/**
* Modify the current syscall of @tracee as described by @modif
* regarding the given @config. This function returns whether the
* syscall was modified or not.
*/
static bool modify_syscall(Tracee *tracee, const Config *config, const Modif *modif)
{
size_t i, j;
word_t syscall;
assert(config != NULL);
if (!needs_kompat(config, modif->expected_release))
return false;
/* Check if this syscall is supported on this architecture. */
syscall = detranslate_sysnum(get_abi(tracee), modif->new_sysarg_num);
if (syscall == SYSCALL_AVOIDER)
return false;
set_sysnum(tracee, modif->new_sysarg_num);
/* Shift syscall arguments. */
for (i = 0; i < MAX_ARG_SHIFT; i++) {
Reg sysarg = modif->shifts[i].sysarg;
size_t nb_args = modif->shifts[i].nb_args;
int offset = modif->shifts[i].offset;
for (j = 0; j < nb_args; j++) {
word_t arg = peek_reg(tracee, CURRENT, sysarg + j);
poke_reg(tracee, sysarg + j + offset, arg);
}
}
return true;
}
/**
* Modify the current syscall of @tracee as described by @modif
* regarding the given @config. This function returns whether the
* syscall was modified or not.
*/
static bool modify_syscall(Tracee *tracee, const Config *config, const Modif *modif)
{
size_t i, j;
assert(config != NULL);
if (!needs_kompat(config, modif->expected_release))
return false;
set_sysnum(tracee, modif->new_sysarg_num);
/* Shift syscall arguments. */
for (i = 0; i < MAX_ARG_SHIFT; i++) {
Reg sysarg = modif->shifts[i].sysarg;
size_t nb_args = modif->shifts[i].nb_args;
int offset = modif->shifts[i].offset;
for (j = 0; j < nb_args; j++) {
word_t arg = peek_reg(tracee, CURRENT, sysarg + j);
poke_reg(tracee, sysarg + j + offset, arg);
}
}
return true;
}
/**
* Remove @discarded_flags from the given @tracee's @sysarg register
* if the actual kernel release is not compatible with the
* @expected_release.
*/
static void discard_fd_flags(Tracee *tracee, const Config *config,
int discarded_flags, int expected_release, Reg sysarg)
{
word_t flags;
if (!needs_kompat(config, expected_release))
return;
flags = peek_reg(tracee, CURRENT, sysarg);
poke_reg(tracee, sysarg, flags & ~discarded_flags);
}
/**
* Replace current @tracee's syscall with an older and compatible one
* whenever it's required, i.e. when the syscall is supported by the
* kernel as specified by @config->virtual_release but it isn't
* supported by the actual kernel.
*/
static int handle_sysenter_end(Tracee *tracee, Config *config)
{
/* Note: syscalls like "openat" can be replaced by "open" since PRoot
* has canonicalized "fd + path" into "path". */
switch (get_sysnum(tracee, ORIGINAL)) {
case PR_accept4: {
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,28),
.new_sysarg_num = PR_accept,
.shifts = NONE
};
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_dup3: {
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,27),
.new_sysarg_num = PR_dup2,
.shifts = NONE
};
/* "If oldfd equals newfd, then dup3() fails with the
* error EINVAL" -- man dup3 */
if (peek_reg(tracee, CURRENT, SYSARG_1) == peek_reg(tracee, CURRENT, SYSARG_2))
return -EINVAL;
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_epoll_create1: {
bool modified;
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,27),
.new_sysarg_num = PR_epoll_create,
.shifts = NONE
};
/* "the size argument is ignored, but must be greater
* than zero" -- man epoll_create */
modified = modify_syscall(tracee, config, &modif);
if (modified)
poke_reg(tracee, SYSARG_1, 1);
return 0;
}
case PR_epoll_pwait: {
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,19),
.new_sysarg_num = PR_epoll_wait,
.shifts = NONE
};
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_eventfd2: {
bool modified;
word_t flags;
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,27),
.new_sysarg_num = PR_eventfd,
.shifts = NONE
};
modified = modify_syscall(tracee, config, &modif);
if (modified) {
/* EFD_SEMAPHORE can't be emulated with eventfd. */
flags = peek_reg(tracee, CURRENT, SYSARG_2);
if ((flags & EFD_SEMAPHORE) != 0)
return -EINVAL;
}
return 0;
}
case PR_faccessat: {
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,16),
.new_sysarg_num = PR_access,
.shifts = { [0] = {
.sysarg = SYSARG_2,
.nb_args = 2,
.offset = -1 }
}
};
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_fchmodat: {
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,16),
.new_sysarg_num = PR_chmod,
.shifts = { [0] = {
.sysarg = SYSARG_2,
.nb_args = 2,
.offset = -1 }
}
};
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_fchownat: {
word_t flags;
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,16),
.shifts = { [0] = {
.sysarg = SYSARG_2,
.nb_args = 3,
.offset = -1 }
}
};
flags = peek_reg(tracee, CURRENT, SYSARG_5);
modif.new_sysarg_num = ((flags & AT_SYMLINK_NOFOLLOW) != 0
? PR_lchown
: PR_chown);
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_fcntl: {
word_t command;
if (!needs_kompat(config, KERNEL_VERSION(2,6,24)))
return 0;
command = peek_reg(tracee, ORIGINAL, SYSARG_2);
if (command == F_DUPFD_CLOEXEC)
poke_reg(tracee, SYSARG_2, F_DUPFD);
return 0;
}
case PR_newfstatat:
case PR_fstatat64: {
word_t flags;
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,16),
.shifts = { [0] = {
.sysarg = SYSARG_2,
.nb_args = 2,
.offset = -1 }
}
};
flags = peek_reg(tracee, CURRENT, SYSARG_4);
if ((flags & ~AT_SYMLINK_NOFOLLOW) != 0)
return -EINVAL; /* Exposed by LTP. */
#if defined(ARCH_X86_64)
if ((flags & AT_SYMLINK_NOFOLLOW) != 0)
modif.new_sysarg_num = (get_abi(tracee) != ABI_2 ? PR_lstat : PR_lstat64);
else
modif.new_sysarg_num = (get_abi(tracee) != ABI_2 ? PR_stat : PR_stat64);
#else
if ((flags & AT_SYMLINK_NOFOLLOW) != 0)
modif.new_sysarg_num = PR_lstat64;
else
modif.new_sysarg_num = PR_stat64;
#endif
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_futex: {
word_t operation;
static bool warned = false;
if (!needs_kompat(config, KERNEL_VERSION(2,6,22)) || config->actual_release == 0)
return 0;
operation = peek_reg(tracee, CURRENT, SYSARG_2);
if ((operation & FUTEX_PRIVATE_FLAG) == 0)
return 0;
if (!warned) {
warned = true;
note(tracee, WARNING, USER,
"kompat: this kernel doesn't support private futexes "
"and PRoot can't emulate them. Expect some troubles...");
}
poke_reg(tracee, SYSARG_2, operation & ~FUTEX_PRIVATE_FLAG);
return 0;
}
case PR_futimesat: {
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,16),
.new_sysarg_num = PR_utimes,
.shifts = { [0] = {
.sysarg = SYSARG_2,
.nb_args = 2,
.offset = -1 }
}
};
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_inotify_init1: {
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,27),
.new_sysarg_num = PR_inotify_init,
.shifts = NONE
};
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_linkat: {
word_t flags;
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,16),
.new_sysarg_num = PR_link,
.shifts = { [0] = {
.sysarg = SYSARG_2,
.nb_args = 1,
.offset = -1 },
[1] = {
.sysarg = SYSARG_4,
.nb_args = 1,
.offset = -2 }
}
};
flags = peek_reg(tracee, CURRENT, SYSARG_5);
if ((flags & ~AT_SYMLINK_FOLLOW) != 0)
return -EINVAL; /* Exposed by LTP. */
modify_syscall(tracee, config, &modif);
return 0;
}
case PR_mkdirat: {
Modif modif = {
.expected_release = KERNEL_VERSION(2,6,16),
.new_sysarg_num = PR_mkdir,
.shifts = { [0] = {
.sysarg = SYSARG_2,
.nb_args = 2,
.offset = -1 }
}
};
modify_syscall(tracee, config, &modif);
return 0;
}