From 13d67fed38e5a10bfb40ba986a6f4731eb886bcb Mon Sep 17 00:00:00 2001 From: Justine Tunney Date: Fri, 15 Jul 2022 18:29:49 -0700 Subject: [PATCH] Add latest Linux syscalls including landlock See #485 --- libc/calls/landlock.h | 42 +++++++++++++++++++++++ libc/sysv/calls/clone3.s | 2 ++ libc/sysv/calls/close_range.s | 2 ++ libc/sysv/calls/epoll_pwait2.s | 2 ++ libc/sysv/calls/faccessat2.s | 2 ++ libc/sysv/calls/fsconfig.s | 2 ++ libc/sysv/calls/fsmount.s | 2 ++ libc/sysv/calls/fsopen.s | 2 ++ libc/sysv/calls/fspick.s | 2 ++ libc/sysv/calls/futex_waitv.s | 2 ++ libc/sysv/calls/landlock_add_rule.s | 2 ++ libc/sysv/calls/landlock_create_ruleset.s | 2 ++ libc/sysv/calls/landlock_restrict_self.s | 2 ++ libc/sysv/calls/memfd_secret.s | 2 ++ libc/sysv/calls/mount_setattr.s | 2 ++ libc/sysv/calls/move_mount.s | 2 ++ libc/sysv/calls/open_tree.s | 2 ++ libc/sysv/calls/openat2.s | 2 ++ libc/sysv/calls/pidfd_getfd.s | 2 ++ libc/sysv/calls/pidfd_open.s | 2 ++ libc/sysv/calls/process_madvise.s | 2 ++ libc/sysv/calls/process_mrelease.s | 2 ++ libc/sysv/calls/quotactl_fd.s | 2 ++ libc/sysv/calls/set_mempolicy_home_node.s | 2 ++ libc/sysv/syscalls.sh | 23 +++++++++++++ 25 files changed, 111 insertions(+) create mode 100644 libc/calls/landlock.h create mode 100644 libc/sysv/calls/clone3.s create mode 100644 libc/sysv/calls/close_range.s create mode 100644 libc/sysv/calls/epoll_pwait2.s create mode 100644 libc/sysv/calls/faccessat2.s create mode 100644 libc/sysv/calls/fsconfig.s create mode 100644 libc/sysv/calls/fsmount.s create mode 100644 libc/sysv/calls/fsopen.s create mode 100644 libc/sysv/calls/fspick.s create mode 100644 libc/sysv/calls/futex_waitv.s create mode 100644 libc/sysv/calls/landlock_add_rule.s create mode 100644 libc/sysv/calls/landlock_create_ruleset.s create mode 100644 libc/sysv/calls/landlock_restrict_self.s create mode 100644 libc/sysv/calls/memfd_secret.s create mode 100644 libc/sysv/calls/mount_setattr.s create mode 100644 libc/sysv/calls/move_mount.s create mode 100644 libc/sysv/calls/open_tree.s create mode 100644 libc/sysv/calls/openat2.s create mode 100644 libc/sysv/calls/pidfd_getfd.s create mode 100644 libc/sysv/calls/pidfd_open.s create mode 100644 libc/sysv/calls/process_madvise.s create mode 100644 libc/sysv/calls/process_mrelease.s create mode 100644 libc/sysv/calls/quotactl_fd.s create mode 100644 libc/sysv/calls/set_mempolicy_home_node.s diff --git a/libc/calls/landlock.h b/libc/calls/landlock.h new file mode 100644 index 000000000..cfaf7f06c --- /dev/null +++ b/libc/calls/landlock.h @@ -0,0 +1,42 @@ +#ifndef COSMOPOLITAN_LIBC_CALLS_LANDLOCK_H_ +#define COSMOPOLITAN_LIBC_CALLS_LANDLOCK_H_ + +#define LANDLOCK_ACCESS_FS_EXECUTE 0x0001ul +#define LANDLOCK_ACCESS_FS_WRITE_FILE 0x0002ul +#define LANDLOCK_ACCESS_FS_READ_FILE 0x0004ul +#define LANDLOCK_ACCESS_FS_READ_DIR 0x0008ul +#define LANDLOCK_ACCESS_FS_REMOVE_DIR 0x0010ul +#define LANDLOCK_ACCESS_FS_REMOVE_FILE 0x0020ul +#define LANDLOCK_ACCESS_FS_MAKE_CHAR 0x0040ul +#define LANDLOCK_ACCESS_FS_MAKE_DIR 0x0080ul +#define LANDLOCK_ACCESS_FS_MAKE_REG 0x0100ul +#define LANDLOCK_ACCESS_FS_MAKE_SOCK 0x0200ul +#define LANDLOCK_ACCESS_FS_MAKE_FIFO 0x0400ul +#define LANDLOCK_ACCESS_FS_MAKE_BLOCK 0x0800ul +#define LANDLOCK_ACCESS_FS_MAKE_SYM 0x1000ul +#define LANDLOCK_ACCESS_FS_REFER 0x2000ul + +#if !(__ASSEMBLER__ + __LINKER__ + 0) +COSMOPOLITAN_C_START_ + +enum landlock_rule_type { + LANDLOCK_RULE_PATH_BENEATH = 1, +}; + +struct landlock_ruleset_attr { + uint64_t handled_access_fs; +}; + +struct thatispacked landlock_path_beneath_attr { + uint64_t allowed_access; + int32_t parent_fd; +}; + +int landlock_restrict_self(int, uint32_t); +int landlock_add_rule(int, enum landlock_rule_type, const void *, uint32_t); +int landlock_create_ruleset(const struct landlock_ruleset_attr *, size_t, + uint32_t); + +COSMOPOLITAN_C_END_ +#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */ +#endif /* COSMOPOLITAN_LIBC_CALLS_LANDLOCK_H_ */ diff --git a/libc/sysv/calls/clone3.s b/libc/sysv/calls/clone3.s new file mode 100644 index 000000000..7f0267aa1 --- /dev/null +++ b/libc/sysv/calls/clone3.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall clone3,0xfffffffffffff1b3,globl diff --git a/libc/sysv/calls/close_range.s b/libc/sysv/calls/close_range.s new file mode 100644 index 000000000..859590469 --- /dev/null +++ b/libc/sysv/calls/close_range.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall close_range,0xfffffffffffff1b4,globl diff --git a/libc/sysv/calls/epoll_pwait2.s b/libc/sysv/calls/epoll_pwait2.s new file mode 100644 index 000000000..504f5e658 --- /dev/null +++ b/libc/sysv/calls/epoll_pwait2.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall epoll_pwait2,0xfffffffffffff1b9,globl diff --git a/libc/sysv/calls/faccessat2.s b/libc/sysv/calls/faccessat2.s new file mode 100644 index 000000000..aaccd0eda --- /dev/null +++ b/libc/sysv/calls/faccessat2.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall faccessat2,0xfffffffffffff1b7,globl diff --git a/libc/sysv/calls/fsconfig.s b/libc/sysv/calls/fsconfig.s new file mode 100644 index 000000000..97dd67636 --- /dev/null +++ b/libc/sysv/calls/fsconfig.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall fsconfig,0xfffffffffffff1af,globl diff --git a/libc/sysv/calls/fsmount.s b/libc/sysv/calls/fsmount.s new file mode 100644 index 000000000..2c9525496 --- /dev/null +++ b/libc/sysv/calls/fsmount.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall fsmount,0xfffffffffffff1b0,globl diff --git a/libc/sysv/calls/fsopen.s b/libc/sysv/calls/fsopen.s new file mode 100644 index 000000000..ab84c4b4f --- /dev/null +++ b/libc/sysv/calls/fsopen.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall fsopen,0xfffffffffffff1ae,globl diff --git a/libc/sysv/calls/fspick.s b/libc/sysv/calls/fspick.s new file mode 100644 index 000000000..7647da5b3 --- /dev/null +++ b/libc/sysv/calls/fspick.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall fspick,0xfffffffffffff1b1,globl diff --git a/libc/sysv/calls/futex_waitv.s b/libc/sysv/calls/futex_waitv.s new file mode 100644 index 000000000..4d381a225 --- /dev/null +++ b/libc/sysv/calls/futex_waitv.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall futex_waitv,0xfffffffffffff1c1,globl diff --git a/libc/sysv/calls/landlock_add_rule.s b/libc/sysv/calls/landlock_add_rule.s new file mode 100644 index 000000000..07acd5ea4 --- /dev/null +++ b/libc/sysv/calls/landlock_add_rule.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall landlock_add_rule,0xfffffffffffff1bd,globl diff --git a/libc/sysv/calls/landlock_create_ruleset.s b/libc/sysv/calls/landlock_create_ruleset.s new file mode 100644 index 000000000..7b070ec41 --- /dev/null +++ b/libc/sysv/calls/landlock_create_ruleset.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall landlock_create_ruleset,0xfffffffffffff1bc,globl diff --git a/libc/sysv/calls/landlock_restrict_self.s b/libc/sysv/calls/landlock_restrict_self.s new file mode 100644 index 000000000..69fb78e58 --- /dev/null +++ b/libc/sysv/calls/landlock_restrict_self.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall landlock_restrict_self,0xfffffffffffff1be,globl diff --git a/libc/sysv/calls/memfd_secret.s b/libc/sysv/calls/memfd_secret.s new file mode 100644 index 000000000..f05c20651 --- /dev/null +++ b/libc/sysv/calls/memfd_secret.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall memfd_secret,0xfffffffffffff1bf,globl diff --git a/libc/sysv/calls/mount_setattr.s b/libc/sysv/calls/mount_setattr.s new file mode 100644 index 000000000..b4548e765 --- /dev/null +++ b/libc/sysv/calls/mount_setattr.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall mount_setattr,0xfffffffffffff1ba,globl diff --git a/libc/sysv/calls/move_mount.s b/libc/sysv/calls/move_mount.s new file mode 100644 index 000000000..f96ae5d3e --- /dev/null +++ b/libc/sysv/calls/move_mount.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall move_mount,0xfffffffffffff1ad,globl diff --git a/libc/sysv/calls/open_tree.s b/libc/sysv/calls/open_tree.s new file mode 100644 index 000000000..879b6c186 --- /dev/null +++ b/libc/sysv/calls/open_tree.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall open_tree,0xfffffffffffff1ac,globl diff --git a/libc/sysv/calls/openat2.s b/libc/sysv/calls/openat2.s new file mode 100644 index 000000000..3522cd62e --- /dev/null +++ b/libc/sysv/calls/openat2.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall openat2,0xfffffffffffff1b5,globl diff --git a/libc/sysv/calls/pidfd_getfd.s b/libc/sysv/calls/pidfd_getfd.s new file mode 100644 index 000000000..7a8a435f8 --- /dev/null +++ b/libc/sysv/calls/pidfd_getfd.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall pidfd_getfd,0xfffffffffffff1b6,globl diff --git a/libc/sysv/calls/pidfd_open.s b/libc/sysv/calls/pidfd_open.s new file mode 100644 index 000000000..96edd7500 --- /dev/null +++ b/libc/sysv/calls/pidfd_open.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall pidfd_open,0xfffffffffffff1b2,globl diff --git a/libc/sysv/calls/process_madvise.s b/libc/sysv/calls/process_madvise.s new file mode 100644 index 000000000..bce0d48d8 --- /dev/null +++ b/libc/sysv/calls/process_madvise.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall process_madvise,0xfffffffffffff1b8,globl diff --git a/libc/sysv/calls/process_mrelease.s b/libc/sysv/calls/process_mrelease.s new file mode 100644 index 000000000..16467754a --- /dev/null +++ b/libc/sysv/calls/process_mrelease.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall process_mrelease,0xfffffffffffff1c0,globl diff --git a/libc/sysv/calls/quotactl_fd.s b/libc/sysv/calls/quotactl_fd.s new file mode 100644 index 000000000..a6a904e88 --- /dev/null +++ b/libc/sysv/calls/quotactl_fd.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall quotactl_fd,0xfffffffffffff1bb,globl diff --git a/libc/sysv/calls/set_mempolicy_home_node.s b/libc/sysv/calls/set_mempolicy_home_node.s new file mode 100644 index 000000000..5a6b0e439 --- /dev/null +++ b/libc/sysv/calls/set_mempolicy_home_node.s @@ -0,0 +1,2 @@ +.include "o/libc/sysv/macros.internal.inc" +.scall set_mempolicy_home_node,0xfffffffffffff1c2,globl diff --git a/libc/sysv/syscalls.sh b/libc/sysv/syscalls.sh index e3c1a0fc9..f7ee4a9e3 100755 --- a/libc/sysv/syscalls.sh +++ b/libc/sysv/syscalls.sh @@ -376,6 +376,29 @@ scall io_uring_register 0xfffffffffffff1ab globl scall sys_pledge 0xfff06cffffffffff globl # └─ online linux services ban the president of united states of america scall msyscall 0xfff025ffffffffff globl scall sys_bogus 0x5005005002500500 globl +scall open_tree 0xfffffffffffff1ac globl +scall move_mount 0xfffffffffffff1ad globl +scall fsopen 0xfffffffffffff1ae globl +scall fsconfig 0xfffffffffffff1af globl +scall fsmount 0xfffffffffffff1b0 globl +scall fspick 0xfffffffffffff1b1 globl +scall pidfd_open 0xfffffffffffff1b2 globl +scall clone3 0xfffffffffffff1b3 globl +scall close_range 0xfffffffffffff1b4 globl +scall openat2 0xfffffffffffff1b5 globl # Linux 5.6 +scall pidfd_getfd 0xfffffffffffff1b6 globl +scall faccessat2 0xfffffffffffff1b7 globl +scall process_madvise 0xfffffffffffff1b8 globl +scall epoll_pwait2 0xfffffffffffff1b9 globl +scall mount_setattr 0xfffffffffffff1ba globl +scall quotactl_fd 0xfffffffffffff1bb globl +scall landlock_create_ruleset 0xfffffffffffff1bc globl +scall landlock_add_rule 0xfffffffffffff1bd globl +scall landlock_restrict_self 0xfffffffffffff1be globl +scall memfd_secret 0xfffffffffffff1bf globl +scall process_mrelease 0xfffffffffffff1c0 globl +scall futex_waitv 0xfffffffffffff1c1 globl +scall set_mempolicy_home_node 0xfffffffffffff1c2 globl # The Fifth Bell System Interface, Community Edition # » besiyata dishmaya