From 1a7e842379ed959e10938dddba2c8f8b8cdd8eb5 Mon Sep 17 00:00:00 2001 From: Xeonacid Date: Wed, 28 Jun 2023 19:26:47 +0800 Subject: [PATCH 1/3] feat(driver-kmod): Add RISC-V kernel module support Signed-off-by: Xeonacid --- README.md | 3 +- driver/CMakeLists.txt | 4 +- driver/feature_gates.h | 6 +- driver/ppm.h | 2 + driver/syscall_compat_riscv64.h | 919 ++++++++++++++++++ driver/syscall_table64.c | 2 + .../sched_process_fork.cpp | 2 +- .../syscall_enter_suite/clone_e.cpp | 2 +- .../syscall_exit_suite/clone_x.cpp | 6 +- .../syscall_exit_suite/execveat_x.cpp | 4 +- 10 files changed, 938 insertions(+), 12 deletions(-) create mode 100644 driver/syscall_compat_riscv64.h diff --git a/README.md b/README.md index d17c75d33e..a228e8a9bf 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ [![Falco Core Repository](https://github.com/falcosecurity/evolution/blob/main/repos/badges/falco-core-blue.svg)](https://github.com/falcosecurity/evolution/blob/main/REPOSITORIES.md#core-scope) [![Stable](https://img.shields.io/badge/status-stable-brightgreen?style=for-the-badge)](https://github.com/falcosecurity/evolution/blob/main/REPOSITORIES.md#stable) [![License](https://img.shields.io/github/license/falcosecurity/libs?style=for-the-badge)](./COPYING) [![CI Build](https://github.com/falcosecurity/libs/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/falcosecurity/libs/actions/workflows/ci.yml) -[![Architectures](https://img.shields.io/badge/ARCHS-x86__64%7Caarch64%7Cs390x-blueviolet)](#drivers-officially-supported-architectures) +[![Architectures](https://img.shields.io/badge/ARCHS-x86__64%7Caarch64%7Cs390x%7Criscv64-blueviolet)](#drivers-officially-supported-architectures) [![Drivers](https://img.shields.io/endpoint?url=https://gist.githubusercontent.com/FedeDP/1cbc5d42edf8e3a02fb75e76625f1072/raw/kernel.json)](https://github.com/falcosecurity/libs/actions/workflows/latest-kernel.yml) [![Github Pages](https://github.com/falcosecurity/libs/actions/workflows/pages.yml/badge.svg)](https://falcosecurity.github.io/libs/) @@ -50,6 +50,7 @@ Our drivers officially support the following architectures: | **x86_64** | >= 2.6 | >= 4.14 | >= 5.8 | _STABLE_ | | **aarch64** | >= [3.16](https://github.com/torvalds/linux/commit/055b1212d141f1f398fca548f8147787c0b6253f) | >= 4.17 | >= 5.8 | _STABLE_ | | **s390x** | >= 2.6 | >= [5.5](https://github.com/torvalds/linux/commit/6ae08ae3dea) | >= 5.8 | _EXPERIMENTAL_ | +| **riscv64** | >= [5.0](https://github.com/torvalds/linux/commit/5aeb1b36cedd3a1dfdbfe368629fed52dee34103) | N/A | N/A | _EXPERIMENTAL_ | To access up-to-date status reports on Falco drivers kernel testing, please visit this [page](https://falcosecurity.github.io/libs/). It provides a list of supported syscalls as well as the [report](https://falcosecurity.github.io/libs/report/). diff --git a/driver/CMakeLists.txt b/driver/CMakeLists.txt index 1f947e0ba6..74cb4b4bc2 100644 --- a/driver/CMakeLists.txt +++ b/driver/CMakeLists.txt @@ -12,7 +12,8 @@ project(driver) set(TARGET_ARCH ${CMAKE_HOST_SYSTEM_PROCESSOR}) if((NOT TARGET_ARCH STREQUAL "x86_64") AND (NOT TARGET_ARCH STREQUAL "aarch64") AND - (NOT TARGET_ARCH STREQUAL "s390x")) + (NOT TARGET_ARCH STREQUAL "s390x") AND + (NOT TARGET_ARCH STREQUAL "riscv64")) message(WARNING "Target architecture not officially supported by our drivers!") else() # Load current kernel version @@ -24,6 +25,7 @@ else() set(kmod_min_kver_map_x86_64 2.6) set(kmod_min_kver_map_aarch64 3.16) set(kmod_min_kver_map_s390x 2.6) + set(kmod_min_kver_map_riscv64 5.0) if (LINUX_KERNEL_VERSION VERSION_LESS ${kmod_min_kver_map_${TARGET_ARCH}}) message(WARNING "[KMOD] To run this driver you need a Linux kernel version >= ${kmod_min_kver_map_${TARGET_ARCH}} but actual kernel version is: ${UNAME_RESULT}") endif() diff --git a/driver/feature_gates.h b/driver/feature_gates.h index e6d074523a..66dd22365e 100644 --- a/driver/feature_gates.h +++ b/driver/feature_gates.h @@ -61,7 +61,7 @@ or GPL2.txt for full copies of the license. * been introduced in the following kernel release: * https://github.com/torvalds/linux/commit/0a16b6075843325dc402edf80c1662838b929aff */ -#if defined(CONFIG_ARM64) || defined(CONFIG_S390) +#if defined(CONFIG_ARM64) || defined(CONFIG_S390) || defined(CONFIG_RISCV) #define CAPTURE_SCHED_PROC_FORK #endif @@ -156,7 +156,7 @@ or GPL2.txt for full copies of the license. // CAPTURE_SCHED_PROC_FORK /////////////////////////////// -#if defined(__TARGET_ARCH_arm64) || defined(__TARGET_ARCH_s390) +#if defined(__TARGET_ARCH_arm64) || defined(__TARGET_ARCH_s390) || defined(__TARGET_ARCH_riscv) #define CAPTURE_SCHED_PROC_FORK #endif @@ -207,7 +207,7 @@ or GPL2.txt for full copies of the license. // CAPTURE_SCHED_PROC_FORK /////////////////////////////// -#if defined(__aarch64__) || defined(__s390x__) +#if defined(__aarch64__) || defined(__s390x__) || defined(__riscv) #define CAPTURE_SCHED_PROC_FORK #endif diff --git a/driver/ppm.h b/driver/ppm.h index ba43ba4be8..b74629bff9 100644 --- a/driver/ppm.h +++ b/driver/ppm.h @@ -89,6 +89,8 @@ long ppm_strncpy_from_user(char *to, const char __user *from, unsigned long n); #define SYSCALL_TABLE_ID0 0 #elif defined CONFIG_ARM64 #define SYSCALL_TABLE_ID0 0 +#elif defined CONFIG_RISCV + #define SYSCALL_TABLE_ID0 0 #endif extern const struct syscall_evt_pair g_syscall_table[]; diff --git a/driver/syscall_compat_riscv64.h b/driver/syscall_compat_riscv64.h new file mode 100644 index 0000000000..4242638919 --- /dev/null +++ b/driver/syscall_compat_riscv64.h @@ -0,0 +1,919 @@ +#pragma once +#ifndef __NR_io_setup +#define __NR_io_setup 0 +#endif +#ifndef __NR_io_destroy +#define __NR_io_destroy 1 +#endif +#ifndef __NR_io_submit +#define __NR_io_submit 2 +#endif +#ifndef __NR_io_cancel +#define __NR_io_cancel 3 +#endif +#ifndef __NR_io_getevents +#define __NR_io_getevents 4 +#endif +#ifndef __NR_setxattr +#define __NR_setxattr 5 +#endif +#ifndef __NR_lsetxattr +#define __NR_lsetxattr 6 +#endif +#ifndef __NR_fsetxattr +#define __NR_fsetxattr 7 +#endif +#ifndef __NR_getxattr +#define __NR_getxattr 8 +#endif +#ifndef __NR_lgetxattr +#define __NR_lgetxattr 9 +#endif +#ifndef __NR_fgetxattr +#define __NR_fgetxattr 10 +#endif +#ifndef __NR_listxattr +#define __NR_listxattr 11 +#endif +#ifndef __NR_llistxattr +#define __NR_llistxattr 12 +#endif +#ifndef __NR_flistxattr +#define __NR_flistxattr 13 +#endif +#ifndef __NR_removexattr +#define __NR_removexattr 14 +#endif +#ifndef __NR_lremovexattr +#define __NR_lremovexattr 15 +#endif +#ifndef __NR_fremovexattr +#define __NR_fremovexattr 16 +#endif +#ifndef __NR_getcwd +#define __NR_getcwd 17 +#endif +#ifndef __NR_lookup_dcookie +#define __NR_lookup_dcookie 18 +#endif +#ifndef __NR_eventfd2 +#define __NR_eventfd2 19 +#endif +#ifndef __NR_epoll_create1 +#define __NR_epoll_create1 20 +#endif +#ifndef __NR_epoll_ctl +#define __NR_epoll_ctl 21 +#endif +#ifndef __NR_epoll_pwait +#define __NR_epoll_pwait 22 +#endif +#ifndef __NR_dup +#define __NR_dup 23 +#endif +#ifndef __NR_dup3 +#define __NR_dup3 24 +#endif +#ifndef __NR_fcntl +#define __NR_fcntl 25 +#endif +#ifndef __NR_inotify_init1 +#define __NR_inotify_init1 26 +#endif +#ifndef __NR_inotify_add_watch +#define __NR_inotify_add_watch 27 +#endif +#ifndef __NR_inotify_rm_watch +#define __NR_inotify_rm_watch 28 +#endif +#ifndef __NR_ioctl +#define __NR_ioctl 29 +#endif +#ifndef __NR_ioprio_set +#define __NR_ioprio_set 30 +#endif +#ifndef __NR_ioprio_get +#define __NR_ioprio_get 31 +#endif +#ifndef __NR_flock +#define __NR_flock 32 +#endif +#ifndef __NR_mknodat +#define __NR_mknodat 33 +#endif +#ifndef __NR_mkdirat +#define __NR_mkdirat 34 +#endif +#ifndef __NR_unlinkat +#define __NR_unlinkat 35 +#endif +#ifndef __NR_symlinkat +#define __NR_symlinkat 36 +#endif +#ifndef __NR_linkat +#define __NR_linkat 37 +#endif +#ifndef __NR_umount2 +#define __NR_umount2 39 +#endif +#ifndef __NR_mount +#define __NR_mount 40 +#endif +#ifndef __NR_pivot_root +#define __NR_pivot_root 41 +#endif +#ifndef __NR_nfsservctl +#define __NR_nfsservctl 42 +#endif +#ifndef __NR_statfs +#define __NR_statfs 43 +#endif +#ifndef __NR_fstatfs +#define __NR_fstatfs 44 +#endif +#ifndef __NR_truncate +#define __NR_truncate 45 +#endif +#ifndef __NR_ftruncate +#define __NR_ftruncate 46 +#endif +#ifndef __NR_fallocate +#define __NR_fallocate 47 +#endif +#ifndef __NR_faccessat +#define __NR_faccessat 48 +#endif +#ifndef __NR_chdir +#define __NR_chdir 49 +#endif +#ifndef __NR_fchdir +#define __NR_fchdir 50 +#endif +#ifndef __NR_chroot +#define __NR_chroot 51 +#endif +#ifndef __NR_fchmod +#define __NR_fchmod 52 +#endif +#ifndef __NR_fchmodat +#define __NR_fchmodat 53 +#endif +#ifndef __NR_fchownat +#define __NR_fchownat 54 +#endif +#ifndef __NR_fchown +#define __NR_fchown 55 +#endif +#ifndef __NR_openat +#define __NR_openat 56 +#endif +#ifndef __NR_close +#define __NR_close 57 +#endif +#ifndef __NR_vhangup +#define __NR_vhangup 58 +#endif +#ifndef __NR_pipe2 +#define __NR_pipe2 59 +#endif +#ifndef __NR_quotactl +#define __NR_quotactl 60 +#endif +#ifndef __NR_getdents64 +#define __NR_getdents64 61 +#endif +#ifndef __NR_lseek +#define __NR_lseek 62 +#endif +#ifndef __NR_read +#define __NR_read 63 +#endif +#ifndef __NR_write +#define __NR_write 64 +#endif +#ifndef __NR_readv +#define __NR_readv 65 +#endif +#ifndef __NR_writev +#define __NR_writev 66 +#endif +#ifndef __NR_pread64 +#define __NR_pread64 67 +#endif +#ifndef __NR_pwrite64 +#define __NR_pwrite64 68 +#endif +#ifndef __NR_preadv +#define __NR_preadv 69 +#endif +#ifndef __NR_pwritev +#define __NR_pwritev 70 +#endif +#ifndef __NR_sendfile +#define __NR_sendfile 71 +#endif +#ifndef __NR_pselect6 +#define __NR_pselect6 72 +#endif +#ifndef __NR_ppoll +#define __NR_ppoll 73 +#endif +#ifndef __NR_signalfd4 +#define __NR_signalfd4 74 +#endif +#ifndef __NR_vmsplice +#define __NR_vmsplice 75 +#endif +#ifndef __NR_splice +#define __NR_splice 76 +#endif +#ifndef __NR_tee +#define __NR_tee 77 +#endif +#ifndef __NR_readlinkat +#define __NR_readlinkat 78 +#endif +#ifndef __NR_newfstatat +#define __NR_newfstatat 79 +#endif +#ifndef __NR_fstat +#define __NR_fstat 80 +#endif +#ifndef __NR_sync +#define __NR_sync 81 +#endif +#ifndef __NR_fsync +#define __NR_fsync 82 +#endif +#ifndef __NR_fdatasync +#define __NR_fdatasync 83 +#endif +#ifndef __NR_sync_file_range +#define __NR_sync_file_range 84 +#endif +#ifndef __NR_timerfd_create +#define __NR_timerfd_create 85 +#endif +#ifndef __NR_timerfd_settime +#define __NR_timerfd_settime 86 +#endif +#ifndef __NR_timerfd_gettime +#define __NR_timerfd_gettime 87 +#endif +#ifndef __NR_utimensat +#define __NR_utimensat 88 +#endif +#ifndef __NR_acct +#define __NR_acct 89 +#endif +#ifndef __NR_capget +#define __NR_capget 90 +#endif +#ifndef __NR_capset +#define __NR_capset 91 +#endif +#ifndef __NR_personality +#define __NR_personality 92 +#endif +#ifndef __NR_exit +#define __NR_exit 93 +#endif +#ifndef __NR_exit_group +#define __NR_exit_group 94 +#endif +#ifndef __NR_waitid +#define __NR_waitid 95 +#endif +#ifndef __NR_set_tid_address +#define __NR_set_tid_address 96 +#endif +#ifndef __NR_unshare +#define __NR_unshare 97 +#endif +#ifndef __NR_futex +#define __NR_futex 98 +#endif +#ifndef __NR_set_robust_list +#define __NR_set_robust_list 99 +#endif +#ifndef __NR_get_robust_list +#define __NR_get_robust_list 100 +#endif +#ifndef __NR_nanosleep +#define __NR_nanosleep 101 +#endif +#ifndef __NR_getitimer +#define __NR_getitimer 102 +#endif +#ifndef __NR_setitimer +#define __NR_setitimer 103 +#endif +#ifndef __NR_kexec_load +#define __NR_kexec_load 104 +#endif +#ifndef __NR_init_module +#define __NR_init_module 105 +#endif +#ifndef __NR_delete_module +#define __NR_delete_module 106 +#endif +#ifndef __NR_timer_create +#define __NR_timer_create 107 +#endif +#ifndef __NR_timer_gettime +#define __NR_timer_gettime 108 +#endif +#ifndef __NR_timer_getoverrun +#define __NR_timer_getoverrun 109 +#endif +#ifndef __NR_timer_settime +#define __NR_timer_settime 110 +#endif +#ifndef __NR_timer_delete +#define __NR_timer_delete 111 +#endif +#ifndef __NR_clock_settime +#define __NR_clock_settime 112 +#endif +#ifndef __NR_clock_gettime +#define __NR_clock_gettime 113 +#endif +#ifndef __NR_clock_getres +#define __NR_clock_getres 114 +#endif +#ifndef __NR_clock_nanosleep +#define __NR_clock_nanosleep 115 +#endif +#ifndef __NR_syslog +#define __NR_syslog 116 +#endif +#ifndef __NR_ptrace +#define __NR_ptrace 117 +#endif +#ifndef __NR_sched_setparam +#define __NR_sched_setparam 118 +#endif +#ifndef __NR_sched_setscheduler +#define __NR_sched_setscheduler 119 +#endif +#ifndef __NR_sched_getscheduler +#define __NR_sched_getscheduler 120 +#endif +#ifndef __NR_sched_getparam +#define __NR_sched_getparam 121 +#endif +#ifndef __NR_sched_setaffinity +#define __NR_sched_setaffinity 122 +#endif +#ifndef __NR_sched_getaffinity +#define __NR_sched_getaffinity 123 +#endif +#ifndef __NR_sched_yield +#define __NR_sched_yield 124 +#endif +#ifndef __NR_sched_get_priority_max +#define __NR_sched_get_priority_max 125 +#endif +#ifndef __NR_sched_get_priority_min +#define __NR_sched_get_priority_min 126 +#endif +#ifndef __NR_sched_rr_get_interval +#define __NR_sched_rr_get_interval 127 +#endif +#ifndef __NR_restart_syscall +#define __NR_restart_syscall 128 +#endif +#ifndef __NR_kill +#define __NR_kill 129 +#endif +#ifndef __NR_tkill +#define __NR_tkill 130 +#endif +#ifndef __NR_tgkill +#define __NR_tgkill 131 +#endif +#ifndef __NR_sigaltstack +#define __NR_sigaltstack 132 +#endif +#ifndef __NR_rt_sigsuspend +#define __NR_rt_sigsuspend 133 +#endif +#ifndef __NR_rt_sigaction +#define __NR_rt_sigaction 134 +#endif +#ifndef __NR_rt_sigprocmask +#define __NR_rt_sigprocmask 135 +#endif +#ifndef __NR_rt_sigpending +#define __NR_rt_sigpending 136 +#endif +#ifndef __NR_rt_sigtimedwait +#define __NR_rt_sigtimedwait 137 +#endif +#ifndef __NR_rt_sigqueueinfo +#define __NR_rt_sigqueueinfo 138 +#endif +#ifndef __NR_rt_sigreturn +#define __NR_rt_sigreturn 139 +#endif +#ifndef __NR_setpriority +#define __NR_setpriority 140 +#endif +#ifndef __NR_getpriority +#define __NR_getpriority 141 +#endif +#ifndef __NR_reboot +#define __NR_reboot 142 +#endif +#ifndef __NR_setregid +#define __NR_setregid 143 +#endif +#ifndef __NR_setgid +#define __NR_setgid 144 +#endif +#ifndef __NR_setreuid +#define __NR_setreuid 145 +#endif +#ifndef __NR_setuid +#define __NR_setuid 146 +#endif +#ifndef __NR_setresuid +#define __NR_setresuid 147 +#endif +#ifndef __NR_getresuid +#define __NR_getresuid 148 +#endif +#ifndef __NR_setresgid +#define __NR_setresgid 149 +#endif +#ifndef __NR_getresgid +#define __NR_getresgid 150 +#endif +#ifndef __NR_setfsuid +#define __NR_setfsuid 151 +#endif +#ifndef __NR_setfsgid +#define __NR_setfsgid 152 +#endif +#ifndef __NR_times +#define __NR_times 153 +#endif +#ifndef __NR_setpgid +#define __NR_setpgid 154 +#endif +#ifndef __NR_getpgid +#define __NR_getpgid 155 +#endif +#ifndef __NR_getsid +#define __NR_getsid 156 +#endif +#ifndef __NR_setsid +#define __NR_setsid 157 +#endif +#ifndef __NR_getgroups +#define __NR_getgroups 158 +#endif +#ifndef __NR_setgroups +#define __NR_setgroups 159 +#endif +#ifndef __NR_uname +#define __NR_uname 160 +#endif +#ifndef __NR_sethostname +#define __NR_sethostname 161 +#endif +#ifndef __NR_setdomainname +#define __NR_setdomainname 162 +#endif +#ifndef __NR_getrlimit +#define __NR_getrlimit 163 +#endif +#ifndef __NR_setrlimit +#define __NR_setrlimit 164 +#endif +#ifndef __NR_getrusage +#define __NR_getrusage 165 +#endif +#ifndef __NR_umask +#define __NR_umask 166 +#endif +#ifndef __NR_prctl +#define __NR_prctl 167 +#endif +#ifndef __NR_getcpu +#define __NR_getcpu 168 +#endif +#ifndef __NR_gettimeofday +#define __NR_gettimeofday 169 +#endif +#ifndef __NR_settimeofday +#define __NR_settimeofday 170 +#endif +#ifndef __NR_adjtimex +#define __NR_adjtimex 171 +#endif +#ifndef __NR_getpid +#define __NR_getpid 172 +#endif +#ifndef __NR_getppid +#define __NR_getppid 173 +#endif +#ifndef __NR_getuid +#define __NR_getuid 174 +#endif +#ifndef __NR_geteuid +#define __NR_geteuid 175 +#endif +#ifndef __NR_getgid +#define __NR_getgid 176 +#endif +#ifndef __NR_getegid +#define __NR_getegid 177 +#endif +#ifndef __NR_gettid +#define __NR_gettid 178 +#endif +#ifndef __NR_sysinfo +#define __NR_sysinfo 179 +#endif +#ifndef __NR_mq_open +#define __NR_mq_open 180 +#endif +#ifndef __NR_mq_unlink +#define __NR_mq_unlink 181 +#endif +#ifndef __NR_mq_timedsend +#define __NR_mq_timedsend 182 +#endif +#ifndef __NR_mq_timedreceive +#define __NR_mq_timedreceive 183 +#endif +#ifndef __NR_mq_notify +#define __NR_mq_notify 184 +#endif +#ifndef __NR_mq_getsetattr +#define __NR_mq_getsetattr 185 +#endif +#ifndef __NR_msgget +#define __NR_msgget 186 +#endif +#ifndef __NR_msgctl +#define __NR_msgctl 187 +#endif +#ifndef __NR_msgrcv +#define __NR_msgrcv 188 +#endif +#ifndef __NR_msgsnd +#define __NR_msgsnd 189 +#endif +#ifndef __NR_semget +#define __NR_semget 190 +#endif +#ifndef __NR_semctl +#define __NR_semctl 191 +#endif +#ifndef __NR_semtimedop +#define __NR_semtimedop 192 +#endif +#ifndef __NR_semop +#define __NR_semop 193 +#endif +#ifndef __NR_shmget +#define __NR_shmget 194 +#endif +#ifndef __NR_shmctl +#define __NR_shmctl 195 +#endif +#ifndef __NR_shmat +#define __NR_shmat 196 +#endif +#ifndef __NR_shmdt +#define __NR_shmdt 197 +#endif +#ifndef __NR_socket +#define __NR_socket 198 +#endif +#ifndef __NR_socketpair +#define __NR_socketpair 199 +#endif +#ifndef __NR_bind +#define __NR_bind 200 +#endif +#ifndef __NR_listen +#define __NR_listen 201 +#endif +#ifndef __NR_accept +#define __NR_accept 202 +#endif +#ifndef __NR_connect +#define __NR_connect 203 +#endif +#ifndef __NR_getsockname +#define __NR_getsockname 204 +#endif +#ifndef __NR_getpeername +#define __NR_getpeername 205 +#endif +#ifndef __NR_sendto +#define __NR_sendto 206 +#endif +#ifndef __NR_recvfrom +#define __NR_recvfrom 207 +#endif +#ifndef __NR_setsockopt +#define __NR_setsockopt 208 +#endif +#ifndef __NR_getsockopt +#define __NR_getsockopt 209 +#endif +#ifndef __NR_shutdown +#define __NR_shutdown 210 +#endif +#ifndef __NR_sendmsg +#define __NR_sendmsg 211 +#endif +#ifndef __NR_recvmsg +#define __NR_recvmsg 212 +#endif +#ifndef __NR_readahead +#define __NR_readahead 213 +#endif +#ifndef __NR_brk +#define __NR_brk 214 +#endif +#ifndef __NR_munmap +#define __NR_munmap 215 +#endif +#ifndef __NR_mremap +#define __NR_mremap 216 +#endif +#ifndef __NR_add_key +#define __NR_add_key 217 +#endif +#ifndef __NR_request_key +#define __NR_request_key 218 +#endif +#ifndef __NR_keyctl +#define __NR_keyctl 219 +#endif +#ifndef __NR_clone +#define __NR_clone 220 +#endif +#ifndef __NR_execve +#define __NR_execve 221 +#endif +#ifndef __NR_mmap +#define __NR_mmap 222 +#endif +#ifndef __NR_fadvise64 +#define __NR_fadvise64 223 +#endif +#ifndef __NR_swapon +#define __NR_swapon 224 +#endif +#ifndef __NR_swapoff +#define __NR_swapoff 225 +#endif +#ifndef __NR_mprotect +#define __NR_mprotect 226 +#endif +#ifndef __NR_msync +#define __NR_msync 227 +#endif +#ifndef __NR_mlock +#define __NR_mlock 228 +#endif +#ifndef __NR_munlock +#define __NR_munlock 229 +#endif +#ifndef __NR_mlockall +#define __NR_mlockall 230 +#endif +#ifndef __NR_munlockall +#define __NR_munlockall 231 +#endif +#ifndef __NR_mincore +#define __NR_mincore 232 +#endif +#ifndef __NR_madvise +#define __NR_madvise 233 +#endif +#ifndef __NR_remap_file_pages +#define __NR_remap_file_pages 234 +#endif +#ifndef __NR_mbind +#define __NR_mbind 235 +#endif +#ifndef __NR_get_mempolicy +#define __NR_get_mempolicy 236 +#endif +#ifndef __NR_set_mempolicy +#define __NR_set_mempolicy 237 +#endif +#ifndef __NR_migrate_pages +#define __NR_migrate_pages 238 +#endif +#ifndef __NR_move_pages +#define __NR_move_pages 239 +#endif +#ifndef __NR_rt_tgsigqueueinfo +#define __NR_rt_tgsigqueueinfo 240 +#endif +#ifndef __NR_perf_event_open +#define __NR_perf_event_open 241 +#endif +#ifndef __NR_accept4 +#define __NR_accept4 242 +#endif +#ifndef __NR_recvmmsg +#define __NR_recvmmsg 243 +#endif +#ifndef __NR_riscv_flush_icache +#define __NR_riscv_flush_icache 259 +#endif +#ifndef __NR_wait4 +#define __NR_wait4 260 +#endif +#ifndef __NR_prlimit64 +#define __NR_prlimit64 261 +#endif +#ifndef __NR_fanotify_init +#define __NR_fanotify_init 262 +#endif +#ifndef __NR_fanotify_mark +#define __NR_fanotify_mark 263 +#endif +#ifndef __NR_name_to_handle_at +#define __NR_name_to_handle_at 264 +#endif +#ifndef __NR_open_by_handle_at +#define __NR_open_by_handle_at 265 +#endif +#ifndef __NR_clock_adjtime +#define __NR_clock_adjtime 266 +#endif +#ifndef __NR_syncfs +#define __NR_syncfs 267 +#endif +#ifndef __NR_setns +#define __NR_setns 268 +#endif +#ifndef __NR_sendmmsg +#define __NR_sendmmsg 269 +#endif +#ifndef __NR_process_vm_readv +#define __NR_process_vm_readv 270 +#endif +#ifndef __NR_process_vm_writev +#define __NR_process_vm_writev 271 +#endif +#ifndef __NR_kcmp +#define __NR_kcmp 272 +#endif +#ifndef __NR_finit_module +#define __NR_finit_module 273 +#endif +#ifndef __NR_sched_setattr +#define __NR_sched_setattr 274 +#endif +#ifndef __NR_sched_getattr +#define __NR_sched_getattr 275 +#endif +#ifndef __NR_renameat2 +#define __NR_renameat2 276 +#endif +#ifndef __NR_seccomp +#define __NR_seccomp 277 +#endif +#ifndef __NR_getrandom +#define __NR_getrandom 278 +#endif +#ifndef __NR_memfd_create +#define __NR_memfd_create 279 +#endif +#ifndef __NR_bpf +#define __NR_bpf 280 +#endif +#ifndef __NR_execveat +#define __NR_execveat 281 +#endif +#ifndef __NR_userfaultfd +#define __NR_userfaultfd 282 +#endif +#ifndef __NR_membarrier +#define __NR_membarrier 283 +#endif +#ifndef __NR_mlock2 +#define __NR_mlock2 284 +#endif +#ifndef __NR_copy_file_range +#define __NR_copy_file_range 285 +#endif +#ifndef __NR_preadv2 +#define __NR_preadv2 286 +#endif +#ifndef __NR_pwritev2 +#define __NR_pwritev2 287 +#endif +#ifndef __NR_pkey_mprotect +#define __NR_pkey_mprotect 288 +#endif +#ifndef __NR_pkey_alloc +#define __NR_pkey_alloc 289 +#endif +#ifndef __NR_pkey_free +#define __NR_pkey_free 290 +#endif +#ifndef __NR_statx +#define __NR_statx 291 +#endif +#ifndef __NR_io_pgetevents +#define __NR_io_pgetevents 292 +#endif +#ifndef __NR_rseq +#define __NR_rseq 293 +#endif +#ifndef __NR_kexec_file_load +#define __NR_kexec_file_load 294 +#endif +#ifndef __NR_pidfd_send_signal +#define __NR_pidfd_send_signal 424 +#endif +#ifndef __NR_io_uring_setup +#define __NR_io_uring_setup 425 +#endif +#ifndef __NR_io_uring_enter +#define __NR_io_uring_enter 426 +#endif +#ifndef __NR_io_uring_register +#define __NR_io_uring_register 427 +#endif +#ifndef __NR_open_tree +#define __NR_open_tree 428 +#endif +#ifndef __NR_move_mount +#define __NR_move_mount 429 +#endif +#ifndef __NR_fsopen +#define __NR_fsopen 430 +#endif +#ifndef __NR_fsconfig +#define __NR_fsconfig 431 +#endif +#ifndef __NR_fsmount +#define __NR_fsmount 432 +#endif +#ifndef __NR_fspick +#define __NR_fspick 433 +#endif +#ifndef __NR_pidfd_open +#define __NR_pidfd_open 434 +#endif +#ifndef __NR_clone3 +#define __NR_clone3 435 +#endif +#ifndef __NR_close_range +#define __NR_close_range 436 +#endif +#ifndef __NR_openat2 +#define __NR_openat2 437 +#endif +#ifndef __NR_pidfd_getfd +#define __NR_pidfd_getfd 438 +#endif +#ifndef __NR_faccessat2 +#define __NR_faccessat2 439 +#endif +#ifndef __NR_process_madvise +#define __NR_process_madvise 440 +#endif +#ifndef __NR_epoll_pwait2 +#define __NR_epoll_pwait2 441 +#endif +#ifndef __NR_mount_setattr +#define __NR_mount_setattr 442 +#endif +#ifndef __NR_quotactl_fd +#define __NR_quotactl_fd 443 +#endif +#ifndef __NR_landlock_create_ruleset +#define __NR_landlock_create_ruleset 444 +#endif +#ifndef __NR_landlock_add_rule +#define __NR_landlock_add_rule 445 +#endif +#ifndef __NR_landlock_restrict_self +#define __NR_landlock_restrict_self 446 +#endif +#ifndef __NR_memfd_secret +#define __NR_memfd_secret 447 +#endif +#ifndef __NR_process_mrelease +#define __NR_process_mrelease 448 +#endif +#ifndef __NR_futex_waitv +#define __NR_futex_waitv 449 +#endif +#ifndef __NR_set_mempolicy_home_node +#define __NR_set_mempolicy_home_node 450 +#endif diff --git a/driver/syscall_table64.c b/driver/syscall_table64.c index 2b3a16ed61..c540952399 100644 --- a/driver/syscall_table64.c +++ b/driver/syscall_table64.c @@ -24,6 +24,8 @@ or GPL2.txt for full copies of the license. #include "syscall_compat_aarch64.h" #elif defined(__s390x__) #include "syscall_compat_s390x.h" +#elif defined(__riscv) +#include "syscall_compat_riscv64.h" #endif /* __x86_64__ */ #elif defined(_MSC_VER) || defined(__EMSCRIPTEN__) // these are Linux syscall numbers and obviously meaningless for Windows/macOS diff --git a/test/drivers/test_suites/generic_tracepoints_suite/sched_process_fork.cpp b/test/drivers/test_suites/generic_tracepoints_suite/sched_process_fork.cpp index 05158da266..74062eb100 100644 --- a/test/drivers/test_suites/generic_tracepoints_suite/sched_process_fork.cpp +++ b/test/drivers/test_suites/generic_tracepoints_suite/sched_process_fork.cpp @@ -526,7 +526,7 @@ TEST(GenericTracepoints, sched_proc_fork_case_clone) #ifdef __s390x__ ret_pid = syscall(__NR_clone, newsp, clone_flags, &parent_tid, &child_tid, tls); -#elif __aarch64__ +#elif defined(__aarch64__) || defined(__riscv) ret_pid = syscall(__NR_clone, clone_flags, newsp, &parent_tid, tls, &child_tid); #else ret_pid = syscall(__NR_clone, clone_flags, newsp, &parent_tid, &child_tid, tls); diff --git a/test/drivers/test_suites/syscall_enter_suite/clone_e.cpp b/test/drivers/test_suites/syscall_enter_suite/clone_e.cpp index da024cb4a3..6161397ce7 100644 --- a/test/drivers/test_suites/syscall_enter_suite/clone_e.cpp +++ b/test/drivers/test_suites/syscall_enter_suite/clone_e.cpp @@ -45,7 +45,7 @@ TEST(SyscallEnter, cloneE) */ #ifdef __s390x__ assert_syscall_state(SYSCALL_FAILURE, "clone", syscall(__NR_clone, newsp, clone_flags, &parent_tid, &child_tid, tls)); -#elif __aarch64__ +#elif defined(__aarch64__) || defined(__riscv) assert_syscall_state(SYSCALL_FAILURE, "clone", syscall(__NR_clone, clone_flags, newsp, &parent_tid, tls, &child_tid)); #else assert_syscall_state(SYSCALL_FAILURE, "clone", syscall(__NR_clone, clone_flags, newsp, &parent_tid, &child_tid, tls)); diff --git a/test/drivers/test_suites/syscall_exit_suite/clone_x.cpp b/test/drivers/test_suites/syscall_exit_suite/clone_x.cpp index 31d89953fa..9bef4891d6 100644 --- a/test/drivers/test_suites/syscall_exit_suite/clone_x.cpp +++ b/test/drivers/test_suites/syscall_exit_suite/clone_x.cpp @@ -35,7 +35,7 @@ TEST(SyscallExit, cloneX_father) * is not the same as for all architectures. `/kernel/fork.c` from kernel source tree. * * #ifdef CONFIG_CLONE_BACKWARDS - * SYSCALL_DEFINE5(clone, unsigned long, clone_flags, unsigned long, newsp, <-- `aarch64` systems use this. + * SYSCALL_DEFINE5(clone, unsigned long, clone_flags, unsigned long, newsp, <-- `aarch64` and `riscv` systems use this. * int __user *, parent_tidptr, * unsigned long, tls, * int __user *, child_tidptr) @@ -60,7 +60,7 @@ TEST(SyscallExit, cloneX_father) */ #ifdef __s390x__ ret_pid = syscall(__NR_clone, newsp, clone_flags, &parent_tid, &child_tid, tls); -#elif __aarch64__ +#elif defined(__aarch64__) || defined(__riscv) ret_pid = syscall(__NR_clone, clone_flags, newsp, &parent_tid, tls, &child_tid); #else ret_pid = syscall(__NR_clone, clone_flags, newsp, &parent_tid, &child_tid, tls); @@ -197,7 +197,7 @@ TEST(SyscallExit, cloneX_child) #ifdef __s390x__ ret_pid = syscall(__NR_clone, newsp, clone_flags, &parent_tid, &child_tid, tls); -#elif __aarch64__ +#elif defined(__aarch64__) || defined(__riscv) ret_pid = syscall(__NR_clone, clone_flags, newsp, &parent_tid, tls, &child_tid); #else ret_pid = syscall(__NR_clone, clone_flags, newsp, &parent_tid, &child_tid, tls); diff --git a/test/drivers/test_suites/syscall_exit_suite/execveat_x.cpp b/test/drivers/test_suites/syscall_exit_suite/execveat_x.cpp index 1264f35ba7..e8b43c7615 100644 --- a/test/drivers/test_suites/syscall_exit_suite/execveat_x.cpp +++ b/test/drivers/test_suites/syscall_exit_suite/execveat_x.cpp @@ -211,7 +211,7 @@ TEST(SyscallExit, execveatX_correct_exit) evt_test->disable_capture(); -#if __s390x__ +#if defined(__s390x__) || defined(__riscv) /* We search for a child event. */ evt_test->assert_event_presence(ret_pid); @@ -338,7 +338,7 @@ TEST(SyscallExit, execveatX_execve_exit) evt_test->disable_capture(); /* `s390x` returns an `EXECVEAT_X` event while other architectures retun an `EXECVE_X` */ -#if defined(__s390x__) +#if defined(__s390x__) || defined(__riscv) /* We search for a child event. */ evt_test->assert_event_absence(ret_pid, PPME_SYSCALL_EXECVE_19_X); #else From 7f02c30b2e19c752735dca4ce68bd813ef5a7f27 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 13 Oct 2023 10:51:49 +0200 Subject: [PATCH 2/3] fix(test): fixed execveat new test. Signed-off-by: Federico Di Pierro --- test/drivers/test_suites/syscall_exit_suite/execveat_x.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/drivers/test_suites/syscall_exit_suite/execveat_x.cpp b/test/drivers/test_suites/syscall_exit_suite/execveat_x.cpp index e8b43c7615..ff277ae5cb 100644 --- a/test/drivers/test_suites/syscall_exit_suite/execveat_x.cpp +++ b/test/drivers/test_suites/syscall_exit_suite/execveat_x.cpp @@ -494,7 +494,7 @@ TEST(SyscallExit, execveatX_success_memfd) evt_test->disable_capture(); -#if __s390x__ +#if defined(__s390x__) || defined(__riscv) /* We search for a child event. */ evt_test->assert_event_presence(ret_pid); From deeff4580a1445eebe6478af2f18daf236bb7699 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 13 Oct 2023 11:45:52 +0200 Subject: [PATCH 3/3] fix(test/drivers): ensure that `buf` is not paged out by the kernel while running tests. Signed-off-by: Federico Di Pierro Co-authored-by: Andrea Terzolo --- .../drivers/test_suites/actions_suite/dynamic_snaplen.cpp | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/test/drivers/test_suites/actions_suite/dynamic_snaplen.cpp b/test/drivers/test_suites/actions_suite/dynamic_snaplen.cpp index c86e55a3f6..b3ffe0a49d 100644 --- a/test/drivers/test_suites/actions_suite/dynamic_snaplen.cpp +++ b/test/drivers/test_suites/actions_suite/dynamic_snaplen.cpp @@ -27,8 +27,10 @@ TEST(Actions, dynamic_snaplen_negative_fd) if(ret_pid == 0) { + /* Ensure that buf is not paged out by the kernel on some archs, like riscv */ + char buf_child[data_len] = "HTTP/\0"; /* In this way in the father we know if the call was successful or not. */ - if(syscall(__NR_write, fd, (void *)buf, data_len) == -1) + if(syscall(__NR_write, fd, (void *)buf_child, data_len) == -1) { /* SUCCESS because we want the call to fail */ exit(EXIT_SUCCESS); @@ -107,8 +109,10 @@ TEST(Actions, dynamic_snaplen_no_socket) if(ret_pid == 0) { + /* Ensure that buf is not paged out by the kernel on some archs, like riscv */ + char buf_child[data_len] = "HTTP/\0"; /* In this way in the father we know if the call was successful or not. */ - if(syscall(__NR_write, fd, (void *)buf, data_len) == -1) + if(syscall(__NR_write, fd, (void *)buf_child, data_len) == -1) { /* SUCCESS because we want the call to fail */ exit(EXIT_SUCCESS);