1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
/*
* Check that syscall numbers do not conflict with seccomp filter flags.
*
* Copyright (c) 2019 Paul Chaignon <paul.chaignon@gmail.com>
* Copyright (c) 2018-2021 The strace developers.
* All rights reserved.
*
* SPDX-License-Identifier: GPL-2.0-or-later
*/
#include "tests.h"
#include "arch_defs.h"
#include "sysent.h"
#include "scno.h"
/* PERSONALITY*_AUDIT_ARCH definitions depend on AUDIT_ARCH_* constants. */
#include <linux/audit.h>
#define XLAT_MACROS_ONLY
# include "xlat/elf_em.h"
# include "xlat/audit_arch.h"
#undef XLAT_MACROS_ONLY
/* Define these shorthand notations to simplify the syscallent files. */
#include "sysent_shorthand_defs.h"
const struct_sysent sysent0[] = {
#include "syscallent.h"
};
#if SUPPORTED_PERSONALITIES > 1
const struct_sysent sysent1[] = {
# include "syscallent1.h"
};
#endif
#if SUPPORTED_PERSONALITIES > 2
const struct_sysent sysent2[] = {
# include "syscallent2.h"
};
#endif
const unsigned int nsyscall_vec[SUPPORTED_PERSONALITIES] = {
ARRAY_SIZE(sysent0),
#if SUPPORTED_PERSONALITIES > 1
ARRAY_SIZE(sysent1),
#endif
#if SUPPORTED_PERSONALITIES > 2
ARRAY_SIZE(sysent2),
#endif
};
struct audit_arch_t {
unsigned int arch;
unsigned int flag;
};
static const struct audit_arch_t audit_arch_vec[SUPPORTED_PERSONALITIES] = {
#if SUPPORTED_PERSONALITIES > 1
PERSONALITY0_AUDIT_ARCH,
PERSONALITY1_AUDIT_ARCH,
# if SUPPORTED_PERSONALITIES > 2
PERSONALITY2_AUDIT_ARCH,
# endif
#endif
};
int
main(void)
{
for (unsigned int p = 0; p < SUPPORTED_PERSONALITIES; ++p) {
if (!audit_arch_vec[p].flag)
continue;
for (unsigned int nr = 1; nr < nsyscall_vec[p]; ++nr) {
if (!(audit_arch_vec[p].flag & nr))
continue;
error_msg_and_fail("system call number %u of"
" personality %u conflicts with"
" seccomp filter flag %#x",
nr, p, audit_arch_vec[p].flag);
}
}
return 0;
}
|
