From dcf2044f28b563d1cbc5dc8af782fe93beea7295 Mon Sep 17 00:00:00 2001 From: Ofek Shaked Date: Wed, 12 Feb 2025 15:56:33 +0200 Subject: [PATCH] Fix incorrect prctl values and add new ones --- helpers/argumentParsers.go | 282 +++++++++++++++++++++++-------------- 1 file changed, 178 insertions(+), 104 deletions(-) diff --git a/helpers/argumentParsers.go b/helpers/argumentParsers.go index cdd4157..2aa7811 100644 --- a/helpers/argumentParsers.go +++ b/helpers/argumentParsers.go @@ -550,6 +550,8 @@ const ( PR_SET_TIMING PR_SET_NAME PR_GET_NAME + _ + _ PR_GET_ENDIAN PR_SET_ENDIAN PR_GET_SECCOMP @@ -579,6 +581,8 @@ const ( PR_SET_FP_MODE PR_GET_FP_MODE PR_CAP_AMBIENT + _ + _ PR_SVE_SET_VL PR_SVE_GET_VL PR_GET_SPECULATION_CTRL @@ -586,63 +590,110 @@ const ( PR_PAC_RESET_KEYS PR_SET_TAGGED_ADDR_CTRL PR_GET_TAGGED_ADDR_CTRL + PR_SET_IO_FLUSHER + PR_GET_IO_FLUSHER + PR_SET_SYSCALL_USER_DISPATCH + PR_PAC_SET_ENABLED_KEYS + PR_PAC_GET_ENABLED_KEYS + PR_SCHED_CORE + PR_SME_SET_VL + PR_SME_GET_VL + PR_SET_MDWE + PR_GET_MDWE + PR_SET_MEMORY_MERGE + PR_GET_MEMORY_MERGE + PR_RISCV_V_SET_CONTROL + PR_RISCV_V_GET_CONTROL + PR_RISCV_SET_ICACHE_FLUSH_CTX + PR_PPC_GET_DEXCR + PR_PPC_SET_DEXCR + PR_GET_SHADOW_STACK_STATUS + PR_SET_SHADOW_STACK_STATUS + PR_LOCK_SHADOW_STACK_STATUS + // non-consecutive + PR_SET_PTRACER PrctlOptionArgument = 0x59616d61 + PR_SET_VMA PrctlOptionArgument = 0x53564d41 + PR_GET_AUXV PrctlOptionArgument = 0x41555856 ) func (p PrctlOptionArgument) Value() uint64 { return uint64(p) } var prctlOptionStringMap = map[PrctlOptionArgument]string{ - PR_SET_PDEATHSIG: "PR_SET_PDEATHSIG", - PR_GET_PDEATHSIG: "PR_GET_PDEATHSIG", - PR_GET_DUMPABLE: "PR_GET_DUMPABLE", - PR_SET_DUMPABLE: "PR_SET_DUMPABLE", - PR_GET_UNALIGN: "PR_GET_UNALIGN", - PR_SET_UNALIGN: "PR_SET_UNALIGN", - PR_GET_KEEPCAPS: "PR_GET_KEEPCAPS", - PR_SET_KEEPCAPS: "PR_SET_KEEPCAPS", - PR_GET_FPEMU: "PR_GET_FPEMU", - PR_SET_FPEMU: "PR_SET_FPEMU", - PR_GET_FPEXC: "PR_GET_FPEXC", - PR_SET_FPEXC: "PR_SET_FPEXC", - PR_GET_TIMING: "PR_GET_TIMING", - PR_SET_TIMING: "PR_SET_TIMING", - PR_SET_NAME: "PR_SET_NAME", - PR_GET_NAME: "PR_GET_NAME", - PR_GET_ENDIAN: "PR_GET_ENDIAN", - PR_SET_ENDIAN: "PR_SET_ENDIAN", - PR_GET_SECCOMP: "PR_GET_SECCOMP", - PR_SET_SECCOMP: "PR_SET_SECCOMP", - PR_CAPBSET_READ: "PR_CAPBSET_READ", - PR_CAPBSET_DROP: "PR_CAPBSET_DROP", - PR_GET_TSC: "PR_GET_TSC", - PR_SET_TSC: "PR_SET_TSC", - PR_GET_SECUREBITS: "PR_GET_SECUREBITS", - PR_SET_SECUREBITS: "PR_SET_SECUREBITS", - PR_SET_TIMERSLACK: "PR_SET_TIMERSLACK", - PR_GET_TIMERSLACK: "PR_GET_TIMERSLACK", - PR_TASK_PERF_EVENTS_DISABLE: "PR_TASK_PERF_EVENTS_DISABLE", - PR_TASK_PERF_EVENTS_ENABLE: "PR_TASK_PERF_EVENTS_ENABLE", - PR_MCE_KILL: "PR_MCE_KILL", - PR_MCE_KILL_GET: "PR_MCE_KILL_GET", - PR_SET_MM: "PR_SET_MM", - PR_SET_CHILD_SUBREAPER: "PR_SET_CHILD_SUBREAPER", - PR_GET_CHILD_SUBREAPER: "PR_GET_CHILD_SUBREAPER", - PR_SET_NO_NEW_PRIVS: "PR_SET_NO_NEW_PRIVS", - PR_GET_NO_NEW_PRIVS: "PR_GET_NO_NEW_PRIVS", - PR_GET_TID_ADDRESS: "PR_GET_TID_ADDRESS", - PR_SET_THP_DISABLE: "PR_SET_THP_DISABLE", - PR_GET_THP_DISABLE: "PR_GET_THP_DISABLE", - PR_MPX_ENABLE_MANAGEMENT: "PR_MPX_ENABLE_MANAGEMENT", - PR_MPX_DISABLE_MANAGEMENT: "PR_MPX_DISABLE_MANAGEMENT", - PR_SET_FP_MODE: "PR_SET_FP_MODE", - PR_GET_FP_MODE: "PR_GET_FP_MODE", - PR_CAP_AMBIENT: "PR_CAP_AMBIENT", - PR_SVE_SET_VL: "PR_SVE_SET_VL", - PR_SVE_GET_VL: "PR_SVE_GET_VL", - PR_GET_SPECULATION_CTRL: "PR_GET_SPECULATION_CTRL", - PR_SET_SPECULATION_CTRL: "PR_SET_SPECULATION_CTRL", - PR_PAC_RESET_KEYS: "PR_PAC_RESET_KEYS", - PR_SET_TAGGED_ADDR_CTRL: "PR_SET_TAGGED_ADDR_CTRL", - PR_GET_TAGGED_ADDR_CTRL: "PR_GET_TAGGED_ADDR_CTRL", + PR_SET_PDEATHSIG: "PR_SET_PDEATHSIG", + PR_GET_PDEATHSIG: "PR_GET_PDEATHSIG", + PR_GET_DUMPABLE: "PR_GET_DUMPABLE", + PR_SET_DUMPABLE: "PR_SET_DUMPABLE", + PR_GET_UNALIGN: "PR_GET_UNALIGN", + PR_SET_UNALIGN: "PR_SET_UNALIGN", + PR_GET_KEEPCAPS: "PR_GET_KEEPCAPS", + PR_SET_KEEPCAPS: "PR_SET_KEEPCAPS", + PR_GET_FPEMU: "PR_GET_FPEMU", + PR_SET_FPEMU: "PR_SET_FPEMU", + PR_GET_FPEXC: "PR_GET_FPEXC", + PR_SET_FPEXC: "PR_SET_FPEXC", + PR_GET_TIMING: "PR_GET_TIMING", + PR_SET_TIMING: "PR_SET_TIMING", + PR_SET_NAME: "PR_SET_NAME", + PR_GET_NAME: "PR_GET_NAME", + PR_GET_ENDIAN: "PR_GET_ENDIAN", + PR_SET_ENDIAN: "PR_SET_ENDIAN", + PR_GET_SECCOMP: "PR_GET_SECCOMP", + PR_SET_SECCOMP: "PR_SET_SECCOMP", + PR_CAPBSET_READ: "PR_CAPBSET_READ", + PR_CAPBSET_DROP: "PR_CAPBSET_DROP", + PR_GET_TSC: "PR_GET_TSC", + PR_SET_TSC: "PR_SET_TSC", + PR_GET_SECUREBITS: "PR_GET_SECUREBITS", + PR_SET_SECUREBITS: "PR_SET_SECUREBITS", + PR_SET_TIMERSLACK: "PR_SET_TIMERSLACK", + PR_GET_TIMERSLACK: "PR_GET_TIMERSLACK", + PR_TASK_PERF_EVENTS_DISABLE: "PR_TASK_PERF_EVENTS_DISABLE", + PR_TASK_PERF_EVENTS_ENABLE: "PR_TASK_PERF_EVENTS_ENABLE", + PR_MCE_KILL: "PR_MCE_KILL", + PR_MCE_KILL_GET: "PR_MCE_KILL_GET", + PR_SET_MM: "PR_SET_MM", + PR_SET_CHILD_SUBREAPER: "PR_SET_CHILD_SUBREAPER", + PR_GET_CHILD_SUBREAPER: "PR_GET_CHILD_SUBREAPER", + PR_SET_NO_NEW_PRIVS: "PR_SET_NO_NEW_PRIVS", + PR_GET_NO_NEW_PRIVS: "PR_GET_NO_NEW_PRIVS", + PR_GET_TID_ADDRESS: "PR_GET_TID_ADDRESS", + PR_SET_THP_DISABLE: "PR_SET_THP_DISABLE", + PR_GET_THP_DISABLE: "PR_GET_THP_DISABLE", + PR_MPX_ENABLE_MANAGEMENT: "PR_MPX_ENABLE_MANAGEMENT", + PR_MPX_DISABLE_MANAGEMENT: "PR_MPX_DISABLE_MANAGEMENT", + PR_SET_FP_MODE: "PR_SET_FP_MODE", + PR_GET_FP_MODE: "PR_GET_FP_MODE", + PR_CAP_AMBIENT: "PR_CAP_AMBIENT", + PR_SVE_SET_VL: "PR_SVE_SET_VL", + PR_SVE_GET_VL: "PR_SVE_GET_VL", + PR_GET_SPECULATION_CTRL: "PR_GET_SPECULATION_CTRL", + PR_SET_SPECULATION_CTRL: "PR_SET_SPECULATION_CTRL", + PR_PAC_RESET_KEYS: "PR_PAC_RESET_KEYS", + PR_SET_TAGGED_ADDR_CTRL: "PR_SET_TAGGED_ADDR_CTRL", + PR_GET_TAGGED_ADDR_CTRL: "PR_GET_TAGGED_ADDR_CTRL", + PR_SET_IO_FLUSHER: "PR_SET_IO_FLUSHER", + PR_GET_IO_FLUSHER: "PR_GET_IO_FLUSHER", + PR_SET_SYSCALL_USER_DISPATCH: "PR_SET_SYSCALL_USER_DISPATCH", + PR_PAC_SET_ENABLED_KEYS: "PR_PAC_SET_ENABLED_KEYS", + PR_PAC_GET_ENABLED_KEYS: "PR_PAC_GET_ENABLED_KEYS", + PR_SCHED_CORE: "PR_SCHED_CORE", + PR_SME_SET_VL: "PR_SME_SET_VL", + PR_SME_GET_VL: "PR_SME_GET_VL", + PR_SET_MDWE: "PR_SET_MDWE", + PR_GET_MDWE: "PR_GET_MDWE", + PR_SET_MEMORY_MERGE: "PR_SET_MEMORY_MERGE", + PR_GET_MEMORY_MERGE: "PR_GET_MEMORY_MERGE", + PR_RISCV_V_SET_CONTROL: "PR_RISCV_V_SET_CONTROL", + PR_RISCV_V_GET_CONTROL: "PR_RISCV_V_GET_CONTROL", + PR_RISCV_SET_ICACHE_FLUSH_CTX: "PR_RISCV_SET_ICACHE_FLUSH_CTX", + PR_PPC_GET_DEXCR: "PR_PPC_GET_DEXCR", + PR_PPC_SET_DEXCR: "PR_PPC_SET_DEXCR", + PR_GET_SHADOW_STACK_STATUS: "PR_GET_SHADOW_STACK_STATUS", + PR_SET_SHADOW_STACK_STATUS: "PR_SET_SHADOW_STACK_STATUS", + PR_LOCK_SHADOW_STACK_STATUS: "PR_LOCK_SHADOW_STACK_STATUS", + PR_SET_PTRACER: "PR_SET_PTRACER", + PR_SET_VMA: "PR_SET_VMA", + PR_GET_AUXV: "PR_GET_AUXV", } func (p PrctlOptionArgument) String() string { @@ -657,58 +708,81 @@ func (p PrctlOptionArgument) String() string { } var prctlOptionsMap = map[uint64]PrctlOptionArgument{ - PR_SET_PDEATHSIG.Value(): PR_SET_PDEATHSIG, - PR_GET_PDEATHSIG.Value(): PR_GET_PDEATHSIG, - PR_GET_DUMPABLE.Value(): PR_GET_DUMPABLE, - PR_SET_DUMPABLE.Value(): PR_SET_DUMPABLE, - PR_GET_UNALIGN.Value(): PR_GET_UNALIGN, - PR_SET_UNALIGN.Value(): PR_SET_UNALIGN, - PR_GET_KEEPCAPS.Value(): PR_GET_KEEPCAPS, - PR_SET_KEEPCAPS.Value(): PR_SET_KEEPCAPS, - PR_GET_FPEMU.Value(): PR_GET_FPEMU, - PR_SET_FPEMU.Value(): PR_SET_FPEMU, - PR_GET_FPEXC.Value(): PR_GET_FPEXC, - PR_SET_FPEXC.Value(): PR_SET_FPEXC, - PR_GET_TIMING.Value(): PR_GET_TIMING, - PR_SET_TIMING.Value(): PR_SET_TIMING, - PR_SET_NAME.Value(): PR_SET_NAME, - PR_GET_NAME.Value(): PR_GET_NAME, - PR_GET_ENDIAN.Value(): PR_GET_ENDIAN, - PR_SET_ENDIAN.Value(): PR_SET_ENDIAN, - PR_GET_SECCOMP.Value(): PR_GET_SECCOMP, - PR_SET_SECCOMP.Value(): PR_SET_SECCOMP, - PR_CAPBSET_READ.Value(): PR_CAPBSET_READ, - PR_CAPBSET_DROP.Value(): PR_CAPBSET_DROP, - PR_GET_TSC.Value(): PR_GET_TSC, - PR_SET_TSC.Value(): PR_SET_TSC, - PR_GET_SECUREBITS.Value(): PR_GET_SECUREBITS, - PR_SET_SECUREBITS.Value(): PR_SET_SECUREBITS, - PR_SET_TIMERSLACK.Value(): PR_SET_TIMERSLACK, - PR_GET_TIMERSLACK.Value(): PR_GET_TIMERSLACK, - PR_TASK_PERF_EVENTS_DISABLE.Value(): PR_TASK_PERF_EVENTS_DISABLE, - PR_TASK_PERF_EVENTS_ENABLE.Value(): PR_TASK_PERF_EVENTS_ENABLE, - PR_MCE_KILL.Value(): PR_MCE_KILL, - PR_MCE_KILL_GET.Value(): PR_MCE_KILL_GET, - PR_SET_MM.Value(): PR_SET_MM, - PR_SET_CHILD_SUBREAPER.Value(): PR_SET_CHILD_SUBREAPER, - PR_GET_CHILD_SUBREAPER.Value(): PR_GET_CHILD_SUBREAPER, - PR_SET_NO_NEW_PRIVS.Value(): PR_SET_NO_NEW_PRIVS, - PR_GET_NO_NEW_PRIVS.Value(): PR_GET_NO_NEW_PRIVS, - PR_GET_TID_ADDRESS.Value(): PR_GET_TID_ADDRESS, - PR_SET_THP_DISABLE.Value(): PR_SET_THP_DISABLE, - PR_GET_THP_DISABLE.Value(): PR_GET_THP_DISABLE, - PR_MPX_ENABLE_MANAGEMENT.Value(): PR_MPX_ENABLE_MANAGEMENT, - PR_MPX_DISABLE_MANAGEMENT.Value(): PR_MPX_DISABLE_MANAGEMENT, - PR_SET_FP_MODE.Value(): PR_SET_FP_MODE, - PR_GET_FP_MODE.Value(): PR_GET_FP_MODE, - PR_CAP_AMBIENT.Value(): PR_CAP_AMBIENT, - PR_SVE_SET_VL.Value(): PR_SVE_SET_VL, - PR_SVE_GET_VL.Value(): PR_SVE_GET_VL, - PR_GET_SPECULATION_CTRL.Value(): PR_GET_SPECULATION_CTRL, - PR_SET_SPECULATION_CTRL.Value(): PR_SET_SPECULATION_CTRL, - PR_PAC_RESET_KEYS.Value(): PR_PAC_RESET_KEYS, - PR_SET_TAGGED_ADDR_CTRL.Value(): PR_SET_TAGGED_ADDR_CTRL, - PR_GET_TAGGED_ADDR_CTRL.Value(): PR_GET_TAGGED_ADDR_CTRL, + PR_SET_PDEATHSIG.Value(): PR_SET_PDEATHSIG, + PR_GET_PDEATHSIG.Value(): PR_GET_PDEATHSIG, + PR_GET_DUMPABLE.Value(): PR_GET_DUMPABLE, + PR_SET_DUMPABLE.Value(): PR_SET_DUMPABLE, + PR_GET_UNALIGN.Value(): PR_GET_UNALIGN, + PR_SET_UNALIGN.Value(): PR_SET_UNALIGN, + PR_GET_KEEPCAPS.Value(): PR_GET_KEEPCAPS, + PR_SET_KEEPCAPS.Value(): PR_SET_KEEPCAPS, + PR_GET_FPEMU.Value(): PR_GET_FPEMU, + PR_SET_FPEMU.Value(): PR_SET_FPEMU, + PR_GET_FPEXC.Value(): PR_GET_FPEXC, + PR_SET_FPEXC.Value(): PR_SET_FPEXC, + PR_GET_TIMING.Value(): PR_GET_TIMING, + PR_SET_TIMING.Value(): PR_SET_TIMING, + PR_SET_NAME.Value(): PR_SET_NAME, + PR_GET_NAME.Value(): PR_GET_NAME, + PR_GET_ENDIAN.Value(): PR_GET_ENDIAN, + PR_SET_ENDIAN.Value(): PR_SET_ENDIAN, + PR_GET_SECCOMP.Value(): PR_GET_SECCOMP, + PR_SET_SECCOMP.Value(): PR_SET_SECCOMP, + PR_CAPBSET_READ.Value(): PR_CAPBSET_READ, + PR_CAPBSET_DROP.Value(): PR_CAPBSET_DROP, + PR_GET_TSC.Value(): PR_GET_TSC, + PR_SET_TSC.Value(): PR_SET_TSC, + PR_GET_SECUREBITS.Value(): PR_GET_SECUREBITS, + PR_SET_SECUREBITS.Value(): PR_SET_SECUREBITS, + PR_SET_TIMERSLACK.Value(): PR_SET_TIMERSLACK, + PR_GET_TIMERSLACK.Value(): PR_GET_TIMERSLACK, + PR_TASK_PERF_EVENTS_DISABLE.Value(): PR_TASK_PERF_EVENTS_DISABLE, + PR_TASK_PERF_EVENTS_ENABLE.Value(): PR_TASK_PERF_EVENTS_ENABLE, + PR_MCE_KILL.Value(): PR_MCE_KILL, + PR_MCE_KILL_GET.Value(): PR_MCE_KILL_GET, + PR_SET_MM.Value(): PR_SET_MM, + PR_SET_CHILD_SUBREAPER.Value(): PR_SET_CHILD_SUBREAPER, + PR_GET_CHILD_SUBREAPER.Value(): PR_GET_CHILD_SUBREAPER, + PR_SET_NO_NEW_PRIVS.Value(): PR_SET_NO_NEW_PRIVS, + PR_GET_NO_NEW_PRIVS.Value(): PR_GET_NO_NEW_PRIVS, + PR_GET_TID_ADDRESS.Value(): PR_GET_TID_ADDRESS, + PR_SET_THP_DISABLE.Value(): PR_SET_THP_DISABLE, + PR_GET_THP_DISABLE.Value(): PR_GET_THP_DISABLE, + PR_MPX_ENABLE_MANAGEMENT.Value(): PR_MPX_ENABLE_MANAGEMENT, + PR_MPX_DISABLE_MANAGEMENT.Value(): PR_MPX_DISABLE_MANAGEMENT, + PR_SET_FP_MODE.Value(): PR_SET_FP_MODE, + PR_GET_FP_MODE.Value(): PR_GET_FP_MODE, + PR_CAP_AMBIENT.Value(): PR_CAP_AMBIENT, + PR_SVE_SET_VL.Value(): PR_SVE_SET_VL, + PR_SVE_GET_VL.Value(): PR_SVE_GET_VL, + PR_GET_SPECULATION_CTRL.Value(): PR_GET_SPECULATION_CTRL, + PR_SET_SPECULATION_CTRL.Value(): PR_SET_SPECULATION_CTRL, + PR_PAC_RESET_KEYS.Value(): PR_PAC_RESET_KEYS, + PR_SET_TAGGED_ADDR_CTRL.Value(): PR_SET_TAGGED_ADDR_CTRL, + PR_GET_TAGGED_ADDR_CTRL.Value(): PR_GET_TAGGED_ADDR_CTRL, + PR_SET_IO_FLUSHER.Value(): PR_SET_IO_FLUSHER, + PR_GET_IO_FLUSHER.Value(): PR_GET_IO_FLUSHER, + PR_SET_SYSCALL_USER_DISPATCH.Value(): PR_SET_SYSCALL_USER_DISPATCH, + PR_PAC_SET_ENABLED_KEYS.Value(): PR_PAC_SET_ENABLED_KEYS, + PR_PAC_GET_ENABLED_KEYS.Value(): PR_PAC_GET_ENABLED_KEYS, + PR_SCHED_CORE.Value(): PR_SCHED_CORE, + PR_SME_SET_VL.Value(): PR_SME_SET_VL, + PR_SME_GET_VL.Value(): PR_SME_GET_VL, + PR_SET_MDWE.Value(): PR_SET_MDWE, + PR_GET_MDWE.Value(): PR_GET_MDWE, + PR_SET_MEMORY_MERGE.Value(): PR_SET_MEMORY_MERGE, + PR_GET_MEMORY_MERGE.Value(): PR_GET_MEMORY_MERGE, + PR_RISCV_V_SET_CONTROL.Value(): PR_RISCV_V_SET_CONTROL, + PR_RISCV_V_GET_CONTROL.Value(): PR_RISCV_V_GET_CONTROL, + PR_RISCV_SET_ICACHE_FLUSH_CTX.Value(): PR_RISCV_SET_ICACHE_FLUSH_CTX, + PR_PPC_GET_DEXCR.Value(): PR_PPC_GET_DEXCR, + PR_PPC_SET_DEXCR.Value(): PR_PPC_SET_DEXCR, + PR_GET_SHADOW_STACK_STATUS.Value(): PR_GET_SHADOW_STACK_STATUS, + PR_SET_SHADOW_STACK_STATUS.Value(): PR_SET_SHADOW_STACK_STATUS, + PR_LOCK_SHADOW_STACK_STATUS.Value(): PR_LOCK_SHADOW_STACK_STATUS, + PR_SET_PTRACER.Value(): PR_SET_PTRACER, + PR_SET_VMA.Value(): PR_SET_VMA, + PR_GET_AUXV.Value(): PR_GET_AUXV, } // ParsePrctlOption parses the `option` argument of the `prctl` syscall