Linux Sandbox: Add support for SECCOMP_RET_TRACE.

sandbox/linux/seccomp-bpf/linux_seccomp.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef SANDBOX_LINUX_SECCOMP_BPF_LINUX_SECCOMP_H__
 #define SANDBOX_LINUX_SECCOMP_BPF_LINUX_SECCOMP_H__
 
 // The Seccomp2 kernel ABI is not part of older versions of glibc.
 // As we can't break compilation with these versions of the library,
 // we explicitly define all missing symbols.
@@ skipping 106 matching lines @@
 #define SECCOMP_ARCH_IDX        (offsetof(struct arch_seccomp_data, arch))
 #define SECCOMP_IP_MSB_IDX      (offsetof(struct arch_seccomp_data,           \
                                           instruction_pointer) + 4)
 #define SECCOMP_IP_LSB_IDX      (offsetof(struct arch_seccomp_data,           \
                                           instruction_pointer) + 0)
 #define SECCOMP_ARG_MSB_IDX(nr) (offsetof(struct arch_seccomp_data, args) +   \
                                  8*(nr) + 4)
 #define SECCOMP_ARG_LSB_IDX(nr) (offsetof(struct arch_seccomp_data, args) +   \
                                  8*(nr) + 0)
 
+struct pt_regs {
+  long int ebx;
+  long int ecx;
+  long int edx;
+  long int esi;
+  long int edi;
+  long int ebp;
+  long int eax;
+  long int ds;
+  long int es;
+  long int fs;
+  long int gs;
+  long int orig_eax;
+  long int eip;
+  long int cs;
+  long int eflags;
+  long int esp;
+  long int ss;
+};
+#define SECCOMP_PT_RESULT(_pt_regs) (_pt_regs).eax
+#define SECCOMP_PT_SYSCALL(_pt_regs) (_pt_regs).orig_eax
+#define SECCOMP_PT_IP(_pt_regs) (_pt_regs).eip
+#define SECCOMP_PT_PARM1(_pt_regs) (_pt_regs).ebx
+#define SECCOMP_PT_PARM2(_pt_regs) (_pt_regs).ecx
+#define SECCOMP_PT_PARM3(_pt_regs) (_pt_regs).edx
+#define SECCOMP_PT_PARM4(_pt_regs) (_pt_regs).esi
+#define SECCOMP_PT_PARM5(_pt_regs) (_pt_regs).edi
+#define SECCOMP_PT_PARM6(_pt_regs) (_pt_regs).ebp
+
 #elif defined(__x86_64__)
 #define MIN_SYSCALL         0u
 #define MAX_PUBLIC_SYSCALL  1024u
 #define MAX_SYSCALL         MAX_PUBLIC_SYSCALL
 #define SECCOMP_ARCH        AUDIT_ARCH_X86_64
 
 #define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.gregs[(_reg)])
 #define SECCOMP_RESULT(_ctx)    SECCOMP_REG(_ctx, REG_RAX)
 #define SECCOMP_SYSCALL(_ctx)   SECCOMP_REG(_ctx, REG_RAX)
 #define SECCOMP_IP(_ctx)        SECCOMP_REG(_ctx, REG_RIP)
 #define SECCOMP_PARM1(_ctx)     SECCOMP_REG(_ctx, REG_RDI)
 #define SECCOMP_PARM2(_ctx)     SECCOMP_REG(_ctx, REG_RSI)
 #define SECCOMP_PARM3(_ctx)     SECCOMP_REG(_ctx, REG_RDX)
 #define SECCOMP_PARM4(_ctx)     SECCOMP_REG(_ctx, REG_R10)
 #define SECCOMP_PARM5(_ctx)     SECCOMP_REG(_ctx, REG_R8)
 #define SECCOMP_PARM6(_ctx)     SECCOMP_REG(_ctx, REG_R9)
 #define SECCOMP_NR_IDX          (offsetof(struct arch_seccomp_data, nr))
 #define SECCOMP_ARCH_IDX        (offsetof(struct arch_seccomp_data, arch))
 #define SECCOMP_IP_MSB_IDX      (offsetof(struct arch_seccomp_data,           \
                                           instruction_pointer) + 4)
 #define SECCOMP_IP_LSB_IDX      (offsetof(struct arch_seccomp_data,           \
                                           instruction_pointer) + 0)
 #define SECCOMP_ARG_MSB_IDX(nr) (offsetof(struct arch_seccomp_data, args) +   \
                                  8*(nr) + 4)
 #define SECCOMP_ARG_LSB_IDX(nr) (offsetof(struct arch_seccomp_data, args) +   \
                                  8*(nr) + 0)
 
+struct pt_regs {
+  unsigned long int r15;
+  unsigned long int r14;
+  unsigned long int r13;
+  unsigned long int r12;
+  unsigned long int rbp;
+  unsigned long int rbx;
+  unsigned long int r11;
+  unsigned long int r10;
+  unsigned long int r9;
+  unsigned long int r8;
+  unsigned long int rax;
+  unsigned long int rcx;
+  unsigned long int rdx;
+  unsigned long int rsi;
+  unsigned long int rdi;
+  unsigned long int orig_rax;
+  unsigned long int rip;
+  unsigned long int cs;
+  unsigned long int eflags;
+  unsigned long int rsp;
+  unsigned long int ss;
+  unsigned long int fs_base;
+  unsigned long int gs_base;
+  unsigned long int ds;
+  unsigned long int es;
+  unsigned long int fs;
+  unsigned long int gs;
+};
+#define SECCOMP_PT_RESULT(_pt_regs) (_pt_regs).rax
+#define SECCOMP_PT_SYSCALL(_pt_regs) (_pt_regs).orig_rax
+#define SECCOMP_PT_IP(_pt_regs) (_pt_regs).rip
+#define SECCOMP_PT_PARM1(_pt_regs) (_pt_regs).rdi
+#define SECCOMP_PT_PARM2(_pt_regs) (_pt_regs).rsi
+#define SECCOMP_PT_PARM3(_pt_regs) (_pt_regs).rdx
+#define SECCOMP_PT_PARM4(_pt_regs) (_pt_regs).r10
+#define SECCOMP_PT_PARM5(_pt_regs) (_pt_regs).r8
+#define SECCOMP_PT_PARM6(_pt_regs) (_pt_regs).r9
+
 #elif defined(__arm__) && (defined(__thumb__) || defined(__ARM_EABI__))
 // ARM EABI includes "ARM private" system calls starting at |__ARM_NR_BASE|,
 // and a "ghost syscall private to the kernel", cmpxchg,
 // at |__ARM_NR_BASE+0x00fff0|.
 // See </arch/arm/include/asm/unistd.h> in the Linux kernel.
 #define MIN_SYSCALL         ((unsigned int)__NR_SYSCALL_BASE)
 #define MAX_PUBLIC_SYSCALL  (MIN_SYSCALL + 1024u)
 #define MIN_PRIVATE_SYSCALL ((unsigned int)__ARM_NR_BASE)
 #define MAX_PRIVATE_SYSCALL (MIN_PRIVATE_SYSCALL + 16u)
 #define MIN_GHOST_SYSCALL   ((unsigned int)__ARM_NR_BASE + 0xfff0u)
@@ skipping 18 matching lines @@
 #define SECCOMP_ARCH_IDX        (offsetof(struct arch_seccomp_data, arch))
 #define SECCOMP_IP_MSB_IDX      (offsetof(struct arch_seccomp_data,           \
                                           instruction_pointer) + 4)
 #define SECCOMP_IP_LSB_IDX      (offsetof(struct arch_seccomp_data,           \
                                           instruction_pointer) + 0)
 #define SECCOMP_ARG_MSB_IDX(nr) (offsetof(struct arch_seccomp_data, args) +   \
                                  8*(nr) + 4)
 #define SECCOMP_ARG_LSB_IDX(nr) (offsetof(struct arch_seccomp_data, args) +   \
                                  8*(nr) + 0)
 
+struct pt_regs {
+  unsigned long r0;
+  unsigned long r1;
+  unsigned long r2;
+  unsigned long r3;
+  unsigned long r4;
+  unsigned long r5;
+  unsigned long r6;
+  unsigned long r7;
+  unsigned long r8;
+  unsigned long r9;
+  unsigned long r10;
+  unsigned long fp;
+  unsigned long ip;
+  unsigned long sp;
+  unsigned long lr;
+  unsigned long pc;
+  unsigned long cpsr;
+  unsigned long orig_r0;
+}
+#define SECCOMP_PT_RESULT(_pt_regs) (_pt_regs).r0
+#define SECCOMP_PT_SYSCALL(_pt_regs) (_pt_regs).r7
+#define SECCOMP_PT_IP(_pt_regs) (_pt_regs).pc
+#define SECCOMP_PT_PARM1(_pt_regs) (_pt_regs).r0
+#define SECCOMP_PT_PARM2(_pt_regs) (_pt_regs).r1
+#define SECCOMP_PT_PARM3(_pt_regs) (_pt_regs).r2
+#define SECCOMP_PT_PARM4(_pt_regs) (_pt_regs).r3
+#define SECCOMP_PT_PARM5(_pt_regs) (_pt_regs).r4
+#define SECCOMP_PT_PARM6(_pt_regs) (_pt_regs).r5
+
+
 #else
 #error Unsupported target platform
 
 #endif
 
 #endif  // SANDBOX_LINUX_SECCOMP_BPF_LINUX_SECCOMP_H__