[PATCH] arch: Add RISC-V 64-bit support

Signed-off-by: Andreas Schwab <schwab@suse.de>
[PM: minor macro shuffling in seccomp.h.in]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Gbp-Pq: Name riscv64_support.patch

diff --git a/include/seccomp-syscalls.h b/include/seccomp-syscalls.h
index 3c958dfce45f55da98b7ed288a1c373583918325..d7eb38317cd2c74893d9f53713a8065af4a17303 100644 (file)
--- a/include/seccomp-syscalls.h
+++ b/include/seccomp-syscalls.h
@@ -273,6 +273,7 @@
 #define __PNR_timerfd_settime64                        -10239
 #define __PNR_utimensat_time64                 -10240
 #define __PNR_ppoll                            -10241
+#define __PNR_renameat                         -10242
 
 /*
  * libseccomp syscall definitions
@@ -1494,7 +1495,11 @@
 #define __SNR_rename                   __PNR_rename
 #endif
 
+#ifdef __NR_renameat
 #define __SNR_renameat                 __NR_renameat
+#else
+#define __SNR_renameat                 __PNR_renameat
+#endif
 
 #define __SNR_renameat2                        __NR_renameat2
 

diff --git a/include/seccomp.h.in b/include/seccomp.h.in
index 07a504a29dd87ca89b9178efeee478a8217ad12a..2292c7a9505c7e9423fed709075be8b287b4c03a 100644 (file)
--- a/include/seccomp.h.in
+++ b/include/seccomp.h.in
@@ -193,6 +193,18 @@ struct scmp_arg_cmp {
 #define SCMP_ARCH_PARISC       AUDIT_ARCH_PARISC
 #define SCMP_ARCH_PARISC64     AUDIT_ARCH_PARISC64
 
+/**
+ * The RISC-V architecture tokens
+ */
+/* RISC-V support for audit was merged in 5.0-rc1 */
+#ifndef AUDIT_ARCH_RISCV64
+#ifndef EM_RISCV
+#define EM_RISCV               243
+#endif /* EM_RISCV */
+#define AUDIT_ARCH_RISCV64     (EM_RISCV|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
+#endif /* AUDIT_ARCH_RISCV64 */
+#define SCMP_ARCH_RISCV64      AUDIT_ARCH_RISCV64
+
 /**
  * Convert a syscall name into the associated syscall number
  * @param x the syscall name

diff --git a/src/Makefile.am b/src/Makefile.am
index 2e7e38d7bf97bd40363b474c4520c2a5220bcbc3..47e2f33274575d40b3bd1e51afb0d4f8a5b7c903 100644 (file)
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -42,6 +42,7 @@ SOURCES_ALL = \
        arch-parisc.h arch-parisc.c arch-parisc64.c arch-parisc-syscalls.c \
        arch-ppc.h arch-ppc.c arch-ppc-syscalls.c \
        arch-ppc64.h arch-ppc64.c arch-ppc64-syscalls.c \
+       arch-riscv64.h arch-riscv64.c arch-riscv64-syscalls.c \
        arch-s390.h arch-s390.c arch-s390-syscalls.c \
        arch-s390x.h arch-s390x.c arch-s390x-syscalls.c
 

diff --git a/src/arch-riscv64-syscalls.c b/src/arch-riscv64-syscalls.c
new file mode 100644 (file)
index 0000000..ceebece
--- /dev/null
+++ b/src/arch-riscv64-syscalls.c
@@ -0,0 +1,553 @@
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <string.h>
+
+#include <seccomp.h>
+
+#include "arch.h"
+#include "arch-riscv64.h"
+
+/* NOTE: based on Linux 5.4 */
+const struct arch_syscall_def riscv64_syscall_table[] = { \
+       { "_llseek", __PNR__llseek },
+       { "_newselect", __PNR__newselect },
+       { "_sysctl", __PNR__sysctl },
+       { "accept", 202 },
+       { "accept4", 242 },
+       { "access", __PNR_access },
+       { "acct", 89 },
+       { "add_key", 217 },
+       { "adjtimex", 171 },
+       { "afs_syscall", __PNR_afs_syscall },
+       { "alarm", __PNR_alarm },
+       { "arm_fadvise64_64", __PNR_arm_fadvise64_64 },
+       { "arm_sync_file_range", __PNR_arm_sync_file_range },
+       { "arch_prctl", __PNR_arch_prctl },
+       { "bdflush", __PNR_bdflush },
+       { "bind", 200 },
+       { "bpf", 280 },
+       { "break", __PNR_break },
+       { "breakpoint", __PNR_breakpoint },
+       { "brk", 214 },
+       { "cachectl", __PNR_cachectl },
+       { "cacheflush", __PNR_cacheflush },
+       { "capget", 90 },
+       { "capset", 91 },
+       { "chdir", 49 },
+       { "chmod", __PNR_chmod },
+       { "chown", __PNR_chown },
+       { "chown32", __PNR_chown32 },
+       { "chroot", 51 },
+       { "clock_adjtime", 266 },
+       { "clock_adjtime64", __PNR_clock_adjtime64 },
+       { "clock_getres", 114 },
+       { "clock_getres_time64", __PNR_clock_getres_time64 },
+       { "clock_gettime", 113 },
+       { "clock_gettime64", __PNR_clock_gettime64 },
+       { "clock_nanosleep", 115 },
+       { "clock_nanosleep_time64", __PNR_clock_nanosleep_time64 },
+       { "clock_settime", 112 },
+       { "clock_settime64", __PNR_clock_settime64 },
+       { "clone", 220 },
+       { "clone3", 435 },
+       { "close", 57 },
+       { "connect", 203 },
+       { "copy_file_range", 285 },
+       { "creat", __PNR_creat },
+       { "create_module", __PNR_create_module },
+       { "delete_module", 106 },
+       { "dup", 23 },
+       { "dup2", __PNR_dup2 },
+       { "dup3", 24 },
+       { "epoll_create", __PNR_epoll_create },
+       { "epoll_create1", 20 },
+       { "epoll_ctl", 21 },
+       { "epoll_ctl_old", __PNR_epoll_ctl_old },
+       { "epoll_pwait", 22 },
+       { "epoll_wait", __PNR_epoll_wait },
+       { "epoll_wait_old", __PNR_epoll_wait_old },
+       { "eventfd", __PNR_eventfd },
+       { "eventfd2", 19 },
+       { "execve", 221 },
+       { "execveat", 281 },
+       { "exit", 93 },
+       { "exit_group", 94 },
+       { "faccessat", 48 },
+       { "fadvise64", 223 },
+       { "fadvise64_64", __PNR_fadvise64_64 },
+       { "fallocate", 47 },
+       { "fanotify_init", 262 },
+       { "fanotify_mark", 263 },
+       { "fchdir", 50 },
+       { "fchmod", 52 },
+       { "fchmodat", 53 },
+       { "fchown", 55 },
+       { "fchown32", __PNR_fchown32 },
+       { "fchownat", 54 },
+       { "fcntl", 25 },
+       { "fcntl64", __PNR_fcntl64 },
+       { "fdatasync", 83 },
+       { "fgetxattr", 10 },
+       { "finit_module", 273 },
+       { "flistxattr", 13 },
+       { "flock", 32 },
+       { "fork", __PNR_fork },
+       { "fremovexattr", 16 },
+       { "fsconfig", 431 },
+       { "fsetxattr", 7 },
+       { "fsmount", 432 },
+       { "fsopen", 430 },
+       { "fspick", 433 },
+       { "fstat", 80 },
+       { "fstat64", __PNR_fstat64 },
+       { "fstatat64", __PNR_fstatat64 },
+       { "fstatfs", 44 },
+       { "fstatfs64", __PNR_fstatfs64 },
+       { "fsync", 82 },
+       { "ftime", __PNR_ftime },
+       { "ftruncate", 46 },
+       { "ftruncate64", __PNR_ftruncate64 },
+       { "futex", 98 },
+       { "futex_time64", __PNR_futex_time64 },
+       { "futimesat", __PNR_futimesat },
+       { "get_kernel_syms", __PNR_get_kernel_syms },
+       { "get_mempolicy", 236 },
+       { "get_robust_list", 100 },
+       { "get_thread_area", __PNR_get_thread_area },
+       { "get_tls", __PNR_get_tls },
+       { "getcpu", 168 },
+       { "getcwd", 17 },
+       { "getdents", __PNR_getdents },
+       { "getdents64", 61 },
+       { "getegid", 177 },
+       { "getegid32", __PNR_getegid32 },
+       { "geteuid", 175 },
+       { "geteuid32", __PNR_geteuid32 },
+       { "getgid", 176 },
+       { "getgid32", __PNR_getgid32 },
+       { "getgroups", 158 },
+       { "getgroups32", __PNR_getgroups32 },
+       { "getitimer", 102 },
+       { "getpeername", 205 },
+       { "getpgid", 155 },
+       { "getpgrp", __PNR_getpgrp },
+       { "getpid", 172 },
+       { "getpmsg", __PNR_getpmsg },
+       { "getppid", 173 },
+       { "getpriority", 141 },
+       { "getrandom", 278 },
+       { "getresgid", 150 },
+       { "getresgid32", __PNR_getresgid32 },
+       { "getresuid", 148 },
+       { "getresuid32", __PNR_getresuid32 },
+       { "getrlimit", 163 },
+       { "getrusage", 165 },
+       { "getsid", 156 },
+       { "getsockname", 204 },
+       { "getsockopt", 209 },
+       { "gettid", 178 },
+       { "gettimeofday", 169 },
+       { "getuid", 174 },
+       { "getuid32", __PNR_getuid32 },
+       { "getxattr", 8 },
+       { "gtty", __PNR_gtty },
+       { "idle", __PNR_idle },
+       { "init_module", 105 },
+       { "inotify_add_watch", 27 },
+       { "inotify_init", __PNR_inotify_init },
+       { "inotify_init1", 26 },
+       { "inotify_rm_watch", 28 },
+       { "io_cancel", 3 },
+       { "io_destroy", 1 },
+       { "io_getevents", 4 },
+       { "io_pgetevents", 292 },
+       { "io_pgetevents_time64", __PNR_io_pgetevents_time64 },
+       { "io_setup", 0 },
+       { "io_submit", 2 },
+       { "io_uring_enter", 426 },
+       { "io_uring_register", 427 },
+       { "io_uring_setup", 425 },
+       { "ioctl", 29 },
+       { "ioperm", __PNR_ioperm },
+       { "iopl", __PNR_iopl },
+       { "ioprio_get", 31 },
+       { "ioprio_set", 30 },
+       { "ipc", __PNR_ipc },
+       { "kcmp", 272 },
+       { "kexec_file_load", 294 },
+       { "kexec_load", 104 },
+       { "keyctl", 219 },
+       { "kill", 129 },
+       { "lchown", __PNR_lchown },
+       { "lchown32", __PNR_lchown32 },
+       { "lgetxattr", 9 },
+       { "link", __PNR_link },
+       { "linkat", 37 },
+       { "listen", 201 },
+       { "listxattr", 11 },
+       { "llistxattr", 12 },
+       { "lock", __PNR_lock },
+       { "lookup_dcookie", 18 },
+       { "lremovexattr", 15 },
+       { "lseek", 62 },
+       { "lsetxattr", 6 },
+       { "lstat", __PNR_lstat },
+       { "lstat64", __PNR_lstat64 },
+       { "madvise", 233 },
+       { "mbind", 235 },
+       { "membarrier", 283 },
+       { "memfd_create", 279 },
+       { "migrate_pages", 238 },
+       { "mincore", 232 },
+       { "mkdir", __PNR_mkdir },
+       { "mkdirat", 34 },
+       { "mknod", __PNR_mknod },
+       { "mknodat", 33 },
+       { "mlock", 228 },
+       { "mlock2", 284 },
+       { "mlockall", 230 },
+       { "mmap", 222 },
+       { "mmap2", __PNR_mmap2 },
+       { "modify_ldt", __PNR_modify_ldt },
+       { "mount", 40 },
+       { "move_mount", 429 },
+       { "move_pages", 239 },
+       { "mprotect", 226 },
+       { "mpx", __PNR_mpx },
+       { "mq_getsetattr", 185 },
+       { "mq_notify", 184 },
+       { "mq_open", 180 },
+       { "mq_timedreceive", 183 },
+       { "mq_timedreceive_time64", __PNR_mq_timedreceive_time64 },
+       { "mq_timedsend", 182 },
+       { "mq_timedsend_time64", __PNR_mq_timedsend_time64 },
+       { "mq_unlink", 181 },
+       { "mremap", 216 },
+       { "msgctl", 187 },
+       { "msgget", 186 },
+       { "msgrcv", 188 },
+       { "msgsnd", 189 },
+       { "msync", 227 },
+       { "multiplexer", __PNR_multiplexer },
+       { "munlock", 229 },
+       { "munlockall", 231 },
+       { "munmap", 215 },
+       { "name_to_handle_at", 264 },
+       { "nanosleep", 101 },
+       { "newfstatat", 79 },
+       { "nfsservctl", 42 },
+       { "nice", __PNR_nice },
+       { "oldfstat", __PNR_oldfstat },
+       { "oldlstat", __PNR_oldlstat },
+       { "oldolduname", __PNR_oldolduname },
+       { "oldstat", __PNR_oldstat },
+       { "olduname", __PNR_olduname },
+       { "oldwait4", __PNR_oldwait4 },
+       { "open", __PNR_open },
+       { "open_by_handle_at", 265 },
+       { "open_tree", 428 },
+       { "openat", 56 },
+       { "pause", __PNR_pause },
+       { "pciconfig_iobase", __PNR_pciconfig_iobase },
+       { "pciconfig_read", __PNR_pciconfig_read },
+       { "pciconfig_write", __PNR_pciconfig_write },
+       { "perf_event_open", 241 },
+       { "personality", 92 },
+       { "pidfd_open", 434 },
+       { "pidfd_send_signal", 424 },
+       { "pipe", __PNR_pipe },
+       { "pipe2", 59 },
+       { "pivot_root", 41 },
+       { "pkey_alloc", 289 },
+       { "pkey_free", 290 },
+       { "pkey_mprotect", 288 },
+       { "poll", __PNR_poll },
+       { "ppoll", 73 },
+       { "ppoll_time64", __PNR_ppoll_time64 },
+       { "prctl", 167 },
+       { "pread64", 67 },
+       { "preadv", 69 },
+       { "preadv2", 286 },
+       { "prlimit64", 261 },
+       { "process_vm_readv", 270 },
+       { "process_vm_writev", 271 },
+       { "prof", __PNR_prof },
+       { "profil", __PNR_profil },
+       { "pselect6", 72 },
+       { "pselect6_time64", __PNR_pselect6_time64 },
+       { "ptrace", 117 },
+       { "putpmsg", __PNR_putpmsg },
+       { "pwrite64", 68 },
+       { "pwritev", 70 },
+       { "pwritev2", 287 },
+       { "query_module", __PNR_query_module },
+       { "quotactl", 60 },
+       { "read", 63 },
+       { "readahead", 213 },
+       { "readdir", __PNR_readdir },
+       { "readlink", __PNR_readlink },
+       { "readlinkat", 78 },
+       { "readv", 65 },
+       { "reboot", 142 },
+       { "recv", __PNR_recv },
+       { "recvfrom", 207 },
+       { "recvmmsg", 243 },
+       { "recvmmsg_time64", __PNR_recvmmsg_time64 },
+       { "recvmsg", 212 },
+       { "remap_file_pages", 234 },
+       { "removexattr", 14 },
+       { "rename", __PNR_rename },
+       { "renameat", __PNR_renameat },
+       { "renameat2", 276 },
+       { "request_key", 218 },
+       { "restart_syscall", 128 },
+       { "rmdir", __PNR_rmdir },
+       { "riscv_flush_icache", 244 },
+       { "rseq", 293 },
+       { "rt_sigaction", 134 },
+       { "rt_sigpending", 136 },
+       { "rt_sigprocmask", 135 },
+       { "rt_sigqueueinfo", 138 },
+       { "rt_sigreturn", 139 },
+       { "rt_sigsuspend", 133 },
+       { "rt_sigtimedwait", 137 },
+       { "rt_sigtimedwait_time64", __PNR_rt_sigtimedwait_time64 },
+       { "rt_tgsigqueueinfo", 240 },
+       { "rtas", __PNR_rtas },
+       { "s390_guarded_storage", __PNR_s390_guarded_storage },
+       { "s390_pci_mmio_read", __PNR_s390_pci_mmio_read },
+       { "s390_pci_mmio_write", __PNR_s390_pci_mmio_write },
+       { "s390_runtime_instr", __PNR_s390_runtime_instr },
+       { "s390_sthyi", __PNR_s390_sthyi },
+       { "sched_get_priority_max", 125 },
+       { "sched_get_priority_min", 126 },
+       { "sched_getaffinity", 123 },
+       { "sched_getattr", 275 },
+       { "sched_getparam", 121 },
+       { "sched_getscheduler", 120 },
+       { "sched_rr_get_interval", 127 },
+       { "sched_rr_get_interval_time64", __PNR_sched_rr_get_interval_time64 },
+       { "sched_setaffinity", 122 },
+       { "sched_setattr", 274 },
+       { "sched_setparam", 118 },
+       { "sched_setscheduler", 119 },
+       { "sched_yield", 124 },
+       { "seccomp", 277 },
+       { "security", __PNR_security },
+       { "select", __PNR_select },
+       { "semctl", 191 },
+       { "semget", 190 },
+       { "semop", 193 },
+       { "semtimedop", 192 },
+       { "semtimedop_time64", __PNR_semtimedop_time64 },
+       { "send", __PNR_send },
+       { "sendfile", 71 },
+       { "sendfile64", __PNR_sendfile64 },
+       { "sendmmsg", 269 },
+       { "sendmsg", 211 },
+       { "sendto", 206 },
+       { "set_mempolicy", 237 },
+       { "set_robust_list", 99 },
+       { "set_thread_area", __PNR_set_thread_area },
+       { "set_tid_address", 96 },
+       { "set_tls", __PNR_set_tls },
+       { "setdomainname", 162 },
+       { "setfsgid", 152 },
+       { "setfsgid32", __PNR_setfsgid32 },
+       { "setfsuid", 151 },
+       { "setfsuid32", __PNR_setfsuid32 },
+       { "setgid", 144 },
+       { "setgid32", __PNR_setgid32 },
+       { "setgroups", 159 },
+       { "setgroups32", __PNR_setgroups32 },
+       { "sethostname", 161 },
+       { "setitimer", 103 },
+       { "setns", 268 },
+       { "setpgid", 154 },
+       { "setpriority", 140 },
+       { "setregid", 143 },
+       { "setregid32", __PNR_setregid32 },
+       { "setresgid", 149 },
+       { "setresgid32", __PNR_setresgid32 },
+       { "setresuid", 147 },
+       { "setresuid32", __PNR_setresuid32 },
+       { "setreuid", 145 },
+       { "setreuid32", __PNR_setreuid32 },
+       { "setrlimit", 164 },
+       { "setsid", 157 },
+       { "setsockopt", 208 },
+       { "settimeofday", 170 },
+       { "setuid", 146 },
+       { "setuid32", __PNR_setuid32 },
+       { "setxattr", 5 },
+       { "sgetmask", __PNR_sgetmask },
+       { "shmat", 196 },
+       { "shmctl", 195 },
+       { "shmdt", 197 },
+       { "shmget", 194 },
+       { "shutdown", 210 },
+       { "sigaction", __PNR_sigaction },
+       { "sigaltstack", 132 },
+       { "signal", __PNR_signal },
+       { "signalfd", __PNR_signalfd },
+       { "signalfd4", 74 },
+       { "sigpending", __PNR_sigpending },
+       { "sigprocmask", __PNR_sigprocmask },
+       { "sigreturn", __PNR_sigreturn },
+       { "sigsuspend", __PNR_sigsuspend },
+       { "socket", 198 },
+       { "socketcall", __PNR_socketcall },
+       { "socketpair", 199 },
+       { "splice", 76 },
+       { "spu_create", __PNR_spu_create },
+       { "spu_run", __PNR_spu_run },
+       { "ssetmask", __PNR_ssetmask },
+       { "stat", __PNR_stat },
+       { "stat64", __PNR_stat64 },
+       { "statfs", 43 },
+       { "statfs64", __PNR_statfs64 },
+       { "statx", 291 },
+       { "stime", __PNR_stime },
+       { "stty", __PNR_stty },
+       { "subpage_prot", __PNR_subpage_prot },
+       { "swapcontext", __PNR_swapcontext },
+       { "swapoff", 225 },
+       { "swapon", 224 },
+       { "switch_endian", __PNR_switch_endian },
+       { "symlink", __PNR_symlink },
+       { "symlinkat", 36 },
+       { "sync", 81 },
+       { "sync_file_range", 84 },
+       { "sync_file_range2", __PNR_sync_file_range2 },
+       { "syncfs", 267 },
+       { "syscall", __PNR_syscall },
+       { "sys_debug_setcontext", __PNR_sys_debug_setcontext },
+       { "sysfs", __PNR_sysfs },
+       { "sysinfo", 179 },
+       { "syslog", 116 },
+       { "sysmips", __PNR_sysmips },
+       { "tee", 77 },
+       { "tgkill", 131 },
+       { "time", __PNR_time },
+       { "timer_create", 107 },
+       { "timer_delete", 111 },
+       { "timer_getoverrun", 109 },
+       { "timer_gettime", 108 },
+       { "timer_gettime64", __PNR_timer_gettime64 },
+       { "timer_settime", 110 },
+       { "timer_settime64", __PNR_timer_settime64 },
+       { "timerfd", __PNR_timerfd },
+       { "timerfd_create", 85 },
+       { "timerfd_gettime", 87 },
+       { "timerfd_gettime64", __PNR_timerfd_gettime64 },
+       { "timerfd_settime", 86 },
+       { "timerfd_settime64", __PNR_timerfd_settime64 },
+       { "times", 153 },
+       { "tkill", 130 },
+       { "truncate", 45 },
+       { "truncate64", __PNR_truncate64 },
+       { "tuxcall", __PNR_tuxcall },
+       { "ugetrlimit", __PNR_ugetrlimit },
+       { "ulimit", __PNR_ulimit },
+       { "umask", 166 },
+       { "umount", __PNR_umount },
+       { "umount2", 39 },
+       { "uname", 160 },
+       { "unlink", __PNR_unlink },
+       { "unlinkat", 35 },
+       { "unshare", 97 },
+       { "uselib", __PNR_uselib },
+       { "userfaultfd", 282 },
+       { "usr26", __PNR_usr26 },
+       { "usr32", __PNR_usr32 },
+       { "ustat", __PNR_ustat },
+       { "utime", __PNR_utime },
+       { "utimensat", 88 },
+       { "utimensat_time64", __PNR_utimensat_time64 },
+       { "utimes", __PNR_utimes },
+       { "vfork", __PNR_vfork },
+       { "vhangup", 58 },
+       { "vm86", __PNR_vm86 },
+       { "vm86old", __PNR_vm86old },
+       { "vmsplice", 75 },
+       { "vserver", __PNR_vserver },
+       { "wait4", 260 },
+       { "waitid", 95 },
+       { "waitpid", __PNR_waitpid },
+       { "write", 64 },
+       { "writev", 66 },
+       { NULL, __NR_SCMP_ERROR },
+};
+
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int riscv64_syscall_resolve_name(const char *name)
+{
+       unsigned int iter;
+       const struct arch_syscall_def *table = riscv64_syscall_table;
+
+       /* XXX - plenty of room for future improvement here */
+       for (iter = 0; table[iter].name != NULL; iter++) {
+               if (strcmp(name, table[iter].name) == 0)
+                       return table[iter].num;
+       }
+
+       return __NR_SCMP_ERROR;
+}
+
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the syscall table.
+ * Returns a pointer to the syscall name string on success, including pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *riscv64_syscall_resolve_num(int num)
+{
+       unsigned int iter;
+       const struct arch_syscall_def *table = riscv64_syscall_table;
+
+       /* XXX - plenty of room for future improvement here */
+       for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
+               if (num == table[iter].num)
+                       return table[iter].name;
+       }
+
+       return NULL;
+}
+
+
+/**
+ * Iterate through the syscall table and return the syscall mapping
+ * @param spot the offset into the syscall table
+ *
+ * Return the syscall mapping at position @spot or NULL on failure.  This
+ * function should only ever be used internally by libseccomp.
+ *
+ */
+const struct arch_syscall_def *riscv64_syscall_iterate(unsigned int spot)
+{
+       /* XXX - no safety checks here */
+       return &riscv64_syscall_table[spot];
+}

diff --git a/src/arch-riscv64.c b/src/arch-riscv64.c
new file mode 100644 (file)
index 0000000..67bc926
--- /dev/null
+++ b/src/arch-riscv64.c
@@ -0,0 +1,31 @@
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#include <stdlib.h>
+#include <errno.h>
+#include <linux/audit.h>
+
+#include "arch.h"
+#include "arch-riscv64.h"
+
+const struct arch_def arch_def_riscv64 = {
+       .token = SCMP_ARCH_RISCV64,
+       .token_bpf = AUDIT_ARCH_RISCV64,
+       .size = ARCH_SIZE_64,
+       .endian = ARCH_ENDIAN_LITTLE,
+       .syscall_resolve_name = riscv64_syscall_resolve_name,
+       .syscall_resolve_num = riscv64_syscall_resolve_num,
+       .syscall_rewrite = NULL,
+       .rule_add = NULL,
+};

diff --git a/src/arch-riscv64.h b/src/arch-riscv64.h
new file mode 100644 (file)
index 0000000..16fca6b
--- /dev/null
+++ b/src/arch-riscv64.h
@@ -0,0 +1,30 @@
+/*
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of version 2.1 of the GNU Lesser General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this library; if not, see <http://www.gnu.org/licenses>.
+ */
+
+#ifndef _ARCH_RISCV64_H
+#define _ARCH_RISCV64_H
+
+#include <inttypes.h>
+
+#include "arch.h"
+#include "system.h"
+
+extern const struct arch_def arch_def_riscv64;
+
+int riscv64_syscall_resolve_name(const char *name);
+const char *riscv64_syscall_resolve_num(int num);
+
+const struct arch_syscall_def *riscv64_syscall_iterate(unsigned int spot);
+
+#endif

diff --git a/src/arch.c b/src/arch.c
index bfa664fe3aa6196364738eca48d7a073f9963cf8..83c2c9b0da2b479da1669eb3894ad36ff1bfc60a 100644 (file)
--- a/src/arch.c
+++ b/src/arch.c
@@ -41,6 +41,7 @@
 #include "arch-parisc.h"
 #include "arch-ppc.h"
 #include "arch-ppc64.h"
+#include "arch-riscv64.h"
 #include "arch-s390.h"
 #include "arch-s390x.h"
 #include "db.h"
@@ -94,6 +95,8 @@ const struct arch_def *arch_def_native = &arch_def_ppc;
 const struct arch_def *arch_def_native = &arch_def_s390x;
 #elif __s390__
 const struct arch_def *arch_def_native = &arch_def_s390;
+#elif __riscv && __riscv_xlen == 64
+const struct arch_def *arch_def_native = &arch_def_riscv64;
 #else
 #error the arch code needs to know about your machine type
 #endif /* machine type guess */
@@ -156,6 +159,8 @@ const struct arch_def *arch_def_lookup(uint32_t token)
                return &arch_def_s390;
        case SCMP_ARCH_S390X:
                return &arch_def_s390x;
+       case SCMP_ARCH_RISCV64:
+               return &arch_def_riscv64;
        }
 
        return NULL;
@@ -206,6 +211,8 @@ const struct arch_def *arch_def_lookup_name(const char *arch_name)
                return &arch_def_s390;
        else if (strcmp(arch_name, "s390x") == 0)
                return &arch_def_s390x;
+       else if (strcmp(arch_name, "riscv64") == 0)
+               return &arch_def_riscv64;
 
        return NULL;
 }

diff --git a/src/gen_pfc.c b/src/gen_pfc.c
index 75d8507aa0abd6fbd83ec5ece4fd2d0c4a90d84e..8186f0d0109cdaae5e0bb4e1d0217925057cb4c6 100644 (file)
--- a/src/gen_pfc.c
+++ b/src/gen_pfc.c
@@ -87,6 +87,8 @@ static const char *_pfc_arch(const struct arch_def *arch)
                return "s390x";
        case SCMP_ARCH_S390:
                return "s390";
+       case SCMP_ARCH_RISCV64:
+               return "riscv64";
        default:
                return "UNKNOWN";
        }

diff --git a/src/python/libseccomp.pxd b/src/python/libseccomp.pxd
index 49d0be4c9de812b5a7548f424ca9c8f4732bf1ed..1888ad894918f23e163a0c6fe21d9f5fe77ded7a 100644 (file)
--- a/src/python/libseccomp.pxd
+++ b/src/python/libseccomp.pxd
@@ -50,6 +50,7 @@ cdef extern from "seccomp.h":
         SCMP_ARCH_PPC64LE
         SCMP_ARCH_S390
         SCMP_ARCH_S390X
+        SCMP_ARCH_RISCV64
 
     cdef enum scmp_filter_attr:
         SCMP_FLTATR_ACT_DEFAULT

diff --git a/src/python/seccomp.pyx b/src/python/seccomp.pyx
index 121a0d6a515266d05a8d5f2a2e86d298c96f5ed5..b57dde2613460da6b206bb33c08e565d6497f916 100644 (file)
--- a/src/python/seccomp.pyx
+++ b/src/python/seccomp.pyx
@@ -205,6 +205,7 @@ cdef class Arch:
     PARISC64 - 64-bit PA-RISC
     PPC64 - 64-bit PowerPC
     PPC - 32-bit PowerPC
+    RISCV64 - 64-bit RISC-V
     """
 
     cdef int _token
@@ -228,6 +229,7 @@ cdef class Arch:
     PPC64LE = libseccomp.SCMP_ARCH_PPC64LE
     S390 = libseccomp.SCMP_ARCH_S390
     S390X = libseccomp.SCMP_ARCH_S390X
+    RISCV64 = libseccomp.SCMP_ARCH_RISCV64
 
     def __cinit__(self, arch=libseccomp.SCMP_ARCH_NATIVE):
         """ Initialize the architecture object.

diff --git a/src/system.c b/src/system.c
index 0501b76d05920cff075cc845162e8657f0e4d751..8a68204bde669451da4fdcc1d424ecd36e55a973 100644 (file)
--- a/src/system.c
+++ b/src/system.c
@@ -75,6 +75,7 @@ int sys_chk_seccomp_syscall(void)
        case SCMP_ARCH_PPC64LE:
        case SCMP_ARCH_S390:
        case SCMP_ARCH_S390X:
+       case SCMP_ARCH_RISCV64:
                break;
        default:
                goto unsupported;

diff --git a/tests/15-basic-resolver.c b/tests/15-basic-resolver.c
index 0c1eefebcde56d104d6225ce83cfec80ffb4798f..2679270e98651db08359b0e1d203cbe62e6d5142 100644 (file)
--- a/tests/15-basic-resolver.c
+++ b/tests/15-basic-resolver.c
@@ -45,6 +45,7 @@ unsigned int arch_list[] = {
        SCMP_ARCH_S390X,
        SCMP_ARCH_PARISC,
        SCMP_ARCH_PARISC64,
+       SCMP_ARCH_RISCV64,
        -1
 };
 

diff --git a/tests/16-sim-arch_basic.c b/tests/16-sim-arch_basic.c
index 7495f82d23a09c74871f6b81b2788929c986b8e4..2405cb4e6695eafb47154af7e28cf82ab378c7d2 100644 (file)
--- a/tests/16-sim-arch_basic.c
+++ b/tests/16-sim-arch_basic.c
@@ -84,6 +84,9 @@ int main(int argc, char *argv[])
        if (rc != 0)
                goto out;
        rc = seccomp_arch_add(ctx, SCMP_ARCH_PPC64LE);
+       if (rc != 0)
+               goto out;
+       rc = seccomp_arch_add(ctx, SCMP_ARCH_RISCV64);
        if (rc != 0)
                goto out;
 
@@ -150,6 +153,9 @@ int main(int argc, char *argv[])
        rc = seccomp_arch_remove(ctx, SCMP_ARCH_PPC64LE);
        if (rc != 0)
                goto out;
+       rc = seccomp_arch_remove(ctx, SCMP_ARCH_RISCV64);
+       if (rc != 0)
+               goto out;
 
 out:
        seccomp_release(ctx);

diff --git a/tests/16-sim-arch_basic.py b/tests/16-sim-arch_basic.py
index 7d7a05f99c6a02d4c245e12e8d485c5654585f28..846553fb327f57a7da9b771784580aab2eaed725 100755 (executable)
--- a/tests/16-sim-arch_basic.py
+++ b/tests/16-sim-arch_basic.py
@@ -44,6 +44,7 @@ def test(args):
     f.add_arch(Arch("mipsel64"))
     f.add_arch(Arch("mipsel64n32"))
     f.add_arch(Arch("ppc64le"))
+    f.add_arch(Arch("riscv64"))
     f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
     f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
     f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))

diff --git a/tests/23-sim-arch_all_le_basic.c b/tests/23-sim-arch_all_le_basic.c
index 5672980a5632c1f9e3b06b6e0f17f8718c66d901..32739e5b394ea93ff8030e8d65c934e8c1ffea6b 100644 (file)
--- a/tests/23-sim-arch_all_le_basic.c
+++ b/tests/23-sim-arch_all_le_basic.c
@@ -69,6 +69,9 @@ int main(int argc, char *argv[])
        if (rc != 0)
                goto out;
        rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("ppc64le"));
+       if (rc != 0)
+               goto out;
+       rc = seccomp_arch_add(ctx, seccomp_arch_resolve_name("riscv64"));
        if (rc != 0)
                goto out;
 

diff --git a/tests/23-sim-arch_all_le_basic.py b/tests/23-sim-arch_all_le_basic.py
index 5927f37e38c94049e393e2c4d82e8f7959058b28..33eedb17872f505879dc48c0b72f5412a66e56c8 100755 (executable)
--- a/tests/23-sim-arch_all_le_basic.py
+++ b/tests/23-sim-arch_all_le_basic.py
@@ -40,6 +40,7 @@ def test(args):
     f.add_arch(Arch("mipsel64"))
     f.add_arch(Arch("mipsel64n32"))
     f.add_arch(Arch("ppc64le"))
+    f.add_arch(Arch("riscv64"))
     f.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno()))
     f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno()))
     f.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno()))

diff --git a/tests/regression b/tests/regression
index 56822fb73b2f1037589ec5c9e1ee8f40e032bb19..ef98c3d963c17894d61a3ef0e57fcf3898afa011 100755 (executable)
--- a/tests/regression
+++ b/tests/regression
@@ -25,7 +25,8 @@ GLBL_ARCH_LE_SUPPORT=" \
        x86 x86_64 x32 \
        arm aarch64 \
        mipsel mipsel64 mipsel64n32 \
-       ppc64le"
+       ppc64le \
+       riscv64"
 GLBL_ARCH_BE_SUPPORT=" \
        mips mips64 mips64n32 \
        parisc parisc64 \
@@ -46,6 +47,7 @@ GLBL_ARCH_64B_SUPPORT=" \
        mips64 \
        parisc64 \
        ppc64 \
+       riscv64 \
        s390x"
 
 GLBL_SYS_ARCH="../tools/scmp_arch_detect"
@@ -777,7 +779,7 @@ function run_test_live() {
 
        # setup the arch specific return values
        case "$arch" in
-       x86|x86_64|x32|arm|aarch64|parisc|parisc64|ppc|ppc64|ppc64le|ppc|s390|s390x)
+       x86|x86_64|x32|arm|aarch64|parisc|parisc64|ppc|ppc64|ppc64le|ppc|s390|s390x|riscv64)
                rc_kill_process=159
                rc_kill=159
                rc_allow=160

diff --git a/tools/scmp_arch_detect.c b/tools/scmp_arch_detect.c
index ad43f2df805f5949656fb71b4ba57e4af083454d..b844a68205f47d518208a5b15a391ebaecf59201 100644 (file)
--- a/tools/scmp_arch_detect.c
+++ b/tools/scmp_arch_detect.c
@@ -120,6 +120,9 @@ int main(int argc, char *argv[])
                case SCMP_ARCH_S390X:
                        printf("s390x\n");
                        break;
+               case SCMP_ARCH_RISCV64:
+                       printf("riscv64\n");
+                       break;
                default:
                        printf("unknown\n");
                }

diff --git a/tools/scmp_bpf_disasm.c b/tools/scmp_bpf_disasm.c
index 27fba9ad40376ab67b42ffa58d252348d9153a43..5c914b41962f932145bb2f36a617c758ad8807d5 100644 (file)
--- a/tools/scmp_bpf_disasm.c
+++ b/tools/scmp_bpf_disasm.c
@@ -508,6 +508,8 @@ int main(int argc, char *argv[])
                                arch = AUDIT_ARCH_S390;
                        else if (strcmp(optarg, "s390x") == 0)
                                arch = AUDIT_ARCH_S390X;
+                       else if (strcmp(optarg, "riscv64") == 0)
+                               arch = AUDIT_ARCH_RISCV64;
                        else
                                exit_usage(argv[0]);
                        break;

diff --git a/tools/scmp_bpf_sim.c b/tools/scmp_bpf_sim.c
index 4d308220cf872dfa41f51fcaa75aaf35135e22c1..a381314346d9d676e843cbc94f97e8aba9bf50fd 100644 (file)
--- a/tools/scmp_bpf_sim.c
+++ b/tools/scmp_bpf_sim.c
@@ -285,6 +285,8 @@ int main(int argc, char *argv[])
                                arch = AUDIT_ARCH_S390;
                        else if (strcmp(optarg, "s390x") == 0)
                                arch = AUDIT_ARCH_S390X;
+                       else if (strcmp(optarg, "riscv64") == 0)
+                               arch = AUDIT_ARCH_RISCV64;
                        else
                                exit_fault(EINVAL);
                        break;

diff --git a/tools/util.c b/tools/util.c
index 712233557150f2918366397c6ec69dddf5e46ab8..741b2a280c2371f9d58b64ead875494dedd6d038 100644 (file)
--- a/tools/util.c
+++ b/tools/util.c
@@ -78,6 +78,8 @@
 #define ARCH_NATIVE            AUDIT_ARCH_S390X
 #elif __s390__
 #define ARCH_NATIVE            AUDIT_ARCH_S390
+#elif __riscv && __riscv_xlen == 64
+#define ARCH_NATIVE            AUDIT_ARCH_RISCV64
 #else
 #error the simulator code needs to know about your machine type
 #endif

diff --git a/tools/util.h b/tools/util.h
index 08c483978162d92901f4445eb46ad997420e20cf..6c2ca33db81a8244b79d0b0ce6f344f8f6cafcf6 100644 (file)
--- a/tools/util.h
+++ b/tools/util.h
@@ -72,6 +72,13 @@
 #define AUDIT_ARCH_PPC64LE     (EM_PPC64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
 #endif
 
+#ifndef AUDIT_ARCH_RISCV64
+#ifndef EM_RISCV
+#define EM_RISCV               243
+#endif /* EM_RISCV */
+#define AUDIT_ARCH_RISCV64     (EM_RISCV|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
+#endif /* AUDIT_ARCH_RISCV64 */
+
 extern uint32_t arch;
 
 uint16_t ttoh16(uint32_t arch, uint16_t val);