From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1332734-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by finch.gentoo.org (Postfix) with ESMTPS id DAE85158086
for <garchives@archives.gentoo.org>; Sat, 23 Oct 2021 06:10:40 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id 16F39E0885;
Sat, 23 Oct 2021 06:10:38 +0000 (UTC)
Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
(using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits))
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id 03634E0885
for <gentoo-commits@lists.gentoo.org>; Sat, 23 Oct 2021 06:10:38 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
(using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits))
(No client certificate requested)
by smtp.gentoo.org (Postfix) with ESMTPS id B098334322F
for <gentoo-commits@lists.gentoo.org>; Sat, 23 Oct 2021 06:10:35 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
by oystercatcher.gentoo.org (Postfix) with ESMTP id F091C163
for <gentoo-commits@lists.gentoo.org>; Sat, 23 Oct 2021 06:10:33 +0000 (UTC)
From: "Mike Frysinger" <vapier@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" <vapier@gentoo.org>
Message-ID: <1634963714.b9756c8938e2b5c7712c15ef0add7342790614a6.vapier@gentoo>
Subject: [gentoo-commits] proj/sandbox:master commit in: libsandbox/
X-VCS-Repository: proj/sandbox
X-VCS-Files: libsandbox/trace.c
X-VCS-Directories: libsandbox/
X-VCS-Committer: vapier
X-VCS-Committer-Name: Mike Frysinger
X-VCS-Revision: b9756c8938e2b5c7712c15ef0add7342790614a6
X-VCS-Branch: master
Date: Sat, 23 Oct 2021 06:10:33 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: bbe8da27-8fdc-4f16-892a-8c1ce703ab92
X-Archives-Hash: 81b89ce2db63da6e0ace976e63f24e14
commit: b9756c8938e2b5c7712c15ef0add7342790614a6
Author: Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Sat Oct 23 04:35:14 2021 +0000
Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Sat Oct 23 04:35:14 2021 +0000
URL: https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=b9756c89
libsandbox: only lookup syscall number on entry
The ptrace API does not guarantee the syscall number lookup will be
valid on syscall exit (since the underlying register might have been
clobbered), so stop trying to look it up then. We only used it when
decoding entry anyways, so this is more minor housekeeping.
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>
libsandbox/trace.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/libsandbox/trace.c b/libsandbox/trace.c
index 77991e1..89bd591 100644
--- a/libsandbox/trace.c
+++ b/libsandbox/trace.c
@@ -390,8 +390,8 @@ static void trace_loop(void)
bool before_exec, before_syscall, fake_syscall_ret;
unsigned event;
long ret;
- int nr, status, sig;
- const struct syscall_entry *se, *tbl_after_fork;
+ int status, sig;
+ const struct syscall_entry *tbl_after_fork;
before_exec = true;
before_syscall = false;
@@ -461,10 +461,12 @@ static void trace_loop(void)
}
ret = trace_get_regs(®s);
- nr = trace_get_sysnum(®s);
- se = lookup_syscall_in_tbl(tbl_after_fork, nr);
if (before_syscall) {
+ /* NB: The kernel guarantees syscall NR is valid only on entry. */
+ int nr = trace_get_sysnum(®s);
+ const struct syscall_entry *se = lookup_syscall_in_tbl(tbl_after_fork, nr);
+
_sb_debug("%s:%i", se ? se->name : "IDK", nr);
if (!trace_check_syscall(se, ®s)) {
sb_debug_dyn("trace_loop: forcing EPERM after %s\n", se->name);