lurk_cli/arch/
x86_64.rs

1use crate::arch::SyscallArgType;
2use libc::{c_ulonglong, user_regs_struct};
3use syscalls::x86_64::Sysno;
4use syscalls::SysnoSet;
5
6#[allow(clippy::enum_glob_use)]
7use syscalls::x86_64::Sysno::*;
8
9pub static TRACE_DESC: SysnoSet = SysnoSet::new(&[
10    read,
11    write,
12    open,
13    close,
14    fstat,
15    poll,
16    lseek,
17    mmap,
18    pread64,
19    pwrite64,
20    readv,
21    writev,
22    pipe,
23    select,
24    dup,
25    dup2,
26    sendfile,
27    fcntl,
28    flock,
29    fsync,
30    fdatasync,
31    ftruncate,
32    getdents,
33    fchdir,
34    creat,
35    fchmod,
36    fchown,
37    readahead,
38    fsetxattr,
39    fgetxattr,
40    flistxattr,
41    fremovexattr,
42    epoll_create,
43    getdents64,
44    fadvise64,
45    epoll_wait,
46    epoll_ctl,
47    mq_open,
48    mq_timedsend,
49    mq_timedreceive,
50    mq_notify,
51    mq_getsetattr,
52    inotify_init,
53    inotify_add_watch,
54    inotify_rm_watch,
55    openat,
56    mkdirat,
57    mknodat,
58    fchownat,
59    futimesat,
60    newfstatat,
61    unlinkat,
62    renameat,
63    linkat,
64    symlinkat,
65    readlinkat,
66    fchmodat,
67    faccessat,
68    pselect6,
69    ppoll,
70    splice,
71    tee,
72    sync_file_range,
73    vmsplice,
74    utimensat,
75    epoll_pwait,
76    signalfd,
77    timerfd_create,
78    eventfd,
79    fallocate,
80    timerfd_settime,
81    timerfd_gettime,
82    signalfd4,
83    eventfd2,
84    epoll_create1,
85    dup3,
86    pipe2,
87    inotify_init1,
88    preadv,
89    pwritev,
90    perf_event_open,
91    fanotify_init,
92    fanotify_mark,
93    name_to_handle_at,
94    open_by_handle_at,
95    syncfs,
96    setns,
97    finit_module,
98    renameat2,
99    memfd_create,
100    kexec_file_load,
101    bpf,
102    execveat,
103    userfaultfd,
104    copy_file_range,
105    preadv2,
106    pwritev2,
107    statx,
108]);
109
110pub static TRACE_FILE: SysnoSet = SysnoSet::new(&[
111    open,
112    stat,
113    lstat,
114    access,
115    shmget,
116    truncate,
117    getcwd,
118    chdir,
119    rename,
120    mkdir,
121    rmdir,
122    creat,
123    link,
124    unlink,
125    symlink,
126    readlink,
127    chmod,
128    chown,
129    lchown,
130    utime,
131    mknod,
132    uselib,
133    statfs,
134    fstatfs,
135    pivot_root,
136    chroot,
137    acct,
138    mount,
139    umount2,
140    swapon,
141    swapoff,
142    quotactl,
143    setxattr,
144    lsetxattr,
145    getxattr,
146    lgetxattr,
147    listxattr,
148    llistxattr,
149    removexattr,
150    lremovexattr,
151    utimes,
152    inotify_add_watch,
153    openat,
154    mkdirat,
155    mknodat,
156    fchownat,
157    futimesat,
158    newfstatat,
159    unlinkat,
160    renameat,
161    linkat,
162    symlinkat,
163    readlinkat,
164    fchmodat,
165    faccessat,
166    utimensat,
167    fanotify_mark,
168    name_to_handle_at,
169    renameat2,
170    statx,
171]);
172
173pub static TRACE_IPC: SysnoSet = SysnoSet::new(&[
174    shmget, shmat, shmctl, semget, semop, semctl, shmdt, msgget, msgsnd, msgrcv, msgctl, semtimedop,
175]);
176
177pub static TRACE_NETWORK: SysnoSet = SysnoSet::new(&[
178    socket,
179    connect,
180    accept,
181    sendto,
182    recvfrom,
183    sendmsg,
184    recvmsg,
185    shutdown,
186    bind,
187    listen,
188    getsockname,
189    getpeername,
190    socketpair,
191    setsockopt,
192    getsockopt,
193    getpmsg,
194    putpmsg,
195    recvmmsg,
196    sendmmsg,
197]);
198
199pub static TRACE_PROCESS: SysnoSet = SysnoSet::new(&[
200    clone,
201    fork,
202    vfork,
203    execve,
204    exit,
205    wait4,
206    kill,
207    rt_sigqueueinfo,
208    tkill,
209    exit_group,
210    tgkill,
211    waitid,
212    rt_tgsigqueueinfo,
213    execveat,
214]);
215
216pub static TRACE_SIGNAL: SysnoSet = SysnoSet::new(&[
217    rt_sigaction,
218    rt_sigprocmask,
219    rt_sigreturn,
220    pause,
221    rt_sigpending,
222    rt_sigtimedwait,
223    rt_sigqueueinfo,
224    rt_sigsuspend,
225    sigaltstack,
226    tkill,
227    signalfd,
228    signalfd4,
229    rt_tgsigqueueinfo,
230    pidfd_send_signal,
231]);
232
233pub static TRACE_MEMORY: SysnoSet = SysnoSet::new(&[
234    mmap,
235    mprotect,
236    munmap,
237    brk,
238    mremap,
239    msync,
240    mincore,
241    madvise,
242    shmat,
243    mlock,
244    munlock,
245    mlockall,
246    munlockall,
247    io_setup,
248    io_destroy,
249    remap_file_pages,
250    mbind,
251    set_mempolicy,
252    get_mempolicy,
253    migrate_pages,
254    move_pages,
255    mlock2,
256    pkey_mprotect,
257]);
258
259pub static TRACE_STAT: SysnoSet = SysnoSet::new(&[stat]);
260pub static TRACE_LSTAT: SysnoSet = SysnoSet::new(&[lstat]);
261pub static TRACE_FSTAT: SysnoSet = SysnoSet::new(&[fstat, newfstatat, statx]);
262pub static TRACE_STAT_LIKE: SysnoSet = SysnoSet::new(&[stat, fstat, lstat, newfstatat, statx]);
263pub static TRACE_STATFS: SysnoSet = SysnoSet::new(&[statfs]);
264pub static TRACE_FSTATFS: SysnoSet = SysnoSet::new(&[fstatfs]);
265pub static TRACE_STATFS_LIKE: SysnoSet = SysnoSet::new(&[ustat, statfs, fstatfs]);
266
267pub static TRACE_PURE: SysnoSet = SysnoSet::new(&[
268    getpid, getuid, getgid, geteuid, getegid, getppid, getpgrp, gettid,
269]);
270
271pub static TRACE_CREDS: SysnoSet = SysnoSet::new(&[
272    getuid, getgid, setuid, setgid, geteuid, getegid, setreuid, setregid, getgroups, setgroups,
273    setresuid, getresuid, setresgid, getresgid, setfsuid, setfsgid, capget, capset, prctl,
274]);
275
276pub static TRACE_CLOCK: SysnoSet = SysnoSet::new(&[
277    gettimeofday,
278    adjtimex,
279    settimeofday,
280    time,
281    clock_settime,
282    clock_gettime,
283    clock_getres,
284    clock_adjtime,
285]);
286
287macro_rules! syscall {
288    ($name:ident $(,)?) => {
289        Some((Sysno::$name, [None, None, None, None, None, None]))
290    };
291    ($name:ident, $arg0:ident $(,)?) => {
292        Some((Sysno::$name, [$arg0, None, None, None, None, None]))
293    };
294    ($name:ident, $arg0:ident, $arg1:ident $(,)?) => {
295        Some((Sysno::$name, [$arg0, $arg1, None, None, None, None]))
296    };
297    ($name:ident, $arg0:ident, $arg1:ident, $arg2:ident $(,)?) => {
298        Some((Sysno::$name, [$arg0, $arg1, $arg2, None, None, None]))
299    };
300    ($name:ident, $arg0:ident, $arg1:ident, $arg2:ident, $arg3:ident $(,)?) => {
301        Some((Sysno::$name, [$arg0, $arg1, $arg2, $arg3, None, None]))
302    };
303    ($name:ident, $arg0:ident, $arg1:ident, $arg2:ident, $arg3:ident, $arg4:ident $(,)?) => {
304        Some((Sysno::$name, [$arg0, $arg1, $arg2, $arg3, $arg4, None]))
305    };
306    ($name:ident, $arg0:ident, $arg1:ident, $arg2:ident, $arg3:ident, $arg4:ident, $arg5:ident $(,)?) => {
307        Some((Sysno::$name, [$arg0, $arg1, $arg2, $arg3, $arg4, $arg5]))
308    };
309}
310
311const ADDR: Option<SyscallArgType> = Some(SyscallArgType::Addr);
312const INT: Option<SyscallArgType> = Some(SyscallArgType::Int);
313const STR: Option<SyscallArgType> = Some(SyscallArgType::Str);
314
315pub static SYSCALLS: [Option<(Sysno, [Option<SyscallArgType>; 6])>; 452] = [
316    // DESC
317    syscall!(read, INT, STR, INT),
318    // DESC
319    syscall!(write, INT, STR, INT),
320    // DESC, FILE
321    syscall!(open, STR, INT, INT),
322    // DESC
323    syscall!(close, INT),
324    // FILE, STAT, STAT_LIKE
325    syscall!(stat, STR, ADDR),
326    // DESC, FSTAT, STAT_LIKE
327    syscall!(fstat, INT, ADDR),
328    // FILE, LSTAT, STAT_LIKE
329    syscall!(lstat, STR, ADDR),
330    // DESC
331    syscall!(poll, ADDR, INT, INT),
332    // DESC
333    syscall!(lseek, INT, INT, INT),
334    // DESC, MEMORY
335    syscall!(mmap, ADDR, INT, INT, INT, INT, INT),
336    // MEMORY
337    syscall!(mprotect, ADDR, INT, INT),
338    // MEMORY
339    syscall!(munmap, ADDR, INT),
340    // MEMORY
341    syscall!(brk, ADDR),
342    // SIGNAL
343    syscall!(rt_sigaction, INT, ADDR, ADDR),
344    // SIGNAL
345    syscall!(rt_sigprocmask, INT, ADDR, ADDR, INT),
346    // SIGNAL
347    syscall!(rt_sigreturn),
348    syscall!(ioctl, INT, INT, ADDR),
349    // DESC
350    syscall!(pread64, INT, STR, INT, INT),
351    // DESC
352    syscall!(pwrite64, INT, STR, INT, INT),
353    // DESC
354    syscall!(readv, INT, ADDR, INT),
355    // DESC
356    syscall!(writev, INT, ADDR, INT),
357    // FILE
358    syscall!(access, STR, INT),
359    // DESC
360    syscall!(pipe, INT, INT),
361    // DESC
362    syscall!(select, INT, ADDR, ADDR, ADDR, ADDR),
363    syscall!(sched_yield),
364    // MEMORY
365    syscall!(mremap, ADDR, INT, INT, INT, ADDR),
366    // MEMORY
367    syscall!(msync, ADDR, INT, INT),
368    // MEMORY
369    syscall!(mincore, ADDR, INT, ADDR),
370    // MEMORY
371    syscall!(madvise, ADDR, INT, INT),
372    // FILE, IPC
373    syscall!(shmget, INT, INT, INT),
374    // IPC, MEMORY
375    syscall!(shmat, INT, ADDR, INT),
376    // IPC
377    syscall!(shmctl, INT, INT, STR),
378    // DESC
379    syscall!(dup, INT),
380    // DESC
381    syscall!(dup2, INT, INT),
382    // SIGNAL
383    syscall!(pause, ADDR),
384    syscall!(nanosleep, ADDR, ADDR),
385    syscall!(getitimer, INT, ADDR),
386    syscall!(alarm, INT),
387    syscall!(setitimer, INT, ADDR),
388    // PURE
389    syscall!(getpid, ADDR),
390    // DESC
391    syscall!(sendfile, INT, INT, ADDR, INT),
392    // NETWORK
393    syscall!(socket, INT, INT, INT),
394    // NETWORK
395    syscall!(connect, INT, ADDR, INT),
396    // NETWORK
397    syscall!(accept, INT, ADDR, ADDR),
398    // NETWORK
399    syscall!(sendto, INT, STR, INT, INT),
400    // NETWORK
401    syscall!(recvfrom, INT, STR, INT, INT, ADDR, ADDR),
402    // NETWORK
403    syscall!(sendmsg, INT, ADDR, INT),
404    // NETWORK
405    syscall!(recvmsg, INT, ADDR, INT),
406    // NETWORK
407    syscall!(shutdown, INT, INT),
408    // NETWORK
409    syscall!(bind, INT, ADDR, INT),
410    // NETWORK
411    syscall!(listen, INT, INT),
412    // NETWORK
413    syscall!(getsockname, INT, ADDR, ADDR),
414    // NETWORK
415    syscall!(getpeername, INT, ADDR, ADDR),
416    // NETWORK
417    syscall!(socketpair, INT, INT, INT, INT),
418    // NETWORK
419    syscall!(setsockopt, INT, INT, INT, ADDR, INT),
420    // NETWORK
421    syscall!(getsockopt, INT, INT, INT, ADDR, ADDR),
422    // PROCESS
423    syscall!(clone, ADDR, INT),
424    // PROCESS
425    syscall!(fork, ADDR),
426    // PROCESS
427    syscall!(vfork, ADDR),
428    // PROCESS
429    syscall!(execve, STR, STR, STR),
430    // PROCESS
431    syscall!(exit, INT),
432    // PROCESS
433    syscall!(wait4, INT, INT, INT, ADDR),
434    // PROCESS
435    syscall!(kill, INT, INT),
436    syscall!(uname, ADDR),
437    // IPC
438    syscall!(semget, INT, INT, INT),
439    // IPC
440    syscall!(semop, INT, ADDR, INT),
441    // IPC
442    syscall!(semctl, INT, INT, INT),
443    // IPC
444    syscall!(shmdt, INT, ADDR, INT),
445    // IPC
446    syscall!(msgget, INT, INT),
447    // IPC
448    syscall!(msgsnd, INT, ADDR, INT, INT),
449    // IPC
450    syscall!(msgrcv, INT, ADDR, INT, INT, INT),
451    // IPC
452    syscall!(msgctl, INT, INT, ADDR),
453    // DESC
454    syscall!(fcntl, INT, INT),
455    // DESC
456    syscall!(flock, INT, INT),
457    // DESC
458    syscall!(fsync, INT),
459    // DESC
460    syscall!(fdatasync, INT),
461    // FILE
462    syscall!(truncate, STR, INT),
463    // DESC
464    syscall!(ftruncate, INT, INT),
465    // DESC
466    syscall!(getdents, INT, ADDR, INT),
467    // FILE
468    syscall!(getcwd, STR, INT),
469    // FILE
470    syscall!(chdir, STR),
471    // DESC
472    syscall!(fchdir, INT),
473    // FILE
474    syscall!(rename, STR, STR),
475    // FILE
476    syscall!(mkdir, STR, INT),
477    // FILE
478    syscall!(rmdir, STR),
479    // DESC, FILE
480    syscall!(creat, STR, INT),
481    // FILE
482    syscall!(link, STR, STR),
483    // FILE
484    syscall!(unlink, STR),
485    // FILE
486    syscall!(symlink, STR, STR),
487    // FILE
488    syscall!(readlink, STR, STR, INT),
489    // FILE
490    syscall!(chmod, STR, INT),
491    // DESC
492    syscall!(fchmod, INT, INT),
493    // FILE
494    syscall!(chown, STR, INT, INT),
495    // DESC
496    syscall!(fchown, INT, INT, INT),
497    // FILE
498    syscall!(lchown, STR, INT, INT),
499    syscall!(umask, INT),
500    // CLOCK
501    syscall!(gettimeofday, ADDR, ADDR),
502    syscall!(getrlimit, INT, ADDR),
503    syscall!(getrusage, INT, ADDR),
504    syscall!(sysinfo, ADDR),
505    syscall!(times, ADDR),
506    syscall!(ptrace, ADDR, INT, ADDR, ADDR),
507    // CREDS, PURE
508    syscall!(getuid, ADDR),
509    syscall!(syslog, INT, STR, INT),
510    // CREDS, PURE
511    syscall!(getgid, ADDR),
512    // CREDS
513    syscall!(setuid, INT),
514    // CREDS
515    syscall!(setgid, INT),
516    // CREDS, PURE
517    syscall!(geteuid, ADDR),
518    // CREDS, PURE
519    syscall!(getegid, ADDR),
520    syscall!(setpgid, INT, INT, INT),
521    // PURE
522    syscall!(getppid, ADDR),
523    // PURE
524    syscall!(getpgrp, ADDR),
525    syscall!(setsid, ADDR),
526    // CREDS
527    syscall!(setreuid, INT, INT),
528    // CREDS
529    syscall!(setregid, INT, INT),
530    // CREDS
531    syscall!(getgroups, INT, INT),
532    // CREDS
533    syscall!(setgroups, INT, INT),
534    // CREDS
535    syscall!(setresuid, INT, INT, INT),
536    // CREDS
537    syscall!(getresuid, INT, INT, INT),
538    // CREDS
539    syscall!(setresgid, INT, INT, INT),
540    // CREDS
541    syscall!(getresgid, INT, INT, INT),
542    syscall!(getpgid, INT),
543    // CREDS
544    syscall!(setfsuid, INT),
545    // CREDS
546    syscall!(setfsgid, INT),
547    syscall!(getsid, INT),
548    // CREDS
549    syscall!(capget, ADDR, ADDR),
550    // CREDS
551    syscall!(capset, ADDR, ADDR),
552    // SIGNAL
553    syscall!(rt_sigpending, ADDR),
554    // SIGNAL
555    syscall!(rt_sigtimedwait, ADDR, ADDR, ADDR),
556    // PROCESS, SIGNAL
557    syscall!(rt_sigqueueinfo, INT, INT, ADDR),
558    // SIGNAL
559    syscall!(rt_sigsuspend, INT),
560    // SIGNAL
561    syscall!(sigaltstack, ADDR, ADDR),
562    // FILE
563    syscall!(utime, STR, ADDR, INT),
564    // FILE
565    syscall!(mknod, STR, INT, INT),
566    // FILE
567    syscall!(uselib, ADDR),
568    syscall!(personality, INT),
569    // STATFS_LIKE
570    syscall!(ustat, INT, ADDR),
571    // FILE, STATFS, STATFS_LIKE
572    syscall!(statfs, STR, ADDR),
573    // FILE, FSTATFS, STATFS_LIKE
574    syscall!(fstatfs, INT, ADDR),
575    syscall!(sysfs, INT, STR),
576    syscall!(getpriority, INT, INT),
577    syscall!(setpriority, INT, INT, INT),
578    syscall!(sched_setparam, INT, ADDR),
579    syscall!(sched_getparam, INT, ADDR),
580    syscall!(sched_setscheduler, INT, INT, ADDR),
581    syscall!(sched_getscheduler, INT),
582    syscall!(sched_get_priority_max, INT),
583    syscall!(sched_get_priority_min, INT),
584    syscall!(sched_rr_get_interval, INT, ADDR),
585    // MEMORY
586    syscall!(mlock, ADDR, INT),
587    // MEMORY
588    syscall!(munlock, ADDR, INT),
589    // MEMORY
590    syscall!(mlockall, INT),
591    // MEMORY
592    syscall!(munlockall, ADDR),
593    syscall!(vhangup, ADDR),
594    syscall!(modify_ldt, INT, ADDR, INT),
595    // FILE
596    syscall!(pivot_root, STR, STR),
597    syscall!(_sysctl, ADDR),
598    // CREDS
599    syscall!(prctl, INT, INT, INT, INT, INT),
600    syscall!(arch_prctl, INT, ADDR),
601    // CLOCK
602    syscall!(adjtimex, STR),
603    syscall!(setrlimit, INT, ADDR),
604    // FILE
605    syscall!(chroot, STR),
606    syscall!(sync, INT),
607    // FILE
608    syscall!(acct, STR),
609    // CLOCK
610    syscall!(settimeofday, ADDR, ADDR),
611    // FILE
612    syscall!(mount, STR, STR, STR, INT, ADDR),
613    // FILE
614    syscall!(umount2, STR, INT),
615    // FILE
616    syscall!(swapon, STR, INT),
617    // FILE
618    syscall!(swapoff, STR),
619    syscall!(reboot, INT, INT, INT, ADDR),
620    syscall!(sethostname, STR, INT),
621    syscall!(setdomainname, STR, INT),
622    syscall!(iopl, INT),
623    syscall!(ioperm, INT, INT, INT),
624    syscall!(create_module, STR, INT),
625    syscall!(init_module, ADDR, INT, STR),
626    syscall!(delete_module, STR, INT),
627    syscall!(get_kernel_syms, ADDR),
628    syscall!(query_module, STR, INT, STR, INT, INT),
629    // FILE
630    syscall!(quotactl, INT, STR, INT, ADDR),
631    syscall!(nfsservctl, INT, ADDR, ADDR),
632    // NETWORK
633    syscall!(getpmsg),
634    // NETWORK
635    syscall!(putpmsg),
636    syscall!(afs_syscall),
637    syscall!(tuxcall),
638    syscall!(security),
639    // PURE
640    syscall!(gettid, ADDR),
641    // DESC
642    syscall!(readahead, INT, INT, INT),
643    // FILE
644    syscall!(setxattr, STR, STR, ADDR, INT, INT),
645    // FILE
646    syscall!(lsetxattr, STR, STR, ADDR, INT, INT),
647    // DESC
648    syscall!(fsetxattr, INT, STR, ADDR, INT, INT),
649    // FILE
650    syscall!(getxattr, STR, STR, ADDR, INT),
651    // FILE
652    syscall!(lgetxattr, STR, STR, ADDR, INT),
653    // DESC
654    syscall!(fgetxattr, INT, STR, ADDR, INT),
655    // FILE
656    syscall!(listxattr, STR, STR, INT),
657    // FILE
658    syscall!(llistxattr, STR, STR, INT),
659    // DESC
660    syscall!(flistxattr, INT, STR, INT),
661    // FILE
662    syscall!(removexattr, STR, STR),
663    // FILE
664    syscall!(lremovexattr, STR, STR),
665    // DESC
666    syscall!(fremovexattr, INT, STR),
667    // PROCESS, SIGNAL
668    syscall!(tkill, INT, INT),
669    // CLOCK
670    syscall!(time, INT),
671    syscall!(futex, ADDR, INT, INT, ADDR, INT, INT),
672    syscall!(sched_setaffinity, INT, INT, INT),
673    syscall!(sched_getaffinity, INT, INT, INT),
674    syscall!(set_thread_area, ADDR),
675    // MEMORY
676    syscall!(io_setup, INT, ADDR),
677    // MEMORY
678    syscall!(io_destroy, INT),
679    syscall!(io_getevents, INT, INT, INT, ADDR, INT),
680    syscall!(io_submit, INT, INT, ADDR),
681    syscall!(io_cancel, INT, ADDR, ADDR),
682    syscall!(get_thread_area, ADDR),
683    syscall!(lookup_dcookie, INT, STR, INT),
684    // DESC
685    syscall!(epoll_create, INT),
686    syscall!(epoll_ctl_old, INT, INT, INT, ADDR),
687    syscall!(epoll_wait_old, INT, ADDR, INT, INT),
688    // MEMORY
689    syscall!(remap_file_pages, ADDR, INT, INT, INT, INT),
690    // DESC
691    syscall!(getdents64, INT, ADDR, INT),
692    syscall!(set_tid_address, ADDR),
693    syscall!(restart_syscall, ADDR),
694    // IPC
695    syscall!(semtimedop, INT, ADDR, INT),
696    // DESC
697    syscall!(fadvise64, INT, INT, INT, INT),
698    syscall!(timer_create, INT, ADDR, INT),
699    syscall!(timer_settime, INT, INT, ADDR, ADDR),
700    syscall!(timer_gettime, INT, ADDR),
701    syscall!(timer_getoverrun, INT),
702    syscall!(timer_delete, INT),
703    // CLOCK
704    syscall!(clock_settime, INT, ADDR),
705    // CLOCK
706    syscall!(clock_gettime, INT, ADDR),
707    // CLOCK
708    syscall!(clock_getres, INT, ADDR),
709    syscall!(clock_nanosleep, INT, INT, ADDR, ADDR),
710    // PROCESS
711    syscall!(exit_group, INT),
712    // DESC
713    syscall!(epoll_wait, INT, ADDR, INT, INT),
714    // DESC
715    syscall!(epoll_ctl, INT, INT, INT, ADDR),
716    // PROCESS
717    syscall!(tgkill, INT, INT, INT),
718    // FILE
719    syscall!(utimes, STR, ADDR),
720    syscall!(vserver),
721    // MEMORY
722    syscall!(mbind, ADDR, INT, INT, INT, INT, INT),
723    // MEMORY
724    syscall!(set_mempolicy, INT, INT, INT),
725    // MEMORY
726    syscall!(get_mempolicy, INT, INT, INT, ADDR, INT),
727    // DESC
728    syscall!(mq_open, STR, INT),
729    syscall!(mq_unlink, STR),
730    // DESC
731    syscall!(mq_timedsend, INT, STR, INT, INT),
732    // DESC
733    syscall!(mq_timedreceive, INT, ADDR, INT, INT, ADDR),
734    // DESC
735    syscall!(mq_notify, INT, ADDR),
736    // DESC
737    syscall!(mq_getsetattr, INT, ADDR, ADDR),
738    syscall!(kexec_load, INT, INT, ADDR, INT),
739    // PROCESS
740    syscall!(waitid, INT, INT, INT, INT),
741    syscall!(add_key, STR, STR, ADDR, INT, INT),
742    syscall!(request_key, STR, STR, STR, INT),
743    syscall!(keyctl, INT),
744    syscall!(ioprio_set, INT, INT),
745    syscall!(ioprio_get, INT, INT),
746    // DESC
747    syscall!(inotify_init, ADDR),
748    // DESC, FILE
749    syscall!(inotify_add_watch, INT, STR, INT),
750    // DESC
751    syscall!(inotify_rm_watch, INT, INT),
752    // MEMORY
753    syscall!(migrate_pages, INT, INT, INT, INT),
754    // DESC, FILE
755    syscall!(openat, INT, STR, INT),
756    // DESC, FILE
757    syscall!(mkdirat, INT, STR, INT),
758    // DESC, FILE
759    syscall!(mknodat, INT, STR, INT, INT),
760    // DESC, FILE
761    syscall!(fchownat, INT, STR, INT, INT, INT),
762    // DESC, FILE
763    syscall!(futimesat, INT, STR, ADDR),
764    // DESC, FILE, FSTAT, STAT_LIKE
765    syscall!(newfstatat, INT, STR, ADDR, INT),
766    // DESC, FILE
767    syscall!(unlinkat, INT, STR, INT),
768    // DESC, FILE
769    syscall!(renameat, INT, STR, INT, STR),
770    // DESC, FILE
771    syscall!(linkat, INT, STR, INT, STR, INT),
772    // DESC, FILE
773    syscall!(symlinkat, STR, INT, STR),
774    // DESC, FILE
775    syscall!(readlinkat, INT, STR, STR, INT),
776    // DESC, FILE
777    syscall!(fchmodat, INT, STR, INT, INT),
778    // DESC, FILE
779    syscall!(faccessat, INT, STR, INT, INT),
780    // DESC
781    syscall!(pselect6, INT, INT, INT, INT, ADDR, INT),
782    // DESC
783    syscall!(ppoll, INT, INT, ADDR, INT),
784    syscall!(unshare, INT),
785    syscall!(set_robust_list, ADDR, INT),
786    syscall!(get_robust_list, INT, ADDR, INT),
787    // DESC
788    syscall!(splice, INT, INT, INT, INT, INT, INT),
789    // DESC
790    syscall!(tee, INT, INT, INT, INT),
791    // DESC
792    syscall!(sync_file_range, INT, INT, INT, INT),
793    // DESC
794    syscall!(vmsplice, INT, ADDR, INT, INT),
795    // MEMORY
796    syscall!(move_pages, INT, INT, ADDR, INT, INT, INT),
797    // DESC, FILE
798    syscall!(utimensat, INT, STR, ADDR, INT),
799    // DESC
800    syscall!(epoll_pwait, INT, ADDR, INT, INT, INT),
801    // DESC, SIGNAL
802    syscall!(signalfd, INT, INT, INT),
803    // DESC
804    syscall!(timerfd_create, INT, INT),
805    // DESC
806    syscall!(eventfd, INT, INT),
807    // DESC
808    syscall!(fallocate, INT, INT, INT, INT),
809    // DESC
810    syscall!(timerfd_settime, INT, INT, ADDR),
811    // DESC
812    syscall!(timerfd_gettime, INT, ADDR),
813    syscall!(accept4, INT, ADDR, INT),
814    // DESC, SIGNAL
815    syscall!(signalfd4, INT, INT, INT),
816    // DESC
817    syscall!(eventfd2, INT, INT),
818    // DESC
819    syscall!(epoll_create1, INT),
820    // DESC
821    syscall!(dup3, INT, INT, INT),
822    // DESC
823    syscall!(pipe2, INT, INT),
824    // DESC
825    syscall!(inotify_init1, INT),
826    // DESC
827    syscall!(preadv, INT, ADDR, INT, INT),
828    // DESC
829    syscall!(pwritev, INT, ADDR, INT, INT),
830    // PROCESS, SIGNAL
831    syscall!(rt_tgsigqueueinfo, INT, INT, INT),
832    // DESC
833    syscall!(perf_event_open, ADDR, INT, INT, INT, INT),
834    // NETWORK
835    syscall!(recvmmsg, INT, ADDR, INT, INT, ADDR),
836    // DESC
837    syscall!(fanotify_init, INT, INT),
838    // DESC, FILE
839    syscall!(fanotify_mark, INT, INT, INT, INT, STR),
840    syscall!(prlimit64, INT, INT, ADDR, ADDR),
841    // DESC, FILE
842    syscall!(name_to_handle_at, INT, STR, ADDR, INT, INT),
843    // DESC
844    syscall!(open_by_handle_at, INT, ADDR, INT),
845    // CLOCK
846    syscall!(clock_adjtime, ADDR),
847    // DESC
848    syscall!(syncfs, INT),
849    // NETWORK
850    syscall!(sendmmsg, INT, ADDR, INT, INT),
851    // DESC
852    syscall!(setns, INT, INT),
853    syscall!(getcpu, INT, INT, ADDR),
854    syscall!(process_vm_readv, INT, ADDR, INT, ADDR, INT, INT),
855    syscall!(process_vm_writev, INT, ADDR, INT, ADDR, INT, INT),
856    syscall!(kcmp, INT, INT, INT, INT, INT),
857    // DESC
858    syscall!(finit_module, INT, STR, INT),
859    syscall!(sched_setattr, INT, ADDR, INT),
860    syscall!(sched_getattr, INT, ADDR, INT, INT),
861    // DESC, FILE
862    syscall!(renameat2, INT, STR, INT, STR),
863    syscall!(seccomp, INT, INT, ADDR),
864    syscall!(getrandom, STR, INT, INT),
865    // DESC
866    syscall!(memfd_create, STR, INT),
867    // DESC
868    syscall!(kexec_file_load, INT, INT, ADDR, INT),
869    // DESC
870    syscall!(bpf, INT, ADDR, INT),
871    // DESC, PROCESS
872    syscall!(execveat, INT, STR, STR, STR, INT),
873    // DESC
874    syscall!(userfaultfd, INT),
875    syscall!(membarrier, INT, INT, INT),
876    // MEMORY
877    syscall!(mlock2, ADDR, INT, INT),
878    // DESC
879    syscall!(copy_file_range, INT, INT, INT, INT, INT, INT),
880    // DESC
881    syscall!(preadv2, INT, ADDR, INT, INT, INT),
882    // DESC
883    syscall!(pwritev2, INT, ADDR, INT, INT, INT),
884    // MEMORY
885    syscall!(pkey_mprotect, ADDR, INT, INT, INT),
886    syscall!(pkey_alloc, INT, INT),
887    syscall!(pkey_free, INT),
888    // DESC, FILE, FSTAT, STAT_LIKE
889    syscall!(statx, INT, STR, INT, INT, STR),
890    syscall!(io_pgetevents),
891    syscall!(rseq),
892    // We jump from syscall number 334 to 424 here
893    // See: https://git.musl-libc.org/cgit/musl/commit/?id=f3f96f2daa4d00f0e38489fb465cd0244b531abe
894    //      https://github.com/torvalds/linux/commit/0d6040d4681735dfc47565de288525de405a5c99
895    None,
896    None,
897    None,
898    None,
899    None,
900    None,
901    None,
902    None,
903    None,
904    None,
905    None,
906    None,
907    None,
908    None,
909    None,
910    None,
911    None,
912    None,
913    None,
914    None,
915    None,
916    None,
917    None,
918    None,
919    None,
920    None,
921    None,
922    None,
923    None,
924    None,
925    None,
926    None,
927    None,
928    None,
929    None,
930    None,
931    None,
932    None,
933    None,
934    None,
935    None,
936    None,
937    None,
938    None,
939    None,
940    None,
941    None,
942    None,
943    None,
944    None,
945    None,
946    None,
947    None,
948    None,
949    None,
950    None,
951    None,
952    None,
953    None,
954    None,
955    None,
956    None,
957    None,
958    None,
959    None,
960    None,
961    None,
962    None,
963    None,
964    None,
965    None,
966    None,
967    None,
968    None,
969    None,
970    None,
971    None,
972    None,
973    None,
974    None,
975    None,
976    None,
977    None,
978    None,
979    None,
980    None,
981    None,
982    None,
983    None,
984    syscall!(pidfd_send_signal, INT, INT, ADDR, INT),
985    syscall!(io_uring_setup, INT, ADDR),
986    syscall!(io_uring_enter, INT, INT, INT, INT, ADDR, INT),
987    syscall!(io_uring_register, INT, INT, ADDR, INT),
988    syscall!(open_tree, INT, STR, INT),
989    syscall!(move_mount, INT, STR, INT, STR, INT),
990    syscall!(fsopen, STR, INT),
991    syscall!(fsconfig, INT, INT, STR, ADDR, INT),
992    syscall!(fsmount, INT, INT, INT),
993    syscall!(fspick, INT, STR, INT),
994    syscall!(pidfd_open, INT, INT),
995    syscall!(clone3, ADDR, INT),
996    syscall!(close_range, INT, INT, INT),
997    syscall!(openat2, INT, STR, ADDR, INT),
998    syscall!(pidfd_getfd, INT, INT, INT),
999    syscall!(faccessat2, INT, STR, INT, INT),
1000    syscall!(process_madvise, INT, ADDR, INT, INT, INT),
1001    syscall!(epoll_pwait2, INT, ADDR, INT, ADDR, ADDR, INT),
1002    syscall!(mount_setattr, INT, STR, INT, ADDR, INT),
1003    syscall!(quotactl_fd, INT, INT, INT, ADDR),
1004    syscall!(landlock_create_ruleset, ADDR, INT, INT),
1005    syscall!(landlock_add_rule, INT, INT, ADDR, INT),
1006    syscall!(landlock_restrict_self, INT, INT),
1007    syscall!(memfd_secret, INT),
1008    syscall!(process_mrelease, INT, INT),
1009    syscall!(futex_waitv, ADDR, INT, INT, ADDR, INT),
1010    syscall!(set_mempolicy_home_node, INT, INT, INT, INT),
1011    syscall!(cachestat, INT, INT, INT, INT),
1012];
1013
1014pub fn get_arg_value(registers: user_regs_struct, i: usize) -> c_ulonglong {
1015    match i {
1016        0 => registers.rdi,
1017        1 => registers.rsi,
1018        2 => registers.rdx,
1019        3 => registers.r10,
1020        4 => registers.r8,
1021        5 => registers.r9,
1022        v => panic!("Invalid system call index {v}!"),
1023    }
1024}
1025
1026// test that all syscalls match their syscall number
1027#[cfg(test)]
1028mod tests {
1029    use super::*;
1030
1031    #[test]
1032    #[allow(clippy::cast_sign_loss)]
1033    fn test_syscall_numbers() {
1034        for (i, sysno, ..) in SYSCALLS.iter().enumerate() {
1035            if let Some((sysno, _)) = sysno {
1036                assert_eq!(i, sysno.id() as usize);
1037            }
1038        }
1039    }
1040}
lurk_cli/arch/x86_64.rs

lurk_cli/arch/
x86_64.rs
