36 Commits

Author SHA1 Message Date
Eugene Syromyatnikov
beafdd36e1 prctl: add decoding of PR_SVE_SET_VL and PR_SVE_GET_VL commands
These commands were introduced in Linux commit v4.15-rc1~110^2~9.

* xlat/pr_sve_vl_flags.in: New file.
* xlat/prctl_options.in: Likewise.
* prctl.c: Include "xstring.h" and "xlat/pr_sve_vl_flags.h".
[!PR_SVE_VL_LEN_MASK] (PR_SVE_VL_LEN_MASK): New macro constant.
(sprint_sve_val): New function.
(SYS_FUNC(prctl)): Add decoding for PR_SVE_GET_VL and PR_SVE_SET_VL
commands.
* NEWS: Mention it.
2018-03-06 23:52:08 +00:00
8d2dd76323 x86: wire up arch_prctl syscall
* linux/i386/syscallent.h [384]: Add arch_prctl entry.
* xlat/archvals.in: Add fallback definitions for constants.
* prctl.c: Stop including <asm/prctl.h>.
(SYS_FUNC(arch_prctl)): Enable for [I386].
* NEWS: Mention this.
2017-07-21 01:30:26 +00:00
899220d28d Generalize seccomp filter parser
Linux socket filter uses almost the same classic BPF as seccomp filter,
The only difference noticeable from strace PoV is the meaning of generic
multiuse field.

Transform the parser of seccomp filters to a more generic parser
of classic BPF, parametrized with a method of parsing the generic
multiuse field in BPF_STMT.

* bpf_filter.c: New file.
* bpf_filter.h: Likewise.
* bpf_fprog.h: Likewise.
* bpf_seccomp_filter.c: Likewise.
* fetch_bpf_fprog.c: Likewise.
* fetch_seccomp_fprog.c: Remove.
* seccomp_fprog.h: Likewise.
* Makefile.am (strace_SOURCES): Add bpf_filter.c, bpf_filter.h,
bpf_fprog.h, bpf_seccomp_filter.c, and fetch_bpf_fprog.c.
Remove fetch_seccomp_fprog.c and seccomp_fprog.h.
* seccomp.c: Do not include linux/filter.h and xlat header files.
Do not define SECCOMP_RET_ACTION.
(bpf_filter, decode_bpf_code, decode_bpf_stmt, decode_bpf_jump,
print_bpf_filter, print_seccomp_fprog, print_seccomp_filter): Remove.
* defs.h (print_seccomp_filter): Rename to decode_seccomp_fprog.
(SYS_FUNC(seccomp)): Replace print_seccomp_filter
with decode_seccomp_fprog.
* prctl.c (SYS_FUNC(prctl)): Likewise.
2017-07-08 01:49:00 +00:00
Eugene Syromyatnikov
9d095c7860 Add copyright headers 2017-05-22 17:33:51 +00:00
Eugene Syromyatnikov
b5db9917f3 prctl: print pointer returned by PR_GET_TID_ADDRESS as kernel long
Since there is no compat handler for x32/n32, kernel returns kernel's
long as a result of the call.

Interesting, does any callee out there actually care to have enough room
allocated for kernel long?

* prctl.c (SYS_FUNC(prctl)): Use printnum_kptr instead of printnum_ptr
to print the value stored at address pointed by addr2 argument
of PR_GET_TID_ADDRESS operation.
2016-12-26 16:43:40 +00:00
50b50e78f6 Remove getarg_klu
After transition from long to kernel_ulong_t we no longer need
tcp->ext_arg, and therefore a function to access it is also no longer
needed.

* defs.h (getarg_klu): Remove prototype.
* util.c (getarg_klu): Remove.
(printargs): Access tcp->u_arg directly
* bjm.c (SYS_FUNC(init_module)): Likewise.
* clone.c (SYS_FUNC(unshare)): Likewise.
* fadvise.c (SYS_FUNC(fadvise64)): Likewise.
* kcmp.c (SYS_FUNC(kcmp)): Likewise.
* kexec.c (SYS_FUNC(kexec_file_load)): Likewise.
* keyctl.c (SYS_FUNC(keyctl)): Likewise.
* lookup_dcookie.c (SYS_FUNC(lookup_dcookie)): Likewise.
* mem.c (do_mprotect): Likewise.
* mq.c (SYS_FUNC(mq_timedsend), SYS_FUNC(mq_timedreceive)): Likewise.
* pkeys.c (SYS_FUNC(pkey_alloc)): Likewise.
* prctl.c (print_prctl_args, SYS_FUNC(prctl), SYS_FUNC(arch_prctl)):
Likewise.
2016-12-26 10:43:35 +00:00
7fa3d78319 Automatically replace kernel_(scno|ureg)_t with kernel_ulong_t
Remove temporary types created for transition from long
to kernel_ulong_t.

Automatically replace kernel_scno_t and kernel_ureg_t with
kernel_ulong_t using
$ git grep -El 'kernel_(scno|ureg)_t' |
  xargs sed -ri 's/kernel_(scno|ureg)_t/kernel_ulong_t/g'

* kernel_types.h (kernel_scno_t, kernel_ureg_t): Remove.
All users updated.
2016-12-26 10:43:34 +00:00
db28c91159 Cast tcp->u_rval to kernel_ureg_t instead of unsigned long
* fcntl.c (print_fcntl): Cast tcp->u_rval to kernel_ureg_t instead
of unsigned long.
* membarrier.c (SYS_FUNC(membarrier)): Likewise.
* prctl.c (SYS_FUNC(prctl)): Likewise.
* sched.c (SYS_FUNC(sched_getscheduler)): Likewise.
* time.c (do_adjtimex): Likewise.
2016-12-25 11:32:46 +00:00
a940d1a60f printstr: rename to printstrn, add printstr as a thin wrapper
As about half of all printstr uses cases are invocations with the last
argument set to -1, create a dedicated function for this use case.

* defs.h (printstr): Rename to printstrn.  All callers updated.
(printstr): New static inline function.  All callers updated.
2016-12-25 11:32:45 +00:00
a2485b86e7 Use kernel_ulong_t instead of unsigned long long where appropriate
* defs.h (printaddr_ull): Rename to printaddr_klu, change argument
type from unsigned long long to kernel_ulong_t.  All callers updated.
(getarg_ull): Rename to getarg_klu, change return value type
from unsigned long long to kernel_ulong_t.  All callers updated.
(PRI_kl, PRI_kld, PRI_klu, PRI_klx): New macros.
* bjm.c (SYS_FUNC(init_module)): Print kernel_ulong_t type using
PRI_klu format.
* desc.c (SYS_FUNC(pselect6)): Likewise.
* fadvise.c (SYS_FUNC(fadvise64)): Likewise.
* lookup_dcookie.c (SYS_FUNC(lookup_dcookie)): Likewise.
* mq.c (SYS_FUNC(mq_timedsend), SYS_FUNC(mq_timedreceive)): Likewise.
* kcmp.c (SYS_FUNC(kcmp)): Print kernel_ulong_t type using
PRI_klx format.
* keyctl.c (SYS_FUNC(keyctl)): Likewise.
* pkeys.c (SYS_FUNC(pkey_alloc)): Likewise.
* prctl.c (print_prctl_args, SYS_FUNC(prctl), SYS_FUNC(arch_prctl)):
Print kernel_ulong_t type using PRI_kld, PRI_klu, or PRI_klx format.
* util.c (printaddr_ull): Rename to printaddr_klu, change argument
type from unsigned long long to kernel_ulong_t, print it using
PRI_klx format.
(getarg_ull): Rename to getarg_klu, change return value type
from unsigned long long to kernel_ulong_t, print it using
PRI_klx format.
2016-12-19 19:58:16 +00:00
Eugene Syromyatnikov
ea01cb0e5b prctl: implement decoding of SUID_DUMP_* constants in PR_[GS]ET_DUMPABLE
* xlat/pr_dumpable.in: New file.
* prctl.c: Include "xlat/pr_dumpable.h".
(SYS_FUNC(prctl)): Decode returned value of PR_GET_DUMPABLE operation
and the second syscall argument of PR_SET_DUMPABLE operation
as SUID_DUMP_* constants.
2016-12-17 11:40:03 +00:00
Eugene Syromyatnikov
10922d3112 prctl: implement decoding of PR_SET_FP_MODE and PR_GET_FP_MODE options
* xlat/pr_fp_mode.in: New file.
* prctl.c: Include "xlat/pr_fp_mode.h".
(SYS_FUNC(prctl)): Add handling for PR_SET_FP_MODE and PR_GET_FP_MODE
options.
2016-11-20 11:32:34 +00:00
Eugene Syromyatnikov
c8af54e328 prctl: add braces for conditional blocks with else/else-if blocks having braces 2016-11-20 11:32:34 +00:00
Eugene Syromyatnikov
6b7ad9947b prctl: cast arg2 to int in PR_SET_PTRACER handler
Kernel code does this when compares it with -1 (apart from comparing it with
PR_SET_PTRACER_ANY, which is also -1) in security/yama/yama_lsm.c.

* prctl.c (SYS_FUNC(prctl)) <PR_SET_PTRACER>: Cast arg2 to int before
comparing it with -1.
2016-11-20 11:32:34 +00:00
Eugene Syromyatnikov
aeff861218 prctl: use getarg_ull for option value retrieval
The prctl syscall does not use compat on x32/n32, so argument types
are in fact kernel_ulong_t.

* prctl.c (print_prctl_args): Use getarg_ull, print as "%#llx" instead
of "%#lx".
(SYS_FUNC(prctl)): Use getarg_ull to store call arguments in arg2, arg3,
arg4, arg5 variables of type unsigned long long.  Use them in printing
routines.
(SYS_FUNC(arch_prctl)): Use getarg_ull to store call argument in addr
variable of type unsigned long long.  Print it as "%#llx" instead of
"%#lx".
2016-11-20 11:32:34 +00:00
9eb38322fb prctl: include <linux/prctl.h> instead of <sys/prctl.h>
There are no users of prctl function in prctl.c, and all the rest
is provided by <linux/prctl.h> anyway.

* prctl.c: Include <linux/prctl.h> instead of <sys/prctl.h>.
2016-11-20 02:00:35 +00:00
43017ef466 prctl: fix printing of PR_SET_NAME's argument
* prctl.c (SYS_FUNC(prctl)): Use printstr_ex with QUOTE_0_TERMINATED
instead of printstr to print the argument of PR_SET_NAME and PR_GET_NAME
operations.
2016-11-20 01:33:16 +00:00
c5f6863a18 Fix printing of invalid arguments of prctl syscall
* prctl.c (SYS_FUNC(prctl)): Print 2nd syscall argument
of PR_CAPBSET_DROP, PR_CAPBSET_READ, PR_CAP_AMBIENT, PR_MCE_KILL,
and PR_SET_SECCOMP using printxval_long.
Print 2nd syscall argument of PR_SET_SECUREBITS using printflags_long.
Print 3rd syscall argument of PR_CAP_AMBIENT and PR_MCE_KILL using
printxval_long.
* tests/prctl-seccomp-strict.c (main): Update.
2016-05-16 23:50:59 +00:00
b8eec608fa Fix decoding of prctl/arch_prctl operation argument
Consistently treat operation argument of prctl/arch_prctl syscalls
as int to match the kernel behaviour.

* prctl.c (SYS_FUNC(prctl), SYS_FUNC(arch_prctl)): Assign 1st argument
of syscalls to a variable of type unsigned int and use it in all
subsequent checks and lookups.
2016-05-16 22:41:20 +00:00
6274ecc752 Prepare for transition from sprintflags64 to sprintflags
* fcntl.c (print_fcntl): Cast 3rd argument of sprintflags
to unsigned long.
* membarrier.c (SYS_FUNC(membarrier)): Likewise.
* prctl.c (SYS_FUNC(prctl)): Likewise.
* poll.c (decode_poll_exiting): Cast 3rd argument of sprintflags
to unsigned short.
2016-05-15 14:23:06 +00:00
9134aab407 Prepare for transition from xlookup64 to xlookup
* fcntl.c (print_fcntl, SYS_FUNC(fcntl), SYS_FUNC(fcntl64)):
Cast 2nd argument of xlookup to unsigned long.
* prctl.c (SYS_FUNC(prctl)): Likewise.
* sched.c (SYS_FUNC(sched_getscheduler)): Likewise.
* time.c (do_adjtimex): Likewise.
* ioprio.c (sprint_ioprio): Change type of the argument
and local variables from int to unsigned int.
* keyctl.c (print_keyring_serial_number): Cast 2nd argument
of xlookup to unsigned int.
* net.c (tprint_sock_type): Change type of the argument to unsigned int.
* printmode.c (sprintmode): Likewise.
* printsiginfo.c (printsigval):  Change type of si_code argument
to unsigned int.
2016-05-14 22:05:06 +00:00
Elliott Hughes
612368b59e Improve decoding of Android's PR_SET_VMA prctl
Before:

  prctl(0x53564d41 /* PR_??? */, 0, 0x7f8ab53000, 4096,
        "atexit handlers") = 0

After:

  prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, 0x7fa8cbd000, 4096,
        "atexit handlers") = 0

* prctl.c (SYS_FUNC(prctl)) [__ANDROID__]: Do not define PR_SET_VMA.
* Hard-code PR_SET_VMA_ANON_NAME, the only current sub-option.
* xlat/prctl_options.in: Add PR_SET_VMA.
2016-04-06 21:41:36 +00:00
38a34c9349 Add copyright headers to some files which lack them
Before this change, all files that exist since 20th century had
copyright headers, while most files that appeared later didn't.  This
change fixes the inconsistency by adding missing copyright headers.

It doesn't mean that copyright headers became maintained.  In my view,
git history provides much better information on this subject and is much
more accurate than copyright headers.
2015-12-17 17:56:48 +00:00
eb76c4be15 prctl: add PR_CAP_AMBIENT parser
* xlat/pr_cap_ambient.in: New file.
* prctl.c: Include "xlat/pr_cap_ambient.h".
(SYS_FUNC(prctl)): Handle PR_CAP_AMBIENT.
2015-12-06 15:33:53 +00:00
1b283307d1 prctl: finish decoding of several commands on entering syscall
* prctl.c (SYS_FUNC(prctl)): Return RVAL_DECODED after decoding of
PR_GET_DUMPABLE, PR_GET_KEEPCAPS, PR_GET_SECCOMP, PR_GET_TIMERSLACK,
PR_GET_TIMING, and PR_CAPBSET_READ commands.
2015-12-06 15:29:04 +00:00
2479ef0bce Fix printing tracee's long integers
Replace ambiguous printnum_long that used to fetch native long integers
from tracee's memory with printnum_ptr, printnum_slong, and printnum_ulong
that fetch tracee's pointer, signed long, and unsigned long integers.

* defs.h (printnum_long, printpair_long): Remove prototypes.
(printnum_int64, printpair_int64): Remove macros, declare functions
unconditionally.
[SUPPORTED_PERSONALITIES > 1 && SIZEOF_LONG > 4] (printnum_long_int):
New prototype.
(printnum_ptr, printnum_slong, printnum_ulong): New macros.
* aio.c (sys_io_setup): Use printnum_ulong.
* block.c (block_ioctl): Use printnum_slong and printnum_ulong.
* get_robust_list.c (sys_get_robust_list): Use printnum_ptr
and printnum_ulong.
* io.c (print_off_t): Remove.
(sys_sendfile): Use printnum_ulong.
* ipc.c (sys_semctl): Use printnum_ptr.
* prctl.c (sys_prctl): Likewise.
* process.c (sys_ptrace): Likewise.
* rtc.c (rtc_ioctl): Use printnum_ulong.
* util.c (printnum_long, printpair_long): Remove.
(printnum_int64, printpair_int64): Define unconditionally.
[SUPPORTED_PERSONALITIES > 1 && SIZEOF_LONG > 4] (printnum_long_int):
New function.

Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
Signed-off-by: Elvira Khabirova <lineprinter0@gmail.com>
2015-08-18 16:15:33 +00:00
Elliott Hughes
1d246ce3d4 prctl: decode Android-specific PR_SET_VMA
Android kernels have a prctl to name VMAs.

* prctl.c (sys_prctl) [__ANDROID__]: Decode PR_SET_VMA.
2015-07-29 22:54:11 +00:00
3691562e7d prctl: fix decoding of unrecognized commands
The use of printargs introduced by commit v4.10-179-g210a6b6 is wrong:
when the first argument is already printed, printargs cannot be called.

* prctl.c (print_prctl_args): New function.
(sys_prctl): Use it.
2015-07-25 09:55:02 +00:00
210a6b6884 prctl.c: make use of RVAL_DECODED
* prctl.c (prctl_enter, prctl_exit): Merge into sys_prctl.
(sys_prctl, sys_arch_prctl): Update for RVAL_DECODED.
2015-07-18 00:01:40 +00:00
7c53e984ac prctl.c: use printaddr and umove_or_printaddr
* prctl.c (prctl_exit): Use printaddr and umove_or_printaddr.
2015-07-18 00:01:40 +00:00
850ba4b1e9 Change printnum_* printers to honor syserror
With this change, printnum_* printers will not attempt to fetch data
in case of exiting(tcp) && syserror(tcp).
All "at exiting" decoders that call these printers have been made
ready for this change in previous commits.

* util.c (DEF_PRINTNUM, DEF_PRINTPAIR): Use umove_or_printaddr.
* prctl.c (prctl_exit): Use printnum_int and printnum_long.
(sys_arch_prctl): Do not check for syserror.
2015-07-14 21:59:26 +00:00
a0bd3749fc Declare syscall parsers using SYS_FUNC macro
Introduce SYS_FUNC macro to declare and define all syscall parsers.

* Makefile.am (BUILT_SOURCES, CLEANFILES): Add sys_func.h.
(sys_func.h): New rule.
* defs.h (SYS_FUNC_NAME, SYS_FUNC): New macros.
* linux/syscall.h: Include "sys_func.h".
[NEED_UID16_PARSERS]: Use SYS_FUNC to declare uid16 syscall parsers.
Remove other declarations.
* linux/alpha/syscallent.h (160, 161): Add sys_ prefix to osf_statfs
and osf_fstatfs syscall parsers.
* *.c: Use SYS_FUNC to define syscall parsers.
2015-04-07 11:22:49 +00:00
1e88073053 Improve prctl decoding
* configure.ac (AC_CHECK_HEADERS): Add linux/securebits.h.
* prctl.c (sys_prctl): Implement full decoding of all PR_* constants
as defined in linux v3.19.
(sys_arch_prctl): Fix decoding of unknown commands.
* xlat/cap.in: New file.
* xlat/pr_mce_kill.in: New file.
* xlat/pr_mce_kill_policy.in: New file.
* xlat/pr_set_mm.in: New file.
* xlat/pr_tsc.in: New file.
* xlat/pr_unalign_flags.in: New file.
* xlat/secbits.in: New file.
* xlat/prctl_options.in: Remove non-linux constants, add fallback
definitions.
* xlat/seccomp_mode.in: Add fallback definitions.
2015-02-19 01:54:38 +00:00
2af6903f45 Implement seccomp decoding
* configure.ac (AC_CHECK_HEADERS): Add linux/filter.h
and linux/seccomp.h.
* defs.h (print_seccomp_filter): New prototype.
* linux/dummy.h (sys_seccomp): Remove.
* linux/syscall.h (sys_seccomp): New prototype.
* prctl.c: Include <linux/seccomp.h>.
(sys_prctl): Decode PR_SET_SECCOMP.
* seccomp.c: New file.
* Makefile.am (strace_SOURCES): Add it.
* xlat/bpf_class.in: New file.
* xlat/bpf_miscop.in: Likewise.
* xlat/bpf_mode.in: Likewise.
* xlat/bpf_op_alu.in: Likewise.
* xlat/bpf_op_jmp.in: Likewise.
* xlat/bpf_rval.in: Likewise.
* xlat/bpf_size.in: Likewise.
* xlat/bpf_src.in: Likewise.
* xlat/seccomp_filter_flags.in: Likewise.
* xlat/seccomp_mode.in: Likewise.
* xlat/seccomp_ops.in: Likewise.
* xlat/seccomp_ret_action.in: Likewise.
2015-02-06 01:23:05 +00:00
8224758b33 Always compile sys_prctl parser
Since sys_prctl is referenced by syscallent files unconditionally,
conditional compilation of sys_prctl depending on prctl availability is
pointless.

* prctl.c (unalignctl_string, sys_prctl): Compile unconditionally.
2014-12-11 23:32:59 +00:00
53c993d9c1 process.c: move prctl and arch_prctl parsers to a separate file
* prctl.c: New file.
* Makefile.am (strace_SOURCES): Add it.
* process.c: Move sys_prctl, sys_arch_prctl, and related code to prctl.c.
2014-12-11 21:40:44 +00:00