Add support for pkey_mprotect, pkey_alloc, pkey_free syscalls

* linux/32/syscallent.h: Add syscall entries for pkey_* calls.
* linux/64/syscallent.h: Likewise.
* linux/arm/syscallent.h: Likewise.
* linux/i386/syscallent.h: Likewise.
* linux/mips/syscallent-n32.h: Likewise.
* linux/mips/syscallent-n64.h: Likewise.
* linux/mips/syscallent-o32.h: Likewise.
* linux/x32/syscallent.h: Likewise.
* linux/x86_64/syscallent.h: Likewise.
* mem.c (do_mprotect): New function, common handler for mprotect and
pkey_mprotect.
(SYS_FUNC(mprotect)): Convert to wrapper around do_mprotect.
(SYS_FUNC(pkey_mprotect)): New function.
* xlat/pkey_access.in: New file.
* pkeys.c: New file containing implementation of pkey_alloc and
pkey_free.
* Makefile.am: Add it.
* NEWS: Mention this enhancement.
* tests/.gitignore: Add pkey_alloc, pkey_free, and pkey_mprotect.
* tests/Makefile.am (check_PROGRAMS): Likewise.
(DECODER_TESTS): Add pkey_alloc.test, pkey_free.test, and
pkey_mprotect.test.
* tests/pkey_alloc.c: New file.
* tests/pkey_free.c: Likewise.
* tests/pkey_mprotect.c: Likewise.
* tests/pkey_alloc.test: New test.
* tests/pkey_free.test: Likewise.
* tests/pkey_mprotect.test: Likewise.

Makefile.am

@@ -176,6 +176,7 @@ strace_SOURCES =	\
 	perf.c		\
 	perf_event_struct.h \
 	personality.c	\
+	pkeys.c		\
 	poll.c		\
 	prctl.c		\
 	print_mq_attr.c	\

NEWS

@@ -3,6 +3,7 @@ Noteworthy changes in release ?.?? (????-??-??)
 * Improvements
   * Implemented decoding of DM_* ioctl commands.
   * Implemented decoding of attr parameter of perf_event_open syscall.
+  * Implemented decoding of pkey_alloc, pkey_free, and pkey_mprotect syscalls.
   * Implemented dumping of mq_timedsend and mq_timedreceive syscalls.
   * Updated lists of ioctl commands from Linux 4.9.
 

linux/32/syscallent.h

@@ -278,6 +278,9 @@
 [285] = { 6,	TD,		SEN(copy_file_range),		"copy_file_range"	},
 [286] = { 6,	TD,		SEN(preadv2),			"preadv2"		},
 [287] = { 6,	TD,		SEN(pwritev2),			"pwritev2"		},
+[288] = { 4,	TM|SI,		SEN(pkey_mprotect),		"pkey_mprotect"		},
+[289] = { 2,	0,		SEN(pkey_alloc),		"pkey_alloc"		},
+[290] = { 1,	0,		SEN(pkey_free),			"pkey_free"		},
 
 #undef sys_ARCH_mmap
 #undef ARCH_WANT_SYNC_FILE_RANGE2

linux/64/syscallent.h

@@ -271,3 +271,6 @@
 [285] = { 6,	TD,		SEN(copy_file_range),		"copy_file_range"	},
 [286] = { 6,	TD,		SEN(preadv2),			"preadv2"		},
 [287] = { 6,	TD,		SEN(pwritev2),			"pwritev2"		},
+[288] = { 4,	TM|SI,		SEN(pkey_mprotect),		"pkey_mprotect"		},
+[289] = { 2,	0,		SEN(pkey_alloc),		"pkey_alloc"		},
+[290] = { 1,	0,		SEN(pkey_free),			"pkey_free"		},

linux/arm/syscallent.h

@@ -418,6 +418,9 @@
 [391] = { 6,	TD,		SEN(copy_file_range),		"copy_file_range"	},
 [392] = { 6,	TD,		SEN(preadv2),			"preadv2"		},
 [393] = { 6,	TD,		SEN(pwritev2),			"pwritev2"		},
+[394] = { 4,	TM|SI,		SEN(pkey_mprotect),		"pkey_mprotect"		},
+[395] = { 2,	0,		SEN(pkey_alloc),		"pkey_alloc"		},
+[396] = { 1,	0,		SEN(pkey_free),			"pkey_free"		},
 
 #ifdef __ARM_EABI__
 # define ARM_FIRST_SHUFFLED_SYSCALL 400

linux/i386/syscallent.h

@@ -405,6 +405,9 @@
 [377] = { 6,	TD,		SEN(copy_file_range),		"copy_file_range"	},
 [378] = { 6,	TD,		SEN(preadv2),			"preadv2"		},
 [379] = { 6,	TD,		SEN(pwritev2),			"pwritev2"		},
+[380] = { 4,	TM|SI,		SEN(pkey_mprotect),		"pkey_mprotect"		},
+[381] = { 2,	0,		SEN(pkey_alloc),		"pkey_alloc"		},
+[382] = { 1,	0,		SEN(pkey_free),			"pkey_free"		},
 
 #define SYS_socket_subcall	400
 #include "subcall.h"

linux/mips/syscallent-n32.h

@@ -327,6 +327,9 @@
 [6324] = { 6,	TD,		SEN(copy_file_range),		"copy_file_range"	},
 [6325] = { 6,	TD,		SEN(preadv2),			"preadv2"		},
 [6326] = { 6,	TD,		SEN(pwritev2),			"pwritev2"		},
+[6327] = { 4,	TM|SI,		SEN(pkey_mprotect),		"pkey_mprotect"		},
+[6328] = { 2,	0,		SEN(pkey_alloc),		"pkey_alloc"		},
+[6329] = { 1,	0,		SEN(pkey_free),			"pkey_free"		},
 
 # define SYS_socket_subcall      6400
 # include "subcall.h"

linux/mips/syscallent-n64.h

@@ -323,6 +323,9 @@
 [5320] = { 6,	TD,		SEN(copy_file_range),		"copy_file_range"	},
 [5321] = { 6,	TD,		SEN(preadv2),			"preadv2"		},
 [5322] = { 6,	TD,		SEN(pwritev2),			"pwritev2"		},
+[5323] = { 4,	TM|SI,		SEN(pkey_mprotect),		"pkey_mprotect"		},
+[5324] = { 2,	0,		SEN(pkey_alloc),		"pkey_alloc"		},
+[5325] = { 1,	0,		SEN(pkey_free),			"pkey_free"		},
 
 # define SYS_socket_subcall      5400
 # include "subcall.h"

linux/mips/syscallent-o32.h

@@ -363,6 +363,9 @@
 [4360] = { 6,	TD,		SEN(copy_file_range),		"copy_file_range"	},
 [4361] = { 6,	TD,		SEN(preadv2),			"preadv2"		},
 [4362] = { 6,	TD,		SEN(pwritev2),			"pwritev2"		},
+[4363] = { 4,	TM|SI,		SEN(pkey_mprotect),		"pkey_mprotect"		},
+[4364] = { 2,	0,		SEN(pkey_alloc),		"pkey_alloc"		},
+[4365] = { 1,	0,		SEN(pkey_free),			"pkey_free"		},
 
 # define SYS_socket_subcall      4400
 # include "subcall.h"

linux/x32/syscallent.h

@@ -327,7 +327,10 @@
 [326] = { 6,	TD,		SEN(copy_file_range),		"copy_file_range"	},
 [327] = { 6,	TD,		SEN(printargs),			"64:preadv2"		},
 [328] = { 6,	TD,		SEN(printargs),			"64:pwritev2"		},
-[329 ... 511] = { },
+[329] = { 4,	TM|SI,		SEN(pkey_mprotect),		"pkey_mprotect"		},
+[330] = { 2,	0,		SEN(pkey_alloc),		"pkey_alloc"		},
+[331] = { 1,	0,		SEN(pkey_free),			"pkey_free"		},
+[332 ... 511] = { },
 /*
  * x32-specific system call numbers start at 512 to avoid cache impact
  * for native 64-bit operation.

linux/x86_64/syscallent.h

@@ -327,3 +327,6 @@
 [326] = { 6,	TD,		SEN(copy_file_range),		"copy_file_range"	},
 [327] = { 6,	TD,		SEN(preadv2),			"preadv2"		},
 [328] = { 6,	TD,		SEN(pwritev2),			"pwritev2"		},
+[329] = { 4,	TM|SI,		SEN(pkey_mprotect),		"pkey_mprotect"		},
+[330] = { 2,	0,		SEN(pkey_alloc),		"pkey_alloc"		},
+[331] = { 1,	0,		SEN(pkey_free),			"pkey_free"		},

mem.c

@@ -182,15 +182,29 @@ SYS_FUNC(munmap)
 	return RVAL_DECODED;
 }
 
-SYS_FUNC(mprotect)
+static int
+do_mprotect(struct tcb *tcp, bool has_pkey)
 {
 	printaddr(tcp->u_arg[0]);
 	tprintf(", %lu, ", tcp->u_arg[1]);
 	printflags_long(mmap_prot, tcp->u_arg[2], "PROT_???");
 
+	if (has_pkey)
+		tprintf(", %d", (int) tcp->u_arg[3]);
+
 	return RVAL_DECODED;
 }
 
+SYS_FUNC(mprotect)
+{
+	return do_mprotect(tcp, false);
+}
+
+SYS_FUNC(pkey_mprotect)
+{
+	return do_mprotect(tcp, true);
+}
+
 #include "xlat/mremap_flags.h"
 
 SYS_FUNC(mremap)

pkeys.c

@@ -0,0 +1,18 @@
+#include "defs.h"
+
+#include "xlat/pkey_access.h"
+
+SYS_FUNC(pkey_alloc)
+{
+	tprintf("%#llx, ", getarg_ull(tcp, 0));
+	printflags64(pkey_access, getarg_ull(tcp, 1), "PKEY_???");
+
+	return RVAL_DECODED;
+}
+
+SYS_FUNC(pkey_free)
+{
+	tprintf("%d", (int) tcp->u_arg[0]);
+
+	return RVAL_DECODED;
+}

tests/.gitignore

@@ -201,6 +201,9 @@ perf_event_open
 perf_event_open_unabbrev
 personality
 pipe
+pkey_alloc
+pkey_free
+pkey_mprotect
 poll
 ppoll
 prctl-seccomp-filter-v

tests/Makefile.am

@@ -259,6 +259,9 @@ check_PROGRAMS = \
 	perf_event_open_unabbrev \
 	personality \
 	pipe \
+	pkey_alloc \
+	pkey_free \
+	pkey_mprotect \
 	poll \
 	ppoll \
 	prctl-seccomp-filter-v \
@@ -628,6 +631,9 @@ DECODER_TESTS = \
 	perf_event_open_unabbrev.test \
 	personality.test \
 	pipe.test \
+	pkey_alloc.test \
+	pkey_free.test \
+	pkey_mprotect.test \
 	poll.test \
 	ppoll.test \
 	prctl-seccomp-filter-v.test \

tests/pkey_alloc.c

@@ -0,0 +1,86 @@
+/*
+ * Check decoding of pkey_alloc syscall.
+ *
+ * Copyright (c) 2016 Eugene Syromyatnikov <evgsyr@gmail.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "tests.h"
+
+#include <asm/unistd.h>
+
+#if defined __NR_pkey_alloc
+
+# include <stdio.h>
+# include <unistd.h>
+
+# include "kernel_types.h"
+
+int
+main(void)
+{
+	static const kernel_ulong_t flags[] = {
+		0,
+		(kernel_ulong_t) 0xbadc0ded00000000ULL,
+		(kernel_ulong_t) 0xffff0000eeee1111ULL,
+		(kernel_ulong_t) 0x123456789abcdef0ULL,
+	};
+	static const struct {
+		kernel_ulong_t val;
+		const char *str;
+	} rights[] = {
+		{ (kernel_ulong_t) 0xbadc0ded00000002ULL,
+			sizeof(kernel_ulong_t) > sizeof(int) ?
+			"PKEY_DISABLE_WRITE|0xbadc0ded00000000" :
+			"PKEY_DISABLE_WRITE" },
+		{ 0xdec0ded, "PKEY_DISABLE_ACCESS|0xdec0dec" },
+		{ 0x3, "PKEY_DISABLE_ACCESS|PKEY_DISABLE_WRITE" },
+		{ ARG_STR(0) },
+		{ 0xbadc0dec, "0xbadc0dec /* PKEY_??? */" },
+	};
+
+	long rc;
+	unsigned int i;
+	unsigned int j;
+
+	for (i = 0; i < ARRAY_SIZE(flags); i++) {
+		for (j = 0; j < ARRAY_SIZE(rights); j++) {
+			rc = syscall(__NR_pkey_alloc, flags[i], rights[j].val);
+			printf("pkey_alloc(%#llx, %s) = %s\n",
+			       (unsigned long long) flags[i], rights[j].str,
+			       sprintrc(rc));
+		}
+	}
+
+	puts("+++ exited with 0 +++");
+
+	return 0;
+}
+
+#else
+
+SKIP_MAIN_UNDEFINED("__NR_pkey_alloc");
+
+#endif

tests/pkey_alloc.test

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+# Check decoding of pkey_alloc syscall.
+
+. "${srcdir=.}/init.sh"
+run_strace_match_diff -a17

tests/pkey_free.c

@@ -0,0 +1,69 @@
+/*
+ * Check decoding of pkey_free syscall.
+ *
+ * Copyright (c) 2016 Eugene Syromyatnikov <evgsyr@gmail.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "tests.h"
+
+#include <asm/unistd.h>
+
+#if defined __NR_pkey_free
+
+# include <stdio.h>
+# include <unistd.h>
+
+# include "kernel_types.h"
+
+int
+main(void)
+{
+	static const kernel_ulong_t keys[] = {
+		0,
+		3141592653U,
+		(kernel_ulong_t) 0xbadc0ded00000000ULL,
+		(kernel_ulong_t) 0xffff00001111eeeeULL,
+		(kernel_ulong_t) 0x123456789abcdef0ULL,
+	};
+
+	long rc;
+	unsigned int i;
+
+	for (i = 0; i < ARRAY_SIZE(keys); i++) {
+		rc = syscall(__NR_pkey_free, keys[i]);
+		printf("pkey_free(%d) = %s\n", (int) keys[i], sprintrc(rc));
+	}
+
+	puts("+++ exited with 0 +++");
+
+	return 0;
+}
+
+#else
+
+SKIP_MAIN_UNDEFINED("__NR_pkey_free");
+
+#endif

tests/pkey_free.test

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+# Check decoding of pkey_free syscall.
+
+. "${srcdir=.}/init.sh"
+run_strace_match_diff -a13

tests/pkey_mprotect.c

@@ -0,0 +1,123 @@
+/*
+ * Check decoding of pkey_mprotect syscall.
+ *
+ * Copyright (c) 2016 Eugene Syromyatnikov <evgsyr@gmail.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "tests.h"
+
+#include <asm/unistd.h>
+
+#if defined __NR_pkey_mprotect
+
+# include <stdio.h>
+# include <unistd.h>
+
+#include <sys/mman.h>
+
+# include "kernel_types.h"
+
+const char *
+sprintptr(kernel_ulong_t ptr)
+{
+	static char buf[sizeof(ptr) * 2 + sizeof("0x")];
+
+	if (ptr)
+		snprintf(buf, sizeof(buf), "%#llx", (unsigned long long) ptr);
+	else
+		return "NULL";
+
+	return buf;
+}
+
+int
+main(void)
+{
+	static const kernel_ulong_t ptrs[] = {
+		0,
+		(kernel_ulong_t) 0xfacebeef00000000ULL,
+		(kernel_ulong_t) 0xbadc0dedda7a1057ULL,
+	};
+	static const kernel_ulong_t sizes[] = {
+		0,
+		(kernel_ulong_t) 0xfacebeef00000000ULL,
+		(kernel_ulong_t) 0xfedcba9876543210ULL,
+		(kernel_ulong_t) 0x123456789abcdef0ULL,
+		(kernel_ulong_t) 0xbadc0dedda7a1057ULL,
+	};
+	static const struct {
+		kernel_ulong_t val;
+		const char *str;
+	} prots[] = {
+		{ ARG_STR(PROT_READ) },
+		/* For now, only 0x0300001f are used */
+		{ (kernel_ulong_t) 0xdeadfeed00ca7500ULL,
+			sizeof(kernel_ulong_t) > sizeof(int) ?
+			"0xdeadfeed00ca7500 /* PROT_??? */" :
+			"0xca7500 /* PROT_??? */" },
+		{ ARG_STR(PROT_READ|PROT_WRITE|0xface00) },
+	};
+	static const kernel_ulong_t pkeys[] = {
+		0,
+		-1LL,
+		(kernel_ulong_t) 0xface1e55,
+		(kernel_ulong_t) 0xbadc0ded00000001,
+	};
+
+	long rc;
+	unsigned int i;
+	unsigned int j;
+	unsigned int k;
+	unsigned int l;
+
+	for (i = 0; i < ARRAY_SIZE(ptrs); i++) {
+		for (j = 0; j < ARRAY_SIZE(sizes); j++) {
+			for (k = 0; k < ARRAY_SIZE(prots); k++) {
+				for (l = 0; l < ARRAY_SIZE(pkeys); l++) {
+					rc = syscall(__NR_pkey_mprotect,
+						     ptrs[i], sizes[j],
+						     prots[k].val, pkeys[l]);
+					printf("pkey_mprotect(%s, %llu, %s, %d)"
+					       " = %s\n",
+					       sprintptr(ptrs[i]),
+					       (unsigned long long) sizes[j],
+					       prots[k].str, (int) pkeys[l],
+					       sprintrc(rc));
+				}
+			}
+		}
+	}
+
+	puts("+++ exited with 0 +++");
+
+	return 0;
+}
+
+#else
+
+SKIP_MAIN_UNDEFINED("__NR_pkey_mprotect");
+
+#endif

tests/pkey_mprotect.test

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+# Check decoding of pkey_mprotect syscall.
+
+. "${srcdir=.}/init.sh"
+run_strace_match_diff -a37

xlat/pkey_access.in

@@ -0,0 +1,2 @@
+PKEY_DISABLE_ACCESS    0x1
+PKEY_DISABLE_WRITE     0x2