libsandbox: use PTRACE_GET_SYSCALL_INFO when available

This is a generic interface for all arches, but it only supports
reading settings currently.  We can at least detect failures which
is better than nothing.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>

3 files changed, 27 insertions, 0 deletions

diff --git a/configure.ac b/configure.ac
index f43923c..254104d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -165,6 +165,7 @@ AC_CHECK_TYPES([sighandler_t, sig_t, __sighandler_t],,,[#include <signal.h>])
 
 save_CPPFLAGS=$CPPFLAGS
 CPPFLAGS="-I$srcdir $CPPFLAGS"
+AC_CHECK_TYPES([struct ptrace_syscall_info],,,[#include "headers.h"])
 AC_CHECK_TYPES([struct user_regs_struct, struct pt_regs],,,[#include "headers.h"])
 AC_CHECK_SIZEOF([struct user_regs_struct],,[#include "headers.h"])
 AC_CHECK_SIZEOF([struct pt_regs],,[#include "headers.h"])
diff --git a/libsandbox/trace/linux/arch.c b/libsandbox/trace/linux/arch.c
index 4b3d615..fd2d0de 100644
--- a/libsandbox/trace/linux/arch.c
+++ b/libsandbox/trace/linux/arch.c
@@ -27,6 +27,8 @@
 # include "sparc.c"
 #elif defined(__x86_64__)
 # include "x86_64.c"
+#elif defined(HAVE_STRUCT_PTRACE_SYSCALL_INFO)
+# include "syscall_info.c"
 #else
 # define SB_NO_TRACE_ARCH
 #endif
diff --git a/libsandbox/trace/linux/syscall_info.c b/libsandbox/trace/linux/syscall_info.c
new file mode 100644
index 0000000..23cd509
--- /dev/null
+++ b/libsandbox/trace/linux/syscall_info.c
@@ -0,0 +1,24 @@
+#undef trace_regs
+#define trace_regs struct ptrace_syscall_info
+
+#define trace_reg_sysnum entry.nr
+#define trace_reg_ret exit.rval
+
+#undef trace_get_regs
+#define trace_get_regs(regs) do_ptrace(PTRACE_GET_SYSCALL_INFO, (void *)(uintptr_t)sizeof(trace_regs), regs)
+
+static unsigned long trace_arg(void *vregs, int num)
+{
+	trace_regs *regs = vregs;
+	if (num < 7)
+		return regs->entry.args[num - 1];
+	else
+		return -1;
+}
+
+#undef trace_set_regs
+static long trace_set_regs(void *vregs)
+{
+	sb_ewarn("sandbox: Unable to block violation\n");
+	return 0;
+}