| arch.c | arch.c | |||
|---|---|---|---|---|
| skipping to change at line 270 | skipping to change at line 270 | |||
| *syscall = sc_num; | *syscall = sc_num; | |||
| } | } | |||
| return 0; | return 0; | |||
| } | } | |||
| /** | /** | |||
| * Rewrite a syscall value to match the architecture | * Rewrite a syscall value to match the architecture | |||
| * @param arch the architecture definition | * @param arch the architecture definition | |||
| * @param strict strict flag | ||||
| * @param syscall the syscall number | * @param syscall the syscall number | |||
| * | * | |||
| * Syscalls can vary across different architectures so this function rewrit es | * Syscalls can vary across different architectures so this function rewrit es | |||
| * the syscall into the correct value for the specified architecture. Retu | * the syscall into the correct value for the specified architecture. If | |||
| rns | * @strict is true then the function will fail if the syscall can not be | |||
| * zero on success, negative values on failure. | * preservered, however, if @strict is false the function will do a "best | |||
| * effort" rewrite and not fail. Returns zero on success, negative values o | ||||
| n | ||||
| * failure. | ||||
| * | * | |||
| */ | */ | |||
| int arch_syscall_rewrite(const struct arch_def *arch, int *syscall) | int arch_syscall_rewrite(const struct arch_def *arch, unsigned int strict, | |||
| int *syscall) | ||||
| { | { | |||
| switch (arch->token) { | int sys = *syscall; | |||
| case AUDIT_ARCH_I386: | ||||
| return i386_syscall_rewrite(arch, syscall); | if (sys >= 0) { | |||
| default: | /* we shouldn't be here - no rewrite needed */ | |||
| return -EDOM; | return 0; | |||
| } else if (sys < 0 && sys > -100) { | ||||
| /* reserved values */ | ||||
| return -EINVAL; | ||||
| } else if (sys <= -100 && sys > -10000) { | ||||
| /* rewritable syscalls */ | ||||
| switch (arch->token) { | ||||
| case AUDIT_ARCH_I386: | ||||
| return i386_syscall_rewrite(arch, strict, syscall); | ||||
| } | ||||
| /* NOTE: we fall through to the default handling (strict?) i | ||||
| f | ||||
| * we don't support any rewriting for the architecture | ||||
| */ | ||||
| } | } | |||
| /* syscalls not defined on this architecture */ | ||||
| if (strict) | ||||
| return -EDOM; | ||||
| return 0; | ||||
| } | } | |||
| /** | /** | |||
| * Rewrite a filter rule to match the architecture specifics | * Rewrite a filter rule to match the architecture specifics | |||
| * @param arch the architecture definition | * @param arch the architecture definition | |||
| * @param strict strict flag | * @param strict strict flag | |||
| * @param syscall the syscall number | * @param syscall the syscall number | |||
| * @param chain the argument filter chain | * @param chain the argument filter chain | |||
| * | * | |||
| * Syscalls can vary across different architectures so this function handle s | * Syscalls can vary across different architectures so this function handle s | |||
| skipping to change at line 306 | skipping to change at line 327 | |||
| * regardless of the rule or architecture. If @strict is true then the | * regardless of the rule or architecture. If @strict is true then the | |||
| * function will fail if the entire filter can not be preservered, however, | * function will fail if the entire filter can not be preservered, however, | |||
| * if @strict is false the function will do a "best effort" rewrite and not | * if @strict is false the function will do a "best effort" rewrite and not | |||
| * fail. Returns zero on success, negative values on failure. | * fail. Returns zero on success, negative values on failure. | |||
| * | * | |||
| */ | */ | |||
| int arch_filter_rewrite(const struct arch_def *arch, | int arch_filter_rewrite(const struct arch_def *arch, | |||
| unsigned int strict, | unsigned int strict, | |||
| int *syscall, struct db_api_arg *chain) | int *syscall, struct db_api_arg *chain) | |||
| { | { | |||
| switch (arch->token) { | int sys = *syscall; | |||
| case AUDIT_ARCH_I386: | ||||
| return i386_filter_rewrite(arch, strict, syscall, chain); | if (sys >= 0) { | |||
| default: | /* we shouldn't be here - no rewrite needed */ | |||
| return -EDOM; | return 0; | |||
| } else if (sys < 0 && sys > -100) { | ||||
| /* reserved values */ | ||||
| return -EINVAL; | ||||
| } else if (sys <= -100 && sys > -10000) { | ||||
| /* rewritable syscalls */ | ||||
| switch (arch->token) { | ||||
| case AUDIT_ARCH_I386: | ||||
| return i386_filter_rewrite(arch, | ||||
| strict, syscall, chain); | ||||
| } | ||||
| /* NOTE: we fall through to the default handling (strict?) i | ||||
| f | ||||
| * we don't support any rewriting for the architecture | ||||
| */ | ||||
| } | } | |||
| /* syscalls not defined on this architecture */ | ||||
| if (strict) | ||||
| return -EDOM; | ||||
| return 0; | ||||
| } | } | |||
| End of changes. 7 change blocks. | ||||
| 14 lines changed or deleted | 56 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||