arch: remove direct access to the syscall tables

We may not always want to have statically defined syscall tables,
e.g. x32, so create a series of functions to access the syscall
tables which should provide us some flexibility.

Signed-off-by: Paul Moore <pmoore@redhat.com>

9 files changed, 224 insertions, 51 deletions

diff --git a/src/arch-arm-syscalls.c b/src/arch-arm-syscalls.c
index 8814537..8083486 100644
--- a/src/arch-arm-syscalls.c
+++ b/src/arch-arm-syscalls.c
@@ -19,6 +19,8 @@
  * along with this library; if not, see <http://www.gnu.org/licenses>.
  */
 
+#include <string.h>
+
 #include <seccomp.h>
 
 #include "arch.h"
@@ -430,3 +432,49 @@ const struct arch_syscall_def arm_syscall_table[] = \
 	{ "writev", (__NR_SYSCALL_BASE + 146) },
 	{ NULL, __NR_SCMP_ERROR },
 };
+
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int arm_syscall_resolve_name(const char *name)
+{
+	unsigned int iter;
+	const struct arch_syscall_def *table = arm_syscall_table;
+
+	/* XXX - plenty of room for future improvement here */
+	for (iter = 0; table[iter].name != NULL; iter++) {
+		if (strcmp(name, table[iter].name) == 0)
+			return table[iter].num;
+	}
+
+	return __NR_SCMP_ERROR;
+}
+
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the syscall table.
+ * Returns a pointer to the syscall name string on success, including pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *arm_syscall_resolve_num(int num)
+{
+	unsigned int iter;
+	const struct arch_syscall_def *table = arm_syscall_table;
+
+	/* XXX - plenty of room for future improvement here */
+	for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
+		if (num == table[iter].num)
+			return table[iter].name;
+	}
+
+	return NULL;
+}
diff --git a/src/arch-arm.h b/src/arch-arm.h
index 415eccb..a6f0b00 100644
--- a/src/arch-arm.h
+++ b/src/arch-arm.h
@@ -30,6 +30,8 @@
 #define arm_arg_count_max		6
 
 extern const struct arch_def arch_def_arm;
-extern const struct arch_syscall_def arm_syscall_table[];
+
+int arm_syscall_resolve_name(const char *name);
+const char *arm_syscall_resolve_num(int num);
 
 #endif
diff --git a/src/arch-x32-syscalls.c b/src/arch-x32-syscalls.c
index 31d915d..2583391 100644
--- a/src/arch-x32-syscalls.c
+++ b/src/arch-x32-syscalls.c
@@ -19,6 +19,8 @@
  * along with this library; if not, see <http://www.gnu.org/licenses>.
  */
 
+#include <string.h>
+
 #include <seccomp.h>
 
 #include "arch.h"
@@ -421,3 +423,49 @@ const struct arch_syscall_def x32_syscall_table[] = \
 	{ "writev", (__X32_SYSCALL_BIT + 516) },
 	{ NULL, __NR_SCMP_ERROR },
 };
+
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int x32_syscall_resolve_name(const char *name)
+{
+	unsigned int iter;
+	const struct arch_syscall_def *table = x32_syscall_table;
+
+	/* XXX - plenty of room for future improvement here */
+	for (iter = 0; table[iter].name != NULL; iter++) {
+		if (strcmp(name, table[iter].name) == 0)
+			return table[iter].num;
+	}
+
+	return __NR_SCMP_ERROR;
+}
+
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the syscall table.
+ * Returns a pointer to the syscall name string on success, including pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *x32_syscall_resolve_num(int num)
+{
+	unsigned int iter;
+	const struct arch_syscall_def *table = x32_syscall_table;
+
+	/* XXX - plenty of room for future improvement here */
+	for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
+		if (num == table[iter].num)
+			return table[iter].name;
+	}
+
+	return NULL;
+}
diff --git a/src/arch-x32.h b/src/arch-x32.h
index 9f54e81..32c8c0d 100644
--- a/src/arch-x32.h
+++ b/src/arch-x32.h
@@ -30,6 +30,8 @@
 #define x32_arg_count_max		6
 
 extern const struct arch_def arch_def_x32;
-extern const struct arch_syscall_def x32_syscall_table[];
+
+int x32_syscall_resolve_name(const char *name);
+const char *x32_syscall_resolve_num(int num);
 
 #endif
diff --git a/src/arch-x86-syscalls.c b/src/arch-x86-syscalls.c
index b44f2a2..c44eb06 100644
--- a/src/arch-x86-syscalls.c
+++ b/src/arch-x86-syscalls.c
@@ -19,13 +19,15 @@
  * along with this library; if not, see <http://www.gnu.org/licenses>.
  */
 
+#include <string.h>
+
 #include <seccomp.h>
 
 #include "arch.h"
 #include "arch-x86.h"
 
 /* NOTE: based on Linux 3.4.7 */
-const struct arch_syscall_def x86_syscall_table[] = \
+static const struct arch_syscall_def x86_syscall_table[] = \
 {
 	{ "accept", __PNR_accept },
 	{ "accept4", __PNR_accept4 },
@@ -419,3 +421,49 @@ const struct arch_syscall_def x86_syscall_table[] = \
 	{ "writev", 146 },
 	{ NULL, __NR_SCMP_ERROR },
 };
+
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int x86_syscall_resolve_name(const char *name)
+{
+	unsigned int iter;
+	const struct arch_syscall_def *table = x86_syscall_table;
+
+	/* XXX - plenty of room for future improvement here */
+	for (iter = 0; table[iter].name != NULL; iter++) {
+		if (strcmp(name, table[iter].name) == 0)
+			return table[iter].num;
+	}
+
+	return __NR_SCMP_ERROR;
+}
+
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the syscall table.
+ * Returns a pointer to the syscall name string on success, including pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *x86_syscall_resolve_num(int num)
+{
+	unsigned int iter;
+	const struct arch_syscall_def *table = x86_syscall_table;
+
+	/* XXX - plenty of room for future improvement here */
+	for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
+		if (num == table[iter].num)
+			return table[iter].name;
+	}
+
+	return NULL;
+}
diff --git a/src/arch-x86.h b/src/arch-x86.h
index 924a82f..2383f76 100644
--- a/src/arch-x86.h
+++ b/src/arch-x86.h
@@ -29,7 +29,9 @@
 #define x86_arg_count_max		6
 
 extern const struct arch_def arch_def_x86;
-extern const struct arch_syscall_def x86_syscall_table[];
+
+int x86_syscall_resolve_name(const char *name);
+const char *x86_syscall_resolve_num(int num);
 
 int x86_syscall_rewrite(const struct arch_def *arch, unsigned int strict,
 			int *syscall);
diff --git a/src/arch-x86_64-syscalls.c b/src/arch-x86_64-syscalls.c
index 10f6273..2f5253a 100644
--- a/src/arch-x86_64-syscalls.c
+++ b/src/arch-x86_64-syscalls.c
@@ -19,6 +19,8 @@
  * along with this library; if not, see <http://www.gnu.org/licenses>.
  */
 
+#include <string.h>
+
 #include <seccomp.h>
 
 #include "arch.h"
@@ -419,3 +421,49 @@ const struct arch_syscall_def x86_64_syscall_table[] = \
 	{ "writev", 20 },
 	{ NULL, __NR_SCMP_ERROR },
 };
+
+/**
+ * Resolve a syscall name to a number
+ * @param name the syscall name
+ *
+ * Resolve the given syscall name to the syscall number using the syscall table.
+ * Returns the syscall number on success, including negative pseudo syscall
+ * numbers; returns __NR_SCMP_ERROR on failure.
+ *
+ */
+int x86_64_syscall_resolve_name(const char *name)
+{
+	unsigned int iter;
+	const struct arch_syscall_def *table = x86_64_syscall_table;
+
+	/* XXX - plenty of room for future improvement here */
+	for (iter = 0; table[iter].name != NULL; iter++) {
+		if (strcmp(name, table[iter].name) == 0)
+			return table[iter].num;
+	}
+
+	return __NR_SCMP_ERROR;
+}
+
+/**
+ * Resolve a syscall number to a name
+ * @param num the syscall number
+ *
+ * Resolve the given syscall number to the syscall name using the syscall table.
+ * Returns a pointer to the syscall name string on success, including pseudo
+ * syscall names; returns NULL on failure.
+ *
+ */
+const char *x86_64_syscall_resolve_num(int num)
+{
+	unsigned int iter;
+	const struct arch_syscall_def *table = x86_64_syscall_table;
+
+	/* XXX - plenty of room for future improvement here */
+	for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
+		if (num == table[iter].num)
+			return table[iter].name;
+	}
+
+	return NULL;
+}
diff --git a/src/arch-x86_64.h b/src/arch-x86_64.h
index 73de6db..cc1c6bf 100644
--- a/src/arch-x86_64.h
+++ b/src/arch-x86_64.h
@@ -30,9 +30,11 @@
 #define x86_64_arg_count_max		6
 
 extern const struct arch_def arch_def_x86_64;
-extern const struct arch_syscall_def x86_64_syscall_table[];
 
 #define x86_64_arg_offset_lo(x)		(arch_arg_offset(x))
 #define x86_64_arg_offset_hi(x)		(arch_arg_offset(x) + 4)
 
+int x86_64_syscall_resolve_name(const char *name);
+const char *x86_64_syscall_resolve_num(int num);
+
 #endif
diff --git a/src/arch.c b/src/arch.c
index 2002b6f..994b4fb 100644
--- a/src/arch.c
+++ b/src/arch.c
@@ -70,29 +70,6 @@ int arch_valid(uint32_t arch)
 }
 
 /**
- * Lookup the syscall table for an architecture
- * @param token the architecure token
- *
- * Return the architecture's syscall table, returns NULL on failure.
- *
- */
-static const struct arch_syscall_def *_arch_syscall_lookup(uint32_t token)
-{
-	switch (token) {
-	case SCMP_ARCH_X86:
-		return x86_syscall_table;
-	case SCMP_ARCH_X86_64:
-		return x86_64_syscall_table;
-	case SCMP_ARCH_X32:
-		return x32_syscall_table;
-	case SCMP_ARCH_ARM:
-		return arm_syscall_table;
-	}
-
-	return NULL;
-}
-
-/**
  * Lookup the architecture definition
  * @param token the architecure token
  *
@@ -186,22 +163,20 @@ int arch_arg_offset_hi(const struct arch_def *arch, unsigned int arg)
  *
  * Resolve the given syscall name to the syscall number based on the given
  * architecture.  Returns the syscall number on success, including negative
- * pseudo syscall numbers; returns -1 on failure.
+ * pseudo syscall numbers; returns __NR_SCMP_ERROR on failure.
  *
  */
 int arch_syscall_resolve_name(const struct arch_def *arch, const char *name)
 {
-	unsigned int iter;
-	const struct arch_syscall_def *table;
-
-	table = _arch_syscall_lookup(arch->token);
-	if (table == NULL)
-		return __NR_SCMP_ERROR;
-
-	/* XXX - plenty of room for future improvement here */
-	for (iter = 0; table[iter].name != NULL; iter++) {
-		if (strcmp(name, table[iter].name) == 0)
-			return table[iter].num;
+	switch (arch->token) {
+	case SCMP_ARCH_X86:
+		return x86_syscall_resolve_name(name);
+	case SCMP_ARCH_X86_64:
+		return x86_64_syscall_resolve_name(name);
+	case SCMP_ARCH_X32:
+		return x32_syscall_resolve_name(name);
+	case SCMP_ARCH_ARM:
+		return arm_syscall_resolve_name(name);
 	}
 
 	return __NR_SCMP_ERROR;
@@ -219,17 +194,15 @@ int arch_syscall_resolve_name(const struct arch_def *arch, const char *name)
  */
 const char *arch_syscall_resolve_num(const struct arch_def *arch, int num)
 {
-	unsigned int iter;
-	const struct arch_syscall_def *table;
-
-	table = _arch_syscall_lookup(arch->token);
-	if (table == NULL)
-		return NULL;
-
-	/* XXX - plenty of room for future improvement here */
-	for (iter = 0; table[iter].num != __NR_SCMP_ERROR; iter++) {
-		if (num == table[iter].num)
-			return table[iter].name;
+	switch (arch->token) {
+	case SCMP_ARCH_X86:
+		return x86_syscall_resolve_num(num);
+	case SCMP_ARCH_X86_64:
+		return x86_64_syscall_resolve_num(num);
+	case SCMP_ARCH_X32:
+		return x32_syscall_resolve_num(num);
+	case SCMP_ARCH_ARM:
+		return arm_syscall_resolve_num(num);
 	}
 
 	return NULL;