arch: ensure we don't "munge" pseudo syscall numbers

A number of arches/ABIs have either syscall offsets (the MIPS
family) or specific bits (x32) which are applied to their normal
syscall numbers.  We generally handle that via "munging" in
libseccomp, and it works reasonably well.  Unfortunately we were
applying this munging process to the negative pseudo syscall
numbers as well and this was causing problems.

This patch fixes the various offset/bit arches/ABIs by not applying
the munging to the negative pseudo syscall numbers.

This resolves GH issue #284:
* https://github.com/seccomp/libseccomp/issues/284

Reported-by: Harald van Dijk <harald@gigawatt.nl>
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

1 files changed, 6 insertions, 2 deletions

diff --git a/src/arch-arm.c b/src/arch-arm.c
index 4dd4b63..9c9153a 100644
--- a/src/arch-arm.c
+++ b/src/arch-arm.c
@@ -50,8 +50,9 @@ int arm_syscall_resolve_name_munge(const char *name)
 {
 	int sys;
 
+	/* NOTE: we don't want to modify the pseudo-syscall numbers */
 	sys = arm_syscall_resolve_name(name);
-	if (sys == __NR_SCMP_ERROR)
+	if (sys == __NR_SCMP_ERROR || sys < 0)
 		return sys;
 
 	return (sys | __SCMP_NR_BASE);
@@ -68,7 +69,10 @@ int arm_syscall_resolve_name_munge(const char *name)
  */
 const char *arm_syscall_resolve_num_munge(int num)
 {
-	return arm_syscall_resolve_num(num & (~__SCMP_NR_BASE));
+	/* NOTE: we don't want to modify the pseudo-syscall numbers */
+	if (num >= 0)
+		num &= ~__SCMP_NR_BASE;
+	return arm_syscall_resolve_num(num);
 }
 
 const struct arch_def arch_def_arm = {