kore

Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git
commit 7290944bf3ec88dae5bc977a03f578b440cf0853
parent 9deb2e71bf87bd2013f1510a4805d4a31d72ab88
Author: Frederic Cambus <fred@statdns.com>
Date:   Wed, 16 Sep 2020 22:53:11 +0200

Add support for logging seccomp violations on arm.

On ARM EABI, the syscall number can be read from register r7.

Diffstat:

src/seccomp.c | 6++++++


1 file changed, 6 insertions(+), 0 deletions(-)

diff --git a/src/seccomp.c b/src/seccomp.c
@@ -427,7 +427,11 @@ seccomp_register_violation(pid_t pid)
 	int				idx;
 	struct kore_worker		*kw;
 	struct iovec			iov;
+#if defined(__arm__)
+	struct pt_regs			regs;
+#else
 	struct user_regs_struct		regs;
+#endif
 	long				sysnr;
 	const char			*name;
 
@@ -441,6 +445,8 @@ seccomp_register_violation(pid_t pid)
 	sysnr = regs.orig_rax;
 #elif SECCOMP_AUDIT_ARCH == AUDIT_ARCH_AARCH64
 	sysnr = regs.regs[8];
+#elif SECCOMP_AUDIT_ARCH == AUDIT_ARCH_ARM
+	sysnr = regs.uregs[7];
 #else
 #error "platform not supported"
 #endif