1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
From 4699a580ca1aeecd35742494eb0259ee962e89a8 Mon Sep 17 00:00:00 2001
Message-Id: <4699a580ca1aeecd35742494eb0259ee962e89a8.1685735399.git.dev@jpoiret.xyz>
From: Josselin Poiret <dev@jpoiret.xyz>
Date: Fri, 2 Jun 2023 21:42:31 +0200
Subject: [PATCH] Add clone3.
From: Josselin Poiret <dev@jpoiret.xyz>
---
src/syscall/sysnums-arm.h | 1 +
src/syscall/sysnums-arm64.h | 1 +
src/syscall/sysnums-i386.h | 1 +
src/syscall/sysnums-sh4.h | 1 +
src/syscall/sysnums-x32.h | 1 +
src/syscall/sysnums-x86_64.h | 1 +
src/syscall/sysnums.list | 1 +
src/tracee/tracee.c | 4 ++++
8 files changed, 11 insertions(+)
diff --git a/src/syscall/sysnums-arm.h b/src/syscall/sysnums-arm.h
index dfd512f..306e2b1 100644
--- a/src/syscall/sysnums-arm.h
+++ b/src/syscall/sysnums-arm.h
@@ -341,4 +341,5 @@ static const Sysnum sysnums_arm[] = {
[ 382 ] = PR_renameat2,
[ 397 ] = PR_statx,
[ 412 ] = PR_utimensat_time64,
+ [ 435 ] = PR_clone3,
};
diff --git a/src/syscall/sysnums-arm64.h b/src/syscall/sysnums-arm64.h
index dfb9889..65ccc4e 100644
--- a/src/syscall/sysnums-arm64.h
+++ b/src/syscall/sysnums-arm64.h
@@ -264,4 +264,5 @@ static const Sysnum sysnums_arm64[] = {
[ 275 ] = PR_sched_getattr,
[ 276 ] = PR_renameat2,
[ 291 ] = PR_statx,
+ [ 435 ] = PR_clone3,
};
diff --git a/src/syscall/sysnums-i386.h b/src/syscall/sysnums-i386.h
index 3bbb70e..0f3daf2 100644
--- a/src/syscall/sysnums-i386.h
+++ b/src/syscall/sysnums-i386.h
@@ -353,4 +353,5 @@ static const Sysnum sysnums_i386[] = {
[ 353 ] = PR_renameat2,
[ 383 ] = PR_statx,
[ 412 ] = PR_utimensat_time64,
+ [ 435 ] = PR_clone3,
};
diff --git a/src/syscall/sysnums-sh4.h b/src/syscall/sysnums-sh4.h
index 1d3758c..09acca6 100644
--- a/src/syscall/sysnums-sh4.h
+++ b/src/syscall/sysnums-sh4.h
@@ -344,4 +344,5 @@ static const Sysnum sysnums_sh4[] = {
[ 369 ] = PR_sched_setattr,
[ 370 ] = PR_sched_getattr,
[ 371 ] = PR_renameat2,
+ [ 435 ] = PR_clone3,
};
diff --git a/src/syscall/sysnums-x32.h b/src/syscall/sysnums-x32.h
index 448c699..a9fdb48 100644
--- a/src/syscall/sysnums-x32.h
+++ b/src/syscall/sysnums-x32.h
@@ -277,6 +277,7 @@ static const Sysnum sysnums_x32[] = {
[ 315 ] = PR_sched_getattr,
[ 316 ] = PR_renameat2,
[ 332 ] = PR_statx,
+ [ 435 ] = PR_clone3,
[ 439 ] = PR_faccessat2,
[ 512 ] = PR_rt_sigaction,
[ 513 ] = PR_rt_sigreturn,
diff --git a/src/syscall/sysnums-x86_64.h b/src/syscall/sysnums-x86_64.h
index 92229f8..9840b4a 100644
--- a/src/syscall/sysnums-x86_64.h
+++ b/src/syscall/sysnums-x86_64.h
@@ -319,5 +319,6 @@ static const Sysnum sysnums_x86_64[] = {
[ 315 ] = PR_sched_getattr,
[ 316 ] = PR_renameat2,
[ 332 ] = PR_statx,
+ [ 435 ] = PR_clone3,
[ 439 ] = PR_faccessat2,
};
diff --git a/src/syscall/sysnums.list b/src/syscall/sysnums.list
index 1d6e666..2b6c9b2 100644
--- a/src/syscall/sysnums.list
+++ b/src/syscall/sysnums.list
@@ -38,6 +38,7 @@ SYSNUM(clock_gettime)
SYSNUM(clock_nanosleep)
SYSNUM(clock_settime)
SYSNUM(clone)
+SYSNUM(clone3)
SYSNUM(close)
SYSNUM(connect)
SYSNUM(creat)
diff --git a/src/tracee/tracee.c b/src/tracee/tracee.c
index 58ab7df..9b16f6a 100644
--- a/src/tracee/tracee.c
+++ b/src/tracee/tracee.c
@@ -403,6 +403,10 @@ int new_child(Tracee *parent, word_t clone_flags)
status = fetch_regs(parent);
if (status >= 0 && get_sysnum(parent, CURRENT) == PR_clone)
clone_flags = peek_reg(parent, CURRENT, SYSARG_1);
+ else if (status >= 0 && get_sysnum(parent, CURRENT) == PR_clone3)
+ // Look at the first word of the clone_args structure, which
+ // contains the usual clone flags.
+ clone_flags = peek_word(parent, peek_reg(parent, CURRENT, SYSARG_1));
/* Get the pid of the parent's new child. */
status = ptrace(PTRACE_GETEVENTMSG, parent->pid, NULL, &pid);
base-commit: bd5a5f63d72f8210d8cee76195eb9f0749e5bd70
--
2.40.1
|