mirror of
https://github.com/checkpoint-restore/criu.git
synced 2026-01-23 02:14:37 +00:00
d591e320e0
This commit finalizes AArch64 Guarded Control Stack (GCS)
support by wiring the full dump and restore flow.
The restore path adds the following steps:
- Define shared AArch64 GCS types and constants in a dedicated header
for both compel and CRIU inclusion
- compel: add get/set NT_ARM_GCS via ptrace, enabling user-space
GCS state save and restore.
- During restore switch to the new GCS (via GCSSTR) to place capability
token sa_restorer address
- arch_shstk_trampoline() — We enable GCS in a trampoline that using
prctl(PR_SET_SHADOW_STACK_STATUS, ...) via inline SVC. The trampoline
ineeded because we can’t RET without a valid GCS.
- restorer: map the recorded GCS VMA, populate contents top-down with
GCSSTR, write the signal capability at GCSPR_EL0 and the valid token at
GCSPR_EL0-8, then switch to the rebuilt GCS (GCSSS1)
- Save and restore registers via ptrace
- Extend restorer argument structures to carry GCS state
into post-restore execution
- Add shstk_set_restorer_stack(): sets tmp_gcs to temporary restorer
shadow stack start
- Add gcs_vma_restore implementation (required for mremap of the GCS VMA)
Tested with:
GCS_ENABLE=1 ./zdtm.py run -t zdtm/static/env00
Signed-off-by: Igor Svilenkov Bozic <svilenkov@gmail.com>
127 lines
No EOL
8 KiB
Modula-2
127 lines
No EOL
8 KiB
Modula-2
#
|
|
# System calls table, please make sure the table consists of only the syscalls
|
|
# really used somewhere in the project.
|
|
#
|
|
# The template is (name and arguments are optional if you need only __NR_x
|
|
# defined, but no real entry point in syscalls lib).
|
|
#
|
|
# name/alias code64 code32 arguments
|
|
# -----------------------------------------------------------------------
|
|
#
|
|
read 63 3 (int fd, void *buf, unsigned long count)
|
|
write 64 4 (int fd, const void *buf, unsigned long count)
|
|
open ! 5 (const char *filename, unsigned long flags, unsigned long mode)
|
|
close 57 6 (int fd)
|
|
lseek 62 19 (int fd, unsigned long offset, unsigned long origin)
|
|
mmap 222 ! (void *addr, unsigned long len, unsigned long prot, unsigned long flags, unsigned long fd, unsigned long offset)
|
|
mprotect 226 125 (const void *addr, unsigned long len, unsigned long prot)
|
|
munmap 215 91 (void *addr, unsigned long len)
|
|
brk 214 45 (void *addr)
|
|
rt_sigaction sigaction 134 174 (int signum, const rt_sigaction_t *act, rt_sigaction_t *oldact, size_t sigsetsize)
|
|
rt_sigprocmask sigprocmask 135 175 (int how, k_rtsigset_t *set, k_rtsigset_t *old, size_t sigsetsize)
|
|
rt_sigreturn 139 173 (void)
|
|
ioctl 29 54 (unsigned int fd, unsigned int cmd, unsigned long arg)
|
|
pread64 67 180 (unsigned int fd, char *buf, size_t count, loff_t pos)
|
|
ptrace 117 26 (long request, pid_t pid, void *addr, void *data)
|
|
mremap 216 163 (unsigned long addr, unsigned long old_len, unsigned long new_len, unsigned long flag, unsigned long new_addr)
|
|
mincore 232 219 (void *addr, unsigned long size, unsigned char *vec)
|
|
madvise 233 220 (unsigned long start, size_t len, int behavior)
|
|
shmat 196 305 (int shmid, void *shmaddr, int shmflag)
|
|
pause 1061 29 (void)
|
|
nanosleep 101 162 (struct timespec *req, struct timespec *rem)
|
|
getitimer 102 105 (int which, const struct itimerval *val)
|
|
setitimer 103 104 (int which, const struct itimerval *val, struct itimerval *old)
|
|
getpid 172 20 (void)
|
|
socket 198 281 (int domain, int type, int protocol)
|
|
connect 203 283 (int sockfd, struct sockaddr *addr, int addrlen)
|
|
sendto 206 290 (int sockfd, void *buff, size_t len, unsigned int flags, struct sockaddr *addr, int addr_len)
|
|
recvfrom 207 292 (int sockfd, void *ubuf, size_t size, unsigned int flags, struct sockaddr *addr, int *addr_len)
|
|
sendmsg 211 296 (int sockfd, const struct msghdr *msg, int flags)
|
|
recvmsg 212 297 (int sockfd, struct msghdr *msg, int flags)
|
|
shutdown 210 293 (int sockfd, int how)
|
|
bind 200 282 (int sockfd, const struct sockaddr *addr, int addrlen)
|
|
setsockopt 208 294 (int sockfd, int level, int optname, const void *optval, socklen_t optlen)
|
|
getsockopt 209 295 (int sockfd, int level, int optname, const void *optval, socklen_t *optlen)
|
|
clone 220 120 (unsigned long flags, void *child_stack, void *parent_tid, unsigned long newtls, void *child_tid)
|
|
exit 93 1 (unsigned long error_code)
|
|
wait4 260 114 (int pid, int *status, int options, struct rusage *ru)
|
|
waitid 95 280 (int which, pid_t pid, struct siginfo *infop, int options, struct rusage *ru)
|
|
kill 129 37 (long pid, int sig)
|
|
fcntl 25 55 (int fd, int type, long arg)
|
|
flock 32 143 (int fd, unsigned long cmd)
|
|
mkdir ! 39 (const char *name, int mode)
|
|
rmdir ! 40 (const char *name)
|
|
unlink ! 10 (char *pathname)
|
|
readlinkat 78 332 (int fd, const char *path, char *buf, int bufsize)
|
|
umask 166 60 (int mask)
|
|
getgroups 158 205 (int gsize, unsigned int *groups)
|
|
setgroups 159 206 (int gsize, unsigned int *groups)
|
|
setresuid 147 164 (int uid, int euid, int suid)
|
|
getresuid 148 165 (int *uid, int *euid, int *suid)
|
|
setresgid 149 170 (int gid, int egid, int sgid)
|
|
getresgid 150 171 (int *gid, int *egid, int *sgid)
|
|
getpgid 155 132 (pid_t pid)
|
|
setfsuid 151 138 (int fsuid)
|
|
setfsgid 152 139 (int fsgid)
|
|
getsid 156 147 (void)
|
|
capget 90 184 (struct cap_header *h, struct cap_data *d)
|
|
capset 91 185 (struct cap_header *h, struct cap_data *d)
|
|
rt_sigqueueinfo 138 178 (pid_t pid, int sig, siginfo_t *info)
|
|
setpriority 140 97 (int which, int who, int nice)
|
|
sched_setscheduler 119 156 (int pid, int policy, struct sched_param *p)
|
|
sigaltstack 132 186 (const void *uss, void *uoss)
|
|
personality 92 136 (unsigned int personality)
|
|
prctl 167 172 (int option, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5)
|
|
arch_prctl ! 17 (int option, unsigned long addr)
|
|
setrlimit 164 75 (int resource, struct krlimit *rlim)
|
|
mount 40 21 (char *dev_nmae, char *dir_name, char *type, unsigned long flags, void *data)
|
|
umount2 39 52 (char *name, int flags)
|
|
gettid 178 224 (void)
|
|
futex 98 240 (uint32_t *uaddr, int op, uint32_t val, struct timespec *utime, uint32_t *uaddr2, uint32_t val3)
|
|
set_tid_address 96 256 (int *tid_addr)
|
|
restart_syscall 128 0 (void)
|
|
timer_create 107 257 (clockid_t which_clock, struct sigevent *timer_event_spec, kernel_timer_t *created_timer_id)
|
|
timer_settime 110 258 (kernel_timer_t timer_id, int flags, const struct itimerspec *new_setting, struct itimerspec *old_setting)
|
|
timer_gettime 108 259 (int timer_id, const struct itimerspec *setting)
|
|
timer_getoverrun 109 260 (int timer_id)
|
|
timer_delete 111 261 (kernel_timer_t timer_id)
|
|
clock_gettime 113 263 (const clockid_t which_clock, const struct timespec *tp)
|
|
exit_group 94 248 (int error_code)
|
|
set_robust_list 99 338 (struct robust_list_head *head, size_t len)
|
|
get_robust_list 100 339 (int pid, struct robust_list_head **head_ptr, size_t *len_ptr)
|
|
signalfd4 74 355 (int fd, k_rtsigset_t *mask, size_t sizemask, int flags)
|
|
rt_tgsigqueueinfo 240 363 (pid_t tgid, pid_t pid, int sig, siginfo_t *info)
|
|
vmsplice 75 343 (int fd, const struct iovec *iov, unsigned long nr_segs, unsigned int flags)
|
|
timerfd_settime 86 353 (int ufd, int flags, const struct itimerspec *utmr, struct itimerspec *otmr)
|
|
fanotify_init 262 367 (unsigned int flags, unsigned int event_f_flags)
|
|
fanotify_mark 263 368 (int fanotify_fd, unsigned int flags, uint64_t mask, int dfd, const char *pathname)
|
|
open_by_handle_at 265 371 (int mountdirfd, struct file_handle *handle, int flags)
|
|
setns 268 375 (int fd, int nstype)
|
|
kcmp 272 378 (pid_t pid1, pid_t pid2, int type, unsigned long idx1, unsigned long idx2)
|
|
openat 56 322 (int dirfd, const char *pathname, int flags, mode_t mode)
|
|
mkdirat 34 323 (int dirfd, const char *pathname, mode_t mode)
|
|
unlinkat 35 328 (int dirfd, const char *pathname, int flags)
|
|
memfd_create 279 385 (const char *name, unsigned int flags)
|
|
io_setup 0 243 (unsigned nr_events, aio_context_t *ctx)
|
|
io_submit 2 246 (aio_context_t ctx_id, long nr, struct iocb **iocbpp)
|
|
io_getevents 4 245 (aio_context_t ctx, long min_nr, long nr, struct io_event *evs, struct timespec *tmo)
|
|
seccomp 277 383 (unsigned int op, unsigned int flags, const char *uargs)
|
|
gettimeofday 169 78 (struct timeval *tv, struct timezone *tz)
|
|
preadv_raw 69 361 (int fd, struct iovec *iov, unsigned long nr, unsigned long pos_l, unsigned long pos_h)
|
|
userfaultfd 282 388 (int flags)
|
|
fallocate 47 352 (int fd, int mode, loff_t offset, loff_t len)
|
|
cacheflush ! 983042 (void *start, void *end, int flags)
|
|
ppoll 73 336 (struct pollfd *fds, unsigned int nfds, const struct timespec *tmo, const sigset_t *sigmask, size_t sigsetsize)
|
|
open_tree 428 428 (int dirfd, const char *pathname, unsigned int flags)
|
|
move_mount 429 429 (int from_dfd, const char *from_pathname, int to_dfd, const char *to_pathname, int flags)
|
|
fsopen 430 430 (char *fsname, unsigned int flags)
|
|
fsconfig 431 431 (int fd, unsigned int cmd, const char *key, const char *value, int aux)
|
|
fsmount 432 432 (int fd, unsigned int flags, unsigned int attr_flags)
|
|
clone3 435 435 (struct clone_args *uargs, size_t size)
|
|
close_range 436 436 (unsigned int fd, unsigned int max_fd, unsigned int flags)
|
|
pidfd_open 434 434 (pid_t pid, unsigned int flags)
|
|
openat2 437 437 (int dirfd, char *pathname, struct open_how *how, size_t size)
|
|
pidfd_getfd 438 438 (int pidfd, int targetfd, unsigned int flags)
|
|
rseq 293 398 (void *rseq, uint32_t rseq_len, int flags, uint32_t sig)
|
|
membarrier 283 389 (int cmd, unsigned int flags, int cpu_id)
|
|
map_shadow_stack 453 ! (unsigned long addr, unsigned long size, unsigned int flags) |