siginfo: add signal info for seccomp related SIGSYS

Message ID	20150517204857.GA2615@makrotopia.org
State	Accepted
Commit	274f3c84562cbba1d99bab2d085d22d8aa401a4e
Headers	show Return-Path: <uclibc-bounces@uclibc.org> Date: Sun, 17 May 2015 22:49:23 +0200 From: Daniel Golle <daniel@makrotopia.org> To: uclibc@uclibc.org Subject: [PATCH] siginfo: add signal info for seccomp related SIGSYS Message-ID: <20150517204857.GA2615@makrotopia.org> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: uclibc-bounces@uclibc.org Sender: "uClibc" <uclibc-bounces@uclibc.org>

Message ID

20150517204857.GA2615@makrotopia.org

State

Accepted

Commit

274f3c84562cbba1d99bab2d085d22d8aa401a4e

Headers

Date: Sun, 17 May 2015 22:49:23 +0200
From: Daniel Golle <daniel@makrotopia.org>
To: uclibc@uclibc.org
Subject: [PATCH] siginfo: add signal info for seccomp related SIGSYS
Message-ID: <20150517204857.GA2615@makrotopia.org>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.5.23 (2014-03-12)
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: uclibc-bounces@uclibc.org
Sender: "uClibc" <uclibc-bounces@uclibc.org>

Commit Message

Daniel Golle May 17, 2015, 8:49 p.m. UTC

uClibc doesn't define signal info for the SIGSYS signal which is issued
in case of hitting a syscall prohibited by seccomp.
This is sad as it makes debugging seccomp filter policies impossible on
some architectures (at least ARM and PowerPC, maybe also others) which
do not coincidentally set si_value.sival_int as the syscall number.

To fix this, import the definitions and macros needed from glibc.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
Patch was also submitted to openwrt-devel, see
http://patchwork.ozlabs.org/patch/473215/
---
 libc/sysdeps/linux/alpha/bits/siginfo.h  | 11 +++++++++++
 libc/sysdeps/linux/common/bits/siginfo.h | 11 +++++++++++
 libc/sysdeps/linux/ia64/bits/siginfo.h   | 11 +++++++++++
 libc/sysdeps/linux/mips/bits/siginfo.h   | 11 +++++++++++
 libc/sysdeps/linux/sparc/bits/siginfo.h  | 11 +++++++++++
 5 files changed, 55 insertions(+)

Comments

Bernhard Reutner-Fischer May 26, 2015, 8:28 p.m. UTC | #1

On Sun, May 17, 2015 at 10:49:23PM +0200, Daniel Golle wrote:
> uClibc doesn't define signal info for the SIGSYS signal which is issued
> in case of hitting a syscall prohibited by seccomp.
> This is sad as it makes debugging seccomp filter policies impossible on
> some architectures (at least ARM and PowerPC, maybe also others) which
> do not coincidentally set si_value.sival_int as the syscall number.
> 
> To fix this, import the definitions and macros needed from glibc.

Applied, thanks!

diff --git a/libc/sysdeps/linux/alpha/bits/siginfo.h b/libc/sysdeps/linux/alpha/bits/siginfo.h
index 0a37ad0..7e476aa 100644
--- a/libc/sysdeps/linux/alpha/bits/siginfo.h
+++ b/libc/sysdeps/linux/alpha/bits/siginfo.h
@@ -97,6 +97,14 @@  typedef struct siginfo
 	    int si_band;	/* Band event for SIGPOLL.  */
 	    int si_fd;
 	  } _sigpoll;
+
+	/* SIGSYS.  */
+	struct
+	  {
+	    void *_call_addr;   /* Calling user insn.  */
+	    int _syscall;       /* Triggering system call number.  */
+	    unsigned int _arch; /* AUDIT_ARCH_* of syscall.  */
+	  } _sigsys;
       } _sifields;
   } siginfo_t;
 
@@ -115,6 +123,9 @@  typedef struct siginfo
 # define si_addr	_sifields._sigfault.si_addr
 # define si_band	_sifields._sigpoll.si_band
 # define si_fd		_sifields._sigpoll.si_fd
+# define si_call_addr	_sifields._sigsys._call_addr
+# define si_syscall	_sifields._sigsys._syscall
+# define si_arch	_sifields._sigsys._arch
 
 
 /* Values for `si_code'.  Positive values are reserved for kernel-generated
diff --git a/libc/sysdeps/linux/common/bits/siginfo.h b/libc/sysdeps/linux/common/bits/siginfo.h
index c26e066..724f756 100644
--- a/libc/sysdeps/linux/common/bits/siginfo.h
+++ b/libc/sysdeps/linux/common/bits/siginfo.h
@@ -103,6 +103,14 @@  typedef struct siginfo
 	    long int si_band;	/* Band event for SIGPOLL.  */
 	    int si_fd;
 	  } _sigpoll;
+
+	/* SIGSYS.  */
+	struct
+	  {
+	    void *_call_addr;   /* Calling user insn.  */
+	    int _syscall;       /* Triggering system call number.  */
+	    unsigned int _arch; /* AUDIT_ARCH_* of syscall.  */
+	  } _sigsys;
       } _sifields;
   } siginfo_t;
 
@@ -121,6 +129,9 @@  typedef struct siginfo
 # define si_addr	_sifields._sigfault.si_addr
 # define si_band	_sifields._sigpoll.si_band
 # define si_fd		_sifields._sigpoll.si_fd
+# define si_call_addr	_sifields._sigsys._call_addr
+# define si_syscall	_sifields._sigsys._syscall
+# define si_arch	_sifields._sigsys._arch
 
 
 /* Values for `si_code'.  Positive values are reserved for kernel-generated
diff --git a/libc/sysdeps/linux/ia64/bits/siginfo.h b/libc/sysdeps/linux/ia64/bits/siginfo.h
index 3ac988b..df18b36 100644
--- a/libc/sysdeps/linux/ia64/bits/siginfo.h
+++ b/libc/sysdeps/linux/ia64/bits/siginfo.h
@@ -102,6 +102,14 @@  typedef struct siginfo
 	    long int si_band;	/* Band event for SIGPOLL.  */
 	    int si_fd;
 	  } _sigpoll;
+
+	/* SIGSYS.  */
+	struct
+	  {
+	    void *_call_addr;   /* Calling user insn.  */
+	    int _syscall;       /* Triggering system call number.  */
+	    unsigned int _arch; /* AUDIT_ARCH_* of syscall.  */
+	  } _sigsys;
       } _sifields;
   } siginfo_t;
 
@@ -120,6 +128,9 @@  typedef struct siginfo
 # define si_addr	_sifields._sigfault.si_addr
 # define si_band	_sifields._sigpoll.si_band
 # define si_fd		_sifields._sigpoll.si_fd
+# define si_call_addr	_sifields._sigsys._call_addr
+# define si_syscall	_sifields._sigsys._syscall
+# define si_arch	_sifields._sigsys._arch
 
 # ifdef __USE_GNU
 #  define si_imm	_sifields._sigfault._si_imm
diff --git a/libc/sysdeps/linux/mips/bits/siginfo.h b/libc/sysdeps/linux/mips/bits/siginfo.h
index 5199d4d..b204301 100644
--- a/libc/sysdeps/linux/mips/bits/siginfo.h
+++ b/libc/sysdeps/linux/mips/bits/siginfo.h
@@ -108,6 +108,14 @@  typedef struct siginfo
 	    long int si_band;	/* Band event for SIGPOLL.  */
 	    int si_fd;
 	  } _sigpoll;
+
+	/* SIGSYS.  */
+	struct
+	  {
+	    void *_call_addr;   /* Calling user insn.  */
+	    int _syscall;       /* Triggering system call number.  */
+	    unsigned int _arch; /* AUDIT_ARCH_* of syscall.  */
+	  } _sigsys;
       } _sifields;
   } siginfo_t;
 
@@ -127,6 +135,9 @@  typedef struct siginfo
 # define si_addr_lsb	_sifields._sigfault.si_addr_lsb
 # define si_band	_sifields._sigpoll.si_band
 # define si_fd		_sifields._sigpoll.si_fd
+# define si_call_addr	_sifields._sigsys._call_addr
+# define si_syscall	_sifields._sigsys._syscall
+# define si_arch	_sifields._sigsys._arch
 
 
 /* Values for `si_code'.  Positive values are reserved for kernel-generated
diff --git a/libc/sysdeps/linux/sparc/bits/siginfo.h b/libc/sysdeps/linux/sparc/bits/siginfo.h
index 3ffeb6d..da1c838 100644
--- a/libc/sysdeps/linux/sparc/bits/siginfo.h
+++ b/libc/sysdeps/linux/sparc/bits/siginfo.h
@@ -104,6 +104,14 @@  typedef struct siginfo
 	    int si_band;	/* Band event for SIGPOLL.  */
 	    int si_fd;
 	  } _sigpoll;
+
+	/* SIGSYS.  */
+	struct
+	  {
+	    void *_call_addr;   /* Calling user insn.  */
+	    int _syscall;       /* Triggering system call number.  */
+	    unsigned int _arch; /* AUDIT_ARCH_* of syscall.  */
+	  } _sigsys;
       } _sifields;
   } siginfo_t;
 
@@ -123,6 +131,9 @@  typedef struct siginfo
 # define si_trapno	_sifields._sigfault.si_trapno
 # define si_band	_sifields._sigpoll.si_band
 # define si_fd		_sifields._sigpoll.si_fd
+# define si_call_addr	_sifields._sigsys._call_addr
+# define si_syscall	_sifields._sigsys._syscall
+# define si_arch	_sifields._sigsys._arch
 
 
 /* Values for `si_code'.  Positive values are reserved for kernel-generated