jail/seccomp: add support for aarch64

Add support for Aarch64 in utrace and ujail.
Sort and unify architecture-specific definitions in headers.
Use new PTRACE_GET_SYSCALL_INFO call (available since Linux 5.3), for
now only for aarch64, but this may potentially unify things and get
rid of some #ifdef'ery for other platforms as well.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

2 files changed, 30 insertions, 18 deletions

diff --git a/jail/seccomp-bpf.h b/jail/seccomp-bpf.h
index bd59ac8..077483f 100644
--- a/jail/seccomp-bpf.h
+++ b/jail/seccomp-bpf.h
@@ -64,19 +64,12 @@ struct seccomp_data {
 #define arch_nr (offsetof(struct seccomp_data, arch))
 #define syscall_arg(x) (offsetof(struct seccomp_data, args[x]))
 
-#if defined(__i386__)
-# define REG_SYSCALL	REG_EAX
-# define ARCH_NR	AUDIT_ARCH_I386
-#elif defined(__x86_64__)
+#if defined(__aarch64__)
+# define REG_SYSCALL	regs.regs[8]
+# define ARCH_NR	AUDIT_ARCH_AARCH64
+#elif defined(__amd64__)
 # define REG_SYSCALL	REG_RAX
 # define ARCH_NR	AUDIT_ARCH_X86_64
-#elif defined(__mips__)
-# define REG_SYSCALL	regs[2]
-# if __BYTE_ORDER == __LITTLE_ENDIAN
-#  define ARCH_NR	AUDIT_ARCH_MIPSEL
-# else
-#  define ARCH_NR	AUDIT_ARCH_MIPS
-# endif
 #elif defined(__arm__) && (defined(__ARM_EABI__) || defined(__thumb__))
 # define REG_SYSCALL	regs.uregs[7]
 # if __BYTE_ORDER == __LITTLE_ENDIAN
@@ -84,6 +77,16 @@ struct seccomp_data {
 # else
 #  define ARCH_NR	AUDIT_ARCH_ARMEB
 # endif
+#elif defined(__i386__)
+# define REG_SYSCALL	REG_EAX
+# define ARCH_NR	AUDIT_ARCH_I386
+#elif defined(__mips__)
+# define REG_SYSCALL	regs[2]
+# if __BYTE_ORDER == __LITTLE_ENDIAN
+#  define ARCH_NR	AUDIT_ARCH_MIPSEL
+# else
+#  define ARCH_NR	AUDIT_ARCH_MIPS
+# endif
 #elif defined(__PPC__)
 # define REG_SYSCALL	regs.gpr[0]
 # define ARCH_NR	AUDIT_ARCH_PPC
diff --git a/trace/trace.c b/trace/trace.c
index 977396a..2fd27b8 100644
--- a/trace/trace.c
+++ b/trace/trace.c
@@ -48,8 +48,16 @@
 #define _offsetof(a, b) __builtin_offsetof(a,b)
 #define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]))
 
-#ifdef __amd64__
+#if defined (__aarch64__)
+#include <linux/ptrace.h>
+#elif defined(__amd64__)
 #define reg_syscall_nr	_offsetof(struct user, regs.orig_rax)
+#elif defined(__arm__)
+#include <asm/ptrace.h>		/* for PTRACE_SET_SYSCALL */
+#define reg_syscall_nr	_offsetof(struct user, regs.uregs[7])
+# if defined(__ARM_EABI__)
+# define reg_retval_nr	_offsetof(struct user, regs.uregs[0])
+# endif
 #elif defined(__i386__)
 #define reg_syscall_nr	_offsetof(struct user, regs.orig_eax)
 #elif defined(__mips)
@@ -57,12 +65,6 @@
 # define EF_REG2	8
 # endif
 #define reg_syscall_nr	(EF_REG2 / 4)
-#elif defined(__arm__)
-#include <asm/ptrace.h>		/* for PTRACE_SET_SYSCALL */
-#define reg_syscall_nr	_offsetof(struct user, regs.uregs[7])
-# if defined(__ARM_EABI__)
-# define reg_retval_nr	_offsetof(struct user, regs.uregs[0])
-# endif
 #elif defined(__PPC__)
 #define reg_syscall_nr	_offsetof(struct user, regs.gpr[0])
 #define reg_retval_nr	_offsetof(struct user, regs.gpr[3])
@@ -208,7 +210,14 @@ static void tracer_cb(struct uloop_process *c, int ret)
 	if (WIFSTOPPED(ret) || (ret >> 16)) {
 		if (WSTOPSIG(ret) & 0x80) {
 			if (!tracee->in_syscall) {
+#ifdef __aarch64__
+				int syscall = -1;
+				struct ptrace_syscall_info ptsi = {.op=PTRACE_SYSCALL_INFO_ENTRY};
+				if (ptrace(PTRACE_GET_SYSCALL_INFO, c->pid, sizeof(ptsi), &ptsi) != -1)
+					syscall = ptsi.entry.nr;
+#else
 				int syscall = ptrace(PTRACE_PEEKUSER, c->pid, reg_syscall_nr);
+#endif
 				int i = syscall_index(syscall);
 				if (i >= 0) {
 					syscall_count[i]++;