Implement seccomp decoding
* configure.ac (AC_CHECK_HEADERS): Add linux/filter.h
and linux/seccomp.h.
* defs.h (print_seccomp_filter): New prototype.
* linux/dummy.h (sys_seccomp): Remove.
* linux/syscall.h (sys_seccomp): New prototype.
* prctl.c: Include <linux/seccomp.h>.
(sys_prctl): Decode PR_SET_SECCOMP.
* seccomp.c: New file.
* Makefile.am (strace_SOURCES): Add it.
* xlat/bpf_class.in: New file.
* xlat/bpf_miscop.in: Likewise.
* xlat/bpf_mode.in: Likewise.
* xlat/bpf_op_alu.in: Likewise.
* xlat/bpf_op_jmp.in: Likewise.
* xlat/bpf_rval.in: Likewise.
* xlat/bpf_size.in: Likewise.
* xlat/bpf_src.in: Likewise.
* xlat/seccomp_filter_flags.in: Likewise.
* xlat/seccomp_mode.in: Likewise.
* xlat/seccomp_ops.in: Likewise.
* xlat/seccomp_ret_action.in: Likewise.
diff --git a/prctl.c b/prctl.c
index 234d11d..935f399 100644
--- a/prctl.c
+++ b/prctl.c
@@ -25,6 +25,12 @@
return buf;
}
+#ifdef HAVE_LINUX_SECCOMP_H
+# include <linux/seccomp.h>
+#endif
+
+#include "xlat/seccomp_mode.h"
+
int
sys_prctl(struct tcb *tcp)
{
@@ -74,6 +80,28 @@
case PR_GET_KEEPCAPS:
break;
#endif
+
+#ifdef PR_SET_SECCOMP
+ case PR_SET_SECCOMP:
+ tprints(", ");
+ printxval(seccomp_mode, tcp->u_arg[1],
+ "SECCOMP_MODE_???");
+# ifdef SECCOMP_MODE_STRICT
+ if (SECCOMP_MODE_STRICT == tcp->u_arg[1])
+ break;
+# endif
+# ifdef SECCOMP_MODE_FILTER
+ if (SECCOMP_MODE_FILTER == tcp->u_arg[1]) {
+ tprints(", ");
+ print_seccomp_filter(tcp, tcp->u_arg[2]);
+ break;
+ }
+# endif
+ for (i = 2; i < tcp->s_ent->nargs; i++)
+ tprintf(", %#lx", tcp->u_arg[i]);
+ break;
+#endif /* PR_SET_SECCOMP */
+
default:
for (i = 1; i < tcp->s_ent->nargs; i++)
tprintf(", %#lx", tcp->u_arg[i]);