From d1881b4ce9f24744859e1caaceb537274be6dcb5 Mon Sep 17 00:00:00 2001 From: FedeDP <5837210+FedeDP@users.noreply.github.com> Date: Thu, 2 Jan 2025 10:44:13 +0000 Subject: [PATCH] update(driver): update syscalls tables and driver report. Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- docs/report.md | 4 ++++ driver/SCHEMA_VERSION | 2 +- driver/ppm_events_public.h | 6 +++++- driver/syscall_compat_aarch64.h | 12 ++++++++++++ driver/syscall_compat_loongarch64.h | 12 ++++++++++++ driver/syscall_compat_ppc64le.h | 12 ++++++++++++ driver/syscall_compat_riscv64.h | 12 ++++++++++++ driver/syscall_compat_s390x.h | 12 ++++++++++++ driver/syscall_compat_x86_64.h | 12 ++++++++++++ driver/syscall_ia32_64_map.c | 4 ++++ driver/syscall_table.c | 12 ++++++++++++ userspace/libscap/linux/scap_ppm_sc.c | 8 ++++++++ 12 files changed, 106 insertions(+), 2 deletions(-) diff --git a/docs/report.md b/docs/report.md index 4e880fa8ac..8c26bcf93e 100644 --- a/docs/report.md +++ b/docs/report.md @@ -116,6 +116,7 @@ | gettimeofday | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | getuid | 🟢 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | getxattr | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | +| getxattrat | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | init_module | 🟢 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | inotify_add_watch | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | inotify_init | 🟢 | ppc64le,s390x,x86_64 | @@ -151,6 +152,7 @@ | listen | 🟢 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | listmount | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | listxattr | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | +| listxattrat | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | llistxattr | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | lookup_dcookie | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | lremovexattr | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | @@ -259,6 +261,7 @@ | recvmsg | 🟢 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | remap_file_pages | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | removexattr | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | +| removexattrat | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | rename | 🟢 | ppc64le,s390x,x86_64 | | renameat | 🟢 | aarch64,ppc64le,s390x,x86_64 | | renameat2 | 🟢 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | @@ -330,6 +333,7 @@ | settimeofday | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | setuid | 🟢 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | setxattr | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | +| setxattrat | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | sgetmask | 🟡 | ppc64le | | shmat | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | | shmctl | 🟡 | aarch64,loongarch64,ppc64le,riscv64,s390x,x86_64 | diff --git a/driver/SCHEMA_VERSION b/driver/SCHEMA_VERSION index 18091983f5..47b322c971 100644 --- a/driver/SCHEMA_VERSION +++ b/driver/SCHEMA_VERSION @@ -1 +1 @@ -3.4.0 +3.4.1 diff --git a/driver/ppm_events_public.h b/driver/ppm_events_public.h index 3dc76c0214..f1991fc2c4 100644 --- a/driver/ppm_events_public.h +++ b/driver/ppm_events_public.h @@ -1989,7 +1989,11 @@ enum sys_exit_extra_code { PPM_SC_X(LSM_SET_SELF_ATTR, 440) \ PPM_SC_X(LSM_LIST_MODULES, 441) \ PPM_SC_X(MSEAL, 442) \ - PPM_SC_X(URETPROBE, 443) + PPM_SC_X(URETPROBE, 443) \ + PPM_SC_X(REMOVEXATTRAT, 444) \ + PPM_SC_X(LISTXATTRAT, 445) \ + PPM_SC_X(GETXATTRAT, 446) \ + PPM_SC_X(SETXATTRAT, 447) typedef enum { #define PPM_SC_X(name, value) PPM_SC_##name = (value), diff --git a/driver/syscall_compat_aarch64.h b/driver/syscall_compat_aarch64.h index 8494781e80..98a779e912 100644 --- a/driver/syscall_compat_aarch64.h +++ b/driver/syscall_compat_aarch64.h @@ -965,3 +965,15 @@ or GPL2.txt for full copies of the license. #ifndef __NR_mseal #define __NR_mseal 462 #endif +#ifndef __NR_setxattrat +#define __NR_setxattrat 463 +#endif +#ifndef __NR_getxattrat +#define __NR_getxattrat 464 +#endif +#ifndef __NR_listxattrat +#define __NR_listxattrat 465 +#endif +#ifndef __NR_removexattrat +#define __NR_removexattrat 466 +#endif diff --git a/driver/syscall_compat_loongarch64.h b/driver/syscall_compat_loongarch64.h index e593dedbe4..81984b8bcd 100644 --- a/driver/syscall_compat_loongarch64.h +++ b/driver/syscall_compat_loongarch64.h @@ -953,3 +953,15 @@ or GPL2.txt for full copies of the license. #ifndef __NR_mseal #define __NR_mseal 462 #endif +#ifndef __NR_setxattrat +#define __NR_setxattrat 463 +#endif +#ifndef __NR_getxattrat +#define __NR_getxattrat 464 +#endif +#ifndef __NR_listxattrat +#define __NR_listxattrat 465 +#endif +#ifndef __NR_removexattrat +#define __NR_removexattrat 466 +#endif diff --git a/driver/syscall_compat_ppc64le.h b/driver/syscall_compat_ppc64le.h index 8586d05899..26aac7c9b2 100644 --- a/driver/syscall_compat_ppc64le.h +++ b/driver/syscall_compat_ppc64le.h @@ -1196,3 +1196,15 @@ or GPL2.txt for full copies of the license. #ifndef __NR_mseal #define __NR_mseal 462 #endif +#ifndef __NR_setxattrat +#define __NR_setxattrat 463 +#endif +#ifndef __NR_getxattrat +#define __NR_getxattrat 464 +#endif +#ifndef __NR_listxattrat +#define __NR_listxattrat 465 +#endif +#ifndef __NR_removexattrat +#define __NR_removexattrat 466 +#endif diff --git a/driver/syscall_compat_riscv64.h b/driver/syscall_compat_riscv64.h index f3b88c236e..52e867e9f3 100644 --- a/driver/syscall_compat_riscv64.h +++ b/driver/syscall_compat_riscv64.h @@ -968,3 +968,15 @@ or GPL2.txt for full copies of the license. #ifndef __NR_mseal #define __NR_mseal 462 #endif +#ifndef __NR_setxattrat +#define __NR_setxattrat 463 +#endif +#ifndef __NR_getxattrat +#define __NR_getxattrat 464 +#endif +#ifndef __NR_listxattrat +#define __NR_listxattrat 465 +#endif +#ifndef __NR_removexattrat +#define __NR_removexattrat 466 +#endif diff --git a/driver/syscall_compat_s390x.h b/driver/syscall_compat_s390x.h index 1bc271d7ac..c05433d17e 100644 --- a/driver/syscall_compat_s390x.h +++ b/driver/syscall_compat_s390x.h @@ -1124,3 +1124,15 @@ or GPL2.txt for full copies of the license. #ifndef __NR_mseal #define __NR_mseal 462 #endif +#ifndef __NR_setxattrat +#define __NR_setxattrat 463 +#endif +#ifndef __NR_getxattrat +#define __NR_getxattrat 464 +#endif +#ifndef __NR_listxattrat +#define __NR_listxattrat 465 +#endif +#ifndef __NR_removexattrat +#define __NR_removexattrat 466 +#endif diff --git a/driver/syscall_compat_x86_64.h b/driver/syscall_compat_x86_64.h index c257403dcf..4cb04eb8ee 100644 --- a/driver/syscall_compat_x86_64.h +++ b/driver/syscall_compat_x86_64.h @@ -1103,3 +1103,15 @@ or GPL2.txt for full copies of the license. #ifndef __NR_mseal #define __NR_mseal 462 #endif +#ifndef __NR_setxattrat +#define __NR_setxattrat 463 +#endif +#ifndef __NR_getxattrat +#define __NR_getxattrat 464 +#endif +#ifndef __NR_listxattrat +#define __NR_listxattrat 465 +#endif +#ifndef __NR_removexattrat +#define __NR_removexattrat 466 +#endif diff --git a/driver/syscall_ia32_64_map.c b/driver/syscall_ia32_64_map.c index f5a6271b9f..45abd73cf7 100644 --- a/driver/syscall_ia32_64_map.c +++ b/driver/syscall_ia32_64_map.c @@ -454,4 +454,8 @@ const int g_ia32_64_map[SYSCALL_TABLE_SIZE] = { [460] = 460, [461] = 461, [462] = 462, + [463] = 463, + [464] = 464, + [465] = 465, + [466] = 466, }; diff --git a/driver/syscall_table.c b/driver/syscall_table.c index eca30337ad..d7bdefd168 100644 --- a/driver/syscall_table.c +++ b/driver/syscall_table.c @@ -1018,4 +1018,16 @@ const struct syscall_evt_pair g_syscall_table[SYSCALL_TABLE_SIZE] = { #ifdef __NR_uretprobe [__NR_uretprobe - SYSCALL_TABLE_ID0] = {.ppm_sc = PPM_SC_URETPROBE}, #endif +#ifdef __NR_removexattrat + [__NR_removexattrat - SYSCALL_TABLE_ID0] = {.ppm_sc = PPM_SC_REMOVEXATTRAT}, +#endif +#ifdef __NR_listxattrat + [__NR_listxattrat - SYSCALL_TABLE_ID0] = {.ppm_sc = PPM_SC_LISTXATTRAT}, +#endif +#ifdef __NR_getxattrat + [__NR_getxattrat - SYSCALL_TABLE_ID0] = {.ppm_sc = PPM_SC_GETXATTRAT}, +#endif +#ifdef __NR_setxattrat + [__NR_setxattrat - SYSCALL_TABLE_ID0] = {.ppm_sc = PPM_SC_SETXATTRAT}, +#endif }; diff --git a/userspace/libscap/linux/scap_ppm_sc.c b/userspace/libscap/linux/scap_ppm_sc.c index 62f00cbba9..8d74e40647 100644 --- a/userspace/libscap/linux/scap_ppm_sc.c +++ b/userspace/libscap/linux/scap_ppm_sc.c @@ -295,6 +295,10 @@ static const ppm_sc_code *g_events_to_sc_map[] = { PPM_SC_LSM_LIST_MODULES, PPM_SC_MSEAL, PPM_SC_URETPROBE, + PPM_SC_REMOVEXATTRAT, + PPM_SC_LISTXATTRAT, + PPM_SC_GETXATTRAT, + PPM_SC_SETXATTRAT, -1}, [PPME_GENERIC_X] = (ppm_sc_code[]){PPM_SC_RESTART_SYSCALL, PPM_SC_EXIT, @@ -560,6 +564,10 @@ static const ppm_sc_code *g_events_to_sc_map[] = { PPM_SC_LSM_GET_SELF_ATTR, PPM_SC_MSEAL, PPM_SC_URETPROBE, + PPM_SC_LISTXATTRAT, + PPM_SC_GETXATTRAT, + PPM_SC_SETXATTRAT, + PPM_SC_REMOVEXATTRAT, -1}, [PPME_SYSCALL_OPEN_E] = (ppm_sc_code[]){PPM_SC_OPEN, -1}, [PPME_SYSCALL_OPEN_X] = (ppm_sc_code[]){PPM_SC_OPEN, -1},