From 92a4fa8e26b410e0bbe2a8843af714179881dc4b Mon Sep 17 00:00:00 2001 From: xiacong Date: Wed, 24 May 2023 22:23:17 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E8=A7=A3=E6=9E=90arm?= =?UTF-8?q?=E7=9A=84libc=E5=BA=93=E6=97=B6=E6=9F=90=E4=B8=AA=E5=88=86?= =?UTF-8?q?=E6=94=AF=E5=BC=82=E5=B8=B8=E7=9A=84=E9=97=AE=E9=A2=98=20?= =?UTF-8?q?=E4=BF=AE=E5=A4=8Daudit=E8=A7=A3=E6=9E=90arm=E7=9B=B8=E5=85=B3?= =?UTF-8?q?=E7=9A=84audit=E6=97=A5=E5=BF=97=E6=97=B6=E6=97=A0=E8=BE=93?= =?UTF-8?q?=E5=87=BA=E7=9A=84=E6=83=85=E5=86=B5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: xiacong Change-Id: I9e382799230f02bd9c5a7c8dd68de56e0a88bff5 Signed-off-by: xiacong --- .../modules/seccomp/scripts/tools/audit_log_analysis.py | 2 +- .../modules/seccomp/scripts/tools/collect_elf_syscall.py | 6 +++--- .../modules/seccomp/scripts/tools/libc_static_analysis.py | 2 ++ 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/services/modules/seccomp/scripts/tools/audit_log_analysis.py b/services/modules/seccomp/scripts/tools/audit_log_analysis.py index 4bc3a7d4..993d79b9 100644 --- a/services/modules/seccomp/scripts/tools/audit_log_analysis.py +++ b/services/modules/seccomp/scripts/tools/audit_log_analysis.py @@ -59,7 +59,7 @@ def get_item_content(name_nr_table, arch_nr_table): syscall_name_dict.get('arm').remove(func_name) else: content = '{}{};arm64\n'.format(content, func_name) - if not syscall_name_dict.get('arm'): + if syscall_name_dict.get('arm'): content = '{}{};arm\n'.format(content, ';arm\n'.join( [func_name for func_name in syscall_name_dict.get('arm')])) diff --git a/services/modules/seccomp/scripts/tools/collect_elf_syscall.py b/services/modules/seccomp/scripts/tools/collect_elf_syscall.py index ab0d2d14..0682a73a 100644 --- a/services/modules/seccomp/scripts/tools/collect_elf_syscall.py +++ b/services/modules/seccomp/scripts/tools/collect_elf_syscall.py @@ -67,7 +67,7 @@ def get_lib_path(elf_path, elf_name, cmd_extra): grep_unstrip = ' | grep unstripped | grep -v _x64 {}'.format(cmd_extra) if elf_name == 'libc++.so': - grep_unstrip = '' + grep_unstrip = '| grep aarch64-linux' cmd = 'find {} -name {}{}'.format(elf_path, elf_name, grep_unstrip) result_list = os.popen(cmd).read().split('\n') result = result_list[0].strip() @@ -281,9 +281,9 @@ def get_function_name_nr_table(src_syscall_path): def collect_concrete_syscall(args): if args.target_cpu == 'arm64': - arch_str = 'aarch64' + arch_str = 'aarch64-linux' elif args.target_cpu == 'arm': - arch_str = 'arm' + arch_str = 'arm-linux' libc_path = get_lib_path(args.src_elf_path, 'libc.so', ' | grep ' + arch_str) libc_asm_path = generate_libc_asm(args.target_cpu, libc_path, '.') diff --git a/services/modules/seccomp/scripts/tools/libc_static_analysis.py b/services/modules/seccomp/scripts/tools/libc_static_analysis.py index c5562a95..9dc6ecd3 100644 --- a/services/modules/seccomp/scripts/tools/libc_static_analysis.py +++ b/services/modules/seccomp/scripts/tools/libc_static_analysis.py @@ -61,6 +61,8 @@ def remove_head_zero(addr): def line_find_syscall_nr(line, nr_set, nr_last): nr = nr_last + is_find_nr = False + is_find_svc = True if ';' in line: nr_tmp, is_digit = gen_policy.str_convert_to_int(line[line.find('0x'):]) else: -- GitLab