | src/python/libseccomp.pxd | 1 + |
| 25 | src/python/seccomp.pyx | 2 ++ |
| 26 | src/syscalls.c | 1 + |
| 27 | src/syscalls.csv | 2 +- |
| 28 | src/syscalls.h | 2 ++ |
| 29 | src/system.c | 1 + |
| 30 | tests/15-basic-resolver.c | 1 + |
| 31 | tests/16-sim-arch_basic.c | 6 ++++ |
| 32 | tests/16-sim-arch_basic.py | 1 + |
| 33 | tests/23-sim-arch_all_le_basic.c | 3 ++ |
| 34 | tests/23-sim-arch_all_le_basic.py | 1 + |
| 35 | tests/56-basic-iterate_syscalls.c | 1 + |
| 36 | tests/56-basic-iterate_syscalls.py | 1 + |
| 37 | tests/regression | 5 +-- |
| 38 | tools/scmp_arch_detect.c | 3 ++ |
| 39 | tools/scmp_bpf_disasm.c | 2 ++ |
| 40 | tools/scmp_bpf_sim.c | 2 ++ |
| 41 | tools/util.c | 6 +++- |
| 42 | tools/util.h | 7 ++++ |
| 43 | 32 files changed, 208 insertions(+), 7 deletions(-) |
| 44 | create mode 100644 src/arch-riscv32.c |
| 45 | create mode 100644 src/arch-riscv32.h |
| 46 | |
| 47 | diff --git a/CREDITS b/CREDITS |
| 48 | index d6bbc2a..ad2f7e0 100644 |
| 49 | --- a/CREDITS |
| 50 | +++ b/CREDITS |
| 51 | @@ -33,6 +33,7 @@ John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> |
| 52 | Jonah Petri <jonah@petri.us> |
| 53 | Justin Cormack <justin.cormack@docker.com> |
| 54 | Kees Cook <keescook@chromium.org> |
| 55 | +Khem Raj <raj.khem@gmail.com> |
| 56 | Kyle R. Conway <kyle.r.conway@gmail.com> |
| 57 | Kenta Tada <Kenta.Tada@sony.com> |
| 58 | Luca Bruno <lucab@debian.org> |
| 59 | diff --git a/README.md b/README.md |
| 60 | index ba02186..2cd718f 100644 |
| 61 | --- a/README.md |
| 62 | +++ b/README.md |
| 63 | @@ -54,6 +54,7 @@ The libseccomp library currently supports the architectures listed below: |
| 64 | * 32-bit s390 (s390) |
| 65 | * 64-bit s390x (s390x) |
| 66 | * 64-bit RISC-V (riscv64) |
| 67 | +* 32-bit RISC-V (riscv32) |
| 68 | * 32-bit SuperH big endian (sheb) |
| 69 | * 32-bit SuperH (sh) |
| 70 | |
| 71 | diff --git a/doc/man/man1/scmp_sys_resolver.1 b/doc/man/man1/scmp_sys_resolver.1 |
| 72 | index 267187b..fc68d18 100644 |
| 73 | --- a/doc/man/man1/scmp_sys_resolver.1 |
| 74 | +++ b/doc/man/man1/scmp_sys_resolver.1 |
| 75 | @@ -36,7 +36,7 @@ The architecture to use for resolving the system call. Valid |
| 76 | .I ARCH |
| 77 | values are "x86", "x86_64", "x32", "arm", "aarch64", "mips", "mipsel", "mips64", |
| 78 | "mipsel64", "mips64n32", "mipsel64n32", "parisc", "parisc64", "ppc", "ppc64", |
| 79 | -"ppc64le", "s390", "s390x", "sheb" and "sh". |
| 80 | +"ppc64le", "riscv32", "s390", "s390x", "sheb" and "sh". |
| 81 | .TP |
| 82 | .B \-t |
| 83 | If necessary, translate the system call name to the proper system call number, |
| 84 | diff --git a/doc/man/man3/seccomp_arch_add.3 b/doc/man/man3/seccomp_arch_add.3 |
| 85 | index 7baa21e..8966b3a 100644 |
| 86 | --- a/doc/man/man3/seccomp_arch_add.3 |
| 87 | +++ b/doc/man/man3/seccomp_arch_add.3 |
| 88 | @@ -30,6 +30,7 @@ seccomp_arch_add, seccomp_arch_remove, seccomp_arch_exist, seccomp_arch_native \ |
| 89 | .B #define SCMP_ARCH_S390X |
| 90 | .B #define SCMP_ARCH_PARISC |
| 91 | .B #define SCMP_ARCH_PARISC64 |
| 92 | +.B #define SCMP_ARCH_RISCV32 |
| 93 | .B #define SCMP_ARCH_RISCV64 |
| 94 | .sp |
| 95 | .BI "uint32_t seccomp_arch_resolve_name(const char *" arch_name ");" |
| 96 | diff --git a/include/seccomp-syscalls.h b/include/seccomp-syscalls.h |
| 97 | index c694db1..c6ea5ca 100644 |
| 98 | --- a/include/seccomp-syscalls.h |
| 99 | +++ b/include/seccomp-syscalls.h |
| 100 | @@ -275,6 +275,13 @@ |
| 101 | #define __PNR_ppoll -10241 |
| 102 | #define __PNR_renameat -10242 |
| 103 | #define __PNR_riscv_flush_icache -10243 |
| 104 | +#define __PNR_fstat -10244 |
| 105 | +#define __PNR_futex -10245 |
| 106 | +#define __PNR_nanosleep -10246 |
| 107 | +#define __PNR_lseek -10247 |
| 108 | +#define __PNR_clock_gettime -10248 |
| 109 | +#define __PNR_clock_nanosleep -10249 |
| 110 | +#define __PNR_gettimeofday -10250 |
| 111 | |
| 112 | /* |
| 113 | * libseccomp syscall definitions |
| 114 | @@ -442,7 +449,11 @@ |
| 115 | #define __SNR_clock_getres_time64 __PNR_clock_getres_time64 |
| 116 | #endif |
| 117 | |
| 118 | +#ifdef __NR_clock_gettime |
| 119 | #define __SNR_clock_gettime __NR_clock_gettime |
| 120 | +#else |
| 121 | +#define __SNR_clock_gettime __PNR_clock_gettime |
| 122 | +#endif |
| 123 | |
| 124 | #ifdef __NR_clock_gettime64 |
| 125 | #define __SNR_clock_gettime64 __NR_clock_gettime64 |
| 126 | @@ -450,7 +461,11 @@ |
| 127 | #define __SNR_clock_gettime64 __PNR_clock_gettime64 |
| 128 | #endif |
| 129 | |
| 130 | +#ifdef __NR_clock_nanosleep |
| 131 | #define __SNR_clock_nanosleep __NR_clock_nanosleep |
| 132 | +#else |
| 133 | +#define __SNR_clock_nanosleep __PNR_clock_nanosleep |
| 134 | +#endif |
| 135 | |
| 136 | #ifdef __NR_clock_nanosleep_time64 |
| 137 | #define __SNR_clock_nanosleep_time64 __NR_clock_nanosleep_time64 |
| 138 | @@ -710,7 +725,11 @@ |
| 139 | #define __SNR_ftruncate64 __PNR_ftruncate64 |
| 140 | #endif |
| 141 | |
| 142 | +#ifdef __NR_futex |
| 143 | #define __SNR_futex __NR_futex |
| 144 | +#else |
| 145 | +#define __SNR_futex __PNR_futex |
| 146 | +#endif |
| 147 | |
| 148 | #ifdef __NR_futex_time64 |
| 149 | #define __SNR_futex_time64 __NR_futex_time64 |
| 150 | @@ -896,7 +915,11 @@ |
| 151 | |
| 152 | #define __SNR_gettid __NR_gettid |
| 153 | |
| 154 | +#ifdef __NR_gettimeofday |
| 155 | #define __SNR_gettimeofday __NR_gettimeofday |
| 156 | +#else |
| 157 | +#define __SNR_gettimeofday __PNR_gettimeofday |
| 158 | +#endif |
| 159 | |
| 160 | #ifdef __NR_getuid |
| 161 | #define __SNR_getuid __NR_getuid |
| 162 | @@ -1046,7 +1069,11 @@ |
| 163 | |
| 164 | #define __SNR_lremovexattr __NR_lremovexattr |
| 165 | |
| 166 | +#ifdef __NR_lseek |
| 167 | #define __SNR_lseek __NR_lseek |
| 168 | +#else |
| 169 | +#define __SNR_lseek __PNR_lseek |
| 170 | +#endif |
| 171 | |
| 172 | #define __SNR_lsetxattr __NR_lsetxattr |
| 173 | |
| 174 | @@ -1218,7 +1245,11 @@ |
| 175 | |
| 176 | #define __SNR_name_to_handle_at __NR_name_to_handle_at |
| 177 | |
| 178 | +#ifdef __NR_nanosleep |
| 179 | #define __SNR_nanosleep __NR_nanosleep |
| 180 | +#else |
| 181 | +#define __SNR_nanosleep __PNR_nanosleep |
| 182 | +#endif |
| 183 | |
| 184 | #ifdef __NR_newfstatat |
| 185 | #define __SNR_newfstatat __NR_newfstatat |
| 186 | diff --git a/include/seccomp.h.in b/include/seccomp.h.in |
| 187 | index 333a89c..2e911db 100644 |
| 188 | --- a/include/seccomp.h.in |
| 189 | +++ b/include/seccomp.h.in |
| 190 | @@ -214,7 +214,16 @@ struct scmp_arg_cmp { |
| 191 | #endif /* EM_RISCV */ |
| 192 | #define AUDIT_ARCH_RISCV64 (EM_RISCV|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) |
| 193 | #endif /* AUDIT_ARCH_RISCV64 */ |
| 194 | + |
| 195 | +#ifndef AUDIT_ARCH_RISCV32 |
| 196 | +#ifndef EM_RISCV |
| 197 | +#define EM_RISCV 243 |
| 198 | +#endif /* EM_RISCV */ |
| 199 | +#define AUDIT_ARCH_RISCV32 (EM_RISCV|__AUDIT_ARCH_LE) |
| 200 | +#endif /* AUDIT_ARCH_RISCV32 */ |
| 201 | + |
| 202 | #define SCMP_ARCH_RISCV64 AUDIT_ARCH_RISCV64 |
| 203 | +#define SCMP_ARCH_RISCV32 AUDIT_ARCH_RISCV32 |
| 204 | |
| 205 | /** |
| 206 | * The SuperH architecture tokens |
| 207 | diff --git a/src/Makefile.am b/src/Makefile.am |
| 208 | index 7b59810..7961925 100644 |
| 209 | --- a/src/Makefile.am |
| 210 | +++ b/src/Makefile.am |
| 211 | @@ -44,6 +44,7 @@ SOURCES_ALL = \ |
| 212 | arch-ppc.h arch-ppc.c \ |
| 213 | arch-ppc64.h arch-ppc64.c \ |
| 214 | arch-riscv64.h arch-riscv64.c \ |
| 215 | + arch-riscv32.h arch-riscv32.c \ |
| 216 | arch-s390.h arch-s390.c \ |
| 217 | arch-s390x.h arch-s390x.c \ |
| 218 | arch-sh.h arch-sh.c \ |
| 219 | diff --git a/src/arch-riscv32.c b/src/arch-riscv32.c |
| 220 | new file mode 100644 |
| 221 | index 0000000..53b3126 |
| 222 | --- /dev/null |
| 223 | +++ b/src/arch-riscv32.c |
| 224 | @@ -0,0 +1,31 @@ |
| 225 | +/* |
| 226 | + * This library is free software; you can redistribute it and/or modify it |
| 227 | + * under the terms of version 2.1 of the GNU Lesser General Public License as |
| 228 | + * published by the Free Software Foundation. |
| 229 | + * |
| 230 | + * This library is distributed in the hope that it will be useful, but WITHOUT |
| 231 | + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 232 | + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License |
| 233 | + * for more details. |
| 234 | + * |
| 235 | + * You should have received a copy of the GNU Lesser General Public License |
| 236 | + * along with this library; if not, see <http://www.gnu.org/licenses>. |
| 237 | + */ |
| 238 | + |
| 239 | +#include <stdlib.h> |
| 240 | +#include <errno.h> |
| 241 | +#include <linux/audit.h> |
| 242 | + |
| 243 | +#include "arch.h" |
| 244 | +#include "arch-riscv32.h" |
| 245 | + |
| 246 | +const struct arch_def arch_def_riscv32 = { |
| 247 | + .token = SCMP_ARCH_RISCV32, |
| 248 | + .token_bpf = AUDIT_ARCH_RISCV32, |
| 249 | + .size = ARCH_SIZE_32, |
| 250 | + .endian = ARCH_ENDIAN_LITTLE, |
| 251 | + .syscall_resolve_name = riscv32_syscall_resolve_name, |
| 252 | + .syscall_resolve_num = riscv32_syscall_resolve_num, |
| 253 | + .syscall_rewrite = NULL, |
| 254 | + .rule_add = NULL, |
| 255 | +}; |
| 256 | diff --git a/src/arch-riscv32.h b/src/arch-riscv32.h |
| 257 | new file mode 100644 |
| 258 | index 0000000..082a77d |
| 259 | --- /dev/null |
| 260 | +++ b/src/arch-riscv32.h |
| 261 | @@ -0,0 +1,22 @@ |
| 262 | +/* |
| 263 | + * This library is free software; you can redistribute it and/or modify it |
| 264 | + * under the terms of version 2.1 of the GNU Lesser General Public License as |
| 265 | + * published by the Free Software Foundation. |
| 266 | + * |
| 267 | + * This library is distributed in the hope that it will be useful, but WITHOUT |
| 268 | + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 269 | + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License |
| 270 | + * for more details. |
| 271 | + * |
| 272 | + * You should have received a copy of the GNU Lesser General Public License |
| 273 | + * along with this library; if not, see <http://www.gnu.org/licenses>. |
| 274 | + */ |
| 275 | + |
| 276 | +#ifndef _ARCH_RISCV32_H |
| 277 | +#define _ARCH_RISCV32_H |
| 278 | + |
| 279 | +#include "arch.h" |
| 280 | + |
| 281 | +ARCH_DECL(riscv32) |
| 282 | + |
| 283 | +#endif |
| 284 | diff --git a/src/arch-syscall-dump.c b/src/arch-syscall-dump.c |
| 285 | index 843483b..c6ab57d 100644 |
| 286 | --- a/src/arch-syscall-dump.c |
| 287 | +++ b/src/arch-syscall-dump.c |
| 288 | @@ -43,6 +43,7 @@ |
| 289 | #include "arch-ppc.h" |
| 290 | #include "arch-ppc64.h" |
| 291 | #include "arch-riscv64.h" |
| 292 | +#include "arch-riscv32.h" |
| 293 | #include "arch-s390.h" |
| 294 | #include "arch-s390x.h" |
| 295 | #include "arch-sh.h" |
| 296 | @@ -135,6 +136,9 @@ int main(int argc, char *argv[]) |
| 297 | case SCMP_ARCH_RISCV64: |
| 298 | sys = riscv64_syscall_iterate(iter); |
| 299 | break; |
| 300 | + case SCMP_ARCH_RISCV32: |
| 301 | + sys = riscv32_syscall_iterate(iter); |
| 302 | + break; |
| 303 | case SCMP_ARCH_S390: |
| 304 | sys = s390_syscall_iterate(iter); |
| 305 | break; |
| 306 | diff --git a/src/arch-syscall-validate b/src/arch-syscall-validate |
| 307 | index 68bebef..85c7f3d 100755 |
| 308 | --- a/src/arch-syscall-validate |
| 309 | +++ b/src/arch-syscall-validate |
| 310 | @@ -519,6 +519,49 @@ function dump_lib_riscv64() { |
| 311 | dump_lib_arch riscv64 | mangle_lib_syscall riscv64 |
| 312 | } |
| 313 | |
| 314 | +# |
| 315 | +# Dump the riscv32 system syscall table |
| 316 | +# |
| 317 | +# Arguments: |
| 318 | +# 1 path to the kernel source |
| 319 | +# |
| 320 | +# Dump the architecture's syscall table to stdout. |
| 321 | +# |
| 322 | +function dump_sys_riscv32() { |
| 323 | + local sed_filter="" |
| 324 | + |
| 325 | + sed_filter+='s/__NR3264_fadvise64/223/;' |
| 326 | + sed_filter+='s/__NR3264_fcntl/25/;' |
| 327 | + sed_filter+='s/__NR3264_fstatat/79/;' |
| 328 | + sed_filter+='s/__NR3264_fstatfs/44/;' |
| 329 | + sed_filter+='s/__NR3264_ftruncate/46/;' |
| 330 | + sed_filter+='s/__NR3264_lseek/62/;' |
| 331 | + sed_filter+='s/__NR3264_mmap/222/;' |
| 332 | + sed_filter+='s/__NR3264_sendfile/71/;' |
| 333 | + sed_filter+='s/__NR3264_statfs/43/;' |
| 334 | + sed_filter+='s/__NR3264_truncate/45/;' |
| 335 | + sed_filter+='s/__NR3264_fstat/80/;' |
| 336 | + |
| 337 | + gcc -E -dM -I$1/include/uapi \ |
| 338 | + -D__BITS_PER_LONG=32 \ |
| 339 | + $1/arch/riscv/include/uapi/asm/unistd.h | \ |
| 340 | + grep "^#define __NR_" | \ |
| 341 | + sed '/__NR_syscalls/d' | \ |
| 342 | + sed 's/(__NR_arch_specific_syscall + 15)/259/' | \ |
| 343 | + sed '/__NR_arch_specific_syscall/d' | \ |
| 344 | + sed 's/#define[ \t]\+__NR_\([^ \t]\+\)[ \t]\+\(.*\)/\1,\2/' | \ |
| 345 | + sed $sed_filter | sort |
| 346 | +} |
| 347 | + |
| 348 | +# |
| 349 | +# Dump the riscv32 library syscall table |
| 350 | +# |
| 351 | +# Dump the library's syscall table to stdout. |
| 352 | +# |
| 353 | +function dump_lib_riscv32() { |
| 354 | + dump_lib_arch riscv32 | mangle_lib_syscall riscv32 |
| 355 | +} |
| 356 | + |
| 357 | # |
| 358 | # Dump the s390 system syscall table |
| 359 | # |
| 360 | @@ -639,6 +682,9 @@ function dump_sys() { |
| 361 | ppc64) |
| 362 | dump_sys_ppc64 "$2" |
| 363 | ;; |
| 364 | + riscv32) |
| 365 | + dump_sys_riscv32 "$2" |
| 366 | + ;; |
| 367 | riscv64) |
| 368 | dump_sys_riscv64 "$2" |
| 369 | ;; |
| 370 | @@ -706,6 +752,9 @@ function dump_lib() { |
| 371 | ppc64) |
| 372 | dump_lib_ppc64 |
| 373 | ;; |
| 374 | + riscv32) |
| 375 | + dump_lib_riscv32 |
| 376 | + ;; |
| 377 | riscv64) |
| 378 | dump_lib_riscv64 |
| 379 | ;; |
| 380 | @@ -751,7 +800,7 @@ function gen_csv() { |
| 381 | abi_list+=" mips mips64 mips64n32" |
| 382 | abi_list+=" parisc parisc64" |
| 383 | abi_list+=" ppc ppc64" |
| 384 | - abi_list+=" riscv64" |
| 385 | + abi_list+=" riscv32 riscv64" |
| 386 | abi_list+=" s390 s390x" |
| 387 | abi_list+=" sh" |
| 388 | |
| 389 | diff --git a/src/arch.c b/src/arch.c |
| 390 | index 6ab922f..acf80af 100644 |
| 391 | --- a/src/arch.c |
| 392 | +++ b/src/arch.c |
| 393 | @@ -43,6 +43,7 @@ |
| 394 | #include "arch-ppc.h" |
| 395 | #include "arch-ppc64.h" |
| 396 | #include "arch-riscv64.h" |
| 397 | +#include "arch-riscv32.h" |
| 398 | #include "arch-s390.h" |
| 399 | #include "arch-s390x.h" |
| 400 | #include "arch-sh.h" |
| 401 | @@ -97,8 +98,12 @@ const struct arch_def *arch_def_native = &arch_def_ppc; |
| 402 | const struct arch_def *arch_def_native = &arch_def_s390x; |
| 403 | #elif __s390__ |
| 404 | const struct arch_def *arch_def_native = &arch_def_s390; |
| 405 | -#elif __riscv && __riscv_xlen == 64 |
| 406 | +#elif __riscv |
| 407 | +#if __riscv_xlen == 64 |
| 408 | const struct arch_def *arch_def_native = &arch_def_riscv64; |
| 409 | +#elif __riscv_xlen == 32 |
| 410 | +const struct arch_def *arch_def_native = &arch_def_riscv32; |
| 411 | +#endif |
| 412 | #elif __sh__ |
| 413 | #ifdef __BIG_ENDIAN__ |
| 414 | const struct arch_def *arch_def_native = &arch_def_sheb; |
| 415 | @@ -167,6 +172,8 @@ const struct arch_def *arch_def_lookup(uint32_t token) |
| 416 | return &arch_def_s390; |
| 417 | case SCMP_ARCH_S390X: |
| 418 | return &arch_def_s390x; |
| 419 | + case SCMP_ARCH_RISCV32: |
| 420 | + return &arch_def_riscv32; |
| 421 | case SCMP_ARCH_RISCV64: |
| 422 | return &arch_def_riscv64; |
| 423 | case SCMP_ARCH_SHEB: |
| 424 | @@ -223,6 +230,8 @@ const struct arch_def *arch_def_lookup_name(const char *arch_name) |
| 425 | return &arch_def_s390; |
| 426 | else if (strcmp(arch_name, "s390x") == 0) |
| 427 | return &arch_def_s390x; |
| 428 | + else if (strcmp(arch_name, "riscv32") == 0) |
| 429 | + return &arch_def_riscv32; |
| 430 | else if (strcmp(arch_name, "riscv64") == 0) |
| 431 | return &arch_def_riscv64; |
| 432 | else if (strcmp(arch_name, "sheb") == 0) |
| 433 | diff --git a/src/gen_pfc.c b/src/gen_pfc.c |
| 434 | index c7fb536..d45e181 100644 |
| 435 | --- a/src/gen_pfc.c |
| 436 | +++ b/src/gen_pfc.c |
| 437 | @@ -87,6 +87,8 @@ static const char *_pfc_arch(const struct arch_def *arch) |
| 438 | return "s390x"; |
| 439 | case SCMP_ARCH_S390: |
| 440 | return "s390"; |
| 441 | + case SCMP_ARCH_RISCV32: |
| 442 | + return "riscv32"; |
| 443 | case SCMP_ARCH_RISCV64: |
| 444 | return "riscv64"; |
| 445 | case SCMP_ARCH_SHEB: |
| 446 | diff --git a/src/python/libseccomp.pxd b/src/python/libseccomp.pxd |
| 447 | index 0629bf1..000d503 100644 |
| 448 | --- a/src/python/libseccomp.pxd |
| 449 | +++ b/src/python/libseccomp.pxd |
| 450 | @@ -51,6 +51,7 @@ cdef extern from "seccomp.h": |
| 451 | SCMP_ARCH_PPC64LE |
| 452 | SCMP_ARCH_S390 |
| 453 | SCMP_ARCH_S390X |
| 454 | + SCMP_ARCH_RISCV32 |
| 455 | SCMP_ARCH_RISCV64 |
| 456 | |
| 457 | cdef enum scmp_filter_attr: |
| 458 | diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx |
| 459 | index 1a9eb24..c94ad1d 100644 |
| 460 | --- a/src/python/seccomp.pyx |
| 461 | +++ b/src/python/seccomp.pyx |
| 462 | @@ -214,6 +214,7 @@ cdef class Arch: |
| 463 | PARISC64 - 64-bit PA-RISC |
| 464 | PPC64 - 64-bit PowerPC |
| 465 | PPC - 32-bit PowerPC |
| 466 | + RISCV32 - 32-bit RISC-V |
| 467 | RISCV64 - 64-bit RISC-V |
| 468 | """ |
| 469 | |
| 470 | @@ -238,6 +239,7 @@ cdef class Arch: |
| 471 | PPC64LE = libseccomp.SCMP_ARCH_PPC64LE |
| 472 | S390 = libseccomp.SCMP_ARCH_S390 |
| 473 | S390X = libseccomp.SCMP_ARCH_S390X |
| 474 | + RISCV32 = libseccomp.SCMP_ARCH_RISCV32 |
| 475 | RISCV64 = libseccomp.SCMP_ARCH_RISCV64 |
| 476 | |
| 477 | def __cinit__(self, arch=libseccomp.SCMP_ARCH_NATIVE): |
| 478 | diff --git a/src/syscalls.c b/src/syscalls.c |
| 479 | index ddb84fa..34e08d9 100644 |
| 480 | --- a/src/syscalls.c |
| 481 | +++ b/src/syscalls.c |
| 482 | @@ -55,3 +55,4 @@ ARCH_DEF(sh) |
| 483 | ARCH_DEF(x32) |
| 484 | ARCH_DEF(x86) |
| 485 | ARCH_DEF(riscv64) |
| 486 | +ARCH_DEF(riscv32) |
| 487 | diff --git a/src/syscalls.csv b/src/syscalls.csv |
| 488 | index fbd1058..0ee6c15 100644 |
| 489 | --- a/src/syscalls.csv |
| 490 | +++ b/src/syscalls.csv |
| 491 | @@ -1,4 +1,4 @@ |
| 492 | -#syscall (v5.12.0-rc7 2021-04-17),x86,x86_64,x32,arm,aarch64,mips,mips64,mips64n32,parisc,parisc64,ppc,ppc64,riscv64,s390,s390x,sh |
| 493 | +#syscall (v5.12.0-rc7 2021-04-17),x86,x86_64,x32,arm,aarch64,mips,mips64,mips64n32,parisc,parisc64,ppc,ppc64,riscv32,riscv64,s390,s390x,sh |
| 494 | accept,PNR,43,43,285,202,168,42,42,35,35,330,330,202,PNR,PNR,344 |
| 495 | accept4,364,288,288,366,242,334,293,297,320,320,344,344,242,364,364,358 |
| 496 | access,33,21,21,33,PNR,33,20,20,33,33,33,33,PNR,33,33,33 |
| 497 | diff --git a/src/syscalls.h b/src/syscalls.h |
| 498 | index 4f959af..49887ba 100644 |
| 499 | --- a/src/syscalls.h |
| 500 | +++ b/src/syscalls.h |
| 501 | @@ -28,6 +28,7 @@ |
| 502 | #include "arch-x86.h" |
| 503 | #include "arch-x86.h" |
| 504 | #include "arch-riscv64.h" |
| 505 | +#include "arch-riscv32.h" |
| 506 | |
| 507 | /* NOTE: changes to the arch_syscall_table layout may require changes to the |
| 508 | * generate_syscalls_perf.sh and arch-syscall-validate scripts */ |
| 509 | @@ -49,6 +50,7 @@ struct arch_syscall_table { |
| 510 | int parisc64; |
| 511 | int ppc; |
| 512 | int ppc64; |
| 513 | + int riscv32; |
| 514 | int riscv64; |
| 515 | int s390; |
| 516 | int s390x; |
| 517 | diff --git a/src/system.c b/src/system.c |
| 518 | index ae445bf..063e6be 100644 |
| 519 | --- a/src/system.c |
| 520 | +++ b/src/system.c |
| 521 | @@ -130,6 +130,7 @@ int sys_chk_seccomp_syscall(void) |
| 522 | case SCMP_ARCH_PPC64LE: |
| 523 | case SCMP_ARCH_S390: |
| 524 | case SCMP_ARCH_S390X: |
| 525 | + case SCMP_ARCH_RISCV32: |
| 526 | case SCMP_ARCH_RISCV64: |
| 527 | break; |
| 528 | default: |
| 529 | diff --git a/tests/15-basic-resolver.c b/tests/15-basic-resolver.c |
| 530 | index 2679270..57092f3 100644 |
| 531 | --- a/tests/15-basic-resolver.c |
| 532 | +++ b/tests/15-basic-resolver.c |
| 533 | @@ -45,6 +45,7 @@ unsigned int arch_list[] = { |
| 534 | SCMP_ARCH_S390X, |
| 535 | SCMP_ARCH_PARISC, |
| 536 | SCMP_ARCH_PARISC64, |
| 537 | + SCMP_ARCH_RISCV32, |
| 538 | SCMP_ARCH_RISCV64, |
| 539 | -1 |
| 540 | }; |
| 541 | diff --git a/tests/16-sim-arch_basic.c b/tests/16-sim-arch_basic.c |
| 542 | index 4fcbb5c..662e081 100644 |
| 543 | --- a/tests/16-sim-arch_basic.c |
| 544 | +++ b/tests/16-sim-arch_basic.c |
| 545 | @@ -90,6 +90,9 @@ int main(int argc, char *argv[]) |
| 546 | if (rc != 0) |
| 547 | goto out; |
| 548 | rc = seccomp_arch_add(ctx, SCMP_ARCH_PPC64LE); |
| 549 | + if (rc != 0) |
| 550 | + goto out; |
| 551 | + rc = seccomp_arch_add(ctx, SCMP_ARCH_RISCV32); |
| 552 | if (rc != 0) |
| 553 | goto out; |
| 554 | rc = seccomp_arch_add(ctx, SCMP_ARCH_RISCV64); |
| 555 | @@ -160,6 +163,9 @@ int main(int argc, char *argv[]) |
| 556 | if (rc != 0) |
| 557 | goto out; |
| 558 | rc = seccomp_arch_remove(ctx, SCMP_ARCH_PPC64LE); |
| 559 | + if (rc != 0) |
| 560 | + goto out; |
| 561 | + rc = seccomp_arch_remove(ctx, SCMP_ARCH_RISCV32); |
| 562 | if (rc != 0) |
| 563 | goto out; |
| 564 | rc = seccomp_arch_remove(ctx, SCMP_ARCH_RISCV64); |
| 565 | diff --git a/tests/16-sim-arch_basic.py b/tests/16-sim-arch_basic.py |
| 566 | index f22c985..d5e93a2 100755 |
| 567 | --- a/tests/16-sim-arch_basic.py |
| 568 | +++ b/tests/16-sim-arch_basic.py |
| 569 | @@ -44,6 +44,7 @@ def test(args): |
| 570 | f.add_arch(Arch("mipsel64")) |
| 571 | f.add_arch(Arch("mipsel64n32")) |
| 572 | f.add_arch(Arch("ppc64le")) |
| 573 | + f.add_arch(Arch("riscv32")) |
| 574 | f.add_arch(Arch("riscv64")) |
| 575 | f.add_arch(Arch("sh")) |
| 576 | f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno())) |
| 577 | diff --git a/tests/23-sim-arch_all_le_basic.c b/tests/23-sim-arch_all_le_basic.c |
| 578 | index 08f030c..ec73224 100644 |
| 579 | --- a/tests/23-sim-arch_all_le_basic.c |
| 580 | +++ b/tests/23-sim-arch_all_le_basic.c |
| 581 | @@ -75,6 +75,9 @@ int main(int argc, char *argv[]) |
| 582 | if (rc != 0) |
| 583 | goto out; |
| 584 | rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("sh")); |
| 585 | + if (rc != 0) |
| 586 | + goto out; |
| 587 | + rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("riscv32")); |
| 588 | if (rc != 0) |
| 589 | goto out; |
| 590 | |
| 591 | diff --git a/tests/23-sim-arch_all_le_basic.py b/tests/23-sim-arch_all_le_basic.py |
| 592 | index 12bb243..1eebc20 100755 |
| 593 | --- a/tests/23-sim-arch_all_le_basic.py |
| 594 | +++ b/tests/23-sim-arch_all_le_basic.py |
| 595 | @@ -40,6 +40,7 @@ def test(args): |
| 596 | f.add_arch(Arch("mipsel64")) |
| 597 | f.add_arch(Arch("mipsel64n32")) |
| 598 | f.add_arch(Arch("ppc64le")) |
| 599 | + f.add_arch(Arch("riscv32")) |
| 600 | f.add_arch(Arch("riscv64")) |
| 601 | f.add_arch(Arch("sh")) |
| 602 | f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno())) |
| 603 | diff --git a/tests/56-basic-iterate_syscalls.c b/tests/56-basic-iterate_syscalls.c |
| 604 | index 5e7ab67..c11ca8c 100644 |
| 605 | --- a/tests/56-basic-iterate_syscalls.c |
| 606 | +++ b/tests/56-basic-iterate_syscalls.c |
| 607 | @@ -46,6 +46,7 @@ unsigned int arch_list[] = { |
| 608 | SCMP_ARCH_S390X, |
| 609 | SCMP_ARCH_PARISC, |
| 610 | SCMP_ARCH_PARISC64, |
| 611 | + SCMP_ARCH_RISCV32, |
| 612 | SCMP_ARCH_RISCV64, |
| 613 | -1 |
| 614 | }; |
| 615 | diff --git a/tests/56-basic-iterate_syscalls.py b/tests/56-basic-iterate_syscalls.py |
| 616 | index 77a5b89..2e860bf 100755 |
| 617 | --- a/tests/56-basic-iterate_syscalls.py |
| 618 | +++ b/tests/56-basic-iterate_syscalls.py |
| 619 | @@ -37,6 +37,7 @@ arch_list = ["x86", |
| 620 | "mipsel64", |
| 621 | "mipsel64n32", |
| 622 | "ppc64le", |
| 623 | + "riscv32", |
| 624 | "riscv64"] |
| 625 | |
| 626 | def test_arch(arch, init): |
| 627 | diff --git a/tests/regression b/tests/regression |
| 628 | index 53dab75..2869629 100755 |
| 629 | --- a/tests/regression |
| 630 | +++ b/tests/regression |
| 631 | @@ -26,7 +26,7 @@ GLBL_ARCH_LE_SUPPORT=" \ |
| 632 | arm aarch64 \ |
| 633 | mipsel mipsel64 mipsel64n32 \ |
| 634 | ppc64le \ |
| 635 | - riscv64 \ |
| 636 | + riscv32 riscv64 \ |
| 637 | sh" |
| 638 | GLBL_ARCH_BE_SUPPORT=" \ |
| 639 | mips mips64 mips64n32 \ |
| 640 | @@ -41,6 +41,7 @@ GLBL_ARCH_32B_SUPPORT=" \ |
| 641 | mips mipsel mips64n32 mipsel64n32 \ |
| 642 | parisc \ |
| 643 | ppc \ |
| 644 | + riscv32 \ |
| 645 | s390 \ |
| 646 | sheb sh" |
| 647 | |
| 648 | @@ -785,7 +786,7 @@ function run_test_live() { |
| 649 | |
| 650 | # setup the arch specific return values |
| 651 | case "$arch" in |
| 652 | - x86|x86_64|x32|arm|aarch64|parisc|parisc64|ppc|ppc64|ppc64le|ppc|s390|s390x|riscv64|sh|sheb) |
| 653 | + x86|x86_64|x32|arm|aarch64|parisc|parisc64|ppc|ppc64|ppc64le|ppc|s390|s390x|riscv32|riscv64|sh|sheb) |
| 654 | rc_kill_process=159 |
| 655 | rc_kill=159 |
| 656 | rc_allow=160 |
| 657 | diff --git a/tools/scmp_arch_detect.c b/tools/scmp_arch_detect.c |
| 658 | index b6bd2bb..7789970 100644 |
| 659 | --- a/tools/scmp_arch_detect.c |
| 660 | +++ b/tools/scmp_arch_detect.c |
| 661 | @@ -129,6 +129,9 @@ int main(int argc, char *argv[]) |
| 662 | case SCMP_ARCH_SH: |
| 663 | printf("sh\n"); |
| 664 | break; |
| 665 | + case SCMP_ARCH_RISCV32: |
| 666 | + printf("riscv32\n"); |
| 667 | + break; |
| 668 | default: |
| 669 | printf("unknown\n"); |
| 670 | } |
| 671 | diff --git a/tools/scmp_bpf_disasm.c b/tools/scmp_bpf_disasm.c |
| 672 | index b95cdeb..49a89c7 100644 |
| 673 | --- a/tools/scmp_bpf_disasm.c |
| 674 | +++ b/tools/scmp_bpf_disasm.c |
| 675 | @@ -510,6 +510,8 @@ int main(int argc, char *argv[]) |
| 676 | arch = AUDIT_ARCH_S390X; |
| 677 | else if (strcmp(optarg, "riscv64") == 0) |
| 678 | arch = AUDIT_ARCH_RISCV64; |
| 679 | + else if (strcmp(optarg, "riscv32") == 0) |
| 680 | + arch = AUDIT_ARCH_RISCV32; |
| 681 | else |
| 682 | exit_usage(argv[0]); |
| 683 | break; |
| 684 | diff --git a/tools/scmp_bpf_sim.c b/tools/scmp_bpf_sim.c |
| 685 | index 04edfbc..53e6575 100644 |
| 686 | --- a/tools/scmp_bpf_sim.c |
| 687 | +++ b/tools/scmp_bpf_sim.c |
| 688 | @@ -285,6 +285,8 @@ int main(int argc, char *argv[]) |
| 689 | arch = AUDIT_ARCH_S390; |
| 690 | else if (strcmp(optarg, "s390x") == 0) |
| 691 | arch = AUDIT_ARCH_S390X; |
| 692 | + else if (strcmp(optarg, "riscv32") == 0) |
| 693 | + arch = AUDIT_ARCH_RISCV32; |
| 694 | else if (strcmp(optarg, "riscv64") == 0) |
| 695 | arch = AUDIT_ARCH_RISCV64; |
| 696 | else if (strcmp(optarg, "sheb") == 0) |
| 697 | diff --git a/tools/util.c b/tools/util.c |
| 698 | index afea6c9..1fc1f62 100644 |
| 699 | --- a/tools/util.c |
| 700 | +++ b/tools/util.c |
| 701 | @@ -78,8 +78,12 @@ |
| 702 | #define ARCH_NATIVE AUDIT_ARCH_S390X |
| 703 | #elif __s390__ |
| 704 | #define ARCH_NATIVE AUDIT_ARCH_S390 |
| 705 | -#elif __riscv && __riscv_xlen == 64 |
| 706 | +#elif __riscv |
| 707 | +#if __riscv_xlen == 64 |
| 708 | #define ARCH_NATIVE AUDIT_ARCH_RISCV64 |
| 709 | +#elif __riscv_xlen == 32 |
| 710 | +#define ARCH_NATIVE AUDIT_ARCH_RISCV32 |
| 711 | +#endif |
| 712 | #elif __sh__ |
| 713 | #ifdef __BIG_ENDIAN__ |
| 714 | #define ARCH_NATIVE AUDIT_ARCH_SH |
| 715 | diff --git a/tools/util.h b/tools/util.h |
| 716 | index 6c2ca33..4d16e38 100644 |
| 717 | --- a/tools/util.h |
| 718 | +++ b/tools/util.h |
| 719 | @@ -79,6 +79,13 @@ |
| 720 | #define AUDIT_ARCH_RISCV64 (EM_RISCV|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE) |
| 721 | #endif /* AUDIT_ARCH_RISCV64 */ |
| 722 | |
| 723 | +#ifndef AUDIT_ARCH_RISCV32 |
| 724 | +#ifndef EM_RISCV |
| 725 | +#define EM_RISCV 243 |
| 726 | +#endif /* EM_RISCV */ |
| 727 | +#define AUDIT_ARCH_RISCV32 (EM_RISCV|__AUDIT_ARCH_LE) |
| 728 | +#endif /* AUDIT_ARCH_RISCV32 */ |
| 729 | + |
| 730 | extern uint32_t arch; |
| 731 | |
| 732 | uint16_t ttoh16(uint32_t arch, uint16_t val); |
| 733 | -- |
| 734 | 2.32.0 |