Repository: mebeim/systrack Branch: master Commit: 0eed1f95234d Files: 46 Total size: 523.5 KB Directory structure: gitextract_4nemvxd8/ ├── .editorconfig ├── .gitattributes ├── .github/ │ └── workflows/ │ ├── publish.yml │ └── test.yml ├── .gitignore ├── CHANGELOG.md ├── LICENSE ├── README.md ├── assets/ │ ├── github-social-card.xcf │ └── logo.xcf ├── pyproject.toml ├── src/ │ └── systrack/ │ ├── __init__.py │ ├── __main__.py │ ├── arch/ │ │ ├── __init__.py │ │ ├── arch_base.py │ │ ├── arm.py │ │ ├── arm64.py │ │ ├── mips.py │ │ ├── powerpc.py │ │ ├── riscv.py │ │ ├── s390.py │ │ └── x86.py │ ├── elf.py │ ├── kconfig.py │ ├── kconfig_options.py │ ├── kernel.py │ ├── location.py │ ├── log.py │ ├── output.py │ ├── signature.py │ ├── syscall.py │ ├── templates/ │ │ ├── syscall_table.css │ │ ├── syscall_table.html │ │ └── syscall_table.js │ ├── type_hints.py │ ├── utils.py │ └── version.py └── tests/ ├── __init__.py ├── data/ │ ├── .gitignore │ ├── Makefile │ └── x86_no_table_syscall_handlers.s ├── test_arch_sanity.py ├── test_mips.py ├── test_powerpc.py ├── test_x86.py └── utils.py ================================================ FILE CONTENTS ================================================ ================================================ FILE: .editorconfig ================================================ root = true [*] charset = utf-8 indent_style = tab indent_size = 4 end_of_line = lf insert_final_newline = true trim_trailing_whitespace = true [*.md] indent_style = unset [*.yml] indent_style = space indent_size = 2 ================================================ FILE: .gitattributes ================================================ # Exclude assembly from linguist code stats (prevents GitHub from marking the # repository as >50% assembly). *.s linguist-vendored ================================================ FILE: .github/workflows/publish.yml ================================================ name: Publish to PyPI on: release: types: - published # Allow only one concurrent job concurrency: group: publish cancel-in-progress: false jobs: test-before-publish: uses: ./.github/workflows/test.yml publish: needs: [test-before-publish] runs-on: ubuntu-latest environment: name: hatch steps: - name: Checkout uses: actions/checkout@v4 - name: Ensure matching version and release tag run: test v"$(python3 src/systrack/version.py)" = "${{github.ref_name}}" - name: Install build dependencies run: python3 -m pip install --upgrade build hatch - name: Build wheel and sdist run: hatch build - name: Publish to PyPI run: hatch publish --no-prompt env: HATCH_INDEX_USER: __token__ HATCH_INDEX_AUTH: ${{secrets.HATCH_INDEX_AUTH}} ================================================ FILE: .github/workflows/test.yml ================================================ name: Test on: push: branches: - main - dev workflow_call: jobs: test: runs-on: ubuntu-22.04 strategy: matrix: python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"] steps: - name: Checkout uses: actions/checkout@v4 - name: Setup Python uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Install test dependencies run: python3 -m pip install --upgrade build hatch pytest - name: Run tests run: hatch test ================================================ FILE: .gitignore ================================================ dist systrack.egg-info __pycache__ .pytest_cache ================================================ FILE: CHANGELOG.md ================================================ Systrack changelog ================== v0.8 ---- New arch support: IBM Z-Architecture S390 64-bit and compat 32-bit, tested on v4.0+ kernels. Thanks to Ilya Leoshkevich ([@iii-i](https://github.com/iii-i)) for the initial implementation (#3). **Improvements**: - Produce lighter builds (hopefully) stripping apparmor and USB support as they do not affect syscalls. - Reduce possibility of build errors disabling `-Werror` where possible. - Detect and deprioritize symbols coming from interprocedural optimization (`xxx.localalias`) implemented in recent compiler versions for more precise syscall symbol and name detection. - Improve Kconfig parsing, sanity checks and warnings about Kconfig options. - arm64: new arch-specific dummy syscall implementation detection helper. **Bug fixes**: - Fix internal `Versioned{Dict,List}` caching implementation, used for Kconfig options mostly. - Fix command formatting in debug logs, which should be now correctly copy-pasteable into a shell as is. - arm64: fix broken pkey syscalls detection. Implemented in v6.12 under `ARM64_POE` config, but was wrongly detected as present on earlier kernels. - powerpc, riscv: fix some imprecise/incorrect Kconfig option versioning and dependenceis. **Internal changes**: - Move kconfig parsing logic into own `Kconfig` class. - Improve `Kernel` exception semantics: throw exceptions at analysis time instead of causing program exit. - Improve `Arch` subclass method overrides and implement unit test to perform sanity checks around abstract methods. v0.7 ---- New arch support: RISC-V 32-bit and 64-bit, tested on v4.15+ kernels (i.e., since the first Linux version supporting RISC-V). **Improvements**: - Improve dummy syscall implementation detection: try to first match known "ni_syscall" code. - Improve error messages and debug/info logs, pretty printing command-line arguments and executed commands instead of dumping their tuple/list representation. - mips: implement simple arch-specific dummy syscall detection. - arm64: remove "arm64_" arch-specific prefix from syscall names. **Bug fixes**: - mips: new dummy syscall detection now correctly identifies some dummy syscalls that were previously missed (notably `cachestat`). **Internal changes**: - Archs can now specify multiple kernel Makefile config targets to run one after the other as a "base" config. v0.6 ---- **Improvements**: - More robust and comprehensive syscall definition location search. **Bug fixes**: - Fix broken syscall definition location search and subsequent signature extraction. Some syscalls were incorrectly reported as defined in place of others, also causing the wrong signature to be extracted. Do not fully trust the output of `addr2line` and perform full syscall name matching to fix this. PowerPC was notably affected the most by this issue. v0.5.1 ------ **Improvements**: - x86: improve x86 syscall extraction code fixing undetected CALL targets. **Internal changes**: - x86: add some tests for syscall extraction based on v6.11 kernel build. v0.5 ---- We tried so hard, and got so far, but in the end, we need a disassembler! x86 mitigations have defeated us, we no longer have syscall tables to rely on. Kernel developers were kind enough to write very simple ABI-specific switch-based handlers to dispach syscalls, so analysis is still possible... just significantly more complicated. **Breaking changes**: - Drop support for Python 3.6 and 3.7. Systrack now requires Python 3.8+. This is because of the new dependency on [`iced-x86`](https://pypi.org/project/iced-x86/). **Improvements**: - x86: support new kernels (6.9+) with no syscall tables. - Remove unnecessary spaces between asterisks for double pointers in function signatures. - Avoid KFCI `__{cfi,pfx}_` symbols when looking for `ni_syscall` symbols. **Internal changes**: - Depend on [`iced-x86`](https://pypi.org/project/iced-x86/) for disassembling x86 instructions and on [`jinja2`](https://pypi.org/project/jinja2/) for HTML output directly. Remove optional dependencies and only build one package. - Rename `test` folder to `tests` to use the `hatch test` as test commnad - Improve logging reproducibility by sorting more debugging log output. - Improve broken Python package metadata (Python packaging moment). v0.4 ---- New arch support: PowerPC 32-bit, tested on v5.0+ kernels. **Improvements**: - Improve kconfig dependency checking logic for better warning/error messages. - PowerPC PPC64: improve esoteric fast switch_endian syscall detection. - Better (narrower) emoji spacing in HTML output. **Bug fixes**: - Correctly report `delete_module` depending on `CONFIG_MODULE_UNLOAD=y`. - Fix incorrectly handled shared syscall table in x86-64 x32 ABI resulting in duplicated and unwanted entries in the output for kernels older than v5.4. - Fix chance of building kernels without `memfd_create`, `memfd_secret`, `delete_module` (and possibly others) by always enabling `MEMFD_CREATE`, `MODULE_UNLOAD`, `NET` and `SECRETMEM` when available. - Fix wrong handling of relative `--kdir` path (e.g., `.`) in some cases. - Fix missed detection of non-implemented syscalls pointing to `kernel/sys_ni.c` when DWARF debug info contains relative paths. - x86 x32: fix some x64 syscalls reported twice because both the x64 number and the historycally misnumbered x32 numbers (512-547) were being considered valid. **Internal changes**: - Ignore `sound/` and `user/` dirs to speed up grepping syscall definitions. - Implement some basic unit tests for powerpc dummy/esoteric syscall detection. v0.3.3 ------ **Improvements**: - Correctly report `lsm_{list_modules,get_self_attr,set_self_attr}` depending on `CONFIG_SECURITY=y`. v0.3.2 ------ **Improvements**: - Correctly report `futex_{wait,wake,requeue}` depending on `CONFIG_FUTEX=y`. - Use unicorn emoji (cuter) instead of test tube for esoteric syscalls in HTML output. v0.3.1 ------ **Improvements**: - x86: Add build support for `map_shadow_stack`. - Prefer `compat_sys_` over `__se_compat_sys_` and other longer symbol synonyms; same for `.compat_sys_` on PowerPC. **Bug fixes**: - Fix broken naive grepping of syscall definitions when no ripgrep is available. - Correctly report `cachestat` depending on `CACHESTAT_SYSCALL=y`. **Internal changes**: - Sort stderr logs for reproducible output and easier diffing. - Skip `lib/` directory in kernel sources to improve grepping performance. v0.3 ---- New arch support: PowerPC 64-bit, all ABIs, tested on v5.0+ kernels. **Improvements:** - Add ABI `bits` (integer) and `compat` (boolean) fields to JSON output. - Support ELF symbols with weird names (special chars in the name). - Support function descriptors for syscall table entries (useful for PowerPC64 and Itanium 64). - Support weird arch-specific `SYSCALL_DEFINEn` macros. - Building kernels now generates relative paths in DWARF debug symbols through `-fdebug-prefix-map`. - Improve stdout output and add a table header. - Use `null` instead of `??`/`?` for unknown file/line info in JSON output. - x86: improve dummy syscall implementation detection (handling endbr64/32 instructions). - ARM OABI: output syscall number location for the calling convention (`swi `). **Bug fixes**: - Correctly report `socketcall` depending on `CONFIG_NET=y`. - Correctly strip more syscall symbol prefixes for more accurate syscall names. - Fix bad symbol prefix detection in some weird edge cases, leading to wrong syscall names. - x86: fix wrong register names for x86-64 compat 32-bit ABI (IA-32). **Internal changes**: - Reorganize arch-specific code. - Handle SIGINT for more graceful termination. - Auto-remap definition locations relative to KDIR for ease of use. v0.2.1 ------ **Improvements**: - Make syscall symbol preference more consistent (in particular, stop mixing `__se_sys_xxx` and `sys_xxx` when possible). - Achieve W3C compliance for HTML output format. **Bug fixes**: - x86: correct wrong syscall numbers for x32 ABI, they should all be ORed with `0x40000000` (`__X32_SYSCALL_BIT`). v0.2 ---- **Improvements**: - Improve existing MIPS build and analysis support: use `ip27_defconfig` for 64-bit for NUMA support and strip more symbol prefixes. - Improve dummy syscall implementation detection (x86-64, ARM). **Bug fixes**: - Fix help text for `--arch`: building with `--arch arm` creates an EABI-only kernel. - Fix a logging bug that caused not loging syscalls' `.origname` for not-found locations after grepping. - x86: use the right Kconfig option for vm86 and vm86old v0.1 ---- First release. ================================================ FILE: LICENSE ================================================ GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: Copyright (C) This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see . The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read . ================================================ FILE: README.md ================================================ Systrack ======== [![License][license-badge]](./LICENSE) [![GitHub actions workflow status][actions-badge]][actions-link] [![PyPI version][pypi-badge]][pypi-systrack] [![PyPI downloads][pypi-badge2]][pypistats-systrack] Systrack logo **See [mebeim/linux-syscalls](https://github.com/mebeim/linux-syscalls) for live syscall tables powered by Systrack**. Systrack is a tool to analyze Linux kernel images (`vmlinux`) and extract information about implemented syscalls. Given a `vmlinux` image, Systrack can extract syscall numbers, names, symbol names, definition locations within kernel sources, function signatures, and more. Systrack can configure and build kernels for all its [supported architectures](#supported-architectures-and-abis), and works best at analyzing kernels that it has configured and built by itself. Installation ------------ Systrack is [available on PyPI][pypi-systrack], it requires Python 3.8+ and is installable through Pip: ```bash pip install systrack ``` Building and installaing from source requires [`hatch`][pypi-hatch]: ```bash hatch build pip install dist/systrack-XXX.whl ``` Usage ----- Systrack can mainly be used for two purposes: analyzing or building Linux kernels. See also [Command line help](#command-line-help) (`systrack --help`) and [Supported architectures and ABIs](#supported-architectures-and-abis) (`systrack --arch help`) below. - **Analyzing** a kernel image can be done given a `vmlinux` ELF with symbols, and optionally also a kernel source directory (`--kdir`). Systrack will extract information about implemented syscalls from the symbol table present in the given `vmlinux` ELF, and if debugging information is present, it will also extract file and line number information for syscall definitions. Supplying a `--kdir` pointing Systrack to the checked-out sources for the right kernel version (the same as the one to analyze) will help refine and/or correct the location of the definitions. Systrack can guess the architecture and ABI to analyze, but if the given kernel was built with support for multiple ABIs, the right one can be selected through `--arch`. ```none systrack path/to/vmlinux systrack --format json path/to/vmlinux systrack --format html path/to/vmlinux systrack --kdir path/to/linux_git_repo path/to/vmlinux systrack --kdir path/to/linux_git_repo --arch x86-64-ia32 path/to/vmlinux ``` - **Building** can be done through the `--build` option. You will need to provide a kernel source directory (`--kdir`) and an architecture/ABI combination to build for (`--arch`). ```none systrack --build --kdir path/to/linux_source_dir --arch x86-64 ``` When building, kernel sources are configured to enable all syscalls available for the selected architecture/ABI as to produce a `vmlinux` with a "complete" syscall table. Cross-compilation with GCC is possible specifying the correct toolchain prefix with the `--cross` option, which will set the `CROSS_COMPILE` variable for the kernel's `Makefile`. Other environment variables can also be used as usual and are passed as is to `make`, so LLVM [cross]-compilation and custom toolchain usage is also possible. ```none systrack --build --kdir path/to/linux_source --arch arm64 --cross aarch64-linux-gnu- ``` Supported architectures and ABIs -------------------------------- Here's a list of supported arch/ABI combinations accepted via `--arch` (values are case-insensitive). This information is also available running `systrack --arch help`. | Value | Aliases | Arch | Kernel | Syscall ABI | Build based on | Notes | |:----------------|:-------------------|:--------|:-------|:---------------|:------------------------------|:--------| | `arm` | `arm-eabi`, `eabi` | ARM | 32-bit | 32-bit EABI | `multi_v7_defconfig` | *[2]* | | `arm-oabi` | `oabi` | ARM | 32-bit | 32-bit OABI | `multi_v7_defconfig` | *[2,4]* | | `arm64` | `aarch64` | ARM | 64-bit | 64-bit AArch64 | `defconfig` | | | `arm64-aarch32` | `aarch32` | ARM | 64-bit | 32-bit AArch32 | `defconfig` | *[1]* | | `mips` | `mips32`, `o32` | MIPS | 32-bit | 32-bit O32 | `defconfig` | | | `mips64` | `n64` | MIPS | 64-bit | 64-bit N64 | `ip27_defconfig` | *[1]* | | `mips64-n32` | `n32` | MIPS | 64-bit | 64-bit N32 | `ip27_defconfig` | *[1]* | | `mips64-o32` | `o32-64` | MIPS | 64-bit | 32-bit O32 | `ip27_defconfig` | *[1]* | | `powerpc` | `ppc`, `ppc32` | PowerPC | 32-bit | 32-bit PPC32 | `ppc64_defconfig` | | | `powerpc64` | `ppc64` | PowerPC | 64-bit | 64-bit PPC64 | `ppc64_defconfig` | *[1]* | | `powerpc64-32` | `ppc64-32` | PowerPC | 64-bit | 32-bit PPC32 | `ppc64_defconfig` | *[1]* | | `powerpc64-spu` | `ppc64-spu`, `spu` | PowerPC | 64-bit | 64-bit "SPU" | `ppc64_defconfig` | *[1,5]* | | `riscv` | `riscv32`, `rv32` | RISC-V | 32-bit | 32-bit "RV32" | `defconfig` + `32-bit.config` | *[3,6]* | | `riscv64` | `rv64` | RISC-V | 64-bit | 64-bit "RV64" | `defconfig` | *[1,6]* | | `riscv64-32` | `rv64-32` | RISC-V | 64-bit | 32-bit "RV32" | `defconfig` | *[1,6]* | | `s390x` | | IBM Z | 64-bit | 64-bit s390x | `defconfig` | *[1]* | | `s390` | | IBM Z | 64-bit | 32-bit s390 | `defconfig` | *[1]* | | `x86` | `i386`, `ia32` | x86 | 32-bit | 32-bit IA32 | `i386_defconfig` | | | `x86-64` | `x64` | x86 | 64-bit | 64-bit x86-64 | `x86_64_defconfig` | *[1]* | | `x86-64-x32` | `x32` | x86 | 64-bit | 64-bit x32 | `x86_64_defconfig` | *[1]* | | `x86-64-ia32` | `ia32-64` | x86 | 64-bit | 32-bit IA32 | `x86_64_defconfig` | *[1]* | Notes: 1. Building creates a kernel supporting all ABIs for this architecture. 2. Build based on `defconfig` for Linux <= v3.7. 3. Build based on `rv32_defconfig` for Linux <= v6.7 and `defconfig` for Linux <= v5.0. 4. Building creates an EABI kernel with compat OABI support. Building an OABI-only kernel is NOT supported. The seccomp filter system will be missing. 5. "SPU" is not a real ABI. It indicates a Cell processor SPU (Synergistic Processing Unit). The ABI is really PPC64, but SPUs can only use a subset of syscalls. 6. "RV32" and "RV64" are not real ABIs, but rather ISAs. The RISC-V syscall ABI is the same for 32-bit and 64-bit (only register size differs). These names are only used for clarity. Runtime dependencies -------------------- External (non-Python) runtime dependencies are: - **Required**: `readelf` (from GNU binutils) is used to parse and extract ELF metadata such as symbols and sections. This is currently the only *compulsory* external dependency of Systrack. - Optional: `addr2line` (from GNU binutils) is used to extract location information from DWARF debug info. Without this program, Systrack will not output any information about syscall definition locations. - Optional: `rg` ([ripgrep][ripgrep]) is used for much faster recursive grepping of syscall definition locations within kernel sources when needed. Otherwise, a slower pure-Python implementation is used. - Optional: a working compiler toolchain and [kernel build dependencies](https://www.kernel.org/doc/html/latest/process/changes.html) are obviously needed if you want Systrack to *build* kernels from source. Limitations ----------- - Supported kernel images: Systrack works with regular *uncompressed* `vmlinux` ELF images and *needs* ELF symbols. Compressed and stripped kernel images are not supported. Tools such as [`vmlinux-to-elf`](https://github.com/marin-m/vmlinux-to-elf) can be used to uncompress and unstrip kernel images, after which Systrack will be able to analyze them. - Old kernel versions: Systrack was mainly designed for and tested on modern kernels (>= v4.0) and has not been tested on older kernels. It should still *somewhat* work on older kernels, but without the same level of guarantee on the correctness of the output. Support for old kernels may come gradually in the future. - Relocatable kernels: Systrack does not currently parse and apply ELF relocations. This means that Systrack does not support kernels using relocation entries for the syscall table. On some architectures (notably MIPS) if the kernel is relocatable the syscall table is relocated at startup and does not contain valid virtual addresses: Systrack will currently fail to analyze such kernels. - Building kernels: when building kernels fot you, Systrack does not aim at building usable or sane kernel images. In fact, a lot of unneeded features are disabled at build time (e.g., USB support). The goal is only to correctly include all syscalls in the syscall table for later extraction. *Do not run kernels built with Systrack.* Command line help ----------------- ```none $ systrack --help usage: systrack [OPTIONS...] [VMLINUX] Analyze a Linux kernel image and extract information about implemented syscalls positional arguments: VMLINUX path to vmlinux, if not inside KDIR or no KDIR supplied options: -h, --help show this help message and exit -k KDIR, --kdir KDIR kernel source directory -a ARCH, --arch ARCH kernel architecture/ABI combination; pass "help" for a list (default: autodetect) -b, --build configure and build kernel and exit -c, --config configure kernel and exit -C, --clean clean kernel sources (make distclean) and exit -x PREFIX, --cross PREFIX toolchain prefix for cross-compilation; use with -b/-c/-C -o OUTDIR, --out OUTDIR output directory for out-of-tree kernel build (make O=...); only meaningful with -b/-c/-C -f FMT, --format FMT output format: text, json or html (default: text) --absolute-paths output absolute paths instead of paths relative to KDIR --remap ORIG_KDIR replace ORIG_KDIR with the KDIR provided with -k/--kdir for paths obtained from ELF debug information; needed if the kernel was built with ORIG_KDIR as source directory instead of KDIR, and debug info contains absolute paths to ORIG_KDIR --checkout REF git checkout to REF inside KDIR before doing anything; the special value "auto" can be used to checkout to the tag corresponding to the detected kernel version from VMLINUX --disable-opt try building kernel with reduced/disabled optimizations for more reliable location results; only meaningful with -b -q, --quiet quietness level: -q = no info, -qq = no warnings, -qqq = no errors -qqqq = no standard error output whatsoever -v, --verbose verbosity level: -v = info, -vv = debug, -vvv = more debug -V, --version show version information and exit ``` --- *Copyright © 2023-2025 Marco Bonelli. Licensed under the GNU General Public License v3.0.* [license-badge]: https://img.shields.io/github/license/mebeim/systrack?color=blue [actions-badge]: https://img.shields.io/github/actions/workflow/status/mebeim/systrack/publish.yml?event=release&label=publish [actions-link]: https://github.com/mebeim/systrack/actions/workflows/publish.yml [pypi-badge]: https://img.shields.io/pypi/v/systrack [pypi-badge2]: https://img.shields.io/pypi/dm/systrack [pypi-systrack]: https://pypi.org/project/systrack/ [pypistats-systrack]: https://pypistats.org/packages/systrack [pypi-hatch]: https://pypi.org/project/hatch [ripgrep]: https://github.com/BurntSushi/ripgrep ================================================ FILE: pyproject.toml ================================================ [project] name = 'systrack' description = 'Linux kernel syscall implementation tracker' authors = [{name = 'Marco Bonelli'}, {name = 'Marco Bonelli', email = 'marco@mebeim.net'}] maintainers = [{name = 'Marco Bonelli'}, {name = 'Marco Bonelli', email = 'marco@mebeim.net'}] license = {text = 'GNU General Public License v3 (GPLv3)'} readme = 'README.md' platforms = 'any' requires-python = '>=3.8' dynamic = ['version'] keywords = ['systrack', 'linux', 'kernel', 'syscall', 'kconfig', 'elf', 'abi'] classifiers = [ 'Development Status :: 4 - Beta', 'Environment :: Console', 'Intended Audience :: Developers', 'Intended Audience :: Science/Research', 'Intended Audience :: System Administrators', 'License :: OSI Approved :: GNU General Public License v3 (GPLv3)', 'Natural Language :: English', 'Operating System :: OS Independent', 'Programming Language :: Python :: 3', 'Topic :: Security', 'Topic :: Software Development :: Embedded Systems', 'Topic :: Software Development :: Testing', 'Topic :: System :: Operating System Kernels :: Linux', 'Topic :: Utilities', ] dependencies = [ 'iced-x86~=1.21.0', 'jinja2~=3.1.2' ] [project.urls] Homepage = 'https://github.com/mebeim/systrack' Repository = 'https://github.com/mebeim/systrack.git' Changelog = 'https://github.com/mebeim/systrack/blob/master/CHANGELOG.md' [project.scripts] systrack = 'systrack.__main__:main' [build-system] requires = ['hatchling'] build-backend = 'hatchling.build' [tool.hatch.version] path = 'src/systrack/version.py' [tool.hatch.build] ignore-vcs = true include = ['src/systrack/templates/*'] [tool.hatch.build.targets.wheel] packages = ['src/systrack'] [tool.hatch.build.targets.sdist] include = ['src', 'CHANGELOG.md'] [tool.hatch.envs.default] python = '3' [tool.hatch.envs.test] dependencies = ['pytest'] [tool.ruff.lint] # Don't warn for multi-line statements ignore = ['E701'] [tool.ruff.lint.per-file-ignores] # Don't warn for star imports in these files 'arch/__init__.py' = ['F403', 'F405'] 'tests/*' = ['F403', 'F405'] ================================================ FILE: src/systrack/__init__.py ================================================ ================================================ FILE: src/systrack/__main__.py ================================================ import argparse import logging import os import signal import sys from pathlib import Path from textwrap import TextWrapper from .arch import SUPPORTED_ARCHS, SUPPORTED_ARCHS_HELP from .kernel import Kernel, KernelError, KernelArchError, KernelMultiABIError from .kernel import KernelVersionError, KernelWithoutSymbolsError from .log import log_setup, eprint from .output import output_syscalls from .utils import command_argv_to_string, command_available from .utils import gcc_version, git_checkout, maybe_rel, format_duration from .version import VERSION, VERSION_HELP def sigint_handler(_, __): sys.stderr.write('Caught SIGINT, stopping\n') sys.exit(1) def wrap_help(body: str) -> str: '''Wrap a string to 65 columns without breaking words for a nice --help output of the tool. ''' tx = TextWrapper(65, break_long_words=False, replace_whitespace=False) return '\n'.join(tx.fill(line) for line in body.splitlines() if line.strip()) def parse_args() -> argparse.Namespace: '''Parse and partially validate command line arguments through argparse. ''' ap = argparse.ArgumentParser( prog='systrack', usage='systrack [OPTIONS...] [VMLINUX]', description='Analyze a Linux kernel image and extract information about implemented syscalls', formatter_class=argparse.RawTextHelpFormatter ) ap.add_argument('vmlinux', metavar='VMLINUX', nargs='?', help=wrap_help('path to vmlinux, if not inside KDIR or no KDIR supplied')) ap.add_argument('-k', '--kdir', metavar='KDIR', help=wrap_help('kernel source directory')) ap.add_argument('-a', '--arch', metavar='ARCH', help=wrap_help('kernel architecture/ABI combination; pass "help" for a ' 'list (default: autodetect)')) ap.add_argument('-b', '--build', action='store_true', help=wrap_help('configure and build kernel and exit')) ap.add_argument('-c', '--config', action='store_true', help=wrap_help('configure kernel and exit')) ap.add_argument('-C', '--clean', action='store_true', help=wrap_help('clean kernel sources (make distclean) and exit')) ap.add_argument('-x', '--cross', metavar='PREFIX', help=wrap_help('toolchain prefix for cross-compilation; use with -b/-c/-C')) ap.add_argument('-o', '--out', metavar='OUTDIR', help=wrap_help('output directory for out-of-tree kernel build (make ' 'O=...); only meaningful with -b/-c/-C')) ap.add_argument('-f', '--format', metavar='FMT', choices=('text', 'json', 'html'), default='text', help=wrap_help('output format: text, json or html (default: text)')) ap.add_argument('--absolute-paths', action='store_true', help=wrap_help('output absolute paths instead of paths relative to KDIR')) ap.add_argument('--remap', metavar='ORIG_KDIR', help=wrap_help('replace ORIG_KDIR with the KDIR provided with ' '-k/--kdir for paths obtained from ELF debug information; needed ' 'if the kernel was built with ORIG_KDIR as source directory ' 'instead of KDIR, and debug info contains absolute paths to ' 'ORIG_KDIR')) ap.add_argument('--checkout', metavar='REF', help=wrap_help('git checkout to REF inside KDIR before doing anything; ' 'the special value "auto" can be used to checkout to the tag ' 'corresponding to the detected kernel version from VMLINUX')) ap.add_argument('--disable-opt', action='store_true', help=wrap_help('try building kernel with reduced/disabled ' 'optimizations for more reliable location results; only meaningful ' 'with -b')) ap.add_argument('-q', '--quiet', action='count', default=0, help=wrap_help('quietness level:\n' ' -q: no info; -qq: no warnings; -qqq: no errors;\n' ' -qqqq: no standard error output whatsoever')) ap.add_argument('-v', '--verbose', action='count', default=0, help=wrap_help('verbosity level:\n' ' -v: info; -vv: debug; -vvv: more debug;\n' ' -vvvv: also pass V=1 to make when building')) ap.add_argument('-V', '--version', action='version', version=VERSION_HELP, help=wrap_help('show version information and exit')) return ap.parse_args() def instantiate_kernel(*a, **kwa) -> Kernel: '''Instantiate the Kernel class with the given parameters, handling and printing possible errors. ''' try: return Kernel(*a, **kwa) except KernelArchError as e: eprint(str(e)) sys.exit(f"See '{sys.argv[0]} --arch help' for more information") except KernelMultiABIError as e: arch_class, abis = e.args[1:] sys.exit( f'Detected architecture: {arch_class.name}\n' f'Detected ABIs: {", ".join(abis)}\n' 'This kernel was built with support for multiple syscall ABIs.\n' 'Select one using --arch NAME (see --arch HELP for more info).' ) except KernelVersionError: sys.exit( 'Unable to determine kernel version!\n', 'Did you specify a valid kernel source directory (--kdir) or vmlinux path?' ) except KernelWithoutSymbolsError: sys.exit( 'The provided kernel image has no symbols, which are necessary for Systrack to work.\n', 'You can try unstripping the image with tools such as "vmlinux-to-elf".' ) except KernelError as e: eprint(str(e)) sys.exit(1) def main() -> int: signal.signal(signal.SIGINT, sigint_handler) args = parse_args() log_setup(args.quiet, args.verbose, os.isatty(sys.stderr.fileno())) logging.debug('Systrack v%s', VERSION) logging.debug('Command line: systrack %s', command_argv_to_string(sys.argv[1:])) arch_name = args.arch if arch_name is not None: arch_name = arch_name.lower() if arch_name not in SUPPORTED_ARCHS: if arch_name not in ('help', '?'): eprint(f'Unsupported architecture/ABI combination: {arch_name}') eprint('See --arch HELP for a list') return 1 eprint(SUPPORTED_ARCHS_HELP) return 0 if not args.kdir and not args.vmlinux: eprint('Need to specify a kernel source direcory and/or path to vmlinux') eprint('See --help for more information') return 1 if not args.kdir and (args.checkout or args.config or args.build): eprint('Need to specify a kernel source direcory (--kdir)') return 1 if not arch_name and (args.config or args.build): eprint('Need to specify an architecture/ABI combination (--arch)') eprint('See --arch HELP for a list') return 1 cross = args.cross or '' vmlinux = Path(args.vmlinux) if args.vmlinux else None kdir = Path(args.kdir) if args.kdir else None outdir = Path(args.out) if args.out else None rdir = Path(args.remap) if args.remap else None # Checkout before building only if not set to auto if args.checkout and args.checkout != 'auto': eprint('Checking out to', args.checkout) git_checkout(kdir, args.checkout) if args.clean or args.config or args.build: if args.out: out = Path(args.out) try: if out.exists() and not out.is_dir(): eprint(f'Output directory "{args.out}" already exists and is not a directory') return 1 out.mkdir(exist_ok=True) except Exception as e: eprint(f'Failed to create output directory "{args.out}": {str(e)}') return 1 # Check that GCC is available and log its version for our own sanity to # avoid mixing up toolchains gcc_cmd = cross + 'gcc' if not command_available(gcc_cmd): eprint(f'Command "{gcc_cmd}" not found') eprint('Make sure your cross-compilation toolchain is in $PATH') return 127 if args.config or args.build: eprint('Compiler:', gcc_version(gcc_cmd)) kernel = instantiate_kernel(arch_name, kdir=kdir, outdir=outdir, toolchain_prefix=cross) if args.build: eprint('Cleaning kernel sources') kernel.clean() eprint('Detected kernel version:', kernel.version_str) eprint('Configuring kernel') kernel.configure() eprint('Building kernel (might take a while)') elapsed = kernel.build(args.disable_opt) eprint('Build took', format_duration(elapsed)) elif args.config: eprint('Cleaning kernel sources') kernel.clean() eprint('Detected kernel version:', kernel.version_str) eprint('Configuring kernel') kernel.configure() eprint('Done') elif args.clean: eprint('Cleaning kernel sources') kernel.clean() eprint('Done') return 0 # Auto-checkout to the correct tag is only possible if we already have a # vmlinux to extract the version from if args.checkout == 'auto' and not vmlinux: eprint('Cannot perform auto-checkout without a vmlinux image!') return 1 if not vmlinux: vmlinux = kdir / 'vmlinux' if not vmlinux.is_file(): eprint(f'Unable to find vmlinux at "{vmlinux}".') eprint('Build the kernel or provide a valid path.') return 1 if not command_available('readelf'): eprint('Command "readelf" unavailable, can\'t do much without it!') return 127 kernel = instantiate_kernel(arch_name, vmlinux, kdir, outdir, rdir) eprint('Detected kernel version:', kernel.version_str) if args.checkout == 'auto': assert kernel.version_source == 'vmlinux' eprint('Checking out to', kernel.version_tag) git_checkout(kdir, kernel.version_tag) if not kernel.syscalls: return 1 # Apply a couple of transformations that are independent of the chosen # output format, and also check how many syscalls do not have location or # signature information. syscalls = kernel.syscalls kdir = kernel.kdir abs_paths = args.absolute_paths n_no_loc = 0 n_no_sig = 0 n_grepped = 0 for sc in kernel.syscalls: if sc.file is None: n_no_loc += 1 else: if kdir and not abs_paths: sc.file = maybe_rel(sc.file, kdir) if kdir and sc.signature is None: n_no_sig += 1 if sc.grepped_location: n_grepped += 1 eprint('Found', len(syscalls), 'implemented syscalls') if n_grepped: eprint('Found', n_grepped, 'definition location' + ('s' if n_grepped > 1 else ''), 'through grepping') if n_no_loc: eprint('Could not find definition location for', n_no_loc, 'syscall' + ('s' if n_no_loc > 1 else '')) if n_no_sig: eprint('Could not extract signature for', n_no_sig, 'syscall' + ('s' if n_no_sig > 1 else '')) eprint() output_syscalls(kernel, args.format) return 0 # NOTE: this is NOT executed in a normal install, because the `systrack` command # will point to a script that imports and directly calls the main() function # above. if __name__ == '__main__': sys.exit(main()) ================================================ FILE: src/systrack/arch/__init__.py ================================================ import logging from typing import Optional, Type, Tuple, List from ..elf import ELF from ..type_hints import KernelVersion from .arch_base import Arch from .arm import ArchArm from .arm64 import ArchArm64 from .mips import ArchMips from .powerpc import ArchPowerPC from .riscv import ArchRiscV from .s390 import ArchS390 from .x86 import ArchX86 ARCH_CLASSES = ( ArchArm, ArchArm64, ArchMips, ArchPowerPC, ArchRiscV, ArchS390, ArchX86, ) # NOTE: For the sake of mental sanity, try keeping abi= the same name as the one # in the *.tbl files in the kernel sources. SUPPORTED_ARCHS = { 'x86' : lambda v: ArchX86(v, abi='ia32', bits32=True), # "i386" ABI 'x86-64' : lambda v: ArchX86(v, abi='x64'), # "64" ABI 'x86-64-x32' : lambda v: ArchX86(v, abi='x32'), 'x86-64-ia32' : lambda v: ArchX86(v, abi='ia32'), 'arm' : lambda v: ArchArm(v, abi='eabi'), 'arm-oabi' : lambda v: ArchArm(v, abi='oabi'), 'arm64' : lambda v: ArchArm64(v, abi='aarch64'), 'arm64-aarch32': lambda v: ArchArm64(v, abi='aarch32'), 'mips' : lambda v: ArchMips(v, abi='o32', bits32=True), 'mips64' : lambda v: ArchMips(v, abi='n64'), 'mips64-n32' : lambda v: ArchMips(v, abi='n32'), 'mips64-o32' : lambda v: ArchMips(v, abi='o32'), 'powerpc' : lambda v: ArchPowerPC(v, abi='ppc32', bits32=True), # "32" ABI 'powerpc64' : lambda v: ArchPowerPC(v, abi='ppc64'), # "64" ABI 'powerpc64-32' : lambda v: ArchPowerPC(v, abi='ppc32'), # "32" ABI 'powerpc64-spu': lambda v: ArchPowerPC(v, abi='spu'), 'riscv' : lambda v: ArchRiscV(v, abi='rv32', bits32=True), 'riscv64' : lambda v: ArchRiscV(v, abi='rv64'), 'riscv64-32' : lambda v: ArchRiscV(v, abi='rv32'), 's390x' : lambda v: ArchS390(v, abi='s390x'), 's390' : lambda v: ArchS390(v, abi='s390'), } ARCH_ALIASES = ( # name alias ('x86' , 'i386' ), ('x86' , 'ia32' ), ('x86-64' , 'x64' ), ('x86-64-x32' , 'x32' ), ('x86-64-ia32' , 'ia32-64' ), ('arm' , 'arm-eabi' ), ('arm' , 'eabi' ), ('arm-oabi' , 'oabi' ), ('arm64' , 'aarch64' ), ('arm64-aarch32', 'aarch32' ), ('mips' , 'mips32' ), ('mips' , 'o32' ), ('mips64' , 'n64' ), ('mips64-n32' , 'n32' ), ('mips64-o32' , 'o32-64' ), ('powerpc' , 'ppc' ), ('powerpc' , 'ppc32' ), ('powerpc64' , 'ppc64' ), ('powerpc64-32' , 'ppc64-32' ), ('powerpc64-spu', 'ppc64-spu' ), ('powerpc64-spu', 'spu' ), ('riscv' , 'riscv32' ), ('riscv' , 'rv32' ), ('riscv64' , 'rv64' ), ('riscv64-32' , 'rv64-32' ), ) SUPPORTED_ARCHS.update({alias: SUPPORTED_ARCHS[arch] for arch, alias in ARCH_ALIASES}) SUPPORTED_ARCHS_HELP = '''\ Supported architectures and ABIs (values are case-insensitive): Value Aliases Arch Kernel Syscall ABI Build based on Notes ------------------------------------------------------------------------------------------------ arm arm-eabi, eabi ARM 32-bit 32-bit EABI multi_v7_defconfig [2] arm-oabi oabi ARM 32-bit 32-bit OABI multi_v7_defconfig [2,4] ------------------------------------------------------------------------------------------------ arm64 aarch64 ARM 64-bit 64-bit AArch64 defconfig arm64-aarch32 aarch32 ARM 64-bit 32-bit AArch32 defconfig [1] ------------------------------------------------------------------------------------------------ mips mips32, o32 MIPS 32-bit 32-bit O32 defconfig mips64 n64 MIPS 64-bit 64-bit N64 ip27_defconfig [1] mips64-n32 n32 MIPS 64-bit 64-bit N32 ip27_defconfig [1] mips64-o32 o32-64 MIPS 64-bit 32-bit O32 ip27_defconfig [1] ------------------------------------------------------------------------------------------------ powerpc ppc, ppc32 PowerPC 32-bit 32-bit PPC32 ppc64_defconfig powerpc64 ppc64 PowerPC 64-bit 64-bit PPC64 ppc64_defconfig [1] powerpc64-32 ppc64-32 PowerPC 64-bit 32-bit PPC32 ppc64_defconfig [1] powerpc64-spu ppc64-spu, spu PowerPC 64-bit 64-bit "SPU" ppc64_defconfig [1,5] ------------------------------------------------------------------------------------------------ riscv riscv32, rv32 RISC-V 32-bit 32-bit "RV32" defconfig + 32-bit.config [3,6] riscv64 rv64 RISC-V 64-bit 64-bit "RV64" defconfig [1,6] riscv64-32 rv64-32 RISC-V 64-bit 32-bit "RV32" defconfig [1,6] ------------------------------------------------------------------------------------------------ s390x IBM Z 64-bit 64-bit s390x defconfig [1] s390 IBM Z 64-bit 32-bit s390 defconfig [1] ------------------------------------------------------------------------------------------------ x86 i386, ia32 x86 32-bit 32-bit IA32 i386_defconfig x86-64 x64 x86 64-bit 64-bit x86-64 x86_64_defconfig [1] x86-64-x32 x32 x86 64-bit 64-bit x32 x86_64_defconfig [1] x86-64-ia32 ia32-64 x86 64-bit 32-bit IA32 x86_64_defconfig [1] [1] Building creates a kernel supporting all ABIs for this architecture. [2] Build based on "defconfig" for Linux <= v3.7. [3] Build based on "rv32_defconfig" for Linux <= v6.7 and "defconfig" for Linux <= v5.0. [4] Building creates an EABI kernel with compat OABI support. Building an OABI-only kernel is NOT supported. The seccomp filter system will be missing. [5] "SPU" is not a real ABI. It indicates a Cell processor SPU (Synergistic Processing Unit). The ABI is really PPC64, but SPUs can only use a subset of syscalls. [6] "RV32" and "RV64" are not real ABIs, but rather ISAs. The RISC-V syscall ABI is the same for 32-bit and 64-bit (only register size differs). These names are only used for clarity. ''' def arch_from_name(name: str, kernel_version: KernelVersion) -> Arch: '''Instantiate and return the right Arch subclass given a human-friendly name (--arch). The name should be already validated. ''' return SUPPORTED_ARCHS[name](kernel_version) def arch_from_vmlinux(vmlinux: ELF) -> Optional[Tuple[Type[Arch],bool,List[str]]]: '''Determine architecture and supported ABIs from vmlinux ELF. Returns the correct Arch subclass, the bitness and a list of detected ABIs. ''' for klass in ARCH_CLASSES: match = klass.match(vmlinux) if match: return klass, *match logging.fatal('Unknown or unsupported architecture: e_machine = %d, ' 'e_flags = 0x%x', vmlinux.e_machine, vmlinux.e_flags) return None ================================================ FILE: src/systrack/arch/arch_base.py ================================================ import logging from abc import ABC, abstractmethod from typing import Tuple, List, Dict, Optional, final from ..elf import Symbol, ELF from ..syscall import Syscall from ..type_hints import KernelVersion, EsotericSyscall from ..utils import VersionedDict, anysuffix, noprefix, nosuffix class Arch(ABC): # Directory name for this arch in the kernel source, under arch/ name: Optional[str] = None # Whether this arch is 32-bits or not bits32: bool = False # Selected ABI to inspect/build for abi: Optional[str] = None # Whether the selected ABI is 32-bits or not abi_bits32: bool = False # Whether this architecture makes use of function descriptors for function # pointers or not uses_function_descriptors: bool = False # Are we looking for compat syscalls (COMPACT_SYSCALL_DEFINEn)? Or, in other # words, is this not the "main" ABI of the kernel we're analyzing? compat: bool = False # Kernel version that we are intersted in analyzing kernel_version: Optional[KernelVersion] = None # Make targets to run (one by one in the specified order) to obtain the base # config to build the kernel with config_targets: Tuple[str,...] = ('defconfig',) # Name of the syscall table symbol to look for syscall_table_name: Optional[str] = 'sys_call_table' # Base syscall number (actual syscall number is base + idx in syscall table) # NOTE: easiest way to check this is to just compile a binary that makes a # raw syscall for the right arch/ABI. The arch_syscall_addr() kernel # function can also be useful to inspect. syscall_num_base: int = 0 # Syscall number destination (register name, None if no register is used, # e.g. arm/OABI where the instruction is swi ). Subclasses must override # this. syscall_num_reg: Optional[str] = None # Registers for syscall arguments. Subclasses must override this. syscall_arg_regs: Optional[Tuple[str, ...]] = None # Additional kconfig options to set kconfig: VersionedDict = VersionedDict() # Arch-specific syscall kconfig options dependency (supersedes global # arch-agnostic KCONFIG_SYSCALL_DEPS (see the comment in kconfig_options.py # to know how to fill this) kconfig_syscall_deps: VersionedDict = VersionedDict() def __init__(self, kernel_version: KernelVersion, abi: str, bits32: bool): self.kernel_version = kernel_version self.bits32 = bits32 self.abi = abi def __repr__(s): return (f'{s.__class__.__name__}(name={s.name!r}, ' f'bits32={s.bits32}, abi={s.abi!r}, compat={s.compat!r}, ...)') @staticmethod @abstractmethod def match(vmlinux: ELF) -> Optional[Tuple[bool,List[str]]]: '''Determine if the given vmlinux ELF was built for this architecture, and if so return the bitness as boolean (True if 32-bit) and a list of detected ABIs. This is useful to determine which Arch subclass to instantiate (if any). ''' pass @abstractmethod def matches(self, vmlinux: ELF) -> bool: '''Determine whether this architecture matches the one of the provided vmlinux (machine and bits). This is useful as a sanity check, e.g. if a subclass is instantiated and then we want to use it on an unknown vmlinux (or multiple ones). ''' pass def adjust_abi(self, vmlinux: ELF): '''Adjust internal ABI-specific attributes that can be ambiguous for a certain ABI selection (e.g. syscall_table_name) to the correct value based on the provided vmlinux. ''' pass def _preferred_symbol(self, a: Symbol, b: Symbol) -> Optional[Symbol]: '''Arch-specific choices for preferred_symbol(). Returns None if no preference can be determined.''' return None # NOTE: subclasses should only override _preferred_symbol() above @final def preferred_symbol(self, a: Symbol, b: Symbol) -> Symbol: '''Decide which symbol should be preferred when multiple syscall symbols point to the same virtual address. This does not have any meaningful effect on the correctness of the output, since at the end of the day if multiple symbols point to the same vaddr, they are in fact the same function, and the location information will also be correct regardless of which one is picked. ''' # If only one symbol is compat, pick the most relevant one based on # self.compat xa = 'compat' in a.name xb = 'compat' in b.name if xa ^ xb: if self.compat: return a if xa else b return b if xa else a # Deprioritize symbols generated by interprocedural optimization xa = '.localalias' in a.name xb = '.localalias' in b.name if xa ^ xb: return a if xb else b # Let subclasses have a say before falling back to generic criteria p = self._preferred_symbol(a, b) if p is not None: return p if a.name.startswith('sys_'): return a if b.name.startswith('sys_'): return b return a if a.name.startswith('compat_sys_') else b def symbol_is_ni_syscall(self, sym: Symbol) -> bool: '''Determine whether the symbol name identifies the special "not implemented" syscall a.k.a. ni_syscall. There can be multiple ni_syscall implementations with different prefixes and at different vaddrs (go figure). Make sure to get all of them (readelf -s vmlinux | grep ni_syscall). For example on x86 v5.0+: sys_ni_syscall __x64_sys_ni_syscall __ia32_sys_ni_syscall By default, also avoid ftrace-related _eil_addr_XXX symbols generated with CONFIG_FTRACE_SYSCALLS=y. ''' # This generic approach should be good enough return ( sym.type == 'FUNC' and anysuffix(sym.name, 'sys_ni_syscall', 'compat_ni_syscall') # Avoid ftrace-related symbols and not sym.name.startswith('_eil_addr_') # Avoid KCFI-related symbols and not sym.name.startswith('__cfi_') and not sym.name.startswith('__pfx_') ) def skip_syscall(self, sc: Syscall) -> bool: '''Determine whether to skip this syscall. Kernels compiled with support for multiple ABIs might share the same syscall table between two or more ABIs, and in such case we want to filter out syscalls that aren't for the ABI we are currently inspecting. E.G. on x86-64 the 64 and x32 ABI share the same syscall table (sys_call_table) before v5.4, which also holds some x32 compat syscalls that are only available for applications using the x32 ABI. ''' return False def _translate_syscall_symbol_name(self, sym_name: str) -> str: '''Arch-specific choices for translate_syscall_symbol_name().''' return sym_name # NOTE: subclasses should only override _translate_syscall_symbol_name() above @final def translate_syscall_symbol_name(self, sym_name: str) -> str: '''Translate symbol name into syscall name, potentially stripping or replacing arch-specific suffixes/prefixes from the symbol name, in order to be able to correctly identify a syscall. Overriding this shouldn't be needed in most cases. This default implementation just removes prefixes/suffixes that are not common enough to be indentified as common prefixes and stripped automatically. ''' return noprefix(self._translate_syscall_symbol_name(sym_name), 'ptregs_sys_', 'ptregs_compat_sys_', '__se_compat_sys_', '__se_sys_', '__sys_', 'compat_sys_') def _normalize_syscall_name(self, name: str) -> str: '''Normalize a syscall name possibly stripping unneeded arch-specific prefixes/suffixes (e.g., "ia32_", "aarch32_", "oabi_", "ppc_" etc.). These are prefixes/suffixes that are ACTUALLY PRESENT IN THE SOURCE, and not just in the symbol name. ''' return name # NOTE: subclasses should only override _normalize_syscall_name() above @final def normalize_syscall_name(self, name: str) -> str: '''Normalize a syscall name removing unneeded prefixes and suffixes. These are prefixes/suffixes that are ACTUALLY PRESENT IN THE SOURCE, and not just in the symbol name. ''' # In theory we could also remove the trailing "16" from 16-bit UID # syscalls (setuid16, chown16, etc.) since it's not the real syscall # name, but that'd make the output a bit confusing because we'd have # both 16-bit and 32-bit UID syscalls with the same names, so let's # avoid it. #name = nosuffix(name, '16') # Y2038 patches rename syscalls that deal with time adding a "_time64" # or "_time32" suffix to distinguish whether they use 64-bit time # structs (e.g. `struct __kernel_timespec`) or 32-bit time structs (e.g. # `struct old_timespec32`). The suffix is shortened to just "64" or "32" # if the syscall name already ends in "time". This suffix is independent # of the arch, so strip it regardless. # # In v5.1 a bunch of 64-bit time syscalls were added to 32-bit archs # with some exceptions (notably riscv). # # SYSCALL_DEFINE5(recvmmsg_time32, ...) -> recvmmsg # SYSCALL_DEFINE2(clock_adjtime32, ...) -> clock_adjtime # name = nosuffix(name, '_time32', '_time64') if name.endswith('time32') or name.endswith('time64'): name = name[:-2] # Some architectures have a "sys32_" or "32_" prefix for... whatever # annoying reason (e.g. v5.1 MIPS 64bit o32). Stripping it regardless of # arch seems fine, so do it. # # asmlinkage long sys32_sync_file_range(...) -> sync_file_range # SYSCALL_DEFINE4(32_truncate64, ...) -> truncate64 # name = noprefix(name, '32_', 'sys32_') # Some architectures have an "old_" prefix for old syscalls which have # been superseded by new ones. There is also stuff like "oldumount" # (v5.18 ARM), but that's actually a different syscall and the kernel # also has "umount" under a different number, so leave it be. # # SYSCALL_DEFINE2(old_getrlimit, ...) -> getrlimit # SYSCALL_DEFINE1(oldumount, ...) -> oldumount (leave it be) # name = noprefix(name, 'old_') return self._normalize_syscall_name(name) def _dummy_syscall_code(self, sc: Syscall, vmlinux: ELF) -> Optional[bytes]: '''Determine whether a syscall has a dummy implementation (e.g. one that only does `return -ENOSYS/-EINVAL`). If this is the case, return the machine code of the syscall, otherwise None. ''' return None # NOTE: subclasses should only override _dummy_syscall_code() above @final def is_dummy_syscall(self, sc: Syscall, vmlinux: ELF, ni_sym: Optional[bytes]=None, ni_code: Optional[bytes]=None) -> bool: '''Determine whether a syscall has a dummy implementation (e.g. one that only does `return -ENOSYS/-EINVAL`). Try matching the vaddr or code of a known ni_syscall symbol first, otherwise fall back to arch-specific logic. ''' if ni_sym is not None: if sc.symbol.real_vaddr == ni_sym.real_vaddr: logging.info('Syscall %s (%s) is not really implemented: ' 'vaddr matches %s', sc.name, sc.symbol.name, ni_sym.name) return True # Cache ni_syscall code for speed as this function will definitely # be called multiple times for the same ni_syscall. if ni_code is not None: code = vmlinux.vaddr_read(sc.symbol.real_vaddr, len(ni_code)) if code == ni_code: logging.info('Syscall %s (%s) is not really implemented: ' 'code matches %s', sc.name, sc.symbol.name, ni_sym.name) return True code = self._dummy_syscall_code(sc, vmlinux) if code is None: return False logging.info('Syscall %s (%s) is not really implemented: dummy ' 'implementation: %s', sc.name, sc.symbol.name, code.hex()) return True def adjust_syscall_number(self, number: int) -> int: '''Adjust the number for the given syscall according to any arch-specific quirk there might be (e.g. PowerPC with its interleaved syscall numbers). ''' return number def have_syscall_table(self) -> bool: '''Return whether the standard method of extracting virtual addresses of syscall functions via syscall table works.''' return self.syscall_table_name is not None def extract_syscall_vaddrs(self, vmlinux: ELF) -> Dict[int,int]: '''Extract virtual addresses of syscall functions. Implemented in case this isn't just as simple as looking at the addresses in the syscall table (e.g., there might not be one to begin with). ''' logging.error("Sorry, don't know how to extract syscall vaddrs for this arch!") return {} def extract_esoteric_syscalls(self, vmlinux: ELF) -> List[EsotericSyscall]: '''Extract weird arch-specific syscalls not in the syscall table: there isn't much else to do except either manually list these (if they are always present) or perform static binary analysis. The returned value is a list of tuples of the form: (number, name, symbol_name, signature, kconfig_opts). NOTE: the symbol_name that is returned needs to exist in the given vmlinux. ''' return [] def syscall_def_regexp(self, syscall_name: Optional[str]=None) -> Optional[str]: '''Return a regexp capable of matching syscall definitions using arch-specific SYSCALL_DEFINEx macros with weird names or arch-specific adsmlinkage function name prefixes. If syscall_name is given, return a regexp to match this syscall definition exactly, otherwise just a generic one. With syscall_name: the returned regexp should match a macro call up to and **including** the syscall name plus a word boundary or any useful delimiter after the name to match it completely. E.g.: r'SYSCALL_DEFINE\\d\\(name\\b' or r'asmlinkage long sys_name\\('. Without syscall_name: the returned regexp should match the macro call up to and **including** the first open parenthesis. E.g.: r'SYSCALL_DEFINE\\d\\(' or r'asmlinkage long sys_\\w+\\('. ''' # Dev note: the \\ above are because that's a docstring (lol), you # obviously only need one in the regexp itself with the r'' syntax. return None ================================================ FILE: src/systrack/arch/arm.py ================================================ from typing import Tuple, List, Optional from ..elf import ELF, E_MACHINE, E_FLAGS from ..kconfig_options import VERSION_INF from ..syscall import Syscall from ..type_hints import KernelVersion, EsotericSyscall from ..utils import VersionedDict, noprefix, nosuffix from .arch_base import Arch class ArchArm(Arch): name = 'arm' bits32 = True abi_bits32 = True syscall_arg_regs = ('r0', 'r1', 'r2', 'r3', 'r4', 'r5', 'r6') kconfig = VersionedDict(( # kexec_load ((2,6,21), VERSION_INF, 'KEXEC=y' , ['PM_SLEEP_SMP=y', 'MMU=y']), # seccomp ((2,6,37), (5,10) , 'SECCOMP=y', []), # No NUMA support => no mbind, migrate_pages, {get,set}_mempolicy )) def __init__(self, kernel_version: KernelVersion, abi: str, bits32: bool = True): assert bits32, f'{self.__class__.__name__} is 32-bit only' super().__init__(kernel_version, abi, True) assert self.bits32 and self.abi_bits32 assert self.abi in ('eabi', 'oabi') if self.kernel_version >= (3,7): # We want a modern-enough processor for which SMP=y by default self.config_targets = ('multi_v7_defconfig',) else: # TODO: not sure which config is best for < 3.7, but defconfig # definitely isn't that good, we might be missing some syscalls e.g. # kexec if SMP=n, so warn about it. This is something to think about # when we get around supporting such kernel versions. self.config_targets = ('defconfig',) if self.abi == 'eabi': # Apparently OABI_COMPAT is on by default on old kernels (e.g. 4.0), # so disable it if not needed, or we're gonna build a kernel with # no seccomp. self.kconfig.add((2,6,16), VERSION_INF, 'OABI_COMPAT=n', []) self.syscall_num_reg = 'r7' elif self.abi == 'oabi': self.syscall_num_base = 0x900000 # No register, number passed as immediate to the SWI instruction self.syscall_num_reg = 'swi ' # Building an old OABI-only kernel is annoying. Assume EABI + compat # OABI (OABI_COMPAT=y) and just build with support for both ABIs. # FIXME: this will disable the seccomp syscall. Configure for an # OABI-only kernel here in the future... self.kconfig.add((2,6,16), VERSION_INF, 'OABI_COMPAT=y', ['AEABI=y', 'THUMB2_KERNEL=n']) @staticmethod def match(vmlinux: ELF) -> Optional[Tuple[bool,List[str]]]: if vmlinux.e_machine != E_MACHINE.EM_ARM: return None assert vmlinux.bits32, 'EM_ARM 64-bit? WAT' if 'sys_oabi_call_table' in vmlinux.symbols: abis = ['eabi', 'oabi'] else: # For EABI, e_flags in the ELF header should tell us the EABI # version (assuming it is set). if (vmlinux.e_flags & E_FLAGS.EF_ARM_EABI_MASK) != 0: abis = ['eabi'] abis = ['oabi'] return True, abis def matches(self, vmlinux: ELF) -> bool: return vmlinux.bits32 and vmlinux.e_machine == E_MACHINE.EM_ARM def adjust_abi(self, vmlinux: ELF): # We could be dealing with an EABI + compat OABI kernel or an # EABI/OABI-only kernel. In the former case, we'll need to select the # compat syscall table. if self.abi == 'oabi' and 'sys_oabi_call_table' in vmlinux.symbols: # EABI + compat OABI self.compat = True self.syscall_table_name = 'sys_oabi_call_table' else: # EABI/OABI only self.compat = False self.syscall_table_name = 'sys_call_table' def _translate_syscall_symbol_name(self, sym_name: str) -> str: # For some reason some syscalls are wrapped in assembly at the entry # point e.g. sys_sigreturn_wrapper v5.18 arch/arm/kernel/entry-common.S. # Stripping the "_wrapper" suffix can help locate them through source # code grepping. return nosuffix(sym_name, '_wrapper') def _normalize_syscall_name(self, name: str) -> str: if self.abi == 'oabi': # E.g. v5.18 asmlinkage long sys_oabi_connect(...) name = noprefix(name, 'oabi_') # E.g. v5.18 asmlinkage long sys_arm_fadvise64_64(...) return noprefix(name, 'arm_') def _dummy_syscall_code(self, sc: Syscall, vmlinux: ELF) -> Optional[bytes]: # Match the following code exactly with either #21 (EINVAL - 1) or #37 # (ENOSYS - 1) as immediate for MVN: # # f06f 0015 mvn.w r0, #21 # 4770 bx lr # # Taken from sys_fork on v5.0 multi_v7_defconfig with MMU=n. # if sc.symbol.size != 6: return None code = vmlinux.read_symbol(sc.symbol) if code in (b'\x6f\xf0\x15\x00\x70\x47', b'\x6f\xf0\x25\x00\x70\x47'): return code return None def extract_esoteric_syscalls(self, vmlinux: ELF) -> List[EsotericSyscall]: # ARM-specific syscalls that are outside the syscall table, with numbers # in the range 0x0f0000-0x0fffff for EABI and 0x9f0000-0x9fffff for # OABI. These are all implemented in arm_syscall() # (arch/arm/kernel/traps.c) with a switch statement. WEEEIRD! # if 'arm_syscall' not in vmlinux.functions: return [] base = self.syscall_num_base + 0x0f0000 res = [ (base + 1, 'breakpoint', 'arm_syscall', (), None), (base + 2, 'cacheflush', 'arm_syscall', ('unsigned long start', 'unsigned long end', 'int flags'), None), (base + 3, 'usr26' , 'arm_syscall', (), None), (base + 4, 'usr32' , 'arm_syscall', (), None), (base + 5, 'set_tls' , 'arm_syscall', ('unsigned long val',), None), ] if self.kernel_version >= (4,15): res.append((base + 6, 'get_tls', 'arm_syscall', (), None)) return res def syscall_def_regexp(self, syscall_name: Optional[str]=None) -> Optional[str]: if self.abi != 'oabi': return None if syscall_name is not None: if syscall_name.startswith('sys_oabi_'): return rf'\basmlinkage\s*(unsigned\s+)?\w+\s*{syscall_name}\s*\(' return rf'\basmlinkage\s*(unsigned\s+)?\w+\s*sys_oabi_{syscall_name}\s*\(' return r'\basmlinkage\s*(unsigned\s+)?\w+\s*sys_oabi_\w+\s*\(' ================================================ FILE: src/systrack/arch/arm64.py ================================================ from typing import Tuple, List, Optional from ..elf import Symbol, ELF, E_MACHINE from ..kconfig_options import VERSION_INF from ..syscall import Syscall from ..type_hints import KernelVersion from ..utils import VersionedDict, noprefix from .arch_base import Arch class ArchArm64(Arch): name = 'arm64' bits32 = False syscall_num_reg = 'w8' syscall_arg_regs = ('x0', 'x1', 'x2', 'x3', 'x4', 'x5') kconfig = VersionedDict(( # Enable aarch32 ABI regardless, should be =y by default, but better safe than sorry ((3,7) , VERSION_INF, 'COMPAT=y' , ['ARM64_4K_PAGES=y', 'EXPERT=y']), # kexec[_file]_load ((4,8) , VERSION_INF, 'KEXEC=y' , ['PM_SLEEP_SMP=y']), ((5,0) , VERSION_INF, 'KEXEC_FILE=y' , []), # seccomp ((3,19), (5,10) , 'SECCOMP=y' , []), # mbind, migrate_pages, {get,set}_mempolicy ((4,7) , VERSION_INF, 'NUMA=y' , []), # pkey syscalls, technically defaults to =y ((6,12), VERSION_INF, 'ARM64_POE=y' , []), # map_shadow_stack (needs UPROBES=n disabled via UPROBE_EVENTS=n) ((6,13), VERSION_INF, 'UPROBE_EVENTS=n', []), ((6,13), VERSION_INF, 'ARM64_GCS=y' , ['UPROBES=n']), )) kconfig_syscall_deps = VersionedDict(( ((6,13), VERSION_INF, 'map_shadow_stack', 'ARM64_GCS'), ((6,12), VERSION_INF, 'pkey_alloc' , 'ARM64_POE'), ((6,12), VERSION_INF, 'pkey_free' , 'ARM64_POE'), ((6,12), VERSION_INF, 'pkey_mprotect' , 'ARM64_POE'), )) def __init__(self, kernel_version: KernelVersion, abi: str, bits32: bool = False): assert not bits32, f'{self.__class__.__name__} is 64-bit only' assert kernel_version >= (3,7), 'Linux only supports arm64 from v3.7' super().__init__(kernel_version, abi, False) assert not self.bits32 assert self.abi in ('aarch64', 'aarch32') if self.abi == 'aarch32': self.compat = True self.abi_bits32 = True self.syscall_table_name = 'compat_sys_call_table' @staticmethod def match(vmlinux: ELF) -> Optional[Tuple[bool,List[str]]]: if vmlinux.e_machine != E_MACHINE.EM_AARCH64: return None assert not vmlinux.bits32, 'EM_AARCH64 32-bit? WAT' if 'compat_sys_call_table' in vmlinux.symbols: abis = ['aarch64', 'aarch32'] else: abis = ['aarch64'] return False, abis def matches(self, vmlinux: ELF) -> bool: return not vmlinux.bits32 and vmlinux.e_machine == E_MACHINE.EM_AARCH64 def _preferred_symbol(self, a: Symbol, b: Symbol) -> Optional[Symbol]: # See commit 4378a7d4be30ec6994702b19936f7d1465193541 if a.name.startswith('__arm64_'): return a if b.name.startswith('__arm64_'): return b return None def _normalize_syscall_name(self, name: str) -> str: # E.g. v5.18 COMPAT_SYSCALL_DEFINE6(aarch32_mmap2, ...) # E.g. v5.2-v6.13+ SYSCALL_DEFINE1(arm64_personality, ...) return noprefix(name, 'aarch32_', 'arm64_') def _dummy_syscall_code(self, sc: Syscall, vmlinux: ELF) -> Optional[bytes]: # Match the following code exactly with either -22 (EINVAL) or -38 # (-ENOSYS) as immediate for MOV: # # 928004a0 mov x0, #0xffffffffffffffda // #-38 # d65f03c0 ret # # Taken from __arm64_sys_pkey_alloc on v6.11. # if sc.symbol.size > 8 or sc.symbol.size == 4: return None assert not vmlinux.big_endian code = vmlinux.read_symbol(sc.symbol) if not code.endswith(b'\xc0\x03\x5f\xd6'): # ret return None # MOVN , #{, LSL #} mov = int.from_bytes(code[:4], 'little') if mov & 0xff80001f != 0x92800000: return None hw = (mov >> 20) & 0x3 imm = ~(((mov >> 5) & 0xffff) << (hw * 16)) if imm == -38 or imm == -22: return code return None ================================================ FILE: src/systrack/arch/mips.py ================================================ from typing import Tuple, List, Optional from ..elf import ELF, E_MACHINE from ..kconfig_options import VERSION_ZERO, VERSION_INF from ..syscall import Syscall from ..type_hints import KernelVersion from ..utils import VersionedDict, anyprefix, noprefix from .arch_base import Arch class ArchMips(Arch): name = 'mips' syscall_num_reg = 'v0' kconfig = VersionedDict(( # kexec[_file]_load ((2,6,20), (3,9) , 'KEXEC=y' , ['EXPERIMENTAL=y']), ((3,9) , VERSION_INF, 'KEXEC=y' , []), # seccomp ((2,6,15), (5,10) , 'SECCOMP=y', []), )) def __init__(self, kernel_version: KernelVersion, abi: str, bits32: bool = False): super().__init__(kernel_version, abi, bits32) assert self.abi in ('o32', 'n32', 'n64') if self.abi == 'o32': self.abi_bits32 = True # Interestingly, man 2 syscall states: "The mips/o32 system call # convention passes arguments 5 through 8 on the user stack". # What syscall takes 8 arguments on MIPS o32? WTF. self.syscall_num_base = 4000 self.syscall_arg_regs = ('a0', 'a1', 'a2', 'a3', 'stack', 'stack', 'stack', 'stack') if not self.bits32: self.syscall_table_name = 'sys32_call_table' else: self.abi_bits32 = False self.syscall_arg_regs = ('a0', 'a1', 'a2', 'a3', 'a4', 'a5') if self.abi == 'n64': self.syscall_num_base = 5000 else: # n32 self.syscall_num_base = 6000 self.syscall_table_name = 'sysn32_call_table' if self.bits32: # MIPS 32bit means o32 ABI. assert self.abi == 'o32' # Just to be clear: for 32-bit we are ok with defconfig self.config_targets = ('defconfig',) self.kconfig.add(VERSION_ZERO, VERSION_INF, '32BIT=y', []) self.kconfig.add(VERSION_ZERO, VERSION_INF, '64BIT=n', []) # Select CPU release. It does not seem to matter much, so select R2, # which has the best kernel version compatibility (along with R1). # These are a multiple choice menu, so better set all of them. self.kconfig.add((2,6,15), VERSION_INF, 'CPU_MIPS32_R1=n', []) self.kconfig.add((2,6,15), VERSION_INF, 'CPU_MIPS32_R2=y', ['SYS_HAS_CPU_MIPS32_R2=y']) self.kconfig.add((4,0) , VERSION_INF, 'CPU_MIPS32_R6=n', []) else: self.compat = self.abi != 'n64' # Grab SGI IP27 (Origin200/2000), which apparently is one of the # only two MIPS machine with NUMA support along with Longsoon64 # (loongson3_defconfig), as the latter is more of a pain in the ass # to build. No need to select CPU release for this, it's R10000. self.config_targets = ('ip27_defconfig',) self.kconfig.add(VERSION_ZERO, VERSION_INF, '32BIT=n', []) self.kconfig.add(VERSION_ZERO, VERSION_INF, '64BIT=y', []) # 32-bit has no NUMA support (apparently), but 64-bit does and # ip27_defconfig should include it. Make sure an error is raised in # case of no NUMA. Needed for mbind, migrate_pages, # {get,set}_mempolicy. self.kconfig.add(VERSION_ZERO, VERSION_INF, 'NUMA=y', ['SYS_SUPPORTS_NUMA=y']) # MIPS 64bit supports all ABIs: 32bit o32, 64bit n32, 64bit n64. # Enable all of them regardless, we will be able to extract the # right syscall table anyway. self.kconfig.add(VERSION_ZERO, VERSION_INF, 'MIPS32_O32=y', []) self.kconfig.add(VERSION_ZERO, VERSION_INF, 'MIPS32_N32=y', []) @staticmethod def match(vmlinux: ELF) -> Optional[Tuple[bool,List[str]]]: if vmlinux.e_machine != E_MACHINE.EM_MIPS: return None if vmlinux.bits32: abis = ['o32'] else: abis = ['n64'] if 'sys32_call_table' in vmlinux.symbols: abis.append('o32') if 'sysn32_call_table' in vmlinux.symbols: abis.append('n32') return vmlinux.bits32, abis def matches(self, vmlinux: ELF) -> bool: return ( vmlinux.e_machine == E_MACHINE.EM_MIPS and vmlinux.bits32 == self.bits32 ) def _normalize_syscall_name(self, name: str) -> str: # E.G. v5.1 asmlinkage int sysm_pipe(void) for weird historical reasons # E.G. v5.18 SYSCALL_DEFINE6(mips_mmap, ...) # E.G. v5.0-6.13+ asmlinkage long mipsmt_sys_sched_setaffinity(...) return noprefix(name, 'sysm_', 'mips_', 'mipsmt_sys_') def _dummy_syscall_code(self, sc: Syscall, vmlinux: ELF) -> Optional[bytes]: # Match the following code exactly with either -22 (EINVAL) or -89 # (-ENOSYS), which of course is different than normalon MIPS) as # immediate for LI: # # 03e00008 jr ra # 2402ffa7 li v0,-89 # # Taken from __se_sys_cachectl on v6.9 64-bit ip27_defconfig. # if sc.symbol.size != 8: return None code = vmlinux.read_symbol(sc.symbol) if vmlinux.big_endian: if not code.startswith(b'\x03\xe0\x00\x08\x24\x02'): return None imm = int.from_bytes(code[6:], 'big', signed=True) else: if not (code.startswith(b'\x08\x00\xe0\x03') and code.endswith(b'\x02\x24')): return None imm = int.from_bytes(code[4:6], 'little', signed=True) if imm == -22 or imm == -89: return code return None def syscall_def_regexp(self, syscall_name: Optional[str]=None) -> Optional[str]: # Absolutely insane old-style prefixes on MIPS... exps = [] if syscall_name is not None: if anyprefix(syscall_name, 'sysm_', 'mipsmt_sys_'): exps.append(rf'\basmlinkage\s*(unsigned\s+)?\w+\s*{syscall_name}\s*\(') else: exps.append(rf'\basmlinkage\s*(unsigned\s+)?\w+\s*(sysm|mipsmt_sys)_{syscall_name}\s*\(') if self.abi == 'n32': if anyprefix(syscall_name, 'sysn32_'): exps.append(rf'\basmlinkage\s*(unsigned\s+)?\w+\s*{syscall_name}\s*\(') else: exps.append(rf'\basmlinkage\s*(unsigned\s+)?\w+\s*sysn32_{syscall_name}\s*\(') else: exps.append(r'\basmlinkage\s*(unsigned\s+)?\w+\s*(sysm|mipsmt_sys)_\w+\s*\(') if self.abi == 'n32': exps.append(r'\basmlinkage\s*(unsigned\s+)?\w+\s*sysn32_\w+\s*\(') return '|'.join(exps) ================================================ FILE: src/systrack/arch/powerpc.py ================================================ from struct import iter_unpack from typing import Tuple, List, Optional from operator import itemgetter from ..elf import Symbol, ELF, E_MACHINE from ..kconfig_options import VERSION_ZERO, VERSION_INF from ..syscall import Syscall from ..type_hints import KernelVersion, EsotericSyscall from ..utils import VersionedDict, noprefix from .arch_base import Arch class ArchPowerPC(Arch): name = 'powerpc' syscall_num_base = 0 syscall_num_reg = 'r0' # NOTE: We treat "SPU" as an ABI, even though it's not a real ABI. It stands # for "Synergistic Processor Unit", one of the CPUs composing a Cell # processor: https://en.wikipedia.org/wiki/Cell_(processor). SPUs are quite # peculiar: as the comment in arch/powerpc/platforms/cell/spu_callbacks.c # (v5.0) explains, they can only use a subset of the syscalls defined for # the "64" ABI. # NOTE: we are assuming to have PPC_BOOK3S=y (and therefore PPC_BOOK3S_32=y # for 32-bit or PPC_BOOK3S_64=y for 64-bit) kconfig = VersionedDict(( # These are needed for RELOCATABLE=n, we do not really need to list # dependencies since we are disabling them. ((2,6,30) , VERSION_INF, 'PPC_OF_BOOT_TRAMPOLINE=n', []), ((2,6,16) , (2,6,27) , 'CRASH_DUMP=n' , []), ((2,6,27) , VERSION_INF, 'CRASH_DUMP=n' , []), ((4,12) , VERSION_INF, 'CRASH_DUMP=n' , []), ((3,4) , VERSION_INF, 'FA_DUMP=n' , []), # Needs to be set here too because arch-specific kconfigs are applied # after those listed in KCONFIG_DEBUGGING (kconfig_options.py) (VERSION_ZERO, VERSION_INF, 'RELOCATABLE=n', ['PPC_OF_BOOT_TRAMPOLINE=n', 'CRASH_DUMP=n', 'FA_DUMP=n']), # kexec_load ((2,6,15) , (3,9) , 'KEXEC=y', ['PPC_BOOK3S=y', 'EXPERIMENTAL=y']), ((3,9) , VERSION_INF, 'KEXEC=y', ['PPC_BOOK3S=y']), # seccomp ((2,6,15) , (5,10) , 'SECCOMP=y', ['PROC_FS=y']), # rtas ((2,6,15) , VERSION_INF, 'PPC_RTAS=y', []), )) # FIXME: more like a curiosity, but why the hell do migrate_pages and # move_pages look like they depend on MIGRATION and not necessarily on NUMA, # but then aren't available for PPC 32-bit which has NUMA=n??? kconfig_syscall_deps = VersionedDict(( (VERSION_ZERO, VERSION_INF, 'pkey_alloc' , 'PPC_MEM_KEYS'), (VERSION_ZERO, VERSION_INF, 'pkey_free' , 'PPC_MEM_KEYS'), (VERSION_ZERO, VERSION_INF, 'pkey_mprotect', 'PPC_MEM_KEYS'), )) def __init__(self, kernel_version: KernelVersion, abi: str, bits32: bool = False): super().__init__(kernel_version, abi, bits32) assert self.abi in ('ppc32', 'ppc64', 'spu') # The "powerpc" directory was added under arch in v2.6.15 and it weirdly # coexisted with "ppc" until v2.6.27, when the latter was removed. assert self.kernel_version >= (2,6,15), 'kernel too old, sorry!' if self.abi == 'spu': # spu_syscall_table only exists since v2.6.16, I have no idea how # things were handled before then. This is a rather old kernel # version, we'll worry about it in the future (if ever). assert self.kernel_version >= (2,6,16), 'kernel too old, sorry!' if self.abi == 'ppc32': self.syscall_arg_regs = ('r3', 'r4', 'r5', 'r6', 'r7', 'r8', 'r9') self.abi_bits32 = True else: self.syscall_arg_regs = ('r3', 'r4', 'r5', 'r6', 'r7', 'r8') self.abi_bits32 = False if self.bits32: self.compat = False self.uses_function_descriptors = False self.syscall_table_name = 'sys_call_table' # PPC_BOOK3S_32 was introduced in v2.6.31. We'll worry about # older kernels in the future (if ever). assert self.kernel_version >= (2,6,31), 'kernel too old, sorry!' # Apparently there isn't a nice 32-bit defconfig and one needs # to manually disable 64-bit??? What in tarnation >:( lame! # There's ppc_defconfig from v5.2, which also takes half the time to # build so it'd be nice to use... but using it as is without tweaks # compiles a kernel without memfd_create. self.config_targets = ('ppc64_defconfig',) self.kconfig.add(VERSION_ZERO, VERSION_INF, 'PPC64=n', []) self.kconfig.add(VERSION_ZERO, VERSION_INF, 'PPC_BOOK3S_32=y', []) else: self.compat = self.abi != 'ppc64' self.abi_bits32 = self.abi == 'ppc32' self.config_targets = ('ppc64_defconfig',) self.uses_function_descriptors = True if self.abi == 'spu': self.syscall_table_name = 'spu_syscall_table' elif self.abi == 'ppc32' and self.kernel_version >= (5,0): # 32-bit and 64-bit syscalls before v5.0 share the same table # (see skip_syscall() below), they are split in two tables only # from v5.0. self.syscall_table_name = 'compat_sys_call_table' # PowerPC64 supports all ABIs: 64, 32, "spu". Enable all of them, we # will be able to extract the right syscall table regardless. self.kconfig.add((2,6,15), (5,7) , 'COMPAT=y', ['PPC64=y']) self.kconfig.add((5,7) , VERSION_INF, 'COMPAT=y', ['PPC64=y', 'CPU_LITTLE_ENDIAN=n', 'CC_IS_CLANG=n']) # Needed for NUMA=y self.kconfig.add((2,6,15), (2,6,22) , 'PPC_PSERIES=y', ['PPC64=y', 'PPC_MULTIPLATFORM=y']), self.kconfig.add((2,6,22), VERSION_INF, 'PPC_PSERIES=y', ['PPC64=y', 'PPC_BOOK3S=y']), # mbind, migrate_pages, {get,set}_mempolicy # NOTE: in theory depends on (PPC_PSERIES || PPC_POWERNV) after # 5.10, but we are assuming PPC_PSERIES=y self.kconfig.add((2,6,15), VERSION_INF, 'NUMA=y', ['PPC64=y', 'SMP=y', 'PPC_PSERIES=y']) # kexec_file_load self.kconfig.add((4,10) , VERSION_INF, 'KEXEC_FILE=y', ['PPC64=y', 'CRYPTO=y', 'CRYPTO_SHA256=y']) # Needed for PPC_SUBPAGE_PROT=y # NOTE: in theory depends on (44x || PPC_BOOK3S_64), but we are # assuming PPC_BOOK3S_64=y self.kconfig.add((2,6,15), VERSION_INF, 'PPC_64K_PAGES=y', ['PPC_BOOK3S_64=y']) # subpage_prot (ppc only, 64-bit only) self.kconfig.add((2,6,25), (5,17) , 'PPC_SUBPAGE_PROT=y', ['PPC_64K_PAGES=y', 'PPC_BOOK3S_64=y']) self.kconfig.add((5,17) , VERSION_INF, 'PPC_SUBPAGE_PROT=y', ['PPC_64K_PAGES=y', 'PPC_64S_HASH_MMU=y']) # pkey_alloc, pkey_free, pkey_mprotect self.kconfig.add((4,16) , (5,17) , 'PPC_MEM_KEYS=y', ['PPC_BOOK3S_64=y']) self.kconfig.add((5,17) , VERSION_INF, 'PPC_MEM_KEYS=y', ['PPC_BOOK3S_64=y', 'PPC_64S_HASH_MMU=y']) # switch_endian (esoteric fast version) self.kconfig.add((4,15) , (6,12) , 'PPC_FAST_ENDIAN_SWITCH=y', []), # spu_run, spu_create self.kconfig.add((2,6,16), VERSION_INF, 'SPU_FS=y' , ['PPC_CELL=y', 'COREDUMP=y']), self.kconfig.add((2,6,18), VERSION_INF, 'SPU_BASE=y', []), @staticmethod def match(vmlinux: ELF) -> Optional[Tuple[bool,List[str]]]: if vmlinux.e_machine == E_MACHINE.EM_PPC: assert vmlinux.bits32, 'EM_PPC 64-bit? WAT' elif vmlinux.e_machine == E_MACHINE.EM_PPC64: assert not vmlinux.bits32, 'EM_PPC64 32-bit? WAT' else: return None if vmlinux.bits32: abis = ['ppc32'] else: abis = ['ppc64'] # v5.0+ has a separate compat table and can be built with COMPAT=n. # Before v5.0 64-bit and 32-bit syscalls share a single table and # apparently it's always COMPAT=y. If none of these match, we must # be dealing with a v5.0+ COMPAT=n kernel, which is the only case # where there's no 32-bit syscall table. if 'compat_sys_call_table' in vmlinux.symbols \ or 'compat_sys_execve' in vmlinux.symbols \ or '.compat_sys_execve' in vmlinux.symbols: abis.append('ppc32') if 'spu_syscall_table' in vmlinux.symbols: abis.append('spu') return vmlinux.bits32, abis def matches(self, vmlinux: ELF) -> bool: # Linux PPC 32-bit should be big-endian only assert vmlinux.big_endian, 'Little-endian PowerPC 32-bit kernel? WAT' return ( vmlinux.e_machine == (E_MACHINE.EM_PPC64, E_MACHINE.EM_PPC)[self.bits32] and vmlinux.bits32 == self.bits32 ) def _preferred_symbol(self, a: Symbol, b: Symbol) -> Optional[Symbol]: # Function descriptors take the "nice" symbol name, while the actual # functions have a goofy dot prefix. adot = a.name.startswith('.') bdot = b.name.startswith('.') if adot or bdot: if not adot: return b if not bdot: return a if a.name.startswith('.sys_'): return a if b.name.startswith('.sys_'): return b return a if a.name.startswith('.compat_sys_') else b return None def skip_syscall(self, sc: Syscall) -> bool: if self.bits32 or self.kernel_version >= (5,0): return False # On PowerPC 64-bit before v5.0, 64-bit and 32-bit syscalls are # *interleaved* in the same syscall table, with 64-bit syscalls at even # indexes. This means that we need to ignore half the syscall table! :') if self.abi == 'ppc32': return sc.index % 2 == 0 # 'ppc64' or 'spu' return sc.index % 2 == 1 def _translate_syscall_symbol_name(self, sym_name: str) -> str: return noprefix(sym_name, '.sys_', '.') def _normalize_syscall_name(self, name: str) -> str: return noprefix(name, 'ppc64_', 'ppc32_', 'ppc_') def _dummy_syscall_code(self, sc: Syscall, vmlinux: ELF) -> Optional[bytes]: # Check for `li r3,-ENOSYS; blr` optionally accompained by some other # known non-branching instructions along the way: # # - {mflr,mtlr} r0 # - {stw,std,lwz,ld} r0,X(r1) # - matching stwu/stdu and addi on r1 (stack pointer) # - bl (to call _mcount() or other func, which *has* to return) # - nop (ori 0,0,0) # # TODO: relies on the symbol having a valid size (!= 0), improve? if sc.symbol.size < 8: return None code = vmlinux.read_symbol(sc.symbol) r1_dec = r1_inc = None insns = [] for insn in map(itemgetter(0), iter_unpack('<>'[vmlinux.big_endian] + 'L', code)): hi = insn >> 16 # mflr r0 / mtlr r0 / nop (ori 0,0,0) if insn in (0x7c0802a6, 0x7c0803a6, 0x60000000): continue # bl X if (hi >> 8) == 0x4b: continue # stw r0,X(r1) / std r0,X(r1) / lwz r0,X(r1) / ld r0,X(r1) if hi in (0x9001, 0xf801, 0xe801, 0x8001): continue # stdu r1,X(r1) if insn & 0xffff0003 == 0xf8210001: r1_dec = 0x10000 - (insn & 0xfffc) continue # stwu r1,X(r1) if hi in (0x9421, 0xf821): r1_dec = 0x10000 - (insn & 0xffff) continue # addi r1,r1,X (after stwu/stdu) if hi == 0x3821 and r1_dec is not None: r1_inc = insn & 0xffff continue if len(insns) > 2: return None insns.append(insn) # Stack pointer decrement/increment must match if (r1_dec is not None or r1_inc is not None) and r1_dec != r1_inc: return None # li r3,-ENOSYS; blr if insns == [0x3860ffda, 0x4e800020]: return code return None def adjust_syscall_number(self, number: int) -> int: if self.bits32 or self.kernel_version >= (5,0): return number # See comment in skip_syscall() above. return number // 2 def extract_esoteric_syscalls(self, vmlinux: ELF) -> List[EsotericSyscall]: # This is currently only used for fast switch_endian, which is only # implemented for ppc64 and was killed in v6.12. Save some time here. if self.abi != 'ppc64' or self.kernel_version >= (6,12): return [] # The switch_endian syscall has a "fast" version implemented with a # branch at syscall entry point (arch/powerpc/kernel/exceptions-64s.S). # # The symbol to look at is exc_real_0xc00_system_call, where we should # find `cmpdi r0,0x1ebe` followed by a `beq-` to code that updates the # saved LE bit in SRR1. The same code has been there since at least # v2.6.31. # # 2c 20 1e be cmpdi r0,7870 # 41 c2 00 20 beq X # ... # 7d 9b 02 a6 X: mfsrr1 r12 # 69 8c 00 01 xori r12,r12,1 # 7d 9b 03 a6 mtsrr1 r12 # 4c 00 00 24 rfid # # This "fast" implementation depends on PPC_FAST_ENDIAN_SWITCH from # v4.15 onwards. It was removed in v6.12. Old kernels only had this fast # version and no switch_endian syscall in the syscall table, which was # added in v4.1 (529d235a0e190ded1d21ccc80a73e625ebcad09b). # # FIXME: on older kernels (< v5.0) the associated syscall entry symbol # may be different. # exc = vmlinux.symbols.get('exc_real_0xc00_system_call') if exc is None: return [] # Unfortunately we cannot rely on the symbol having a good size, so just # find the next symbol after it and use it as a boundary. boundary = vmlinux.next_symbol(exc) boundary = boundary.vaddr if boundary else exc.vaddr + 0x80 code = vmlinux.vaddr_read(exc.vaddr, boundary - exc.vaddr) insns = iter_unpack('<>'[vmlinux.big_endian] + 'L', code) insns = list(map(itemgetter(0), insns)) try: idx_cmpdi = insns.index(0x2c201ebe) beq = insns[idx_cmpdi + 1] except (IndexError, ValueError): return [] idx_mfsrr1 = idx_cmpdi + 1 + (beq & 0xffff) // 4 if idx_mfsrr1 >= len(insns) or insns[idx_mfsrr1] != 0x7d9b02a6: return [] # Match the branch after the cmpdi. Technically it should be a `beq-` # (beq with not taken branch prediction), but also accept others. # beq- beq+ beq beq if (beq >> 16) not in (0x41c2, 0x41e2, 0x4182, 0x41a2): return [] try: idx_xori = insns.index(0x698c0001, idx_mfsrr1 + 1) idx_mtsrr1 = insns.index(0x7d9b03a6, idx_xori + 1) insns.index(0x4c000024, idx_mtsrr1 + 1) except ValueError: return [] # We have the syscall kconf = 'PPC_FAST_ENDIAN_SWITCH' if self.kernel_version >= (4,15) else None return [(0x1ebe, 'switch_endian', exc.name, (), kconf)] def syscall_def_regexp(self, syscall_name: Optional[str]=None) -> Optional[str]: if self.abi != 'ppc32': return None if syscall_name is not None: return rf'\bPPC32_SYSCALL_DEFINE\d\s*\({syscall_name}\b' return r'\bPPC32_SYSCALL_DEFINE\d\s*\(' ================================================ FILE: src/systrack/arch/riscv.py ================================================ from typing import Tuple, List, Optional from ..elf import Symbol, ELF, E_MACHINE from ..kconfig_options import VERSION_INF from ..type_hints import KernelVersion from ..utils import VersionedDict from .arch_base import Arch class ArchRiscV(Arch): name = 'riscv' syscall_num_reg = 'a7' syscall_arg_regs = ('a0', 'a1', 'a2', 'a3', 'a4', 'a5') kconfig = VersionedDict(( # kexec_load ((5,13), VERSION_INF, 'KEXEC=y', ['MMU=y']), # seccomp ((5,5) , (5,10) , 'SECCOMP=y', []), # mbind, {migrate.move}_pages, {get,set}_mempolicy ((5,12), VERSION_INF, 'NUMA=y', ['SMP=y', 'MMU=y']), )) def __init__(self, kernel_version: KernelVersion, abi: str, bits32: bool=False): super().__init__(kernel_version, abi, bits32) assert kernel_version >= (4,15), 'Linux only supports RISC-V from v4.15' assert self.abi in ('rv32', 'rv64') if self.abi == 'rv32': self.abi_bits32 = True if not self.bits32: assert self.kernel_version >= (5,19), 'Linux only supports compat RV32 from v5.19' self.compat = True self.syscall_table_name = 'compat_sys_call_table' if self.bits32: if self.kernel_version >= (6,8): # rv32_defconfig removed in v6.8 self.config_targets = ('defconfig', '32-bit.config') elif self.kernel_version >= (5,1): self.config_targets = ('rv32_defconfig',) else: self.config_targets = ('defconfig',) # No "easy" make target for 32-bit before 5.1. Need manual config. self.kconfig.add((4,15), (5,1) , '32BIT=y', []) self.kconfig.add((4,15), (5,1) , '64BIT=n', []) self.kconfig.add((4,15), (5,1) , 'ARCH_RV32I=y', []) self.kconfig.add((4,15), (5,1) , 'ARCH_RV64I=n', []) self.kconfig.add((4,15), (4,18), 'CPU_SUPPORTS_32BIT_KERNEL=y', []) self.kconfig.add((4,15), (4,18), 'CPU_SUPPORTS_64BIT_KERNEL=n', []) else: self.config_targets = ('defconfig',) # Enable compat ABI regardless (should be =y by default, but better # safe than sorry) self.kconfig.add((5,19), VERSION_INF, 'COMPAT=y', ['64BIT=y', 'MMU=y']), # kexec_file_load self.kconfig.add((5,19), (6,2) , 'KEXEC_FILE=y', ['64BIT=y']) self.kconfig.add((5,19), (6,7) , 'KEXEC_FILE=y', ['64BIT=y','MMU=y']) self.kconfig.add((6,7) , VERSION_INF, 'KEXEC_FILE=y', ['64BIT=y']) @staticmethod def match(vmlinux: ELF) -> Optional[Tuple[bool,List[str]]]: if vmlinux.e_machine != E_MACHINE.EM_RISCV: return None if vmlinux.bits32: abis = ['rv32'] else: abis = ['rv64'] if 'compat_sys_call_table' in vmlinux.symbols: abis.append('rv32') return vmlinux.bits32, abis def matches(self, vmlinux: ELF) -> bool: return ( vmlinux.e_machine == E_MACHINE.EM_RISCV and vmlinux.bits32 == self.bits32 ) def _preferred_symbol(self, a: Symbol, b: Symbol) -> Optional[Symbol]: if a.name.startswith('__riscv_'): return a if b.name.startswith('__riscv_'): return b return None ================================================ FILE: src/systrack/arch/s390.py ================================================ import re import struct from typing import Tuple, List, Optional, Dict from ..elf import Symbol, ELF, E_MACHINE from ..kconfig_options import VERSION_INF from ..type_hints import KernelVersion from ..utils import VersionedDict, noprefix from .arch_base import Arch class ArchS390(Arch): name = 's390' syscall_table_name = 'sys_call_table' syscall_num_reg = 'r1' syscall_arg_regs = ('r2', 'r3', 'r4', 'r5', 'r6', 'r7') kconfig = VersionedDict(( # TODO: validate and see which ones of these (if any) may make sense to # move in global kconfig options. # 32-bit abi ((2,6,12), VERSION_INF, 'COMPAT=y', []), # error: invalid hard register usage between output operands ((2,6,19), VERSION_INF, 'ZCRYPT=n', []), # Error: junk at end of line ((2,6,37), VERSION_INF, 'JUMP_LABEL=n', []), # s390-specific pci syscalls implemented in # commit cd24834130ac ("s390/pci: base support") ((3,8), VERSION_INF, 'PCI=y', []), # misaligned symbol `__nospec_call_start' ((4,16), VERSION_INF, 'EXPOLINE=n', []), # load BTF from vmlinux: Invalid argument ((5,16), (6,0), 'DEBUG_INFO_BTF=n', []), )) def __init__(self, kernel_version: KernelVersion, abi: str, bits32: bool = False): assert not bits32, f'{self.__class__.__name__} is 64-bit only' super().__init__(kernel_version, abi, False) assert self.abi in ('s390', 's390x') if self.abi == 's390': self.compat = True self.abi_bits32 = True self.syscall_table_name = 'sys_call_table_emu' @staticmethod def match(vmlinux: ELF) -> Optional[Tuple[bool,List[str]]]: if vmlinux.e_machine != E_MACHINE.EM_S390: return None assert not vmlinux.bits32, 'EM_S390 32-bit? WAT' if 'sys_call_table_emu' in vmlinux.symbols: abis = ['s390', 's390x'] else: abis = ['s390x'] return False, abis def matches(self, vmlinux: ELF) -> bool: return not vmlinux.bits32 and vmlinux.e_machine == E_MACHINE.EM_S390 def _preferred_symbol(self, a: Symbol, b: Symbol) -> Optional[Symbol]: # See commit aa0d6e70d3b34e710a6a57a53a3096cb2e0ea99f if a.name.startswith('__s390x_'): return a if b.name.startswith('__s390x_'): return b return None def _translate_syscall_symbol_name(self, sym_name: str) -> str: if self.abi == 's390': # sys_ prefix is used for compat syscalls with 0 arguments, which # do not need wrapping. It is not common enough to be detected by # common_syscall_symbol_prefixes(). return noprefix(sym_name, 'sys_') return sym_name def _normalize_syscall_name(self, name: str) -> str: # Unlike most other archs where there is an arch-specific prefix for a # significant number of (or nearly all) syscalls, in S390 this prefix # is actually part of the syscall name for some arch-specific syscalls. # Use a whitelist approach instead of blindly stripping it. These # syscalls are also named using the prefix in man section 2. known = { 's390_guarded_storage', 's390_pci_mmio_read', 's390_pci_mmio_write', 's390_runtime_instr', 's390_sthyi', } if name.startswith('s390_') and name not in known: return noprefix(name, 's390_') return name def have_syscall_table(self) -> bool: # FIXME: This is not true, we do have a table, it just requires custom # parsing. Move parsing logic in Arch class? return False def extract_syscall_vaddrs(self, vmlinux: ELF) -> Dict[int, int]: symbol = vmlinux.symbols[self.syscall_table_name] size = symbol.size if size == 0: # FIXME: In case of 32-bit (abi=='s390') we calculate the size of # sys_call_table, but then look at sys_call_table_emu. Can we do any # better? # sys_call_table_emu immediately follows sys_call_table. # See arch/s390/kernel/entry.S. size = (vmlinux.symbols['sys_call_table_emu'].vaddr - vmlinux.symbols['sys_call_table'].vaddr) entry_size, format = 8, "Q" entry0 = vmlinux.vaddr_read(symbol.vaddr, entry_size) vaddr0, = struct.unpack(f">{format}", entry0) text = vmlinux.sections[".text"] if not (text.vaddr <= vaddr0 < text.vaddr + text.size): # s390 before commit ff4a742dde3c stored vaddrs as ints, because # they were guaranteed to be < 4G before relocatable kernel support # was added. entry_size, format = 4, "I" count = size // entry_size table = vmlinux.vaddr_read(symbol.vaddr, size) vaddrs = struct.unpack(">" + format * count, table) return dict(enumerate(vaddrs)) def syscall_def_regexp(self, syscall_name: Optional[str]=None) -> Optional[str]: if self.abi == 's390': if syscall_name is None: return r'\bCOMPAT_SYSCALL_WRAP\d\s*\(' else: return rf'\bCOMPAT_SYSCALL_WRAP\d\s*\({syscall_name}\b' else: return None ================================================ FILE: src/systrack/arch/x86.py ================================================ import logging from collections import defaultdict from operator import itemgetter from typing import Tuple, List, Dict, DefaultDict, Set, FrozenSet, Optional from iced_x86 import Decoder, Instruction from iced_x86.Mnemonic import Mnemonic, RET, CMP, TEST, JA, JAE, JB, JBE, JE, JNE from iced_x86.OpKind import REGISTER from ..elf import Symbol, ELF, E_MACHINE from ..kconfig_options import VERSION_ZERO, VERSION_INF from ..syscall import Syscall from ..type_hints import KernelVersion from ..utils import VersionedDict, noprefix from .arch_base import Arch class ArchX86(Arch): name = 'x86' kconfig = VersionedDict(( # Disable retpoline mitigations for better compiler compatibility ((4,15) , VERSION_INF, 'RETPOLINE=n' , []), # kexec_load ((2,6,13), (2,6,19) , 'KEXEC=y' , ['EXPERIMENTAL=y']), ((2,6,19), VERSION_INF, 'KEXEC=y' , []), # seccomp ((2,6,12), (2,6,24) , 'SECCOMP=y' , ['PROC_FS=y']), ((2,6,24), (5,10) , 'SECCOMP=y' , []), # iopl, ioperm (x86 only) ((5,5) , VERSION_INF, 'X86_IOPL_IOPERM=y' , []), # modify_ldt ((4,3) , VERSION_INF, 'MODIFY_LDT_SYSCALL=y', []), ((4,3) , VERSION_INF, 'MODIFY_LDT_SYSCALL=y', []), )) kconfig_syscall_deps = VersionedDict(( (VERSION_ZERO, VERSION_INF, 'map_shadow_stack', 'X86_USER_SHADOW_STACK' ), (VERSION_ZERO, VERSION_INF, 'pkey_alloc' , 'X86_INTEL_MEMORY_PROTECTION_KEYS'), (VERSION_ZERO, VERSION_INF, 'pkey_free' , 'X86_INTEL_MEMORY_PROTECTION_KEYS'), (VERSION_ZERO, VERSION_INF, 'pkey_mprotect' , 'X86_INTEL_MEMORY_PROTECTION_KEYS'), )) # Numbers marked as "64" in syscall_64.tbl before v5.4 (when x64 and x32 # still shared the same table), which should therefore NOT be used in x32 # mode. These also include the (lower) x64 numbers for the misnumbered # 512-547 syscalls. # # cat arch/x86/entry/syscalls/syscall_64.tbl | rg '\t64' | cut -f1 # __bad_x32_numbers = { 13, 15, 16, 19, 20, 45, 46, 47, 54, 55, 59, 101, 127, 128, 129, 131, 134, 156, 174, 177, 178, 180, 205, 206, 209, 211, 214, 215, 222, 236, 244, 246, 247, 273, 274, 278, 279, 295, 296, 297, 299, 307, 310, 311, 322, 327, 328 } def __init__(self, kernel_version: KernelVersion, abi: str, bits32: bool = False): super().__init__(kernel_version, abi, bits32) assert self.abi in ('x64', 'ia32', 'x32') # i386_defconfig and x86_64_defconfig don't exist before v2.6.24: need # a different configuration in such case. We'll think about it when (if) # we ever get to supporting such old kernels. Additionally, there were # two directories under arch before v2.6.24 ("i386" and "x86_64"), so # self.name should reflect that too too. assert self.kernel_version >= (2,6,24), 'kernel too old, sorry!' # Syscall tables are no longer guaranteed to exists since v6.9 # (see commit 1e3ad78334a69b36e107232e337f9d693dcc9df2). We will # determine later in adjust_abi() if we actually have a table for the # selected ABI (in case of FTRACE_SYSCALLS=y we may have one). if self.kernel_version < (6,9): self.syscall_table_name = 'sys_call_table' if not self.bits32: if self.abi == 'ia32': self.syscall_table_name = 'ia32_sys_call_table' elif self.abi == 'x32' and self.kernel_version >= (5,4): self.syscall_table_name = 'x32_sys_call_table' else: self.syscall_table_name = None if self.abi == 'ia32': self.syscall_num_reg = 'eax' self.syscall_arg_regs = ('ebx', 'ecx', 'edx', 'esi', 'edi', 'ebp') else: self.syscall_num_reg = 'rax' self.syscall_arg_regs = ('rdi', 'rsi', 'rdx', 'r10', 'r8', 'r9') if self.bits32: assert self.abi == 'ia32' self.abi_bits32 = True self.config_targets = ('i386_defconfig',) # vm86 (x86 only, 32-bit only, no compat support in 64-bit kernels) self.kconfig.add((2,6,16), (2,6,18) , 'VM86=y' , ['X86=y', 'EMBEDDED=y']), self.kconfig.add((2,6,18), (2,6,24) , 'VM86=y' , ['EMBEDDED=y']), self.kconfig.add((2,6,24), (4,3) , 'VM86=y' , ['X86_32=y', 'EXPERT=y']), self.kconfig.add((4,3) , VERSION_INF, 'X86_LEGACY_VM86=y', ['X86_32=y']), self.kconfig.add((4,3) , VERSION_INF, 'X86_LEGACY_VM86=y', ['X86_32=y']), # Needed for NUMA=y (NUMA support dropped in v6.15) self.kconfig.add(VERSION_ZERO, (6,15), 'NOHIGHMEM=n', []) self.kconfig.add(VERSION_ZERO, (6,15), 'HIGHMEM4G=n', []) self.kconfig.add(VERSION_ZERO, (6,15), 'HIGHMEM64G=y', []) self.kconfig.add(VERSION_ZERO, (6,15), 'X86_BIGSMP=y', ['SMP=y']) # mbind, migrate_pages, {get,set}_mempolicy # NOTE: before v2.6.29 NUMA actually also needs more options in # OR, but we don't support checking kconfig expressions self.kconfig.add(VERSION_ZERO, (2,6,23), 'NUMA=y', ['SMP=y', 'HIGHMEM64G=y']) self.kconfig.add((2,6,23) , (2,6,29), 'NUMA=y', ['SMP=y', 'HIGHMEM64G=y', 'EXPERIMENTAL=y']) self.kconfig.add((2,6,29) , (6,15) , 'NUMA=y', ['SMP=y', 'HIGHMEM64G=y', 'X86_BIGSMP=y']) else: self.abi_bits32 = self.abi == 'ia32' self.compat = self.abi != 'x64' self.config_targets = ('x86_64_defconfig',) if self.abi == 'x32': # x32 syscalls have this bit set (__X32_SYSCALL_BIT) self.syscall_num_base = 0x40000000 # x86-64 supports all ABIs: ia32, x64, x32. Enable all of them, we # will be able to extract the right syscall table regardless. self.kconfig.add(VERSION_ZERO, VERSION_INF, 'IA32_EMULATION=y', []) self.kconfig.add((3,4) , (3,9) , 'X86_X32=y' , ['EXPERIMENTAL=y']) self.kconfig.add((3,9) , (5,18) , 'X86_X32=y' , []) self.kconfig.add((5,18) , VERSION_INF, 'X86_X32_ABI=y' , []) # kexec_file_load self.kconfig.add((3,17) , VERSION_INF, 'KEXEC_FILE=y', ['X86_64=y', 'CRYPTO=y', 'CRYPTO_SHA256=y']) # mbind, migrate_pages, {get,set}_mempolicy self.kconfig.add(VERSION_ZERO, (2,6,15) , 'NUMA=y', []) self.kconfig.add((2,6,15) , (2,6,29) , 'NUMA=y', ['SMP=y']) self.kconfig.add((2,6,29) , VERSION_INF, 'NUMA=y', ['SMP=y']) # pkey_alloc, pkey_free, pkey_mprotect # NOTE: in theory depends on (CPU_SUP_INTEL || CPU_SUP_AMD) but we # are pretty sure that CPU_SUP_INTEL will be =y self.kconfig.add((4,6) , VERSION_INF, 'X86_INTEL_MEMORY_PROTECTION_KEYS=y', ['X86_64=y', 'CPU_SUP_INTEL=y']) # map_shadow_stack # NOTE: depends on assembler support for WRUSS instruction # (GNU binutils >= 2.31) self.kconfig.add((6,6) , VERSION_INF, 'X86_USER_SHADOW_STACK=y', ['AS_WRUSS=y']) @staticmethod def match(vmlinux: ELF) -> Optional[Tuple[bool,List[str]]]: if vmlinux.e_machine == E_MACHINE.EM_386: assert vmlinux.bits32, 'EM_386 64-bit? WAT' elif vmlinux.e_machine == E_MACHINE.EM_X86_64: assert not vmlinux.bits32, 'EM_X86_64 32-bit? WAT' else: return None if vmlinux.bits32: abis = ['ia32'] else: abis = ['x64'] if 'ia32_sys_call_table' in vmlinux.symbols: abis.append('ia32') elif 'ia32_sys_call' in vmlinux.symbols: # Since v6.9 no more tables, but we have this function instead abis.append('ia32') if 'x32_sys_call_table' in vmlinux.symbols: abis.append('x32') elif 'x32_sys_call' in vmlinux.symbols: # Since v6.9 no more tables, but we have this function instead abis.append('x32') elif any('x32_compat_sys' in s for s in vmlinux.symbols): # Before v5.4 x32 did NOT have its own table abis.append('x32') return vmlinux.bits32, abis def matches(self, vmlinux: ELF) -> bool: return ( vmlinux.e_machine == (E_MACHINE.EM_X86_64, E_MACHINE.EM_386)[self.bits32] and vmlinux.bits32 == self.bits32 ) def adjust_abi(self, vmlinux: ELF): if self.kernel_version < (6,9): return # Figure out if we have a syscall table (FTRACE_SYSCALLS=y) or not. The # sys_call_table symbol represents the x64 table for 64-bit and the ia32 # table for 32-bit. There is no ia32 nor x32 table for 64-bit kernels. if 'sys_call_table' in vmlinux.symbols and not self.compat: self.syscall_table_name = 'sys_call_table' __is_ia32_name = staticmethod(lambda n: n.startswith('__ia32_')) # __ia32_[compat_]sys_xxx __is_x64_name = staticmethod(lambda n: n.startswith('__x64_')) # __x64_[compat_]sys_xxx __is_x32_name = staticmethod(lambda n: n.startswith('__x32_')) # __x32_compat_sys_xxx def _preferred_symbol(self, a: Symbol, b: Symbol) -> Optional[Symbol]: # Try preferring the symbol with the right ABI in its prefix. na, nb = a.name, b.name if self.abi == 'ia32': if self.__is_ia32_name(na): return a if self.__is_ia32_name(nb): return b if self.__is_x64_name(na): return a if self.__is_x64_name(nb): return b if not na.islower(): return b if not nb.islower(): return a return None if self.abi == 'x32': if self.__is_x32_name(na): return a if self.__is_x32_name(nb): return b if self.__is_x64_name(na): return a if self.__is_x64_name(nb): return b if self.__is_ia32_name(na): return b if self.__is_ia32_name(nb): return a if not na.islower(): return b if not nb.islower(): return a return None def skip_syscall(self, sc: Syscall) -> bool: # Syscalls 512 through 547 are historically misnumbered and x32 only, # see comment in v5.10 arch/x86/entry/syscalls/syscall_64.tbl. # # x32 should only use the x32 numbers (512-547) ORed with the special # __X32_SYSCALL_BIT, and NOT the x64 numbers for the same syscalls. # x64 should use the x64 numbers and NOT the x32 numbers (512-547) for # the same syscalls. # # The checks performed by the kernel (mostly in do_syscall_64() under # arch/x86/entry/common.c) however are completely idiotic, and the fact # that before v5.4 there is only one syscall table for both x64 and x32 # does not help: this makes it technically possible to mix up the # numbers in funny ways. # # In fact, in v5.3, execve can be called using *four* different numbers # from both x64 and x32 mode (determining which number/mode combination # will result in rax=-EFAULT is left as an exercise to the reader): # # 1. 0x3b : the x64 number # (techincally only correct for x64 mode) # 2. 0x208 : the x32 number without __X32_SYSCALL_BIT set # (techincally incorrect in both modes) # 3. 0x4000003b: the x64 number with __X32_SYSCALL_BIT set # (techincally incorrect in both modes) # 4. 0x40000208: the x32 number with __X32_SYSCALL_BIT set # (techincally only correct for x32 mode) # # In v5.4 (commit 6365b842aae4490ebfafadfc6bb27a6d3cc54757) a separate # x32 syscall table was introduced to try and make things less # confusing. After this commit, options 2 and 3 above give -ENOSYS, # while 1 and 4 both work (again, try to guess which number/mode combo # will result in rax=-EFAULT). # if self.abi == 'x64' and 512 <= sc.number <= 547: # x64 cannot use x32 numbers even though they are in the table return True if self.abi == 'x32': if self.kernel_version >= (5,4): # We have our own table, anything we find there is acceptable return False if (sc.number & ~0x40000000) in self.__bad_x32_numbers: # x32 should NOT use these! return True if self.abi == 'ia32': # vm86 and vm86old are only available in 32-bit kernels, but might # still be implemented as simple wrappers that print a warning to # dmesg and return -ENOSYS in 64-bit kernels, so ignore them if not self.bits32 and sc.number in (113, 166): return True # pkey_{alloc,free,mprotect} are available for compat ia32 on # 64-bit, but not for 32-bit kernels (on x86 they depend X86_64=y), # so avoid wasting time with these if self.bits32 and sc.number in (380, 381, 382): return True return False def _translate_syscall_symbol_name(self, sym_name: str) -> str: # For whatever reason some syscalls are wrapped in assembly at the entry # point e.g. in v4.0 stub_execve in arch/x86/kernel/entry_64.S or # stub32_execve in arch/x86/ia32/ia32entry.S. These stubs with prefix # "stub[32]_" make calls to the actual syscall function. # # Removing the prefix helps locate the actual syscall definition through # source code grepping IFF they do not have any other prefix/suffix in # the source (stub_fork -> fork -> easily find SYSCALL_DEFINE0(fork)). # # In some cases this is not enough though, because the actual function # has another prefix: e.g. stub_rt_sigreturn, which calls # sys_rt_sigreturn, defined as `asmlinkage long sys_rt_sigreturn` # and not `asmlinkage long rt_sigreturn` or # `SYSCALL_DEFINE0(rt_sigreturn)`. Kind of a bummer, but I don't really # want to become insane to accomodate all these quirks. return noprefix(sym_name, 'stub32_', 'stub_') def _normalize_syscall_name(self, name: str) -> str: # E.g. v5.18 COMPAT_SYSCALL_DEFINE1(ia32_mmap, ...) return noprefix(name, 'ia32_', 'x86_', 'x32_') def _dummy_syscall_code(self, sc: Syscall, vmlinux: ELF) -> Optional[bytes]: # Check if the code of the syscall only consists of # `MOV rax/eax, -ENOSYS/-EINVAL` followed by a RET or relative JMP and # optionally preceded by an ENDBR64/32. E.G., lookup_dcookie in v6.3: # # <__x64_sys_lookup_dcookie>: # f3 0f 1e fa endbr64 # 48 c7 c0 da ff ff ff mov rax,0xffffffffffffffda # e9 74 8d 90 00 jmp ffffffff819b8b84 <__x86_return_thunk> # # TODO: relies on the symbol having a valid size (!= 0), improve? sz = sc.symbol.size if sz < 6 or sz > 16: return None orig = code = vmlinux.read_symbol(sc.symbol) bad_imm = (b'\xda\xff\xff\xff', b'\xea\xff\xff\xff') # endbr64/endbr32 if code.startswith(b'\xf3\x0f\x1e\xfa') or code.startswith(b'\xf3\x0f\x1e\xfb'): code = code[4:] sz -= 4 # 32-bit kernel if code[:1] == b'\xb8' and code[1:5] in bad_imm: # mov eax, -ENOSYS/-EINVAL if sz == 6 and code[5] == 0xc3: return orig # ret if sz == 7 and code[5] == 0xeb: return orig # jmp rel8 if sz == 10 and code[5] == 0xe9: return orig # jmp rel32 # 64-bit kernel if code[:3] == b'\x48\xc7\xc0' and code[3:7] in bad_imm: # mov rax, -ENOSYS/-EINVAL if sz == 8 and code[7] == 0xc3: return orig # ret if sz == 9 and code[7] == 0xeb: return orig # jmp rel8 if sz == 12 and code[7] == 0xe9: return orig # jmp rel32 return None def __emulate_syscall_switch(self, func: Symbol, func_code: bytes) -> Optional[Tuple[DefaultDict[int,Set[int]],Set[Instruction]]]: start = func.real_vaddr end = func.real_vaddr + func.size insns = list(Decoder(32 if self.bits32 else 64, func_code, ip=start)) # Register used to hold syscall number nr_reg = None # Assume first compared register holds syscall number for insn in insns: if insn.op_code().mnemonic in (CMP, TEST): for i in range(insn.op_count): if insn.op_kind(i) == REGISTER: nr_reg = insn.op_register(i) break if nr_reg is not None: break if nr_reg is None: logging.error('Could not find syscall number register') return None # Supported Jcc instructions jccs = {JA, JAE, JB, JBE, JE, JNE} # Maximum syscall number supported plus 1 nr_max = 0x1000 # Possible syscall numbers at a given address (instruction pointer) nrs: DefaultDict[int,FrozenSet[int]] = defaultdict(frozenset, {start: frozenset(range(nr_max))}) # Candidate branches to syscall functions candidate_insns: Set[Instruction] = set() # Accumulate non-NOP skipped insns for logging/debugging purposes skipped_insns: DefaultDict[Instruction,int] = defaultdict(int) keep_going = True iteration = 0 # Symbolically trace the function code to determine the possible syscall # numbers and the instructions that lead to them while keep_going: iteration += 1 keep_going = False invert_condition = False mnemonic: Optional[Mnemonic] = None last_cmp_immediate: Optional[int] = None for insn in insns: ip = insn.ip next_ip = insn.next_ip prev_mnemonic = mnemonic mnemonic = insn.op_code().mnemonic cur_nrs = nrs[ip] # Only support a TEST that appears right before JE/JNE, which is # functionally equal to a CMP with 0. if prev_mnemonic == TEST and mnemonic not in (JE, JNE): logging.error('Unsupported instruction after TEST: %#x: %r', ip, insn) return None if mnemonic == RET: continue if mnemonic == TEST: if insn.op0_kind != REGISTER or insn.op1_kind != REGISTER: logging.error('Unsupported TEST instruction %#x: %r', ip, insn) return None # Treat `TEST reg, reg` as `CMP reg, 0`. We make sure that # this is the only possible case above. last_cmp_immediate = 0 nrs[next_ip] |= cur_nrs continue if mnemonic == CMP: if insn.op0_kind == REGISTER: reg = insn.op0_register imm_op_idx = 1 invert_condition = False elif insn.op1_kind == REGISTER: reg = insn.op1_register imm_op_idx = 0 invert_condition = True else: # Should not happen, but guard against it anyway. imm_op_idx = None try: last_cmp_immediate = insn.immediate(imm_op_idx) except (ValueError, TypeError): logging.error('Unsupported CMP instruction %#x: %r', ip, insn) return None if reg != nr_reg: logging.error('Unexpected register in CMP instruction ' '%#x: %r', ip, insn) return None nrs[next_ip] |= cur_nrs continue new_taken_nrs = frozenset() new_not_taken_nrs = frozenset() if insn.is_jmp_short_or_near: target_ip = insn.near_branch_target new_taken_nrs = cur_nrs elif insn.is_jcc_short_or_near: if mnemonic not in jccs: logging.error('Unsupported Jcc instruction %#x: %r', ip, insn) return None if last_cmp_immediate is None: logging.error('No previous CMP/TEST instruction for Jcc: ' '%#x: %r', ip, insn) return None target_ip = insn.near_branch_target if mnemonic == JA: taken_filter = frozenset(range(last_cmp_immediate + 1, nr_max)) elif mnemonic == JAE: taken_filter = frozenset(range(last_cmp_immediate, nr_max)) elif mnemonic == JB: taken_filter = frozenset(range(last_cmp_immediate)) elif mnemonic == JBE: taken_filter = frozenset(range(last_cmp_immediate + 1)) elif mnemonic == JE: taken_filter = frozenset((last_cmp_immediate,)) elif mnemonic == JNE: taken_filter = frozenset(range(0, last_cmp_immediate)) taken_filter |= frozenset(range(last_cmp_immediate + 1, nr_max)) new_taken_nrs = cur_nrs & taken_filter new_not_taken_nrs = cur_nrs - taken_filter if invert_condition: new_taken_nrs, new_not_taken_nrs = new_not_taken_nrs, new_taken_nrs elif insn.is_call_near: target_ip = insn.near_branch_target new_taken_nrs = cur_nrs if start <= target_ip < end: logging.error('%s calling itself??? %r', func.name, insn) return None else: if iteration == 1 and not insn.op_code().is_nop: skipped_insns[insn] += 1 # YOLO nrs[next_ip] |= cur_nrs continue # We get here for JMP, Jcc and CALL near if start <= target_ip < end: # Branch target inside function if target_ip < ip: # Backward branch: new numbers may be added to the # target instruction, but we are already past it. In # such case, we'll need an additional iteration to # propagate the information. if not new_taken_nrs.issubset(nrs[target_ip]): keep_going = True else: # Branch target outside function, assume it's a branch to a # syscall function candidate_insns.add(insn) nrs[target_ip] |= new_taken_nrs nrs[next_ip] |= new_not_taken_nrs logging.info('Symbolic emulation done in %d iteration%s', iteration, 's'[:iteration ^ 1]) if skipped_insns: n_skipped = sum(skipped_insns.values()) skipped = sorted(skipped_insns.items(), key=itemgetter(1, 0), reverse=True) skipped = '; '.join((f'{i:r} (x{n})' for i, n in skipped)) logging.debug('Skipped %d instruction%s: %s', n_skipped, 's'[:n_skipped ^ 1], skipped) return nrs, candidate_insns def extract_syscall_vaddrs(self, vmlinux: ELF) -> Dict[int,int]: # We need to go through a painful examination of the switch statement # implemented by {x64,x32,ia32}_sys_call(): # # #define __SYSCALL(nr, sym) case nr: return __x64_##sym(regs); # # long x64_sys_call(const struct pt_regs *regs, unsigned int nr) # { # switch (nr) { # #include # default: return __x64_sys_ni_syscall(regs); # } # } # # The switch statement on the second argument is implemented as a binary # search. Therefore, the generated instructions should simply be a bunch # of CMP/Jcc/JMP. No other implementation is supported right now. # assert self.syscall_table_name is None func_name = f'{self.abi}_sys_call' sym = vmlinux.functions.get(func_name) if sym is None: logging.error('Could not find function %s', func_name) return {} if sym.size < 0x10: logging.error('%s is too small (%d bytes)', sym.name, sym.size) return {} logging.info('Extracting syscalls from code of %s() at %#x', sym.name, sym.real_vaddr) res = self.__emulate_syscall_switch(sym, vmlinux.read_symbol(sym)) if res is None: return {} nrs, candidate_insns = res vaddrs: Dict[int,int] = {} found_default_case = False for insn in candidate_insns: # Guaranteed to have .near_branch_target by the code in # __emulate_syscall_switch() above vaddr = insn.near_branch_target numbers = nrs[vaddr] if len(numbers) == 0: # This should never happen, bail out logging.error('Empty set of syscall numbers for %#x (target of ' '%r). Unreachable!?', vaddr, insn) return {} if len(numbers) > 100: logging.debug('Default switch case at %#x (reachable %d ' 'times): %r => %#x is ni_syscall', insn.ip, len(numbers), insn, vaddr) if found_default_case: logging.error('Multiple default switch cases!?') return {} found_default_case = True continue # Let the caller handle de-duplication in case a single vaddr can be # reached by multiple syscall numbers for nr in numbers: if nr in vaddrs: if vaddrs[nr] != vaddr: logging.error('Number %d leads to multiple vaddrs!? ' 'Got %#x and %#x. Bailing out!', nr, vaddrs[nr], vaddr) return {} continue vaddrs[nr] = vaddr return vaddrs def syscall_def_regexp(self, syscall_name: Optional[str]=None) -> Optional[str]: if self.abi != 'x32': return None if syscall_name is not None: if syscall_name.startswith('sys32_x32_'): return rf'\basmlinkage\s*(unsigned\s+)?\w+\s*{syscall_name}\s*\(' return rf'\basmlinkage\s*(unsigned\s+)?\w+\s*sys32_x32_{syscall_name}\s*\(' return r'\basmlinkage\s*(unsigned\s+)?\w+\s*sys32_x32_\w+\s*\(' ================================================ FILE: src/systrack/elf.py ================================================ import re from enum import IntEnum from functools import lru_cache from pathlib import Path from struct import unpack from operator import attrgetter from collections import namedtuple from typing import Union, Dict, Optional from .utils import ensure_command # Only EM_* macros relevant for vmlinux ELFs class E_MACHINE(IntEnum): EM_386 = 3 # x86 EM_MIPS = 8 # MIPS R3000 (32 or 64 bit) EM_PPC = 20 # PowerPC 32-bit EM_PPC64 = 21 # PowerPC 64-bit EM_S390 = 22 # IBM S/390 EM_ARM = 40 # ARM 32-bit EM_X86_64 = 62 # x86-64 EM_AARCH64 = 183 # ARM 64-bit EM_RISCV = 243 # RISC-V # Only EF_* macros that we actually use class E_FLAGS(IntEnum): EF_ARM_EABI_MASK = 0xff000000 Section = namedtuple('Section', ('name', 'vaddr', 'off', 'size')) _Symbol = namedtuple('_Symbol', ('vaddr', 'real_vaddr', 'size', 'type', 'name')) # NOTE: other code may assume that Symbol acts like a tuple. Think twice about # making this a full-fledged class and not a subclass of namedtuple. Classes are # not hashable and two classes only compare equal if they are both the exact # same instance. class Symbol(_Symbol): '''Class representing an ELF symbol. ''' def __repr__(s): if s.real_vaddr == s.vaddr: return f'Symbol("{s.name}" at 0x{s.vaddr:x}, type={s.type}, size=0x{s.size:x})' else: return f'Symbol("{s.name}" at 0x{s.vaddr:x} (real 0x{s.real_vaddr:x}), type={s.type}, size=0x{s.size:x})' class ELF: __slots__ = ( 'path', 'file', 'bits32', 'big_endian', 'e_machine', 'e_flags', '__sections', '__symbols', '__functions' ) def __init__(self, path: Union[str,Path]): self.path = Path(path) self.file = self.path.open('rb') self.__sections = None self.__symbols = None self.__functions = None magic, ei_class, ei_data = unpack('<4sBB', self.file.read(6)) if magic != b'\x7fELF': raise ValueError(f'Invalid ELF magic: {magic!r}') if ei_class == 1: self.bits32 = True elif ei_class == 2: self.bits32 = False else: raise ValueError(f'Invalid ELF e_ident[EI_CLASS]: {ei_class}') if ei_data == 1: self.big_endian = False elif ei_data == 2: self.big_endian = True else: raise ValueError(f'Invalid ELF e_ident[EI_DATA]: {ei_data}') unpack_endian = '<>'[self.big_endian] assert self.file.seek(0x12) == 0x12 self.e_machine = unpack(unpack_endian + 'H', self.file.read(2))[0] assert self.file.seek(0x24) == 0x24 self.e_flags = unpack(unpack_endian + 'L', self.file.read(4))[0] @property def sections(self) -> Dict[str,Section]: if self.__sections is not None: return self.__sections # We actually only really care about SHT_PROGBITS or SHT_NOBITS exp = re.compile(r'\s([.\w]+)\s+(PROGBITS|NOBITS)\s+([0-9a-fA-F]+)\s+([0-9a-fA-F]+)\s+([0-9a-fA-F]+)') out = ensure_command(['readelf', '-WS', self.path]) secs = {} for match in exp.finditer(out): name, _, va, off, sz = match.groups() secs[name] = Section(name, int(va, 16), int(off, 16), int(sz, 16)) self.__sections = secs return secs @property def symbols(self) -> Dict[str, Symbol]: if self.__symbols is None: self.__extract_symbols() return self.__symbols @property def functions(self) -> Dict[str, Symbol]: if self.__functions is None: self.__extract_symbols() return self.__functions @property def has_debug_info(self) -> bool: return '.debug_line' in self.sections def __extract_symbols(self): exp = re.compile(r'\d+:\s+([0-9a-fA-F]+)\s+(\d+)\s+(\w+).+\s+(\S+)$') out = ensure_command(['readelf', '-Ws', self.path]).splitlines() syms = {} funcs = {} for line in out: match = exp.search(line) if not match: continue vaddr, sz, typ, name = match.groups() vaddr = real_vaddr = int(vaddr, 16) # Unaligned vaddr on ARM 32-bit means the function code is in # Thumb mode. Nonetheless, the actual code is aligned, so the # real vaddr is a multiple of 2. if self.e_machine == E_MACHINE.EM_ARM and typ == 'FUNC' and vaddr & 1: real_vaddr &= 0xfffffffe sym = Symbol(vaddr, real_vaddr, int(sz), typ, name) syms[sym.name] = sym if typ == 'FUNC': funcs[sym.name] = sym self.__symbols = syms self.__functions = funcs def vaddr_to_file_offset(self, vaddr: int) -> int: for sec in self.sections.values(): if sec.vaddr <= vaddr < sec.vaddr + sec.size: return sec.off + vaddr - sec.vaddr raise ValueError('vaddr not in range of any known section') def vaddr_read_string(self, vaddr: int) -> str: off = self.vaddr_to_file_offset(vaddr) assert self.file.seek(off) == off data = self.file.read(1) while data[-1]: data += self.file.read(1) return data[:-1].decode() def vaddr_read(self, vaddr: int, size: int) -> bytes: off = self.vaddr_to_file_offset(vaddr) assert self.file.seek(off) == off return self.file.read(size) def read_symbol(self, sym: Union[str,Symbol]) -> bytes: if not isinstance(sym, Symbol): sym = self.symbols[sym] return self.vaddr_read(sym.real_vaddr, sym.size) @lru_cache(maxsize=128) def next_symbol(self, sym: Symbol) -> Optional[Symbol]: '''Find and return the symbol (if any) with the lowest real virtual address higher than the one of sym. ''' candidates = filter(lambda s: s.real_vaddr > sym.real_vaddr, self.symbols.values()) try: return min(candidates, key=attrgetter('vaddr')) except ValueError: return None ================================================ FILE: src/systrack/kconfig.py ================================================ # # Automatic kernel Kconfig configuration. # # This module contains utility functions to edit configuration options through # the kernel's `scripts/config` script, plus all arch-agnostig Kconfig options # needed. # import logging from pathlib import Path from typing import List, Dict, Iterable, Optional from .arch import Arch from .kconfig_options import * from .type_hints import KernelVersion from .utils import anyprefix, ensure_command def kconfig_debugging(kernel_version: KernelVersion) -> List[str]: return KCONFIG_DEBUGGING[kernel_version] def kconfig_compatibility(kernel_version: KernelVersion) -> List[str]: return KCONFIG_COMPATIBILITY[kernel_version] def kconfig_more_syscalls(kernel_version: KernelVersion) -> Dict[str,List[str]]: return KCONFIG_MORE_SYSCALLS[kernel_version] def kconfig_syscall_deps(syscall_name: str, kernel_version: KernelVersion, arch: Arch) -> str: opt = arch.kconfig_syscall_deps[kernel_version].get(syscall_name) opt = opt or KCONFIG_SYSCALL_DEPS[kernel_version].get(syscall_name) return ('CONFIG_' + opt) if opt else None def run_config_script(kdir: Path, config_file: Path, args: List[str]): return ensure_command(['./scripts/config', '--file', config_file] + args, cwd=kdir) class Kconfig: file: Path kdir: Path config: Dict[str,Optional[str]] __slots__ = ['file', 'kdir', 'config'] def __init__(self, file: Path, kdir: Path): self.file = file self.kdir = kdir self.config = {} lines = map(str.strip, self.file.open().readlines()) for line in lines: # Unset is equivalent to =n, but keep track of it with None if line.startswith('# CONFIG_') and line.endswith(' is not set'): name = line[9:-11] self.config[name] = None continue # Skip empty lines and comments if not line or line.startswith('#'): continue name, val = line.split('=', 1) assert name.startswith('CONFIG_') self.config[name[7:]] = val def get(self, name: str) -> Optional[str]: '''Get the value of a config option given its name. Query scripts/config in case it is not present in the config file. Return None if not set. ''' try: return self.config[name] except KeyError: # Option not explicitly set: try getting its default value val = run_config_script(self.kdir, self.file, ['-s', name]).strip() if val == 'undef': val = None self.config[name] = val return val def check(self, name: str, wanted: str) -> bool: '''Check if two values are equal accounting for unset values and treating them as =n. ''' actual = self.get(name) return wanted == ('n' if actual is None else actual) def human_readable(self, name: str) -> str: '''Return a human-readable representation for a config option and its actual value.''' val = self.get(name) if val is None: return f'CONFIG_{name} is undef' return f'CONFIG_{name}={val}' # TODO: auto check for choice menus to enable only one opt and disable others? def kconfig_edit(config_file: Path, kdir: Path, options: Iterable[str]): if not options: return args = [] for opt in options: name, val = opt.split('=', 1) if val == 'y': args += ['-e', name] elif val == 'n': args += ['-d', name] elif val == 'm': args += ['-m', name] else: args += ['--set-val', name, val] run_config_script(kdir, config_file, args) # TODO: actually check deps parsing Kconfig instead of taking an hardcoded # dictionary {opt: deps} which is error prone and very annoying to maintain. def kconfig_check_with_deps(config_file: Path, kdir: Path, options: Dict[str,List[str]]): config = Kconfig(config_file, kdir) # TODO: check options that are set even though deps not set as intended? for opt, deps in options.items(): opt_name, opt_wanted = opt.split('=', 1) if config.check(opt_name, opt_wanted): continue bad_deps: List[str] = [] unsupported = False # Something is not right, check dependencies for more insight... for dep in deps: dep_name, dep_wanted = dep.split('=', 1) if config.check(dep_name, dep_wanted): continue # It's ok if we want to enable some config, but we cannot do it # because the arch we are building for doesn't declare support # for one of its dependencies dep_actual = config.get(dep_name) if dep_wanted != 'n' and (dep_actual is None or dep_actual == 'n'): if anyprefix(dep_name, 'HAVE_', 'ARCH_HAS_', 'ARCH_SUPPORTS_'): unsupported = True logging.warning(config.human_readable(opt_name) + f' instead of ={opt_wanted}, likely because ' + config.human_readable(dep_name)) continue bad_deps.append(dep_name) if unsupported: continue if bad_deps: # Config does not match, likely because of deps logging.error(config.human_readable(opt_name) + f' instead of ={opt_wanted}, likely because ' + ', '.join(map(config.human_readable, bad_deps))) else: # Config does not match, but deps are ok (weird!) logging.error(config.human_readable(opt_name) + f' instead of ={opt_wanted} (deps ok)') def kconfig_debug_check(config_file: Path, kdir: Path, options: Iterable[str]): config = Kconfig(config_file, kdir) for opt in options: opt_name, opt_wanted = opt.split('=', 1) if config.check(opt_name, opt_wanted): continue # As of now we are quite lax here. We only use this to check for configs # that we apply for compatibility or debugging and are not vital. Unlike # kconfig_check_with_deps() above, encountering a mismatch is usually # not an error. logging.debug(config.human_readable(opt_name) + f' instead of ={opt_wanted}') ================================================ FILE: src/systrack/kconfig_options.py ================================================ # # Kernels built by Systrack need to be configured with debug information (for # file/line info) and with the most complete syscall table possible. In order to # do this a lot of Kconfig options need to be set to the right value depending # on the kernel version. # # Only arch-agnostic Kconfig options are present here. Arch-specific Kconfig # options are defined separately in each `Arch` subclass in `arch/`. # # Versions for Kconfig options can be looked up using the online LKDDB: # https://cateee.net/lkddb/web-lkddb/ - seriously a godsend for this job. # from .utils import VersionedList, VersionedDict __all__ = [ 'VERSION_ZERO', 'VERSION_INF', 'KCONFIG_DEBUGGING', 'KCONFIG_COMPATIBILITY', 'KCONFIG_MORE_SYSCALLS', 'KCONFIG_SYSCALL_DEPS' ] # We will probably never get even close to v2.6.12 (first tag in the main repo) VERSION_ZERO = (2,6,12,) VERSION_INF = (9999999999,) # Kconfig options that help Systrack do its job. We don't check dependencies on # other Kconfig options for these as they are all global and dependency-free. # We can add another different VersionedDict in the future if the need arises. # # Motivations behind these: # # - DEBUG_INFO=y is obviously essential to have file and line number information # in the vmlinux ELF. In v5.12 a multiple choice menu for the DWARF version # was added, and in v5.18 the choice DEBUG_INFO_NONE was added, making # DEBUG_INFO no longer selectable by hand, but only automatically enabled when # the choice is not DEBUG_INFO_NONE. # - RELOCATABLE=n is essential to avoid relocations, which could result in the # entire syscall table being relocatable, making it significantly more # annoying to recover syscall symbols (don't really want to parse and apply # relocations to be honest). # - EXPERT=y is needed for various stuff incl. some arch-specific kconfigs # - EXPERIMENTAL=y might also be useful for arch-specific stuff, though it's old # so I haven't really *experimented* with it yet (lol) # - FTRACE_SYSCALLS=y adds `__syscall_meta_xxx` structs for each syscall, which # are very useful to extract signature info. It also helps on x86 since v6.9 # as syscall tables are not used anymore and `sys_call_table` is only # generated for ftrace. # - FTRACE=y is needed for FTRACE_SYSCALLS # # TODO: version for RELOCATABLE and RANDOMIZE_BASE depends on arch # TODO: is optimizing for size and not performance useful? # Enable CC_OPTIMIZE_FOR_SIZE (since 2.6.1) and disable # CC_OPTIMIZE_FOR_PERFORMANCE (since 4.7) for that. # TODO: Enable DEBUG_INFO_BTF? It generates BTF typeinfo, which may be useful. # TODO: Enable NO_AUTO_INLINE? # KCONFIG_DEBUGGING = VersionedList(( # since removed in list of name=value (VERSION_ZERO, (3,8) , ['EXPERIMENTAL=y']), (VERSION_ZERO, VERSION_INF, ['DEBUG_KERNEL=y', 'DEBUG_INFO=y']), (VERSION_ZERO, VERSION_INF, ['RELOCATABLE=n', 'RANDOMIZE_BASE=n']), ((2, 6, 30) , VERSION_INF, ['FTRACE_SYSCALLS=y']), ((2, 6, 31) , VERSION_INF, ['FTRACE=y']), ((2, 6, 36) , VERSION_INF, ['DEBUG_INFO_REDUCED=n']), ((2, 6, 38) , VERSION_INF, ['EXPERT=y']), ((5, 12) , VERSION_INF, ['DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y']), ((5, 18) , VERSION_INF, ['DEBUG_INFO_NONE=n']), )) # Kconfig options that are not strictly needed for building or improving # Systrack analysis, but which ease the build process by improving # compiler/toolchain compatibility, removing unneeded build dependencies and # disabling unneeded pieces of kernel code. # # Some of these are arch-specific, but we don't care as they will simply be # ignored on the wrong arch. # KCONFIG_COMPATIBILITY = VersionedList(( # since removed in list of name=value (VERSION_ZERO, VERSION_INF, ['USB=n']), (VERSION_ZERO, (6,6) , ['EMBEDDED=n']), ((2,6,28) , VERSION_INF, ['WIRELESS=n']), ((2,6,32) , VERSION_INF, ['USB_SUPPORT=n', 'WLAN=n', 'NETDEVICES=n']), ((2,6,36) , VERSION_INF, ['SECURITY_APPARMOR=n']), ((3,7) , VERSION_INF, ['MODULE_SIG=n']), ((3,13) , VERSION_INF, ['SYSTEM_TRUSTED_KEYRING=n']), ((4,6) , VERSION_INF, ['STACK_VALIDATION=n']), ((4,14) , (4,15) , ['GUESS_UNWINDER=y', 'ORC_UNWINDER=n', 'FRAME_POINTER_UNWINDER=n']), ((4,15) , VERSION_INF, ['UNWINDER_GUESS=y', 'UNWINDER_ORC=n', 'UNWINDER_FRAME_POINTER=n']), ((5,2) , VERSION_INF, ['DEBUG_INFO_BTF=n']), ((5,15) , VERSION_INF, ['WERROR=n']), )) # Kconfig options to enable optional syscalls. We want to build a kernel with as # many syscalls as possible. These are some arch-agnostic config options to set # in order to enable more syscalls. Arch-specific configs (or configs that are # present in different kernel versions depending on the arch) are uner `arch/`. # # Notes on some of these: # # - CRYPTO_SHA256=y is needed for KEXEC_FILE # - INOTIFY=y is needed for INOTIFY_USER (only from v2.6.18 to v2.6.28) # - PCI=y is needed for pci syscalls and is arch-specific before v5.0 (with # different dependencies too), but we can enable it here regardless as a # sanity check # - PROFILING=y is needed for PERF_EVENTS # - QUOTA=y is needed for QUOTACTL, which should be auto-selected by QUOTA=y # - SECCOMP was arch-specific before v5.10, then became arch-agnostic # - SECURITY=y is needed for SECURITY_LANDLOCK # - UID16 is technically arch-dependent before v2.6.16, but it's practically # useless to differentiate between archs for this, the kernel Makefile will # just remove it if unneeded # KCONFIG_MORE_SYSCALLS = VersionedDict(( # since removed in name=value dependencies ((3,18) , VERSION_INF, 'ADVISE_SYSCALLS=y' , []), ((2,6,28) , VERSION_INF, 'AIO=y' , []), ((2,6,19) , VERSION_INF, 'BLOCK=y' , ['EXPERT=y']), ((3,18) , VERSION_INF, 'BPF_SYSCALL=y' , []), (VERSION_ZERO, (4,1) , 'BSD_PROCESS_ACCT=y' , []), ((4,1) , VERSION_INF, 'BSD_PROCESS_ACCT=y' , ['MULTIUSER=y']), ((3,3) , VERSION_INF, 'CHECKPOINT_RESTORE=y' , []), ((3,15) , VERSION_INF, 'CROSS_MEMORY_ATTACH=y', ['MMU=y']), (VERSION_ZERO, VERSION_INF, 'CRYPTO_SHA256=y' , []), ((2,6,36) , VERSION_INF, 'FANOTIFY=y' , []), ((2,6,39) , VERSION_INF, 'FHANDLE=y' , []), # TODO: FUTEX depends on !(SPARC32 && SMP), but we do not support # expressions to check kconfig dependencies :( (VERSION_ZERO, VERSION_INF, 'FUTEX=y' , []), (VERSION_ZERO, VERSION_INF, 'INET=y' , []), ((2,6,13) , (2,6,29) , 'INOTIFY=y' , []), ((2,6,18) , VERSION_INF, 'INOTIFY_USER=y' , []), ((5,1) , VERSION_INF, 'IO_URING=y' , ['EXPERT=y']), ((5,12) , VERSION_INF, 'KCMP=y' , ['EXPERT=y']), (VERSION_ZERO, VERSION_INF, 'KEYS=y' , []), ((4,3) , VERSION_INF, 'MEMBARRIER=y' , []), ((4,18) , (6,6) , 'MEMFD_CREATE=y' , []), ((6,6) , VERSION_INF, 'MEMFD_CREATE=y' , ['EXPERT=y']), # TODO: MIGRATION depends on (NUMA || ARCH_ENABLE_MEMORY_HOTREMOVE || COMPACTION || CMA) && MMU # but we do not support expressions to check kconfig dependencies :( ((2,6,16) , VERSION_INF, 'MIGRATION=y' , ['MMU=y']), (VERSION_ZERO, VERSION_INF, 'MODULE_UNLOAD=y' , []), (VERSION_ZERO, VERSION_INF, 'MODULES=y' , []), (VERSION_ZERO, VERSION_INF, 'NET=y' , []), (VERSION_ZERO, (2,6,29) , 'NFSD=y' , ['INET=y']), # Though NSFD still exists, nfsservctl was removed in 3.1, so it's pointless # to enable it past that ((2,6,29) , (3,1) , 'NFSD=y' , ['INET=y', 'FILE_LOCKING=y', 'FSNOTIFY=y']), ((2,6,32) , VERSION_INF, 'PROFILING=y' , []), (VERSION_ZERO, VERSION_INF, 'PERF_EVENTS=y' , ['HAVE_PERF_EVENTS=y']), (VERSION_ZERO, (5,0) , 'PCI=y' , []), ((5,0) , VERSION_INF, 'PCI=y' , ['HAVE_PCI=y']), (VERSION_ZERO, VERSION_INF, 'POSIX_MQUEUE=y' , ['NET=y']), ((4,10) , VERSION_INF, 'POSIX_TIMERS=y' , ['EXPERT=y']), ((2,6,30) , VERSION_INF, 'QUOTA=y' , []), ((4,18) , VERSION_INF, 'RSEQ=y' , ['HAVE_RSEQ=y']), ((5,10) , VERSION_INF, 'SECCOMP=y' , ['HAVE_ARCH_SECCOMP=y']), ((5,14) , (6,2) , 'SECRETMEM=y' , ['ARCH_HAS_SET_DIRECT_MAP=y', 'EMBEDDED=n']), ((6,2) , VERSION_INF, 'SECRETMEM=y' , ['ARCH_HAS_SET_DIRECT_MAP=y']), (VERSION_ZERO, (4,1) , 'SECURITY=y' , ['SYSFS=y']), ((4,1) , VERSION_INF, 'SECURITY=y' , ['SYSFS=y', 'MULTIUSER=y']), ((5,13) , (6,5) , 'SECURITY_LANDLOCK=y' , ['SECURITY=y', 'ARCH_EPHEMERAL_INODES=n']), ((6,5) , VERSION_INF, 'SECURITY_LANDLOCK=y' , ['SECURITY=y']), ((3,16) , VERSION_INF, 'SGETMASK_SYSCALL=y' , []), ((2,6,22) , VERSION_INF, 'SIGNALFD=y' , ['EXPERT=y']), (VERSION_ZERO, (5,5) , 'SYSCTL_SYSCALL=y' , ['PROC_SYSCTL=y']), ((3,15) , VERSION_INF, 'SYSFS_SYSCALL=y' , []), (VERSION_ZERO, VERSION_INF, 'SYSVIPC=y' , []), (VERSION_ZERO, (2,6,16) , 'UID16=y' , []), ((2,6,16) , (4,1) , 'UID16=y' , ['EXPERT=y', 'HAVE_UID16=y']), ((4,1) , VERSION_INF, 'UID16=y' , ['EXPERT=y', 'HAVE_UID16=y', 'MULTIUSER=y']), ((4,3) , VERSION_INF, 'USERFAULTFD=y' , ['MMU=y']), ((3,15) , (6,16) , 'USELIB=y' , []), )) # Keep track of which syscall depends on which config option. Since syscalls are # uniquely named there is no issue in keeping track of arch-specific syscalls # here too. # # NOTE: for syscalls that are gated behind different configs depending on arch, # the .kconfig_syscall_deps attr of Arch subclasses overrides the entries here. # # This info is only to give a richer output (namely list the kconfig options # needed to enable a certain syscall), it is not functional to the tool. # # 1. Most optional syscalls exist IF AND ONLY IF the corresponding config # exists, so just set "since" VERSION_ZERO and "removed in" VERSION_INF for # those. # 2. If a certain syscall existed prior to it being put behind a config, # set "since" to the first appearence of the config. # 3. If a certain syscall was behind a config, but then the config was removed # (while keeping the syscall), set "removed in" to the version the config was # removed in. # 4. If both point 2 and 3 above apply, then add 2+ entries for such a syscall. # KCONFIG_SYSCALL_DEPS = VersionedDict(( # since removed in syscall name depends on (VERSION_ZERO, VERSION_INF, 'fadvise64' , 'ADVISE_SYSCALLS' ), (VERSION_ZERO, VERSION_INF, 'fadvise64_64' , 'ADVISE_SYSCALLS' ), # 32-bit only (VERSION_ZERO, VERSION_INF, 'madvise' , 'ADVISE_SYSCALLS' ), (VERSION_ZERO, VERSION_INF, 'process_madvise' , 'ADVISE_SYSCALLS' ), (VERSION_ZERO, VERSION_INF, 'io_setup' , 'AIO' ), (VERSION_ZERO, VERSION_INF, 'io_destroy' , 'AIO' ), (VERSION_ZERO, VERSION_INF, 'io_getevents' , 'AIO' ), (VERSION_ZERO, VERSION_INF, 'io_submit' , 'AIO' ), (VERSION_ZERO, VERSION_INF, 'io_cancel' , 'AIO' ), (VERSION_ZERO, VERSION_INF, 'io_pgetevents' , 'AIO' ), (VERSION_ZERO, VERSION_INF, 'ioprio_get' , 'BLOCK' ), (VERSION_ZERO, VERSION_INF, 'ioprio_set' , 'BLOCK' ), (VERSION_ZERO, VERSION_INF, 'bpf' , 'BPF_SYSCALL' ), (VERSION_ZERO, VERSION_INF, 'acct' , 'BSD_PROCESS_ACCT' ), ((6,5) , VERSION_INF, 'cachestat' , 'CACHESTAT_SYSCALL' ), (VERSION_ZERO, (5,12) , 'kcmp' , 'CHECKPOINT_RESTORE' ), (VERSION_ZERO, VERSION_INF, 'process_vm_readv' , 'CROSS_MEMORY_ATTACH'), (VERSION_ZERO, VERSION_INF, 'process_vm_writev' , 'CROSS_MEMORY_ATTACH'), (VERSION_ZERO, VERSION_INF, 'epoll_create' , 'EPOLL' ), (VERSION_ZERO, VERSION_INF, 'epoll_create1' , 'EPOLL' ), (VERSION_ZERO, VERSION_INF, 'epoll_ctl' , 'EPOLL' ), (VERSION_ZERO, VERSION_INF, 'epoll_pwait' , 'EPOLL' ), (VERSION_ZERO, VERSION_INF, 'epoll_pwait2' , 'EPOLL' ), (VERSION_ZERO, VERSION_INF, 'epoll_wait' , 'EPOLL' ), (VERSION_ZERO, VERSION_INF, 'name_to_handle_at' , 'FHANDLE' ), (VERSION_ZERO, VERSION_INF, 'open_by_handle_at' , 'FHANDLE' ), (VERSION_ZERO, VERSION_INF, 'fanotify_init' , 'FANOTIFY' ), (VERSION_ZERO, VERSION_INF, 'fanotify_mark' , 'FANOTIFY' ), (VERSION_ZERO, VERSION_INF, 'fork' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'futex' , 'FUTEX' ), (VERSION_ZERO, VERSION_INF, 'futex_wait' , 'FUTEX' ), (VERSION_ZERO, VERSION_INF, 'futex_waitv' , 'FUTEX' ), (VERSION_ZERO, VERSION_INF, 'futex_wake' , 'FUTEX' ), (VERSION_ZERO, VERSION_INF, 'futex_requeue' , 'FUTEX' ), (VERSION_ZERO, VERSION_INF, 'get_robust_list' , 'FUTEX' ), (VERSION_ZERO, VERSION_INF, 'set_robust_list' , 'FUTEX' ), (VERSION_ZERO, VERSION_INF, 'inotify_add_watch' , 'INOTIFY_USER' ), (VERSION_ZERO, VERSION_INF, 'inotify_init' , 'INOTIFY_USER' ), (VERSION_ZERO, VERSION_INF, 'inotify_init1' , 'INOTIFY_USER' ), (VERSION_ZERO, VERSION_INF, 'inotify_rm_watch' , 'INOTIFY_USER' ), (VERSION_ZERO, VERSION_INF, 'io_uring_enter' , 'IO_URING' ), (VERSION_ZERO, VERSION_INF, 'io_uring_setup' , 'IO_URING' ), (VERSION_ZERO, VERSION_INF, 'io_uring_register' , 'IO_URING' ), ((5,12) , VERSION_INF, 'kcmp' , 'KCMP' ), (VERSION_ZERO, VERSION_INF, 'kexec_load' , 'KEXEC' ), (VERSION_ZERO, VERSION_INF, 'kexec_file_load' , 'KEXEC_FILE' ), (VERSION_ZERO, VERSION_INF, 'add_key' , 'KEYS' ), (VERSION_ZERO, VERSION_INF, 'keyctl' , 'KEYS' ), (VERSION_ZERO, VERSION_INF, 'request_key' , 'KEYS' ), (VERSION_ZERO, VERSION_INF, 'membarrier' , 'MEMBARRIER' ), ((4,18) , VERSION_INF, 'memfd_create' , 'MEMFD_CREATE' ), (VERSION_ZERO, VERSION_INF, 'mincore' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'mlock' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'mlock2' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'mlockall' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'mprotect' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'mseal' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'msync' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'munlock' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'munlockall' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'pkey_alloc' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'pkey_free' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'pkey_mprotect' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'process_mrelease' , 'MMU' ), (VERSION_ZERO, VERSION_INF, 'remap_file_pages' , 'MMU' ), # obsolete ((4,3) , VERSION_INF, 'modify_ldt' , 'MODIFY_LDT_SYSCALL' ), # x86 only (VERSION_ZERO, VERSION_INF, 'delete_module' , 'MODULE_UNLOAD' ), (VERSION_ZERO, VERSION_INF, 'init_module' , 'MODULES' ), (VERSION_ZERO, VERSION_INF, 'finit_module' , 'MODULES' ), ((4,1) , VERSION_INF, 'capget' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'capset' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'setuid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'setgid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'setreuid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'setregid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'getresuid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'setresuid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'getresgid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'setresgid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'setfsuid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'setfsgid' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'getgroups' , 'MULTIUSER' ), ((4,1) , VERSION_INF, 'setgroups' , 'MULTIUSER' ), (VERSION_ZERO, VERSION_INF, 'accept' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'accept4' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'bind' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'connect' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'listen' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'getpeername' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'getsockname' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'getsockopt' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'recv' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'recvfrom' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'recvmsg' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'recvmmsg' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'send' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'sendmmsg' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'sendmsg' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'sendto' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'setsockopt' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'shutdown' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'socket' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'socketcall' , 'NET' ), (VERSION_ZERO, VERSION_INF, 'socketpair' , 'NET' ), (VERSION_ZERO, (3, 1) , 'nfsservctl' , 'NFSD' ), # dead (VERSION_ZERO, VERSION_INF, 'mbind' , 'NUMA' ), (VERSION_ZERO, VERSION_INF, 'migrate_pages' , 'MIGRATION' ), (VERSION_ZERO, VERSION_INF, 'move_pages' , 'MIGRATION' ), (VERSION_ZERO, VERSION_INF, 'get_mempolicy' , 'NUMA' ), (VERSION_ZERO, VERSION_INF, 'set_mempolicy' , 'NUMA' ), (VERSION_ZERO, VERSION_INF, 'set_mempolicy_home_node', 'NUMA' ), (VERSION_ZERO, VERSION_INF, 'pciconfig_read' , 'PCI' ), (VERSION_ZERO, VERSION_INF, 'pciconfig_write' , 'PCI' ), (VERSION_ZERO, VERSION_INF, 'pciconfig_iobase' , 'PCI' ), (VERSION_ZERO, VERSION_INF, 'perf_event_open' , 'PERF_EVENTS' ), (VERSION_ZERO, VERSION_INF, 'mq_notify' , 'POSIX_MQUEUE' ), (VERSION_ZERO, VERSION_INF, 'mq_open' , 'POSIX_MQUEUE' ), (VERSION_ZERO, VERSION_INF, 'mq_timedreceive' , 'POSIX_MQUEUE' ), (VERSION_ZERO, VERSION_INF, 'mq_timedsend' , 'POSIX_MQUEUE' ), (VERSION_ZERO, VERSION_INF, 'mq_unlink' , 'POSIX_MQUEUE' ), (VERSION_ZERO, VERSION_INF, 'mq_getsetattr' , 'POSIX_MQUEUE' ), (VERSION_ZERO, VERSION_INF, 'timer_create' , 'POSIX_TIMERS' ), (VERSION_ZERO, VERSION_INF, 'timer_delete' , 'POSIX_TIMERS' ), (VERSION_ZERO, VERSION_INF, 'timer_getoverrun' , 'POSIX_TIMERS' ), (VERSION_ZERO, VERSION_INF, 'timer_gettime' , 'POSIX_TIMERS' ), (VERSION_ZERO, VERSION_INF, 'timer_settime' , 'POSIX_TIMERS' ), (VERSION_ZERO, VERSION_INF, 'rtas' , 'PPC_RTAS' ), # powerpc only (VERSION_ZERO, VERSION_INF, 'subpage_prot' , 'PPC_SUBPAGE_PROT' ), # powerpc 64-bit only (VERSION_ZERO, VERSION_INF, 'quotactl' , 'QUOTACTL' ), (VERSION_ZERO, VERSION_INF, 'quotactl_fd' , 'QUOTACTL' ), (VERSION_ZERO, VERSION_INF, 'rseq' , 'RSEQ' ), (VERSION_ZERO, VERSION_INF, 'lsm_get_self_attr' , 'SECURITY' ), (VERSION_ZERO, VERSION_INF, 'lsm_list_modules' , 'SECURITY' ), (VERSION_ZERO, VERSION_INF, 'lsm_set_self_attr' , 'SECURITY' ), (VERSION_ZERO, VERSION_INF, 'landlock_create_ruleset', 'SECURITY_LANDLOCK' ), (VERSION_ZERO, VERSION_INF, 'landlock_add_rule' , 'SECURITY_LANDLOCK' ), (VERSION_ZERO, VERSION_INF, 'landlock_restrict_self' , 'SECURITY_LANDLOCK' ), (VERSION_ZERO, VERSION_INF, 'seccomp' , 'SECCOMP' ), (VERSION_ZERO, VERSION_INF, 'memfd_secret' , 'SECRETMEM' ), (VERSION_ZERO, VERSION_INF, 'sgetmask' , 'SGETMASK_SYSCALL' ), # obsolete (VERSION_ZERO, VERSION_INF, 'ssetmask' , 'SGETMASK_SYSCALL' ), # obsolete (VERSION_ZERO, VERSION_INF, 'signalfd' , 'SIGNALFD' ), (VERSION_ZERO, VERSION_INF, 'signalfd4' , 'SIGNALFD' ), (VERSION_ZERO, VERSION_INF, 'spu_create' , 'SPU_FS' ), # powerpc only (VERSION_ZERO, VERSION_INF, 'spu_run' , 'SPU_FS' ), # powerpc only (VERSION_ZERO, VERSION_INF, 'swapon' , 'SWAP' ), (VERSION_ZERO, VERSION_INF, 'swapoff' , 'SWAP' ), (VERSION_ZERO, (5, 5) , 'sysctl' , 'SYSCTL_SYSCALL' ), # dead since v5.9 (VERSION_ZERO, VERSION_INF, 'sysfs' , 'SYSFS_SYSCALL' ), # obsolete (VERSION_ZERO, VERSION_INF, 'ipc' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'msgctl' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'msgget' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'msgrcv' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'msgsnd' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'semctl' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'semget' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'semop' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'semtimedop' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'shmat' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'shmctl' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'shmdt' , 'SYSVIPC' ), (VERSION_ZERO, VERSION_INF, 'shmget' , 'SYSVIPC' ), ((3,17) , (4,18) , 'memfd_create' , 'TMPFS' ), (VERSION_ZERO, VERSION_INF, 'chown16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'fchown16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'lchown16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'getuid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'getgid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'geteuid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'getegid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'getresuid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'getresgid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'getgroups16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'setuid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'setgid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'setreuid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'setregid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'setfsuid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'setfsgid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'setresuid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'setresgid16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'setgroups16' , 'UID16' ), # legacy (VERSION_ZERO, VERSION_INF, 'userfaultfd' , 'USERFAULTFD' ), (VERSION_ZERO, VERSION_INF, 'uselib' , 'USELIB' ), # obsolete (32bit only?) (VERSION_ZERO, (4,3) , 'vm86old' , 'VM86' ), # x86 32-bit only (VERSION_ZERO, (4,3) , 'vm86' , 'VM86' ), # x86 32-bit only ((4,3) , VERSION_INF, 'vm86old' , 'X86_LEGACY_VM86' ), # x86 32-bit only, legacy ((4,3) , VERSION_INF, 'vm86' , 'X86_LEGACY_VM86' ), # x86 32-bit only, legacy ((5,5) , VERSION_INF, 'ioperm' , 'X86_IOPL_IOPERM' ), # x86 only ((5,5) , VERSION_INF, 'iopl' , 'X86_IOPL_IOPERM' ), # x86 only )) ================================================ FILE: src/systrack/kernel.py ================================================ import re import logging import struct import atexit from pathlib import Path from time import monotonic from os import sched_getaffinity from operator import itemgetter, attrgetter from collections import defaultdict, Counter from typing import Tuple, List, Dict, Iterable, Iterator, Union, Any, Optional from .arch import arch_from_name, arch_from_vmlinux from .elf import ELF, Symbol, Section from .kconfig import kconfig_edit, kconfig_check_with_deps, kconfig_debug_check from .kconfig import kconfig_more_syscalls, kconfig_debugging from .kconfig import kconfig_compatibility, kconfig_syscall_deps from .location import extract_syscall_locations from .log import log_verbosity from .signature import extract_syscall_signatures from .syscall import Syscall, common_syscall_symbol_prefixes from .type_hints import KernelVersion from .utils import ensure_command, maybe_rel, noprefix, run_command class KernelError(RuntimeError): pass class KernelArchError(KernelError): pass class KernelELFError(KernelError): pass class KernelMultiABIError(KernelError): pass class KernelVersionError(KernelError): pass class KernelWithoutSymbolsError(KernelError): pass class Kernel: __version = None __version_source = None __syscalls = None __backup_makefile = None __long_size = None __long_pack_fmt = None def __init__(self, arch_name: Optional[str] = None, vmlinux: Optional[Path] = None, kdir: Optional[Path] = None, outdir: Optional[Path] = None, rdir: Optional[Path] = None, toolchain_prefix: Optional[str] = None): if not kdir and not vmlinux: raise ValueError('at least one of vmlinux or kdir is needed') if arch_name is None and vmlinux is None: raise ValueError('need vmlinux to determine arch if not supplied') if vmlinux: try: self.vmlinux = ELF(vmlinux) except ValueError as e: raise KernelELFError(f'Bad vmlinux ELF: {e}') from e else: self.vmlinux = None self.kdir = kdir self.outdir = outdir self.rdir = rdir self.arch_name = arch_name self.toolchain_prefix = toolchain_prefix if self.vmlinux and not self.vmlinux.symbols: raise KernelWithoutSymbolsError('Provided vmlinux ELF has no symbols') if self.arch_name is None: m = arch_from_vmlinux(self.vmlinux) if m is None: raise KernelArchError('Failed to detect kernel architecture/ABI') arch_class, bits32, abis = m if len(abis) > 1: raise KernelMultiABIError('Multiple ABIs supported, need to ' 'select one', arch_class, abis) self.arch = arch_class(self.version, abis[0], bits32) else: self.arch = arch_from_name(self.arch_name, self.version) if self.vmlinux: if not self.arch.matches(self.vmlinux): raise KernelArchError(f'Architecture {arch_name} does not ' 'match provided vmlinux') self.__long_size = (8, 4)[self.vmlinux.bits32] self.__long_pack_fmt = '<>'[self.vmlinux.big_endian] + 'QL'[self.vmlinux.bits32] @staticmethod def version_from_str(s: str) -> KernelVersion: m = re.match(r'(\d+)\.(\d+)(\.(\d+))?', s) if not m: return None a, b, c = int(m.group(1)), int(m.group(2)), m.group(4) return (a, b) if c is None else (a, b, int(c)) @staticmethod def version_from_banner(banner: Union[str,bytes]) -> KernelVersion: if isinstance(banner, bytes): banner = banner.decode() if not banner.startswith('Linux version '): return None return Kernel.version_from_str(banner[14:]) def __version_from_vmlinux(self) -> KernelVersion: banner = self.vmlinux.symbols.get('linux_banner') if banner is None: return None if banner.size: banner = self.vmlinux.read_symbol(banner) else: banner = self.vmlinux.vaddr_read_string(banner.vaddr) return self.version_from_banner(banner) def __version_from_make(self) -> KernelVersion: v = ensure_command('make kernelversion', self.kdir) return self.version_from_str(v) @property def version(self) -> KernelVersion: if self.__version is None: if self.vmlinux: self.__version = self.__version_from_vmlinux() self.__version_source = 'vmlinux' elif self.kdir: # This could in theory be tried even if __version_from_vmlinux() # fails... but if that fails there are probably bigger problems. self.__version = self.__version_from_make() self.__version_source = 'make' if self.__version is None: raise KernelVersionError('unable to determine kernel version') return self.__version @property def version_str(self) -> str: return '.'.join(map(str, self.version)) + f' (from {self.__version_source})' @property def version_tag(self) -> str: a, b, c = self.version if c == 0: return f'v{a}.{b}' return f'v{a}.{b}.{c}' @property def version_source(self) -> str: if self.__version_source or self.version: return self.__version_source return None @property def can_extract_location_info(self): return self.vmlinux.has_debug_info @property def can_extract_signature_info(self): return ( '__start_syscalls_metadata' in self.vmlinux.symbols or self.vmlinux.has_debug_info ) @property def syscalls(self) -> List[Syscall]: if self.__syscalls is None: self.__syscalls = self.__extract_syscalls() return self.__syscalls def __rel(self, path: Path) -> Path: return maybe_rel(path, self.kdir) def __unpack_long(self, vaddr: int) -> int: return struct.unpack(self.__long_pack_fmt, self.vmlinux.vaddr_read(vaddr, self.__long_size))[0] def __iter_unpack_vmlinux(self, fmt: str, off: int, size: int = None) -> Iterator[Tuple[Any, ...]]: f = self.vmlinux.file assert f.seek(off) == off if size is None: chunk_size = struct.calcsize(fmt) while 1: yield struct.unpack(fmt, f.read(chunk_size)) else: yield from struct.iter_unpack(fmt, f.read(size)) def __iter_unpack_vmlinux_long(self, off: int, size: int = None) -> Iterator[int]: yield from map(itemgetter(0), self.__iter_unpack_vmlinux(self.__long_pack_fmt, off, size)) def __unpack_syscall_table(self, tbl: Symbol, target_section: Section) -> List[int]: tbl_file_off = self.vmlinux.vaddr_to_file_offset(tbl.vaddr) # This is the section we would like the function pointers to point to, # we'll warn or halt in case we find fptrs pointing outside vstart = target_section.vaddr vend = vstart + target_section.size if tbl.size > 0x80: logging.info('Syscall table (%s) is %d bytes, %d entries', tbl.name, tbl.size, tbl.size // self.__long_size) vaddrs = list(self.__iter_unpack_vmlinux_long(tbl_file_off, tbl.size)) # Sanity check: ensure all vaddrs are within the target section for idx, vaddr in enumerate(vaddrs): if not (vstart <= vaddr < vend): logging.warning('Virtual address 0x%x idx %d is outside %s: ' 'something is off!', vaddr, tbl.name, idx, target_section.name) else: # Apparently on some archs (e.g. MIPS, PPC) the syscall table symbol # can have size 0. In this case we'll just warn the user and keep # extracting vaddrs as long as they are valid, stopping at the first # invalid one or at the next symbol we encounter. logging.warning('Syscall table (%s) has bad size (%d), doing my ' ' best to figure out when to stop', tbl.name, tbl.size) cur_idx_vaddr = tbl.vaddr boundary = self.vmlinux.next_symbol(tbl) boundary = boundary.vaddr if boundary else float('inf') vaddrs = [] for vaddr in self.__iter_unpack_vmlinux_long(tbl_file_off): # Stop at the first vaddr pointing outside target_section if not (vstart <= vaddr < vend): break # Stop if we collide with another symbol right after the syscall # table (may be another syscall table e.g. the compat one) if cur_idx_vaddr >= boundary: break vaddrs.append(vaddr) cur_idx_vaddr += self.__long_size logging.info('Syscall table seems to be %d bytes, %d entries', cur_idx_vaddr - tbl.vaddr, len(vaddrs)) return vaddrs def __syscall_vaddrs_from_syscall_table(self) -> Dict[int,int]: tbl = self.vmlinux.symbols.get(self.arch.syscall_table_name) if not tbl: logging.critical('Unable to find %s symbol!', self.arch.syscall_table_name) return {} logging.debug('Syscall table: %r', tbl) # Read and parse the syscall table unpacking all virtual addresses it # contains. Depending on arch, we might need to parse function # descriptors for the function pointers in the syscall table. text = self.vmlinux.sections['.text'] vaddrs = {} if self.arch.uses_function_descriptors: text_vstart = text.vaddr text_vend = text_vstart + text.size # Even if this arch uses function descriptors, we don't know if they # are effectively used for function pointers in the syscall table. # This needs to be tested, and in case they aren't used, we can # fallback to "normal" parsing instead. if not (text_vstart <= self.__unpack_long(tbl.vaddr) < text_vend): logging.debug('Syscall table uses function descriptors') opd = self.vmlinux.sections.get('.opd') if not opd: logging.critical('Arch uses function descriptors, but ' 'vmlinux has no .opd section!') return {} descriptors = self.__unpack_syscall_table(tbl, opd) # Translate function descriptors (one more level of indirection) for i, desc_vaddr in enumerate(descriptors): vaddr = self.vmlinux.vaddr_read(desc_vaddr, self.__long_size) vaddr = struct.unpack(self.__long_pack_fmt, vaddr)[0] if not (text_vstart <= vaddr < text_vend): logging.warning('Function descriptor at 0x%x points ' 'outside .text: something is off!', desc_vaddr) vaddrs[i] = vaddr else: logging.debug('Syscall table does NOT use function descriptors') if not vaddrs: vaddrs = dict(enumerate(self.__unpack_syscall_table(tbl, text))) if not vaddrs: logging.critical('Could not extract any valid function pointer ' 'from %s, giving up!', self.arch.syscall_table_name) logging.critical('Is the kernel relocatable? Relocation entries ' 'for the syscall table are not supported.') return {} return vaddrs def __extract_syscalls(self) -> List[Syscall]: if self.arch.bits32 != self.vmlinux.bits32: a, b = (32, 64) if self.arch.bits32 else (64, 32) logging.critical('Selected arch is %d-bit, but kernel is %d-bit', a, b) return [] self.arch.adjust_abi(self.vmlinux) logging.debug('Arch: %r', self.arch) have_syscall_table = self.arch.have_syscall_table() if have_syscall_table: vaddrs = self.__syscall_vaddrs_from_syscall_table() else: logging.warning('No syscall table available! Trying my best...') vaddrs = self.arch.extract_syscall_vaddrs(self.vmlinux) if not vaddrs: logging.critical('Unable to extract any syscall vaddr, giving up!') return [] # Find all ni_syscall symbols (there might be multiple) and keep track # of them for later in order to detect non-implemented syscalls. ni_syscalls = set() for sym in self.vmlinux.functions.values(): if self.arch.symbol_is_ni_syscall(sym): ni_syscalls.add(sym) for sym in sorted(ni_syscalls, key=attrgetter('name')): logging.debug('Found ni_syscall: %r', sym) if not ni_syscalls: logging.critical('No ni_syscall found!') return [] seen = set(vaddrs.values()) symbols_by_vaddr = {sym.vaddr: sym for sym in ni_syscalls} discarded_logs = [] preferred_logs = [] # Create a mapping vaddr -> symbol for every vaddr in the syscall table # for convenience. Sort symbols by name for reproducible results. We # look at .symbols instead of .functions here because (of course) some # of these symbols may not be classified as FUNC. for sym in sorted(self.vmlinux.symbols.values(), key=attrgetter('name')): vaddr = sym.vaddr if vaddr not in seen: continue other = symbols_by_vaddr.get(vaddr) if sym == other: continue if other is not None: if other in ni_syscalls and sym not in ni_syscalls: # Don't allow other symbols to "override" a ni_syscall if logging.root.isEnabledFor(logging.DEBUG): discarded_logs.append((sym.name, other.name)) continue pref = self.arch.preferred_symbol(sym, other) sym, other = pref, (other if pref is sym else sym) if log_verbosity() >= 3: preferred_logs.append((pref.name, other.name)) symbols_by_vaddr[vaddr] = sym # Sort logs for reproducible output (the above sorting does not # guarantee that these are sorted as well). discarded_logs.sort() preferred_logs.sort() for sym, other in discarded_logs: logging.debug('Discarding %s as alias for %s', sym, other) for sym, other in preferred_logs: logging.debug('Preferring %s over %s', sym, other) del discarded_logs del preferred_logs del seen if not symbols_by_vaddr: logging.critical('Unable to find any symbol in the syscall table, giving up!') logging.critical('Is "%s" the correct arch/ABI combination for ' 'this kernel?', self.arch_name) return [] # Sanity check: the only repeated vaddrs in the syscall table should be # the ones for *_ni_syscall. Warn in case there are others. counts = Counter(vaddrs.values()).items() counts = filter(lambda c: c[1] > 1, counts) counts = sorted(counts, key=itemgetter(1), reverse=True) if counts: # In case of no syscall table, ni_syscalls may have already been # filtered by arch-specific extraction code, so don't sweat it. if any(sym in ni_syscalls for sym in vaddrs.values()): best = symbols_by_vaddr[counts[0][0]] if best not in ni_syscalls: logging.error('Interesting! I was expecting *_ni_syscall to be the ' 'most frequent symbol in the syscall table, but %s is (' 'appearing %d times).', best.name, counts[0][1]) for va, n in counts: sym = symbols_by_vaddr.get(va, f'{va:#x} ') if sym not in ni_syscalls: logging.warning('Interesting! Vaddr found %d times: %s', n, sym) symbols = [] symbol_names = [] ni_count = defaultdict(int) # Filter out only defined syscalls for idx, vaddr in sorted(vaddrs.items()): sym = symbols_by_vaddr.get(vaddr) if sym is None: if have_syscall_table: logging.error('Unable to find symbol for %s[%d]: 0x%x', self.arch.syscall_table_name, idx, vaddr) else: logging.error('Unable to find symbol for #%d 0x%x', idx, vaddr) continue if log_verbosity() >= 3: if have_syscall_table: logging.debug('%s[%d]: %s', self.arch.syscall_table_name, idx, sym) else: logging.debug('#%d: %s', idx, sym) if sym in ni_syscalls: ni_count[sym] += 1 continue symbols.append((idx, sym)) symbol_names.append(sym.name) # Find common syscall symbol prefixes (e.g. "__x64_sys_") in order to be # able to strip them later to obtain the actual syscall name prefixes = common_syscall_symbol_prefixes(symbol_names, 20) if prefixes: logging.info('Common syscall symbol prefixes: %s', ', '.join(prefixes)) else: logging.warning('No common syscall symbol prefixes found (weird!)') syscalls = [] n_skipped = 0 # Build list of syscalls (with prefixes stripped from the names) and # skip uneeded ones (e.g. implemented for other ABIs) for idx, sym in symbols: num = self.arch.syscall_num_base + idx origname = self.arch.translate_syscall_symbol_name(sym.name) origname = noprefix(origname, *prefixes) name = self.arch.normalize_syscall_name(origname) kdeps = kconfig_syscall_deps(name, self.version, self.arch) # We could need the original name to differentiate some syscalls # in order to understand if they need some Kconfig or not if not kdeps: kdeps = kconfig_syscall_deps(origname, self.version, self.arch) num = self.arch.adjust_syscall_number(num) sc = Syscall(idx, num, name, origname, sym, kdeps) if self.arch.skip_syscall(sc): logging.debug('Skipping %s', sym.name) n_skipped += 1 continue syscalls.append(sc) ni_total = 0 for sym, n in sorted(ni_count.items(), key=itemgetter(1), reverse=True): logging.info('%d entries point to %s', n, sym.name) ni_total += n # Add esoteric syscalls to the list, if any. These do not need any name # translation or signature search. Some may need tailored static binary # analysis. Very fun. esoteric = self.arch.extract_esoteric_syscalls(self.vmlinux) n_esoteric = len(esoteric) # Log these, they are interesting if esoteric: logging.info('Found %d esoteric syscall%s: %s', n_esoteric, 's'[:n_esoteric ^ 1], ', '.join(map(itemgetter(1), esoteric))) for num, name, sym_name, sig, kconf in esoteric: sym = self.vmlinux.symbols[sym_name] syscalls.append(Syscall(None, num, name, name, sym, kconf, signature=sig, esoteric=True)) assert len(syscalls) == len(vaddrs) - ni_total - n_skipped + n_esoteric # Extract the most common ni_syscall symbol we found (if any) and its # code to use it as a reference to detect other non-implemented syscalls # (whose handlers could simply be inlined ni_syscall code). ni_ref_sym = max(ni_count, key=ni_count.get) if ni_count else None ni_ref_code = self.vmlinux.read_symbol(ni_ref_sym) if ni_ref_sym else None # Some syscalls are just a dummy function that does `return -ENOSYS` or # some other error, meaning that the syscall is not actually # implemented, even if present in the syscall table. We can filter those # out using .is_dummy_syscall() by either exactly matching the reference # ni_syscall code extracted above or invoking arch-specific logic (if # any). # # We are however not guaranteed to catch everything. For example, # .is_dummy_syscall() may be useless if the symbol has bad/zero size or # if the compiler does something funny and uses weird instructions. # Unless we check sources, we can always have false positives even after # this step. syscalls = list(filter( lambda s: not self.arch.is_dummy_syscall(s, self.vmlinux, ni_ref_sym, ni_ref_code), syscalls )) # Find locations and signatures for all the syscalls we found (except # esoteric ones). extract_syscall_locations(syscalls, self.vmlinux, self.arch, self.kdir, self.rdir) extract_syscall_signatures(syscalls, self.vmlinux, self.kdir is not None) # Second pass to extract only implemented syscalls: warn for potentially # bad matches and filter out invalid ones. implemented = [] bad_loc_info = [] no_loc_info = [] no_sig_info = [] for sc in syscalls: file, line, good = sc.file, sc.line, sc.good_location if not sc.esoteric and not good and file is not None: if self.__rel(file).match('kernel/sys_ni.c'): # If we got to this point the location is still not # "good" and points to sys_ni.c even after # adjusting/grepping. Assume the syscall is not # implemented. Granted, this could in theory lead to # false negatives, but I did not encounter one yet. # Since we are grepping the source code this should NOT # happen for implemented syscalls. Nonetheless warn # about it, so we can double check and make sure # everything is fine. logging.warning('Assuming %s is not implemented as it ' 'points to %s:%d after adjustments', sc.name, self.__rel(file), line) continue if self.kdir: if file.match('*.S'): hint = ' (implemented in asm?)' elif file.match('*.c'): hint = ' (normal function w/o asmlinkage?)' else: hint = '' bad_loc_info.append(( sc.name, sc.symbol.name, self.__rel(file), str(line), hint )) if file is None and self.can_extract_location_info: no_loc_info.append((sc.name, sc.symbol.name)) if sc.signature is None and self.can_extract_signature_info: no_sig_info.append((sc.name, sc.symbol.name)) implemented.append(sc) for info in bad_loc_info: logging.warning('Potentially bad location for %s (%s): %s:%s%s', *info) for info in no_loc_info: logging.error('Unable to find location for %s (%s)', *info) for info in no_sig_info: logging.error('Unable to extract signature for %s (%s)', *info) return implemented def __try_set_optimization_level(self, lvl: int) -> bool: # Might be the most ignorant thing in this whole codebase :') with (self.kdir / 'Makefile').open('r+') as f: self.__backup_makefile = data = f.read() assert f.seek(0) == 0 match = re.search(r'^KBUILD_CFLAGS\s*\+=\s*-O(2)\n', data, re.MULTILINE) if not match: return False start, end = match.span(1) f.write(data[:start] + str(lvl) + data[end:]) f.truncate() return True def __restore_makefile(self): if self.__backup_makefile: with (self.kdir / 'Makefile').open('w') as f: f.write(self.__backup_makefile) else: logging.error('Restoring Makefile without backing it up first???') atexit.unregister(self.__restore_makefile) def __edit_config(self, options: Iterable[str]): if not options: return # TODO: this is annoying, can we find a better way to do it? # make olddefconfig only works with the .config file in the source # tree, so can't move the "sync config" functionality out of here... config_file = (self.outdir or self.kdir) / '.config' kconfig_edit(config_file, self.kdir, options) self.sync_config() kconfig_debug_check(config_file, self.kdir, options) def __edit_config_with_deps(self, options: Dict[str,List[str]]): if not options: return # TODO: ditto (see above) config_file = (self.outdir or self.kdir) / '.config' kconfig_edit(config_file, self.kdir, options) self.sync_config() kconfig_check_with_deps(config_file, self.kdir, options) def make(self, target: str, stdin=None, ensure=True) -> int: j = max(len(sched_getaffinity(0)) - 1, 1) cmd = ['make', f'-j{j}', f'ARCH={self.arch.name}'] # Generate debug info with relative paths to make our life easier for # later analysis. cmd.append(f'KCFLAGS=-fdebug-prefix-map={self.kdir.absolute()}=.') if self.toolchain_prefix: cmd.append(f'CROSS_COMPILE={self.toolchain_prefix}') if self.outdir: cmd.append(f'O={self.outdir}') # 5.15+ has CONFIG_WERROR, which we set =n, but older kernels seem to # accept WERROR=X. if self.version < (5,15): cmd.append('WERROR=0') if log_verbosity() >= 4: cmd.append('V=1') if ensure: ensure_command(cmd + [target], self.kdir, stdin, False, log_verbosity() >= 3) return 0 return run_command(cmd + [target], self.kdir, stdin, log_verbosity() >= 3) def sync_config(self): '''Set any config that was "unlocked" by others to its default value. The make target for this depends on the kernel version. ''' if self.version >= (3, 7): self.make('olddefconfig') else: # Ugly, but oldconfig can error out if no input is given. self.make('oldconfig', stdin='\n' * 1000) def clean(self): self.__version = None self.make('distclean') def configure(self): self.__version = None logging.info('Configuring for Arch: %r', self.arch) logging.info('Base config target(s): %s', ', '.join(self.arch.config_targets)) for target in self.arch.config_targets: self.make(target) logging.info('Applying debugging configs') self.__edit_config(kconfig_debugging(self.version)) logging.info('Applying compatibility configs') self.__edit_config(kconfig_compatibility(self.version)) logging.info('Enabling more syscalls') self.__edit_config_with_deps(kconfig_more_syscalls(self.version)) logging.info('Applying arch-specific configs') self.__edit_config_with_deps(self.arch.kconfig[self.version]) def build(self, try_disable_opt: bool = False) -> float: start = monotonic() self.__version = None if try_disable_opt: logging.info('Trying to build with optimizations disabled (-O0)') # This will either work or fail for any level. If it fails, just # do a normal build with ensure=True, which will exit in case of # failure. if self.__try_set_optimization_level(0): atexit.register(self.__restore_makefile) res = self.make('vmlinux', ensure=False) self.__restore_makefile() if res == 0: return monotonic() - start logging.error('Failed to build with -O0, trying -O1') self.__try_set_optimization_level(1) res = self.make('vmlinux', ensure=False) self.__restore_makefile() if res == 0: return monotonic() - start logging.error('Failed to build with -O1, doing a normal build') else: logging.warning('Unable to patch Makefile to disable ' 'optimizations, doing a normal build instead') self.make('vmlinux') return monotonic() - start ================================================ FILE: src/systrack/location.py ================================================ import logging import re import sys from operator import attrgetter from pathlib import Path from typing import Tuple, List, Set, Iterable, Iterator, Optional from .arch import Arch from .elf import ELF from .syscall import Syscall from .utils import ensure_command, command_available, maybe_rel def addr2line(elf: Path, addrs: Iterable[int]) -> Iterator[Tuple[Optional[Path],Optional[int]]]: out = ensure_command(['addr2line', '-e', elf, *map(hex, addrs)]) for file, line in map(lambda d: d.split(':'), out.splitlines()): if file == '??': yield None, None continue line = int(line) if line.isdigit() else None yield Path(file), line def smart_addr2line(elf: Path, addrs: Iterable[int], srcdir: Path = None) -> Iterator[Tuple[Optional[Path],Optional[int]]]: '''Run addr2line on the given elf for the given virtual addresses remapping any returned paths to the given srcdir. addr2line will always output absolute paths. In case the paths in the ELF DWARF sections are relative (i.e. don't start with "/"), the directory containing the ELF is taken as base. This is problematic because if the ELF is moved from the original source directory the paths returned by addr2line will be invalid. To avoid this problem, whenever we know a different source directory, this function remaps the paths returned by addr2line to that directory instead. ''' locs = addr2line(elf, addrs) if srcdir is None: yield from locs elfdir = elf.parent for file, line in locs: if file is not None and file.is_relative_to(elfdir): yield srcdir / file.relative_to(elfdir), line else: yield file, line def grep_file(root: Path, exp: re.Pattern, file: Path) -> Iterator[str]: # Use binary mode since some kernel source files may contain weird # non-unicode chars and break everything (go figure). Decode a line only in # case of a match. with file.open('rb') as f: for lineno, line in enumerate(f, 1): if exp.search(line): yield f'{file.relative_to(root)}:{lineno}:{line.rstrip().decode()}' def grep_recursive(root: Path, exp: re.Pattern, exclude: Set[str], curdir: Path = None) -> Iterator[str]: if curdir is None: curdir = root for path in curdir.iterdir(): if path.match('.*'): continue if path.is_file() and path.match('*.c'): yield from grep_file(root, exp, path) elif path.is_dir() and path.resolve() not in exclude: yield from grep_recursive(root, exp, exclude, path) def grep_kernel_sources(kdir: Path, arch: Arch, syscalls: List[Syscall]) -> Iterator[Tuple[Syscall,Path,int]]: if arch.compat: base_exp = r'\b(COMPAT_)?SYSCALL(32)?_DEFINE\d\s*\(' elif arch.bits32: base_exp = r'\bSYSCALL(32)?_DEFINE\d\s*\(' else: base_exp = r'\bSYSCALL_DEFINE\d\s*\(' oddstyle = arch.syscall_def_regexp() if oddstyle is not None: exp = fr'({base_exp}|{oddstyle})\s*\w+' else: exp = base_exp + r'\s*\w+' if not command_available('rg'): logging.debug('No ripgrep available :( falling back to slow python implementation') exclude = { (kdir / 'Documentation').resolve(), (kdir / 'drivers').resolve(), (kdir / 'lib').resolve(), (kdir / 'samples').resolve(), (kdir / 'sound').resolve(), (kdir / 'tools').resolve(), (kdir / 'usr').resolve(), } # Ignore other architectures for path in (kdir / 'arch').iterdir(): if not path.match(arch.name): exclude.add(path.resolve()) out = list(grep_recursive(kdir, re.compile(exp.encode()), exclude)) else: out = ensure_command(( 'rg', '--line-number', '--glob', '!Documentation/*', '--glob', '!drivers/*', '--glob', '!lib/*', '--glob', '!samples/*', '--glob', '!sound/*', '--glob', '!tools/*', '--glob', '!usr/*', '--glob', '!arch/*', # ignore other architectures (important) '--glob', f'arch/{arch.name}', # include the correct one '--glob', '*.c', exp ), cwd=kdir).splitlines() exps = {s: re.compile(rf':{base_exp}{s.origname}[,)]') for s in syscalls} if arch.compat: key = lambda l: (l.startswith('arch'), ('COMPAT' in l) + ('SYSCALL32' in l)) elif arch.bits32: key = lambda l: (l.startswith('arch'), 'SYSCALL32' in l) else: key = lambda l: l.startswith('arch') # Prioritize files under arch/ and prefer compat/32bit syscalls if needed out.sort(key=key, reverse=True) for line in out: for sc, exp in exps.items(): if exp.search(line): file, line = line.split(':')[:2] yield sc, kdir / file, int(line) del exps[sc] break # Report failed matches for sc in exps: yield sc, None, None def good_definition(arch: Arch, definition: str, syscall_name: str) -> bool: # There are a lot of legacy/weird syscall definitions and some symbols can # therefore point (addr2line output) to old-style `asmlinkage` functions newstyle = ('^(COMPAT_)?' if arch.compat else '^') newstyle += rf'SYSCALL(32)?_DEFINE\d\s*\({syscall_name}\b' oldstyle = rf'^asmlinkage\s*(unsigned\s+)?\w+\s*sys(32)?_{syscall_name}\(' if re.match(f'{newstyle}|{oldstyle}', definition) is not None: return True # Also try matching old-style name if equal to full function name if syscall_name.startswith('sys_') and re.match(r'^asmlinkage\s*' rf'(unsigned\s+)?\w+\s*{syscall_name}\s*\(', definition) is not None: return True # Some archs use weirdly named SYSCALL_DEFINEn macros, e.g. PPC32 ABI on # PowerPC 64-bit with its "PPC32_SYSCALL_DEFINEn", or weirdly named sys_xxx # functions, e.g. ARM oabi with its "asmlinkage int sys_oabi_xxx(...)". oddstyle = arch.syscall_def_regexp(syscall_name) return oddstyle is not None and re.match(oddstyle, definition) is not None def good_location(file: Path, line: int, arch: Arch, sc: Syscall) -> bool: with file.open('rb') as f: for _ in range(line - 1): next(f) definition = f.readline().decode() return good_definition(arch, definition, sc.origname) \ or good_definition(arch, definition, sc.name) def adjust_line(file: Path, line: int, sc: Syscall) -> int: '''Adjust the given line number by looking for the start (signature) of a function. The sc argument is only used for error logging prposes. ''' try: with file.open('rb') as f: lines = f.readlines() except FileNotFoundError: # This will happen if we mismatch vmlinux and kernel sources. There's no # way we can keep going if kernel sources do not match the kernel we are # analyzing. It'd be nice to detect this and abort earlier, but without # make or git we have no good way of knowing what's the version for the # source code we are inspecting, and we will only realize something's # wrong if we encounter a missing file or a file that is too short. logging.critical('Broken location info for %r', sc) logging.critical('File "%s" does not exist!', file) logging.critical('Do you have the correct source code version for this kernel?') sys.exit(1) # line is 1-based line_0 = line - 1 # Try gettint up to the top of the current function body for i in range(line_0, -1, -1): try: l = lines[i].rstrip() except IndexError: # This will happen if we mismatch vmlinux and kernel sources. Same # reasoning as above applies. logging.critical('Broken location info for %r', sc) logging.critical('File "%s" does not have enough lines of code: ' 'expected %d+, have %d!', file, line, len(lines)) logging.critical('Do you have the correct source code version for this kernel?') sys.exit(1) if i < line_0 and l == b'}': # We went up at least one line and found a '}': this means we were # not inside a function, give up break if l == b'{': for j in range(i - 1, -1, -1): char = lines[j][0:1] if not char.isspace(): if char == b'#': # SYSCALL_DEFINE macro wrapped in preprocessor guards, # annoying but it can happen (e.g., clone in v5.0 at # kernel/fork.c:2328). Just skip the directive. continue # Found function signature return j + 1 # Found start of function body (weird) logging.debug('Found start of function body, but not the actual ' 'signature: %s:%d', file, i + 1) return i + 1 return line def extract_syscall_locations(syscalls: List[Syscall], vmlinux: ELF, arch: Arch, kdir: Optional[Path], rdir: Optional[Path]): if not command_available('addr2line'): logging.warning('Command "addr2line" unavailable, skipping location info extraction') return # STEP 1: Ask addr2line for file/lineno info. Most of the times this will # work with at most a simple line adjustment. vmlinux = vmlinux.path locs = smart_addr2line(vmlinux, map(lambda s: s.symbol.real_vaddr, syscalls), kdir) locs = list(locs) if not kdir: for sc, (file, line) in zip(syscalls, locs): sc.file = file sc.line = line sc.good_location = False if any(map(attrgetter('file'), syscalls)): logging.warning('No kernel source available, trusting addr2line output for location info') else: logging.warning('No kernel source available and no addr2line output, cannot extract location info') return rel = lambda p: maybe_rel(p, kdir) bad_paths = False to_adjust: List[Syscall] = [] to_retry: List[Syscall] = [] to_grep: List[Syscall] = [] if rdir: remap = lambda p: kdir / maybe_rel(p, rdir) if p is not None else None else: remap = lambda p: kdir / p if p is not None else None # Try a simple line adjustment: lineno might point inside a function, but we # want the function signature. for sc, loc in zip(syscalls, locs): file, line = loc sc.file = file = remap(file) sc.good_location = False if file is None or not file.is_file() or line is None: if sc.symbol.size > 1: to_adjust.append(sc) logging.debug('Location needs adjustment (invalid): %s (%s) -> ' '%s:%s', sc.origname, sc.symbol.name, *loc) else: to_grep.append(sc) logging.debug('Location needs grepping (invalid and sz <= 0): ' '%s (%s) -> %s:%s', sc.origname, sc.symbol.name, *loc) continue if not file.is_relative_to(kdir.resolve()): bad_paths = True sc.line = line = adjust_line(file, line, sc) # For esoteric syscalls, only find a decent location for the symbol, # it's pointless to go deeper if sc.esoteric: continue if good_location(file, line, arch, sc): sc.good_location = True elif sc.symbol.size > 1: to_adjust.append(sc) logging.debug('Location needs adjustment (bad): %s (%s) -> %s:%d', sc.origname, sc.symbol.name, rel(file), line) else: to_grep.append(sc) logging.debug('Location needs grepping (bad and sz <= 0): %s (%s) ' '-> %s:%d', sc.origname, sc.symbol.name, rel(file), line) # STEP 2: Simple adjustment for bad/invalid locations: ask addr2line again # for vaddr + sz - 1 (except for symbols with sz <= 1). # # Rationale: The debug info for some syscall symbols points to the wrong # file/line, however the last few instructions of the function have a # better chance of pointing to the correct place. This is because in simple # syscalls (e.g. getuid, which only extracts a field from current) there is # no prolog/epilog, and since function calls like get_current() are # inlined, almost all instructions in the function body come from a macro or # function defined somewhere else. The final RET instruction is basically # the only one that truly belongs to the function. The workaround is to also # try checking vaddr + symbol_size - 1 with addr2line. to_adjust.sort(key=attrgetter('name')) if to_adjust: if len(to_adjust) == len(locs): # If we need to adjust every single location it's very likely that # the user gave us a wrong path as KDIR. This will make us attempt # full adjustment and grepping for every single syscall, which is # very slow. Warn so that the user figures this out without having # to wait for everything to complete. logging.warning('All the locations obtained from addr2line look ' 'bad, did you provide the correct KDIR?') logging.warning('You may want to try using --remap ORIG_KDIR') logging.warning('Skipping location information extraction') return vaddrs = tuple(map(lambda s: s.symbol.real_vaddr + s.symbol.size - 1, to_adjust)) new_locs = smart_addr2line(vmlinux, vaddrs, kdir) for sc, loc in zip(to_adjust, new_locs): file, line = loc file = remap(file) if file is None or not file.is_file() or line is None: if sc.symbol.size > 2: to_retry.append(sc) logging.debug('Location needs full-range adjustment ' '(invalid): %s (%s+0x%x) -> %s:%s', sc.origname, sc.symbol.name, sc.symbol.size - 1, *loc) else: to_grep.append(sc) logging.debug('Location needs grepping (invalid and sz <= ' '1): %s (%s+0x%x) -> %s:%s', sc.origname, sc.symbol.name, sc.symbol.size - 1, *loc) continue line = adjust_line(file, line, sc) if good_location(file, line, arch, sc): sc.file = file sc.line = line sc.good_location = True else: if sc.symbol.size > 2: to_retry.append(sc) logging.debug('Location needs full-range adjustment (bad): ' '%s (%s+0x%x) -> %s:%d', sc.origname, sc.symbol.name, sc.symbol.size - 1, rel(file), line) else: to_grep.append(sc) logging.debug('Location needs grepping (bad and sz <= 1): ' '%s (%s+0x%x) -> %s:%s', sc.origname, sc.symbol.name, sc.symbol.size - 1, rel(file), line) # STEP 3: Full-range adjustment for locations that are still bad/invalid: # ask addr2line again for ALL addresses from vaddr + 1 to vaddr + sz - 2 # (except for symbols with sz <= 1). # # Reasoning: not much, just being optimistic. This is unlikely to work if # addr2line didn't find anything for vaddr nor for vaddr + sz - 1. If we get # to this point, there is probably no file/line debug info for it at all. to_retry.sort(key=attrgetter('name')) for sc in to_retry: addrs = range(sc.symbol.real_vaddr + 1, sc.symbol.real_vaddr + sc.symbol.size - 2) invalid = True for offset, loc in enumerate(smart_addr2line(vmlinux, addrs, kdir), 1): file, line = loc file = remap(file) if file is None or not file.is_file() or line is None: continue invalid = False line = adjust_line(file, int(line), sc) if good_location(file, line, arch, sc): sc.file = file sc.line = line sc.good_location = True logging.debug('Location found through full-range adjustment: %s' ' (%s+0x%x) -> %s:%d', sc.origname, sc.symbol.name, offset, rel(file), line) break else: if invalid: logging.debug('Location needs grepping (invalid): %s (%s) -> ' '%s:%s', sc.origname, sc.symbol.name, *loc) else: logging.debug('Location needs grepping (bad): %s (%s) -> %s:%d', sc.origname, sc.symbol.name, rel(file), -1 if line is None else line) to_grep.append(sc) if bad_paths: logging.error('Cannot grep source code, debug info points outside ' 'provided kernel source directory') logging.warning('You may want to try using --remap ORIG_KDIR') return # STEP 4: Still bad? Use the big hammer: recursively grep kernel sources. # # Rationale: On x86 (and maybe others) some syscalls wrongly point to the # first COND_SYSCALL() macro found in kernel/sys_ni.c (e.g. userfaultfd). # Clang gives a slightly better location than gcc: still in this file, but # at the right line and not just pointing to the first COND_SYSCALL(). # Still, this is not the real location for the actual syscall code. The # symbols for these syscalls are also marked WEAK for some reason (as can be # seen from `readelf -Ws`). The only real workaround I can think of in this # case is to just grep the source code for definitions of the form # "SYSCALL_DEFINEx(name, ...". # # Disabling compiler optimizations could help, but the kernel does not have # a CONFIG_ option for that, and generally highly relies on optimizations. # Granted, the point here is not to build a runnable kernel, but still. # # In any case, even if they look legitimate, we cannot be sure of the # correctness of definitions found through grepping. For example, we could # be working with a 64-bit kernel with compat 32-bit support and find two # definitions using the exact same SYSCALL_DEFINEx macro guarded by some # preprocessor guards: we cannot know which one is correct in such case, the # only way would be to manually analyze the code or magically invoke the # preprocessor (which we are not even going to bother trying). # Sort by syscall name, group not found first grepped = grep_kernel_sources(kdir, arch, to_grep) grepped = sorted(grepped, key=lambda x: (x[1] is not None, x[0].name)) for sc, file, line in grepped: if file is None: logging.info('Location could not be found through grepping: %s ' '(orig name %s)', sc.name, sc.origname) continue if good_location(file, line, arch, sc): sc.file = file sc.line = line sc.good_location = True sc.grepped_location = True logging.warning('Location found through grepping: %s -> %s:%d', sc.origname, rel(file), line) ================================================ FILE: src/systrack/log.py ================================================ import logging import sys __all__ = ['log_setup', 'log_verbosity', 'eprint'] SETUP_DONE = False VERBOSITY = 0 SILENT_EPRINT = False def log_setup(quietness: int, verbosity: int, colors: bool = True): '''Setup logging verbosity on the root logger based on the given quietness and verbosity levels from command line arguments (number of -q and -v options given). Enable colored logs with ANSI escape codes if color=True. ''' global SETUP_DONE, VERBOSITY, SILENT_EPRINT assert not SETUP_DONE, 'log_setup() called multiple times' SETUP_DONE = True VERBOSITY = verbosity orig_factory = logging.getLogRecordFactory() if verbosity > 0: quietness = 0 if quietness >= 1: quietness -= 1 SILENT_EPRINT = True if colors: fmt = '%(color)s[%(levelname)s] %(message)s\x1b[0m' level_colors = { logging.CRITICAL: '\x1b[1;31m', logging.ERROR : '\x1b[31m', logging.WARNING : '\x1b[33m', logging.INFO : '\x1b[32m', logging.DEBUG : '\x1b[34m', } def record_factory(*args, **kwargs): record = orig_factory(*args, **kwargs) lvl = record.levelno record.color = level_colors.get(lvl, '') record.levelname = 'FATAL' if lvl == logging.CRITICAL else record.levelname[0] return record else: fmt = '[%(levelname)s] %(message)s' def record_factory(*args, **kwargs): record = orig_factory(*args, **kwargs) record.levelname = 'FATAL' if record.levelno == logging.CRITICAL else record.levelname[0] return record adj = quietness - verbosity logging.basicConfig(level=max(30 + 10 * adj, 0), format=fmt) logging.setLogRecordFactory(record_factory) def log_verbosity() -> bool: '''Return whether high verbosity is enabled (True if a lot of -v are given). ''' return VERBOSITY def eprint(*a, **kwa): '''print() wrapper that prints on standard error and flushes after printing, only if not in silent mode. ''' if not SILENT_EPRINT: print(*a, **kwa, file=sys.stderr, flush=True) ================================================ FILE: src/systrack/output.py ================================================ import sys from itertools import starmap from json import JSONEncoder, dump from pathlib import Path from typing import Iterable from .kernel import Kernel from .log import eprint from .utils import noprefix from .syscall import Syscall from .version import VERSION, VERSION_COPY class SyscallJSONEncoder(JSONEncoder): def default(self, o): if isinstance(o, Syscall): dikt = {k: getattr(o, k) for k in o.__slots__} # Symbol is a namedtuple subclass, but we only care about its .name dikt['symbol'] = o.symbol.name # Let's not waste space and remove CONFIG_ prefixes if o.kconfig: dikt['kconfig'] = noprefix(o.kconfig, 'CONFIG_') return dikt if isinstance(o, Path): return str(o) return super().default(o) def output_syscalls_text(syscalls: Iterable[Syscall], spacing: int = 2): prevnum = syscalls[0].number table = [( 'INDEX', 'NUMBER', 'NAME', 'ORIG NAME', 'SYMBOL', 'LOCATION', 'KCONFIG', 'SIGNATURE' )] for sc in syscalls: if sc.number - prevnum > 1: # Blank line to separate groups of contiguous syscall numbers table.append(None) prevnum = sc.number if sc.file and sc.line: loc = f'{sc.file}:{sc.line}' elif sc.file: loc = str(sc.file) else: loc = '' if loc and not sc.good_location: loc = '(?) ' + loc table.append(( f'{sc.index:-3d}' if sc.index is not None else '- ', hex(sc.number), sc.name, sc.origname if sc.origname != sc.name else '', sc.symbol.name, loc, sc.kconfig.replace('CONFIG_', '') if sc.kconfig else '', ', '.join(sc.signature) if sc.signature else '?' if sc.signature is None else 'void' )) widths = [max(map(lambda row: len(row[i]) if row else 0, table)) for i in range(len(table[0]))] sep = ' ' * spacing for row in table: if row: print(sep.join(starmap(lambda c, w: c.ljust(w), zip(row, widths)))) else: print() sys.stdout.flush() def output_syscalls_json(kernel: Kernel): data = { 'systrack_version': VERSION, 'kernel': { 'version': kernel.version_tag, 'version_source': kernel.version_source, 'architecture': { 'name': kernel.arch.name, 'bits': 32 if kernel.arch.bits32 else 64 }, 'abi': { 'name': kernel.arch.abi, 'compat': kernel.arch.compat, 'bits': 32 if kernel.arch.abi_bits32 else 64, 'calling_convention': { 'syscall_nr': kernel.arch.syscall_num_reg, 'parameters': kernel.arch.syscall_arg_regs } }, 'syscall_table_symbol': kernel.arch.syscall_table_name }, 'syscalls': kernel.syscalls } dump(data, sys.stdout, cls=SyscallJSONEncoder, sort_keys=True, indent='\t') def output_syscalls_html(kernel: Kernel): try: from jinja2 import Environment, PackageLoader except ImportError: eprint('HTML output not supported, could not import needed dependencies.') eprint('Install the systrack[html] or systrack[full] package through pip.') sys.exit(1) env = Environment(loader=PackageLoader('systrack'), line_statement_prefix='#', autoescape=True) template = env.get_template('syscall_table.html') max_args = max(len(s.signature) for s in kernel.syscalls if s.signature is not None) template.stream( kernel_version_tag=kernel.version_tag, arch=kernel.arch.name, bits=32 if kernel.arch.bits32 else 64, abi=kernel.arch.abi, abi_bits=32 if kernel.arch.abi_bits32 else 64, compat=kernel.arch.compat, num_reg=kernel.arch.syscall_num_reg, arg_regs=kernel.arch.syscall_arg_regs, max_args=max_args, syscalls=kernel.syscalls, systrack_version=VERSION, systrack_copy=VERSION_COPY.strip().replace('\n', ' \u2014 ') ).dump(sys.stdout) def output_syscalls(kernel: Kernel, fmt: str): if fmt == 'text': output_syscalls_text(kernel.syscalls) elif fmt == 'json': output_syscalls_json(kernel) elif fmt == 'html': output_syscalls_html(kernel) else: sys.exit('Output format not implemented!') ================================================ FILE: src/systrack/signature.py ================================================ import logging from operator import itemgetter from pathlib import Path from struct import unpack, iter_unpack from typing import Tuple, List, Iterable, Iterator from .elf import ELF from .syscall import Syscall from .utils import noprefix def expand_macros(sig: Iterable[str], big_endian: bool) -> Iterator[str]: for field in sig: newfield = noprefix(field, 'SC_ARG64(', 'arg_u32p(', 'compat_arg_u64_dual(', 'compat_arg_u64(') if newfield == field: yield field continue assert newfield[-1] == ')' field = newfield[:-1] if big_endian: yield from ('u32', f'{field}_hi', 'u32', f'{field}_lo') else: yield from ('u32', f'{field}_lo', 'u32', f'{field}_hi') def parse_signature(sig: str, big_endian: bool) -> Tuple[str, ...]: split_sig = map(str.strip, sig.split(',')) # SC_ARG64 is standard for all archs # arg_u32p is arm64-specific # compat_arg_u64[_dual] is riscv-specific if all(x not in sig for x in ('SC_ARG64', 'arg_u32p', 'compat_arg_u64')): # Make sure it doesn't contain any other macros that we don't know about assert '(' not in sig and ')' not in sig, f'Unexpected parentheses in signature: {sig!r}' return tuple(split_sig) return tuple(expand_macros(split_sig, big_endian)) def syscall_signature_from_source(file: Path, line: int, big_endian: bool) -> Tuple[str, ...]: sig = b'' with file.open('r') as f: for _ in range(line - 1): next(f) sig = f.readline().strip() while len(sig) == 0 or sig[-1] not in ');': sig += f.readline().strip() # We only handle two scenarios here: # # SYSCALL_DEFINEx(name, type1, arg1, type2, arg2, ...) # asmlinkage xxx sys_xxx(type1 arg1, type2 arg2, ...) newsig = noprefix(sig, 'SYSCALL_DEFINE', 'SYSCALL32_DEFINE', 'COMPAT_SYSCALL_DEFINE', 'COMPAT_SYSCALL32_DEFINE', 'PPC32_SYSCALL_DEFINE', 'COMPAT_SYSCALL_WRAP') if sig != newsig: sig = newsig start = sig.find(',') + 1 nargs = int(sig[0]) assert nargs <= 6, f'SYSCALL_DEFINE{nargs}? {file}:{line}' if start == 0: assert nargs == 0, f'Expected {nargs} arguments, but found 0: {file}:{line}' return () # no arguments sig = sig[start:sig.rfind(')')] # Remove __user annotation, collapse multiple spaces into one and remove # spaces between double pointers sig = ' '.join(sig.replace(' __user', '').split()).replace('* *', '**') sig = parse_signature(sig, big_endian) assert len(sig) % 2 == 0 and len(sig) // 2 == nargs, f'Bad signature after parsing: {file}:{line}' sig = tuple(f'{t}{" " * (t[-1] != "*")}{n}' for t, n in zip(sig[::2], sig[1::2])) elif sig.startswith('asmlinkage'): start = sig.find('(') + 1 sig = sig[start:sig.rfind(')')].strip() if not sig or sig == 'void': return () # no arguments # Remove __user annotation, collapse multiple spaces into one and remove # spaces between asterisks of pointers sig = ' '.join(sig.replace(' __user', '').split()).replace('* *', '**') # We are assuming macros like arg_u32p are only used for SYSCALL_DEFINEx assert '(' not in sig and ')' not in sig, f'Unexpected parentheses in signature: {file}:{line}' sig = tuple(map(str.strip, sig.split(','))) assert len(sig) <= 7, f'Syscall with {len(sig)} arguments? {file}:{line}' else: logging.error("This doesn't look like a syscall signature: %s:%d", file, line) return None return sig def extract_syscall_signatures(syscalls: List[Syscall], vmlinux: ELF, have_source: bool): have_syscall_metadata = '__start_syscalls_metadata' in vmlinux.symbols meta = {} res = [] # TODO: could we also extract signatures from DWARF or BTF even if we have # no ftrace metadata and no KDIR? How? # First extract signatures from ftrace metadata. If the kernel was compiled # with CONFIG_FTRACE_SYSCALLS=y we have signature information available in a # bunch of `struct syscall_metadata` objects. if have_syscall_metadata: logging.info('Kernel has ftrace syscall metadata from FTRACE_SYSCALLS=y') start = vmlinux.symbols['__start_syscalls_metadata'].real_vaddr stop = vmlinux.symbols['__stop_syscalls_metadata'].real_vaddr ptr_fmt = '<>'[vmlinux.big_endian] + 'QL'[vmlinux.bits32] meta_fmt = '<>'[vmlinux.big_endian] + ('QllQQ', 'LllLL')[vmlinux.bits32] ptr_sz = 4 if vmlinux.bits32 else 8 meta_sz = 8 + 3 * ptr_sz ptrs = map(itemgetter(0), iter_unpack(ptr_fmt, vmlinux.vaddr_read(start, stop - start))) # Sanity check open_meta = vmlinux.symbols.get('__syscall_meta__open') if open_meta and open_meta.size: assert open_meta.size >= meta_sz for ptr in ptrs: # Number (second field) is filled at boot and always -1 name, _, nargs, types, args = unpack(meta_fmt, vmlinux.vaddr_read(ptr, meta_sz)) # Sanity check: nargs > 0 => types != NULL and args != NULL assert nargs >= 0 and (nargs == 0 or (types and args)) name = vmlinux.vaddr_read_string(name).strip() name = noprefix(name, 'sys_') sig = [] for i in range(nargs): typ = unpack(ptr_fmt, vmlinux.vaddr_read(types + i * ptr_sz, ptr_sz))[0] arg = unpack(ptr_fmt, vmlinux.vaddr_read(args + i * ptr_sz, ptr_sz))[0] typ = vmlinux.vaddr_read_string(typ).strip() arg = vmlinux.vaddr_read_string(arg).strip() # Double pointers can have spaces between asterisks typ = typ.replace('* *', '**') sig.append(f'{typ}{" " * (typ[-1] != "*")}{arg}') meta[name] = tuple(sig) else: logging.info('Kernel DOES NOT have ftrace syscall metadata') # Now extract signatures from the source code based on the location info we # [should] already have for sc in filter(lambda s: not s.esoteric, syscalls): if sc.good_location: # We know that this location points to a `SYSCALL_DEFINEx` or an # `asmlinkage` function: extract signature right from source code assert have_source, 'good location with no kernel source? WHAT' sc.signature = syscall_signature_from_source(sc.file, sc.line, vmlinux.big_endian) elif have_syscall_metadata: # Weird/bad location, fallback to FTRACE_SYSCALLS metadata if # possible sig = meta.get(sc.origname) if sig is None: sig = meta.get(sc.name) if sig is None: logging.debug('Signature NOT found in ftrace metadata: %s', sc.name) continue sc.signature = sig logging.debug('Signature extracted from ftrace metadata: %s', sc.name) else: # Weird/bad location and no FTRACE_SYSCALLS metadata :( if sc.file is not None and sc.line is not None: logging.debug('Signature extraction skipped: %s at %s:%d', sc.name, sc.file, sc.line) return res ================================================ FILE: src/systrack/syscall.py ================================================ from collections import Counter from pathlib import Path from typing import List from .elf import Symbol class Syscall: '''Class representing a Linux syscall. ''' # NOTE: do not remove, __slots__ are used used by the JSON encoder __slots__ = ( 'index', 'number', 'name', 'origname', 'symbol', 'file', 'line', 'signature', 'esoteric', 'good_location', 'grepped_location', 'kconfig' ) def __init__(self, index: int, number: int, name: str, origname: str, symbol: Symbol, kconfig: str, file: Path = None, line: int = None, signature: List[str] = None, esoteric: bool = False): self.index = index self.number = number self.name = name self.origname = origname self.symbol = symbol self.kconfig = kconfig self.file = file self.line = line self.signature = signature self.esoteric = esoteric self.good_location = False self.grepped_location = False def __repr__(s): file = '??' if s.file is None else s.file line = '?' if s.line is None else s.line res = f'Syscall(index={s.index}, number={s.number}, name={s.name!r}, ' res += f'symbol={s.symbol.name!r}, defined at {file}:{line}, ' res += f'takes {len(s.signature) if s.signature else "?"} args' res += f', depends on {s.kconfig})' if s.kconfig else ')' return res def common_syscall_symbol_prefixes(names: List[str], threshold: int) -> List[str]: '''Given a list of symbol names, find and return a list of common prefixes of the form "xxx_" that appear in a number of symbols greater than or equal to threshold. For example, given that a bunch of syscalls in x86-64 start with __x64_sys_, this function returns ['__x64_sys_', '__x64_', '__']. ''' res = [] for l in range(max(map(len, names)), 1, -1): candidates = list(filter(lambda n: len(n) >= l and n[l - 1] == '_', names)) if len(candidates) < threshold: continue counts = Counter(name[:l] for name in candidates) res.extend(filter(lambda name: counts[name] >= threshold, counts)) return res ================================================ FILE: src/systrack/templates/syscall_table.css ================================================ :root { --main-bg: white; --main-fg: black; --table-fg: black; --table-bg: white; --table-head-bg: #d7efff; --table-head-bg-hover: #93d4ff; --table-row-bg-hover: #c5ffdf; --table-border: 1px solid #d0d0d0; --link-fg: #00319f; --link-fg-visited: #7f009f; } body { font-family: consolas, monospace; font-size: 12px; color: var(--main-fg); background-color: var(--main-bg); } a, a:visited { color: var(--main-fg); } table { padding: 5px; color: var(--table-fg); border: var(--table-border); border-collapse: collapse; } table th { top: 0; position: sticky; text-align: left; padding: 5px; border: var(--table-border); background-color: var(--table-head-bg); } table th.sortable { cursor: pointer; } table tr.highlight td { background-color: var(--table-row-bg-hover); } table td { text-align: left; padding: 3px 5px 3px; border: var(--table-border); background-color: var(--table-bg); } table a { color: var(--link-fg); text-decoration: none; } table a:visited { color: var(--link-fg-visited); } table span.argtype { color: #006e8f; } table td.unknown { font-family: sans-serif; font-style: italic; } /* Emojis! Use U+202f (narrow no-break space) to space header sort arrows and U+2002 (en space) to space emojis for bad locations and esoteric syscalls. */ table th.ascending::before { content: '\2b07\fe0f\202f'; } table th.descending::before { content: '\2b06\fe0f\202f'; } table td.bad::after { content: '\2002\26a0\fe0f'; } table td.esoteric::after { content: '\2002\1f984\fe0f'; } @media (any-hover: hover) { table th.sortable:hover { cursor: pointer; background-color: var(--table-head-bg-hover); } table tr:hover td { background-color: var(--table-row-bg-hover); } table a:hover { text-decoration: underline; } } ================================================ FILE: src/systrack/templates/syscall_table.html ================================================ Linux {{kernel_version_tag}} {{arch}} {{bits}}-bit, {{'compat ' if compat else ''}}{{abi_bits}}-bit {{abi}} syscall table

Linux {{kernel_version_tag}} syscall table

Architecture: {{arch}} {{bits}}-bit

ABI: {{'compat ' if compat else ''}}{{abi_bits}}-bit {{abi}}

# for i in range(max_args): # endfor # for sc in syscalls: {{sc.name}} # if sc.file and sc.line is not none # if not sc.good_location # elif sc.file # else # endif # if sc.signature is none # elif sc.signature | length == 0 # else # for arg in sc.signature: # set i = arg.rfind(' ') + 1 # endfor # set span = max_args - sc.signature|length # if span > 0: # endif # endif # endfor
Number{% if num_reg %} ({{num_reg}}){% endif %} Name Symbol Definition location KconfigArg {{i + 1}} ({{arg_regs[i]}})
{{sc.number}} {{ '0x%x' | format(sc.number) }} {{sc.symbol.name}} # elif sc.grepped_location # else # endif # if sc.file.is_absolute() {{sc.file}}:{{sc.line}} # else {{sc.file}}:{{sc.line}} # endif # if sc.file.is_absolute() {{sc.file}}:?? # else {{sc.file}}:?? # endif unknown{{(sc.kconfig | replace("CONFIG_", "") + "=y") if sc.kconfig else ''}}unknown signaturevoid{{arg[:i]}}{{arg[i:]}}

Auto-generated by Systrack v{{systrack_version}} — {{systrack_copy}}

================================================ FILE: src/systrack/templates/syscall_table.js ================================================ const table = document.getElementsByTagName('table')[0] function sortTable(e) { const header = e.target const idx = Array.from(header.parentNode.children).indexOf(e.target) const rows = Array.from(table.querySelectorAll('tr')).slice(1) const desc = header.classList.contains('ascending') const body = rows[0].parentElement let getValue if (idx === 0) { getValue = el => parseInt(el.children[0].textContent, 16) } else { // The "number" header spans two columns (for decimal and hexadecimal) getValue = el => el.children[idx + 1].textContent } rows.forEach(el => body.removeChild(el)) rows.sort((a, b) => { let va = getValue(a) let vb = getValue(b) if (desc) [va, vb] = [vb, va] if (va > vb) return 1 if (va < vb) return -1 return 0 }) rows.forEach(el => body.appendChild(el)) table.querySelectorAll('th').forEach(h => h.classList.remove('ascending', 'descending')) header.classList.add(desc ? 'descending' : 'ascending') } function highlightRow(e) { const row = e.currentTarget row.classList.toggle('highlight') } document.querySelectorAll('th.sortable').forEach(el => el.addEventListener('click', sortTable)) document.querySelectorAll('tr:not(:first-child)').forEach(el => el.addEventListener('click', highlightRow)) ================================================ FILE: src/systrack/type_hints.py ================================================ from typing import Union, Tuple, List, Optional KernelVersion = Union[Tuple[int],Tuple[int,int],Tuple[int,int,int]] EsotericSyscall = List[Tuple[int,str,str,Tuple[str,...],Optional[str]]] ================================================ FILE: src/systrack/utils.py ================================================ import sys import logging from collections import defaultdict from pathlib import Path from shlex import join as shlex_join from shutil import which from subprocess import Popen, DEVNULL, PIPE from textwrap import indent from typing import Union, Iterable, Tuple, Any, AnyStr, Hashable, Optional from .log import log_verbosity AnyStrOrPath = Union[AnyStr,Path] class VersionedDict: '''A dict that can have multiple versions with different contents. Accessing d[version] will return the value of the dict for the given version. Adding a {key: value} for a range of versions can be done through the .add() method. ''' __slots__ = ('_versions', '_cache') def __init__(self, iterable: Optional[Iterable[Tuple[Hashable,Hashable,Hashable,Any]]]=None): '''Instantiate a VersionedDict given initial version ranges and relative key-value pairs, or an empty VersionedDict if iterable is not given. The given iterable= is an iterable of tuples where each tuple is of the form (vstart, vend, key, val), i.e., the same parameters taken by the .add() method. ''' self._cache = {} self._versions = defaultdict(dict) if iterable is not None: for vstart, vend, key, val in iterable: self._versions[vstart, vend][key] = val def __getitem__(self, version: Hashable) -> dict: '''Get the dict corresponding to the given version. ''' if version not in self._cache: self._cache[version] = self._getversion(version) return self._cache[version] def _getversion(self, version: Hashable) -> dict: '''Create and return the dict corresponding to the given version. ''' res = {} for (vstart, vend), dct in self._versions.items(): if vstart <= version < vend: res.update(dct) return res def add(self, vstart: Hashable, vend: Hashable, key: Hashable, value: Any): '''Add a {key: value} mapping for all versions of this VersionedDict between vstart (included) and vend (not included). ''' self._versions[vstart, vend][key] = value # Invalidate cache for any version in [vstart, vend) for v in self._cache: if vstart <= v < vend: del self._cache[v] class VersionedList: '''A list that can have multiple versions with different contents. Accessing lst[version] will return the value of the list for the given version. Adding values for a range of versions can be done through the .add() method. ''' __slots__ = ('_versions', '_cache') def __init__(self, iterable: Optional[Iterable[Tuple[Hashable,Hashable,Iterable[Any]]]]=None): '''Instantiate a VersionedList given initial version ranges and relative values, or an empty VersionedList if iterable is not given. The given iterable= is an iterable of tuples where each tuple is of the form (vstart, vend, iterable_of_values), i.e., the same parameters taken by the .add() method. ''' self._cache = {} self._versions = defaultdict(list) if iterable is not None: for vstart, vend, values in iterable: self._versions[vstart, vend].extend(values) def __getitem__(self, version: Hashable) -> list: '''Get the list corresponding to the given version. ''' if version not in self._cache: self._cache[version] = self._getversion(version) return self._cache[version] def _getversion(self, version: Hashable) -> list: '''Create and return the list corresponding to the given version. ''' res = [] for (vstart, vend), lst in self._versions.items(): if vstart <= version < vend: res.extend(lst) return res def add(self, vstart: Hashable, vend: Hashable, values: Iterable[Any]): '''Add all the values from values to for all versions of this VersionedList between vstart (included) and vend (not included). ''' self._versions[vstart, vend].extend(values) # Invalidate cache for any version in [vstart, vend) for v in self._cache: if vstart <= v < vend: del self._cache[v] def maybe_rel(path: Path, root: Path) -> Path: '''Calculate and return a the given path relative to root. If path is not relative to root, it is returned as is. ''' return path.relative_to(root) if root is not None and path.is_relative_to(root) else path def anyprefix(s: str, *pxs: str) -> bool: '''Determine whether the given string as any of the given prefixes. ''' return any(s.startswith(px) for px in pxs) def anysuffix(s: str, *sxs: str) -> bool: '''Determine whether the given string as any of the given suffixes. ''' return any(s.endswith(sx) for sx in sxs) def noprefix(s: str, *pxs: str) -> str: '''Find the first matching prefix in s among pxs and return a new string without it. If s does not have any of the given prefixes, it is returned as is. ''' for px in pxs: if s.startswith(px): return s[len(px):] return s def nosuffix(s: str, *sxs: str) -> str: '''Find the first matching suffix in s among sxs and return a new string without it. If s does not have any of the given suffixes, it is returned as is. ''' for sx in sxs: if s.endswith(sx): return s[:-len(sx)] return s def do_popen(cmd: Union[AnyStr,Iterable[AnyStr]], cwd: Union[AnyStr,Path], **kwargs) -> Popen: '''Conveniency wrapper around subprocess.Popen, which gracefully handles FileNotFoundError and NotADirectoryError providing useful logging to the user. ''' try: return Popen(cmd, cwd=cwd, **kwargs) except FileNotFoundError: # We can also get here if the passed cwd= is invalid, so differentiate # between the two. Yes this is racy... see if I care. if cwd.exists(): cmd = cmd.split()[0] if isinstance(cmd, str) else cmd[0] logging.critical('Command not found: %s', cmd) else: logging.critical('Directory does not exist: %s', cwd) except NotADirectoryError: logging.critical('Path is not a directory: %s', cwd) return None def command_argv_to_string(cmd: Union[AnyStrOrPath,Iterable[AnyStrOrPath]]) -> str: '''Convert the given command, which can be str, bytes, Path, or an iterable containing any of those, to a shlex-escaped string. ''' if isinstance(cmd, Path): return str(cmd) elif isinstance(cmd, bytes): return cmd.decode() elif isinstance(cmd, str): return cmd parts = [] for part in cmd: if isinstance(part, Path): parts.append(str(part)) elif isinstance(part, bytes): parts.append(part.decode()) else: parts.append(part) return shlex_join(parts) def run_command(cmd: Union[AnyStrOrPath,Iterable[AnyStrOrPath]], cwd: Optional[AnyStrOrPath]=None, stdin: Optional[AnyStr]=None, console_output: bool=False) -> int: '''Run the given command (cmd), optionally under the given working directory (cwd), optionally passing the given data to standard input (stdin), and optionally enabling console output. The returned value is the exit code of the command. ''' if log_verbosity() >= 3: logging.debug('Running command: %s', command_argv_to_string(cmd)) if console_output: stdout, stderr = sys.stdout, sys.stderr else: stdout = stderr = DEVNULL child = do_popen(cmd, cwd=cwd, shell=isinstance(cmd, str), stdout=stdout, stderr=stderr) if child is None: return 127 child.communicate(stdin) return child.returncode def ensure_command(cmd: Union[AnyStrOrPath,Iterable[AnyStrOrPath]], cwd: Optional[AnyStrOrPath]=None, stdin: Optional[AnyStr]=None, capture_stdout: bool=True, console_output: bool=False) -> AnyStr: '''Run the given command (cmd), optionally under the given working directory (cwd), optionally passing the given data to standard input (stdin), capturing and returning its standard output (if capture_stdout=True) and optionally enabling console output (if console_output=True). If the given command is not found or exits with a non-zero exit code, the standard error produced by the command is loggged and the caller is terminated by means of sys.exit(). ''' # console_output implies not capture_stdout assert not console_output or not capture_stdout if log_verbosity() >= 3: logging.debug('Running command: %s', command_argv_to_string(cmd)) if console_output: stdout, stderr = sys.stdout, sys.stderr else: stdout = PIPE if capture_stdout else DEVNULL stderr = PIPE child = do_popen(cmd, cwd=cwd, shell=isinstance(cmd, str), stdout=stdout, stderr=stderr, text=True) if child is None: sys.exit(127) out, err = child.communicate(stdin) if child.returncode != 0: if stderr == PIPE: err = ('\n' + indent(err, '\t')) if err.strip() else ' (no stderr output)' else: err = '' logging.critical('Command returned %d: %s%s', child.returncode, cmd, err) sys.exit(1) return out def command_available(name: AnyStr) -> bool: '''Wrapper for shutil.which to determine whether a command is available or not (i.e., whether it is under the current PATH paths) given its name. ''' return which(name) is not None def gcc_version(gcc_cmd: AnyStr) -> str: '''Run GCC to get its version and return it as a string. Execution will be aborted if the given GCC command is not found. ''' return ensure_command((gcc_cmd, '--version')).splitlines()[0].strip() def git_checkout(repo_dir: Union[AnyStr,Path], ref: AnyStr): '''Run git checkout inside repo_dir to check out to the given ref. Execution will be aborted if git is not found or errors out. ''' ensure_command(('git', 'checkout', ref), cwd=repo_dir, capture_stdout=False) def format_duration(s: float) -> str: '''Convert a duration in seconds to a human readable string specifying hours, minutes and seconds. ''' s = round(s) h = s // 3600 s %= 3600 m = s // 60 s %= 60 if h > 0: return f'{h}h {m:02d}m {s:02d}s' if m > 0: return f'{m}m {s:02d}s' return f'{s}s' ================================================ FILE: src/systrack/version.py ================================================ VERSION = '0.8' VERSION_COPY = '''\ Copyright (C) 2023-2025 Marco Bonelli Licensed under the GNU General Public License v3.0 ''' VERSION_HELP = f'''\ Systrack version {VERSION} {VERSION_COPY}\ ''' if __name__ == '__main__': print(VERSION) ================================================ FILE: tests/__init__.py ================================================ ================================================ FILE: tests/data/.gitignore ================================================ * !.gitignore !Makefile !*.s ================================================ FILE: tests/data/Makefile ================================================ ASMS = $(wildcard *.s) BINS = $(ASMS:.s=) .PHONY: all clean all: $(BINS) # Need to link because GNU AS generates relocations for the call insns. # OTOH clang is generates a .o w/o relocations for call insns, might consider # using it in the future. %: %.s $(CC) -ffreestanding -nostdlib -o $@ $@.s clean: rm -f $(BINS) ================================================ FILE: tests/data/x86_no_table_syscall_handlers.s ================================================ .section .text .globl x64_sys_call .type x64_sys_call @function x64_sys_call: endbr64 cmp $0xbe,%esi je 0xffffffff81003b4b - 0xffffffff810024b0 + x64_sys_call /* */ ja 0xffffffff81002532 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x59,%esi je 0xffffffff81003b46 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810029c5 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x87,%esi je 0xffffffff81003b41 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002976 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x9f,%esi je 0xffffffff81003b3c - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002912 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xaa,%esi je 0xffffffff81003b37 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810028e1 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xb3,%esi je 0xffffffff81003b32 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810025c8 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xbc,%esi je 0xffffffff81003b2d - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xbd,%esi jne 0xffffffff810025ab - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8135ae20 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_lsetxattr> */ cmp $0x11e,%esi je 0xffffffff81003b28 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100275f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x14b,%esi je 0xffffffff81003b23 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100270a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1b9,%esi je 0xffffffff81003b1e - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810026a6 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1c4,%esi je 0xffffffff81003b19 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002675 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1ca,%esi je 0xffffffff8100386c - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002610 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1cd,%esi je 0xffffffff81003867 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810025f3 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1ce,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812de850 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mseal> */ cmp $0xba,%esi je 0xffffffff81003cdb - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xbb,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81284070 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_readahead> */ cmp $0xad,%esi je 0xffffffff81003cd6 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100263b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xaf,%esi je 0xffffffff81003cd1 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xb0,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8113bdc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_delete_module> */ cmp $0x1cb,%esi je 0xffffffff81003ccc - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1cc,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff815111a0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_lsm_set_self_attr> */ cmp $0x1c7,%esi je 0xffffffff81003cc7 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002658 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1c8,%esi je 0xffffffff81003cc2 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1c9,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813570d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_statmount> */ cmp $0xab,%esi je 0xffffffff81003cbd - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xac,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810370f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_iopl> */ cmp $0x1c5,%esi je 0xffffffff81003cb8 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1c6,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81161930 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_futex_wake> */ cmp $0x1bf,%esi je 0xffffffff81003cb3 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002fe5 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1c2,%esi je 0xffffffff81003cae - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810026ed - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1c3,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8127a6d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_cachestat> */ cmp $0x1ae,%esi je 0xffffffff81003ca9 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810036de - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1b4,%esi je 0xffffffff81003ca4 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810030b9 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1b7,%esi je 0xffffffff81003c9f - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810030e4 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1b8,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812f2ea0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_process_madvise> */ cmp $0x1c0,%esi je 0xffffffff81003c9a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1c1,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81161650 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_futex_waitv> */ cmp $0x135,%esi je 0xffffffff81003c95 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002818 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x140,%esi je 0xffffffff81003c90 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810027e7 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x146,%esi je 0xffffffff81003c8b - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100287c - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x149,%esi je 0xffffffff81003c86 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810027ca - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x14a,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812cce90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pkey_alloc> */ cmp $0xf1,%esi je 0xffffffff81003c81 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810032ea - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x108,%esi je 0xffffffff81003c7c - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003072 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x113,%esi je 0xffffffff81003c77 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100325b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x119,%esi je 0xffffffff81003c72 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002fb6 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x11c,%esi je 0xffffffff81003c6d - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810028a7 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x11d,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8131bcc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fallocate> */ cmp $0x147,%esi je 0xffffffff81003c68 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x148,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81321d80 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pwritev2> */ cmp $0x13b,%esi je 0xffffffff81003c63 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003014 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x13e,%esi je 0xffffffff81003c5e - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100285f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x13f,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81319ee0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_memfd_create> */ cmp $0x12a,%esi je 0xffffffff81003c59 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003166 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x130,%esi je 0xffffffff81003c54 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100313b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x133,%esi je 0xffffffff81003c4f - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003204 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x134,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810c4860 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setns> */ cmp $0x13c,%esi je 0xffffffff81003c4a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x13d,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8119e490 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_seccomp> */ cmp $0x143,%esi je 0xffffffff81003c45 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810028c4 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x144,%esi je 0xffffffff81003c40 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x145,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812c24f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mlock2> */ cmp $0x11a,%esi je 0xffffffff81003c3b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x11b,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81389ef0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_timerfd_create> */ cmp $0x141,%esi je 0xffffffff81003c36 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x142,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8132d5b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_execveat> */ cmp $0xa5,%esi je 0xffffffff81003c31 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003043 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xa8,%esi je 0xffffffff81003c2c - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002959 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xa9,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810c7f10 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_reboot> */ cmp $0x93,%esi je 0xffffffff81003c27 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810035e9 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x99,%esi je 0xffffffff81003c22 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810035be - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x9d,%esi je 0xffffffff81003c1d - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003687 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x9e,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81031bc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_arch_prctl> */ cmp $0xa6,%esi je 0xffffffff81003c18 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xa7,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812faf10 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_swapon> */ cmp $0x70,%esi je 0xffffffff81003c13 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002a63 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x7b,%esi je 0xffffffff81003c0e - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002a3b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x81,%esi je 0xffffffff81003c09 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002ab5 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x84,%esi je 0xffffffff81003c04 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002a1e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x85,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813385b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mknod> */ cmp $0x2c,%esi je 0xffffffff81003bff - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002be2 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x43,%esi je 0xffffffff81003bfa - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002ba2 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x4e,%esi je 0xffffffff81003bf5 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002b2a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x54,%esi je 0xffffffff81003bf0 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002b08 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x57,%esi je 0xffffffff81003beb - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002ada - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x58,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813392b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_symlink> */ cmp $0x82,%esi je 0xffffffff81003be6 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x83,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810a8060 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sigaltstack> */ cmp $0x76,%esi je 0xffffffff81003be1 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002cd8 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x79,%esi je 0xffffffff81003bdc - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002a9e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x7a,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ac560 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setfsuid> */ cmp $0x65,%esi je 0xffffffff81003bd7 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002d37 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x6b,%esi je 0xffffffff81003bd2 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002d15 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x6e,%esi je 0xffffffff81003bcd - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002db4 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x6f,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810acd10 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_getpgrp> */ cmp $0x77,%esi je 0xffffffff81003bc8 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x78,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ac380 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getresgid> */ cmp $0x7e,%esi je 0xffffffff81003bc3 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002af1 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x7f,%esi je 0xffffffff81003bbe - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x80,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810a6bb0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rt_sigtimedwait> */ cmp $0x55,%esi je 0xffffffff81003bb9 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x56,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81339740 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_link> */ cmp $0x7c,%esi je 0xffffffff81003bb4 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x7d,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8109d1a0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_capget> */ cmp $0x51,%esi je 0xffffffff81003baf - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002b4e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x52,%esi je 0xffffffff81003baa - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x53,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81338860 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mkdir> */ cmp $0x49,%esi je 0xffffffff81003ba5 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002b7c - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x4c,%esi je 0xffffffff81003ba0 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002b65 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x4d,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8131ba30 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_ftruncate> */ cmp $0x4f,%esi je 0xffffffff81003b9b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x50,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8131bee0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_chdir> */ cmp $0x4a,%esi je 0xffffffff81003b96 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x4b,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8136b4b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fdatasync> */ cmp $0x46,%esi je 0xffffffff81003b91 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002c28 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x47,%esi je 0xffffffff81003b8c - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x48,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8133b120 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fcntl> */ cmp $0x37,%esi je 0xffffffff81003b87 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002c70 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x3d,%esi je 0xffffffff81003b82 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002c4e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x40,%esi je 0xffffffff81003b7d - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002c3b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x41,%esi je 0xffffffff81003b78 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x42,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff814fc3b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_semctl> */ cmp $0x16,%esi je 0xffffffff81003b73 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002e21 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x21,%esi je 0xffffffff81003b6e - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002df9 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x27,%esi je 0xffffffff81003b69 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002e73 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x2a,%esi je 0xffffffff81003b64 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002cfe - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x2b,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81b96230 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_accept> */ cmp $0x44,%esi je 0xffffffff81003b5f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x45,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff814f9070 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_msgsnd> */ cmp $0x3e,%esi je 0xffffffff81003b5a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x3f,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810acfd0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_newuname> */ cmp $0x3a,%esi je 0xffffffff81003b55 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002c90 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x3b,%esi je 0xffffffff81003b50 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x3c,%esi je 0xffffffff81003ce5 - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81003d20 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_ni_syscall> */ cmp $0x32,%esi je 0xffffffff81003b14 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002cb6 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x35,%esi je 0xffffffff81003b0f - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002ca3 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x36,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81b96cf0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setsockopt> */ cmp $0x38,%esi je 0xffffffff81003b0a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x39,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8108e070 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_fork> */ cmp $0x33,%esi je 0xffffffff81003b05 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x34,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81b96670 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getpeername> */ cmp $0x2f,%esi je 0xffffffff81003b00 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002dcb - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x30,%esi je 0xffffffff81003afb - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x31,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81b95d60 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_bind> */ cmp $0x73,%esi je 0xffffffff81003af6 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002e95 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x74,%esi je 0xffffffff81003af1 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x75,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810abfd0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setresuid> */ cmp $0x28,%esi je 0xffffffff81003aec - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x29,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81b958c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_socket> */ cmp $0x68,%esi je 0xffffffff81003ae7 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002d64 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x69,%esi je 0xffffffff81003ae2 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x6a,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810aba10 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setgid> */ cmp $0x5f,%esi je 0xffffffff81003add - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002d92 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x62,%esi je 0xffffffff81003ad8 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002d7b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x63,%esi je 0xffffffff81003ad3 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x64,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ac850 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_times> */ cmp $0x66,%esi je 0xffffffff81003ace - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x67,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81106d40 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_syslog> */ cmp $0x60,%esi je 0xffffffff81003ac9 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x61,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ade30 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getrlimit> */ cmp $0x5c,%esi je 0xffffffff81003ac4 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002de2 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x5d,%esi je 0xffffffff81003abf - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x5e,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8131cd50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_lchown> */ cmp $0x6c,%esi je 0xffffffff81003aba - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x6d,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810acc50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setpgid> */ cmp $0x2d,%esi je 0xffffffff81003ab5 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x2e,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81b976f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sendmsg> */ cmp $0x5a,%esi je 0xffffffff81003ab0 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x5b,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8131c740 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fchmod> */ cmp $0x1c,%esi je 0xffffffff81003aab - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002ec3 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1f,%esi je 0xffffffff81003aa6 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002e5c - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x20,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8134d100 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_dup> */ cmp $0xb,%esi je 0xffffffff81003aa1 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002f35 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x11,%esi je 0xffffffff81003a9c - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002f13 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x14,%esi je 0xffffffff81003a97 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002ee5 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x15,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8131be80 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_access> */ cmp $0x1d,%esi je 0xffffffff81003a92 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1e,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81500c90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_shmat> */ cmp $0x24,%esi je 0xffffffff81003a8d - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002eac - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x25,%esi je 0xffffffff81003a88 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x26,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81156ce0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setitimer> */ cmp $0x71,%esi je 0xffffffff81003a83 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x72,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ab8d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setregid> */ cmp $0x22,%esi je 0xffffffff81003a7e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x23,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81146f40 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_nanosleep> */ cmp $0x19,%esi je 0xffffffff81003a79 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002efc - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1a,%esi je 0xffffffff81003a74 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1b,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812c0920 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mincore> */ cmp $0x12,%esi je 0xffffffff81003a6f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x13,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813219e0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_readv> */ cmp $0x17,%esi je 0xffffffff81003a6a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x18,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ee330 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_sched_yield> */ cmp $0xe,%esi je 0xffffffff81003a65 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002f62 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xf,%esi je 0xffffffff81003a60 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x10,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8133cf60 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_ioctl> */ cmp $0x5,%esi je 0xffffffff81003a5b - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002f90 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x8,%esi je 0xffffffff81003a56 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81002f79 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x9,%esi je 0xffffffff81003a51 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xa,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812ccdc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mprotect> */ cmp $0xc,%esi je 0xffffffff81003a4c - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xd,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810a8940 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rt_sigaction> */ cmp $0x6,%esi je 0xffffffff81003a47 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x7,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813409b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_poll> */ cmp $0x2,%esi je 0xffffffff81003a42 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003288 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x3,%esi je 0xffffffff81003a3d - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x4,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81329c00 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_newstat> */ cmp $0x116,%esi je 0xffffffff81003a38 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003101 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x117,%esi je 0xffffffff81003a33 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x118,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8136bef0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_utimensat> */ cmp $0x1bc,%esi je 0xffffffff81003a2e - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003221 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1bd,%esi je 0xffffffff81003a29 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1be,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8153fdf0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_landlock_restrict_self> */ cmp $0x138,%esi je 0xffffffff81003a24 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810036a4 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x139,%esi je 0xffffffff81003a1f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x13a,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ed150 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_setattr> */ cmp $0xa2,%esi je 0xffffffff81003a1a - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100334b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xa3,%esi je 0xffffffff81003a15 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xa4,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81140790 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_settimeofday> */ cmp $0xfd,%esi je 0xffffffff81003a10 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100379f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x103,%esi je 0xffffffff81003a0b - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003774 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x106,%esi je 0xffffffff81003a06 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100370b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x107,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81338f10 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_unlinkat> */ cmp $0x1b1,%esi je 0xffffffff81003a01 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100311e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1b2,%esi je 0xffffffff810039fc - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1b3,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8108e1c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_clone3> */ cmp $0x1b5,%esi je 0xffffffff810039f7 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1b6,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810bb6a0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pidfd_getfd> */ cmp $0x114,%esi je 0xffffffff810039f2 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x115,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8136b780 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sync_file_range> */ cmp $0x1af,%esi je 0xffffffff810039ed - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1b0,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81356650 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fsmount> */ cmp $0x12d,%esi je 0xffffffff810039e8 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100319f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x12e,%esi je 0xffffffff810039e3 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x12f,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813a6890 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_name_to_handle_at> */ cmp $0x124,%esi je 0xffffffff810039de - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810031d9 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x127,%esi je 0xffffffff810039d9 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810031bc - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x128,%esi je 0xffffffff810039d4 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x129,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810a7a80 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rt_tgsigqueueinfo> */ cmp $0x12b,%esi je 0xffffffff810039cf - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x12c,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81384810 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fanotify_init> */ cmp $0x125,%esi je 0xffffffff810039ca - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x126,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81380680 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_inotify_init1> */ cmp $0x121,%esi je 0xffffffff810039c5 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100323e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x122,%esi je 0xffffffff810039c0 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x123,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813864c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_epoll_create1> */ cmp $0x131,%esi je 0xffffffff810039bb - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x132,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8136b270 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_syncfs> */ cmp $0x1ba,%esi je 0xffffffff810039b6 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1bb,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813b80d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_quotactl_fd> */ cmp $0x11f,%esi je 0xffffffff810039b1 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x120,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81b961d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_accept4> */ cmp $0x10e,%esi je 0xffffffff810039ac - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810032bb - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x111,%esi je 0xffffffff810039a7 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100329e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x112,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81160c90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_get_robust_list> */ test %esi,%esi je 0xffffffff810039a2 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81321500 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_write> */ cmp $0x10f,%esi je 0xffffffff8100399d - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x110,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8108e6d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_unshare> */ cmp $0x10b,%esi je 0xffffffff81003998 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003368 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x10c,%esi je 0xffffffff81003993 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x10d,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8131bdc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_faccessat> */ cmp $0xd9,%esi je 0xffffffff8100398e - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003406 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xe4,%esi je 0xffffffff81003989 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810033d1 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xea,%esi je 0xffffffff81003984 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810033a2 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xee,%esi je 0xffffffff8100397f - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003385 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xef,%esi je 0xffffffff8100397a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xf0,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff815040f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mq_open> */ cmp $0xa0,%esi je 0xffffffff81003975 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xa1,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8131c260 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_chroot> */ cmp $0x109,%esi je 0xffffffff81003970 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x10a,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81339210 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_symlinkat> */ cmp $0xeb,%esi je 0xffffffff8100396b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xed,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8130d160 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mbind> */ cmp $0xe7,%esi je 0xffffffff81003ce0 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003445 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xe8,%esi je 0xffffffff81003966 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xe9,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81387270 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_epoll_ctl> */ cmp $0xdf,%esi je 0xffffffff81003961 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003559 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xe2,%esi je 0xffffffff8100395c - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100353c - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xe3,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81152780 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_clock_settime> */ cmp $0xc9,%esi je 0xffffffff81003957 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810034aa - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xd0,%esi je 0xffffffff81003952 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100347f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xd5,%esi je 0xffffffff8100394d - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003462 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xd8,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812ca0b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_remap_file_pages> */ cmp $0xe5,%esi je 0xffffffff81003948 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xe6,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81153260 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_clock_nanosleep> */ cmp $0xd1,%esi je 0xffffffff81003943 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xd2,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81392ab0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_io_cancel> */ cmp $0xcc,%esi je 0xffffffff8100393e - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810034d7 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xce,%esi je 0xffffffff81003939 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xcf,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813923b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_io_destroy> */ cmp $0xc4,%esi je 0xffffffff81003934 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003511 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xc7,%esi je 0xffffffff8100392f - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810034f4 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xc8,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810a75f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_tkill> */ cmp $0xca,%esi je 0xffffffff8100392a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xcb,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810edfe0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_setaffinity> */ cmp $0xc5,%esi je 0xffffffff81003925 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xc6,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8135b6f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_lremovexattr> */ cmp $0xc1,%esi je 0xffffffff81003920 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003584 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xc2,%esi je 0xffffffff8100391b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xc3,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8135b4d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_llistxattr> */ cmp $0xe0,%esi je 0xffffffff81003916 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xe1,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81151ea0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_timer_getoverrun> */ cmp $0xdc,%esi je 0xffffffff81003911 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810035a1 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xdd,%esi je 0xffffffff8100390c - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xde,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81151a20 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_timer_create> */ cmp $0xbf,%esi je 0xffffffff81003907 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xc0,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8135b270 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_lgetxattr> */ cmp $0xda,%esi je 0xffffffff81003902 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xdb,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810a2e20 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_restart_syscall> */ cmp $0x96,%esi je 0xffffffff810038fd - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003622 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x97,%esi je 0xffffffff810038f8 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x98,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812c2810 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_munlockall> */ cmp $0x8d,%esi je 0xffffffff810038f3 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100365c - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x90,%esi je 0xffffffff810038ee - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100363f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x91,%esi je 0xffffffff810038e9 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x92,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ee350 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_get_priority_max> */ cmp $0x94,%esi je 0xffffffff810038e4 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x95,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812c2490 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mlock> */ cmp $0x8e,%esi je 0xffffffff810038df - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x8f,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ed6b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_getparam> */ cmp $0x8a,%esi je 0xffffffff810038da - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810036c1 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x8b,%esi je 0xffffffff810038d5 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x8c,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810ab730 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getpriority> */ cmp $0x9a,%esi je 0xffffffff810038d0 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x9b,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81356fe0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pivot_root> */ cmp $0x136,%esi je 0xffffffff810038cb - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x137,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff812de300 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_process_vm_writev> */ cmp $0x88,%esi je 0xffffffff810038c6 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x89,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8136e710 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_statfs> */ cmp $0x1a9,%esi je 0xffffffff810038c1 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003745 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1ac,%esi je 0xffffffff810038bc - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003728 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1ad,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813566b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_move_mount> */ cmp $0x104,%esi je 0xffffffff810038b7 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x105,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8136c070 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_futimesat> */ cmp $0x1aa,%esi je 0xffffffff810038b2 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1ab,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff815bb5a0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_io_uring_register> */ cmp $0x14e,%esi je 0xffffffff810038ad - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810037d8 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x14f,%esi je 0xffffffff810038a8 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x1a8,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff810a73d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pidfd_send_signal> */ cmp $0x100,%esi je 0xffffffff810038a3 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff810037f5 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x101,%esi je 0xffffffff8100389e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x102,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813387c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mkdirat> */ cmp $0xf7,%esi je 0xffffffff81003899 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100382b - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xfa,%esi je 0xffffffff81003894 - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff81003812 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xfb,%esi je 0xffffffff8100388f - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xfc,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81585f40 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_ioprio_get> */ cmp $0x14c,%esi je 0xffffffff8100388a - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0x14d,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81392f30 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_io_pgetevents> */ cmp $0xfe,%esi je 0xffffffff81003885 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xff,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff813809e0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_inotify_rm_watch> */ cmp $0xf8,%esi je 0xffffffff81003880 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xf9,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8150a450 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_request_key> */ cmp $0xf4,%esi je 0xffffffff8100387b - 0xffffffff810024b0 + x64_sys_call /* */ jbe 0xffffffff8100384e - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xf5,%esi je 0xffffffff81003876 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xf6,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff8116c590 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_kexec_load> */ cmp $0xf2,%esi je 0xffffffff81003871 - 0xffffffff810024b0 + x64_sys_call /* */ cmp $0xf3,%esi jne 0xffffffff81002c6b - 0xffffffff810024b0 + x64_sys_call /* */ jmp 0xffffffff81504670 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mq_timedreceive> */ jmp 0xffffffff81511260 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_lsm_list_modules> */ jmp 0xffffffff81357130 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_listmount> */ jmp 0xffffffff815044f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mq_timedsend> */ jmp 0xffffffff815048f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mq_getsetattr> */ jmp 0xffffffff815047f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mq_notify> */ jmp 0xffffffff8150a3f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_add_key> */ jmp 0xffffffff81380750 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_inotify_add_watch> */ jmp 0xffffffff81329ff0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_statx> */ jmp 0xffffffff81585ee0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_ioprio_set> */ jmp 0xffffffff8150be50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_keyctl> */ jmp 0xffffffff81095d60 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_waitid> */ jmp 0xffffffff8131d8e0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_openat> */ jmp 0xffffffff8130aa00 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_migrate_pages> */ jmp 0xffffffff810750c0 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_uretprobe> */ jmp 0xffffffff81272810 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rseq> */ jmp 0xffffffff815a7ff0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_io_uring_enter> */ jmp 0xffffffff8131cc50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fchownat> */ jmp 0xffffffff81354f90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_open_tree> */ jmp 0xffffffff815a80a0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_io_uring_setup> */ jmp 0xffffffff8136e870 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_ustat> */ jmp 0xffffffff812de280 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_process_vm_readv> */ jmp 0xffffffff81039330 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_modify_ldt> */ jmp 0xffffffff8134d910 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sysfs> */ jmp 0xffffffff8136e7c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fstatfs> */ jmp 0xffffffff810ed0f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_setparam> */ jmp 0xffffffff810ee4d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_rr_get_interval> */ jmp 0xffffffff810ed590 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_getscheduler> */ jmp 0xffffffff810ed070 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_setscheduler> */ jmp 0xffffffff810ab6d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setpriority> */ jmp 0xffffffff812c27d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mlockall> */ jmp 0xffffffff812c25b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_munlock> */ jmp 0xffffffff8108b310 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_set_tid_address> */ jmp 0xffffffff8135b210 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getxattr> */ jmp 0xffffffff8127f200 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fadvise64> */ jmp 0xffffffff814fd900 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_semtimedop> */ jmp 0xffffffff81151ca0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_timer_gettime> */ jmp 0xffffffff8135b470 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_listxattr> */ jmp 0xffffffff8135b2d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fgetxattr> */ jmp 0xffffffff8135b690 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_removexattr> */ jmp 0xffffffff81160ff0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_futex> */ jmp 0xffffffff8135b750 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fremovexattr> */ jmp 0xffffffff8135b530 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_flistxattr> */ jmp 0xffffffff81392070 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_io_setup> */ jmp 0xffffffff810ee1b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_getaffinity> */ jmp 0xffffffff81392590 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_io_submit> */ jmp 0xffffffff81152b90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_clock_getres> */ jmp 0xffffffff81386520 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_epoll_create> */ jmp 0xffffffff81392d90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_io_getevents> */ jmp 0xffffffff811401b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_time> */ jmp 0xffffffff811523c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_timer_delete> */ jmp 0xffffffff81151fc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_timer_settime> */ jmp 0xffffffff813873d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_epoll_wait> */ jmp 0xffffffff8136c0d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_utimes> */ jmp 0xffffffff81339650 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_linkat> */ jmp 0xffffffff810ae7b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setrlimit> */ jmp 0xffffffff8130aa60 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_get_mempolicy> */ jmp 0xffffffff8130a9a0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_set_mempolicy> */ jmp 0xffffffff810a7430 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_tgkill> */ jmp 0xffffffff81152920 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_clock_gettime> */ jmp 0xffffffff8133def0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getdents64> */ jmp 0xffffffff8131c8c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fchmodat> */ jmp 0xffffffff81329d50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_readlinkat> */ jmp 0xffffffff81340c30 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_ppoll> */ jmp 0xffffffff813213b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_read> */ jmp 0xffffffff81160c00 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_set_robust_list> */ jmp 0xffffffff81340840 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pselect6> */ jmp 0xffffffff8138a0b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_timerfd_gettime> */ jmp 0xffffffff81357030 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mount_setattr> */ jmp 0xffffffff81152b40 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_clock_adjtime> */ jmp 0xffffffff8138ae30 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_eventfd2> */ jmp 0xffffffff81388970 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_signalfd4> */ jmp 0xffffffff8132f870 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pipe2> */ jmp 0xffffffff81b97fc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_recvmmsg> */ jmp 0xffffffff81321c50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pwritev> */ jmp 0xffffffff81321aa0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_preadv> */ jmp 0xffffffff8134cec0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_dup3> */ jmp 0xffffffff810ae750 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_prlimit64> */ jmp 0xffffffff81384870 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fanotify_mark> */ jmp 0xffffffff81371dc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fsconfig> */ jmp 0xffffffff8136ac60 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_tee> */ jmp 0xffffffff8131da40 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_openat2> */ jmp 0xffffffff810bb460 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pidfd_open> */ jmp 0xffffffff81371aa0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fspick> */ jmp 0xffffffff81329ca0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_newfstatat> */ jmp 0xffffffff81338510 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mknodat> */ jmp 0xffffffff813806e0 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_inotify_init> */ jmp 0xffffffff81169770 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_acct> */ jmp 0xffffffff8136b1e0 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_sync> */ jmp 0xffffffff8113b920 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_finit_module> */ jmp 0xffffffff8113e8f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_kcmp> */ jmp 0xffffffff8153fc50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_landlock_add_rule> */ jmp 0xffffffff8153fbf0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_landlock_create_ruleset> */ jmp 0xffffffff81312f00 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_move_pages> */ jmp 0xffffffff8136a580 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_vmsplice> */ jmp 0xffffffff8131dfe0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_close> */ jmp 0xffffffff8131d780 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_open> */ jmp 0xffffffff81329c50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_newlstat> */ jmp 0xffffffff812c8660 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_brk> */ jmp 0xffffffff8103b8d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mmap> */ jmp 0xffffffff8131ff00 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_lseek> */ jmp 0xffffffff81329d00 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_newfstat> */ jmp 0xffffffff81032830 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_rt_sigreturn> */ jmp 0xffffffff810a3110 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rt_sigprocmask> */ jmp 0xffffffff813407c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_select> */ jmp 0xffffffff81321850 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pwrite64> */ jmp 0xffffffff812cf360 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_msync> */ jmp 0xffffffff812ceff0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mremap> */ jmp 0xffffffff810a93b0 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_pause> */ jmp 0xffffffff810abbe0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setreuid> */ jmp 0xffffffff81156b80 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_alarm> */ jmp 0xffffffff811566d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getitimer> */ jmp 0xffffffff81500420 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_shmget> */ jmp 0xffffffff81321a40 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_writev> */ jmp 0xffffffff81321610 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pread64> */ jmp 0xffffffff812c7160 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_munmap> */ jmp 0xffffffff81500540 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_shmctl> */ jmp 0xffffffff812f2dc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_madvise> */ jmp 0xffffffff8131c920 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_chmod> */ jmp 0xffffffff81b96b10 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_recvfrom> */ jmp 0xffffffff810ac810 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_getegid> */ jmp 0xffffffff8131cf30 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fchown> */ jmp 0xffffffff8131ccd0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_chown> */ jmp 0xffffffff81140510 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_gettimeofday> */ jmp 0xffffffff810ac750 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_getuid> */ jmp 0xffffffff810afa70 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sysinfo> */ jmp 0xffffffff810aee50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getrusage> */ jmp 0xffffffff810aeef0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_umask> */ jmp 0xffffffff810abd60 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setuid> */ jmp 0xffffffff810ac7d0 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_getgid> */ jmp 0xffffffff813226a0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sendfile64> */ jmp 0xffffffff810ca510 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setgroups> */ jmp 0xffffffff810ca380 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getgroups> */ jmp 0xffffffff81b96fc0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_shutdown> */ jmp 0xffffffff81b97a80 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_recvmsg> */ jmp 0xffffffff81b96530 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getsockname> */ jmp 0xffffffff8108e160 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_clone> */ jmp 0xffffffff81b95ba0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_socketpair> */ jmp 0xffffffff81b95ed0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_listen> */ jmp 0xffffffff8131c860 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fchmodat2> */ jmp 0xffffffff81387870 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_epoll_pwait2> */ jmp 0xffffffff812ccee0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pkey_free> */ jmp 0xffffffff81389f50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_timerfd_settime> */ jmp 0xffffffff8135ada0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setxattr> */ jmp 0xffffffff813b7d30 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_quotactl> */ jmp 0xffffffff810ad310 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sethostname> */ jmp 0xffffffff81140d00 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_adjtimex> */ jmp 0xffffffff8108e900 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_personality> */ jmp 0xffffffff81329dd0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_readlink> */ jmp 0xffffffff8135aea0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fsetxattr> */ jmp 0xffffffff8132d4f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_execve> */ jmp 0xffffffff8108e0e0 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_vfork> */ jmp 0xffffffff810a7270 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_kill> */ jmp 0xffffffff814f8d90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_msgget> */ jmp 0xffffffff81b96400 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_connect> */ jmp 0xffffffff810ac6a0 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_getpid> */ jmp 0xffffffff8134cf20 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_dup2> */ jmp 0xffffffff8132f8d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pipe> */ jmp 0xffffffff814fdcb0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_semop> */ jmp 0xffffffff814fc270 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_semget> */ jmp 0xffffffff81096120 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_wait4> */ jmp 0xffffffff81b96e50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getsockopt> */ jmp 0xffffffff814f8eb0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_msgctl> */ jmp 0xffffffff814f9220 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_msgrcv> */ jmp 0xffffffff8136b3d0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fsync> */ jmp 0xffffffff8136d3b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getcwd> */ jmp 0xffffffff8131b740 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_truncate> */ jmp 0xffffffff813993b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_flock> */ jmp 0xffffffff81339f50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rename> */ jmp 0xffffffff8131c0c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fchdir> */ jmp 0xffffffff810acd60 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getsid> */ jmp 0xffffffff8131dee0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_creat> */ jmp 0xffffffff810a3490 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rt_sigpending> */ jmp 0xffffffff8109d1f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_capset> */ jmp 0xffffffff810ac320 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setresgid> */ jmp 0xffffffff810ac700 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_getppid> */ jmp 0xffffffff810ac790 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_geteuid> */ jmp 0xffffffff8109ef50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_ptrace> */ jmp 0xffffffff810accb0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getpgid> */ jmp 0xffffffff810ac030 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getresuid> */ jmp 0xffffffff810a9410 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rt_sigsuspend> */ jmp 0xffffffff81338ff0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_unlink> */ jmp 0xffffffff81338b20 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rmdir> */ jmp 0xffffffff8133dcb0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getdents> */ jmp 0xffffffff81501090 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_shmdt> */ jmp 0xffffffff81b968f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sendto> */ jmp 0xffffffff8136c130 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_utime> */ jmp 0xffffffff810a7790 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_rt_sigqueueinfo> */ jmp 0xffffffff810ac660 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setfsgid> */ jmp 0xffffffff810acfb0 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_setsid> */ jmp 0xffffffff81353560 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_umount> */ jmp 0xffffffff810af910 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_prctl> */ jmp 0xffffffff8131e160 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_vhangup> */ jmp 0xffffffff810ee410 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_get_priority_min> */ jmp 0xffffffff812fae70 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_swapoff> */ jmp 0xffffffff813563b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mount> */ jmp 0xffffffff811f2320 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_bpf> */ jmp 0xffffffff81388a90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_signalfd> */ jmp 0xffffffff810f6970 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_membarrier> */ jmp 0xffffffff8138ef10 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_userfaultfd> */ jmp 0xffffffff81339db0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_renameat2> */ jmp 0xffffffff81b97920 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sendmmsg> */ jmp 0xffffffff813a6a30 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_open_by_handle_at> */ jmp 0xffffffff81267190 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_perf_event_open> */ jmp 0xffffffff816f8620 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getrandom> */ jmp 0xffffffff810ed8b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_sched_getattr> */ jmp 0xffffffff81321bd0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_preadv2> */ jmp 0xffffffff8138ae90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_eventfd> */ jmp 0xffffffff813875f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_epoll_pwait> */ jmp 0xffffffff8136a5e0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_splice> */ jmp 0xffffffff81339e90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_renameat> */ jmp 0xffffffff81504230 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_mq_unlink> */ jmp 0xffffffff812cce30 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_pkey_mprotect> */ jmp 0xffffffff81323480 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_copy_file_range> */ jmp 0xffffffff8116de80 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_kexec_file_load> */ jmp 0xffffffff810af970 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_getcpu> */ jmp 0xffffffff8127ed80 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_process_mrelease> */ jmp 0xffffffff8131be20 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_faccessat2> */ jmp 0xffffffff8131e100 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_close_range> */ jmp 0xffffffff81371800 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_fsopen> */ jmp 0xffffffff8130ca50 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_set_mempolicy_home_node> */ jmp 0xffffffff81315860 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_memfd_secret> */ jmp 0xffffffff810783f0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_map_shadow_stack> */ jmp 0xffffffff810ad990 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_setdomainname> */ jmp 0xffffffff81161cf0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_futex_requeue> */ jmp 0xffffffff81161a90 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_futex_wait> */ jmp 0xffffffff81511200 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_lsm_get_self_attr> */ jmp 0xffffffff8113b8c0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_init_module> */ jmp 0xffffffff81037090 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_ioperm> */ jmp 0xffffffff810ac6d0 - 0xffffffff810024b0 + x64_sys_call /* <__ia32_sys_gettid> */ call 0xffffffff810954a0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_exit_group> */ call 0xffffffff810953b0 - 0xffffffff810024b0 + x64_sys_call /* <__x64_sys_exit> */ .size x64_sys_call, . - x64_sys_call .globl x32_sys_call .type x32_sys_call @function x32_sys_call: endbr64 cmp $0xd0,%esi je 0xffffffff810082ce - 0xffffffff81006b30 + x32_sys_call /* */ ja 0xffffffff81006bbc - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x64,%esi je 0xffffffff810082c9 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100704e - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x97,%esi je 0xffffffff810082c4 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006ffc - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xb0,%esi je 0xffffffff810082bf - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006f98 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xc3,%esi je 0xffffffff810082ba - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006f67 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xc9,%esi je 0xffffffff810082b5 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006c4e - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xcc,%esi je 0xffffffff810082b0 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006c31 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xcf,%esi je 0xffffffff810082ab - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81003d20 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_ni_syscall> */ cmp $0x13f,%esi je 0xffffffff810082a6 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006de5 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1c7,%esi je 0xffffffff810082a1 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006d90 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x20e,%esi je 0xffffffff8100829c - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006d2c - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x219,%esi je 0xffffffff81008297 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006cfb - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x21f,%esi je 0xffffffff81008292 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006c96 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x222,%esi je 0xffffffff81008003 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006c79 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x223,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81322430 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_pwritev64v2> */ cmp $0xca,%esi je 0xffffffff8100828d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xcb,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810edfe0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_setaffinity> */ cmp $0xc6,%esi je 0xffffffff81008288 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006cc1 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xc7,%esi je 0xffffffff81008369 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xc8,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810a75f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_tkill> */ cmp $0x220,%esi je 0xffffffff81008364 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x221,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8132d7c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_execveat> */ cmp $0x21c,%esi je 0xffffffff8100835f - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006cde - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x21d,%esi je 0xffffffff8100835a - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x21e,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81b96e50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getsockopt> */ cmp $0xc4,%esi je 0xffffffff81008355 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xc5,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8135b690 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_removexattr> */ cmp $0x21a,%esi je 0xffffffff81008350 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x21b,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff812de280 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_process_vm_readv> */ cmp $0x214,%esi je 0xffffffff8100834b - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810076ae - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x217,%esi je 0xffffffff81008346 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006d73 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x218,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810a7d00 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_rt_tgsigqueueinfo> */ cmp $0x203,%esi je 0xffffffff81007ffe - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007da3 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x209,%esi je 0xffffffff8100832d - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007782 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x20c,%esi je 0xffffffff81008328 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810077ad - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x20d,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810a83a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_sigaltstack> */ cmp $0x215,%esi je 0xffffffff81008337 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x216,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81321ef0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_preadv64> */ cmp $0x1b1,%esi je 0xffffffff81008341 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006e9e - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1bc,%esi je 0xffffffff8100833c - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006e6d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1c2,%esi je 0xffffffff81008323 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006f02 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1c5,%esi je 0xffffffff8100831e - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006e50 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1c6,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81161930 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_futex_wake> */ cmp $0x107,%esi je 0xffffffff81008332 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810079b3 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x122,%esi je 0xffffffff81008391 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100773b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x131,%esi je 0xffffffff8100838c - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007924 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x13a,%esi je 0xffffffff81008387 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100767f - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x13d,%esi je 0xffffffff81008382 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006f2d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x13e,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff816f8620 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getrandom> */ cmp $0x1c3,%esi je 0xffffffff8100839b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1c4,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131c860 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fchmodat2> */ cmp $0x1b7,%esi je 0xffffffff810083a5 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810076dd - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1ba,%esi je 0xffffffff810083a0 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006ee5 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1bb,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff813b80d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_quotactl_fd> */ cmp $0x14e,%esi je 0xffffffff81008396 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100782f - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1ac,%esi je 0xffffffff810083b9 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007804 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1af,%esi je 0xffffffff810083b4 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810078cd - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1b0,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81356650 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fsmount> */ cmp $0x1b8,%esi je 0xffffffff810080a3 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1b9,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81387870 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_epoll_pwait2> */ cmp $0x1bf,%esi je 0xffffffff81007f45 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006f4a - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1c0,%esi je 0xffffffff81007f40 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1c1,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81161650 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_futex_waitv> */ cmp $0x13b,%esi je 0xffffffff81007f59 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x13c,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81339db0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_renameat2> */ cmp $0x1bd,%esi je 0xffffffff81007f54 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1be,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8153fdf0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_landlock_restrict_self> */ cmp $0xbe,%esi je 0xffffffff81007f4f - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100770c - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xc1,%esi je 0xffffffff81007f4a - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81006fdf - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xc2,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8135b470 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_listxattr> */ cmp $0xa4,%esi je 0xffffffff8100809e - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007cae - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xaa,%esi je 0xffffffff810083af - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007c83 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xad,%esi je 0xffffffff810083aa - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007d4c - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xaf,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8113b8c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_init_module> */ cmp $0xbf,%esi je 0xffffffff81008373 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xc0,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8135b270 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_lgetxattr> */ cmp $0x7c,%esi je 0xffffffff8100837d - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810070f5 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x8c,%esi je 0xffffffff81008378 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810070c4 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x92,%esi je 0xffffffff8100823d - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100714d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x95,%esi je 0xffffffff81008238 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810070a7 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x96,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff812c25b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_munlock> */ cmp $0x34,%esi je 0xffffffff8100836e - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100727d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x4e,%esi je 0xffffffff81008251 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007246 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x59,%esi je 0xffffffff8100824c - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810071ce - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x5f,%esi je 0xffffffff81008247 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810071ac - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x62,%esi je 0xffffffff81008242 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007178 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x63,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810afa70 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sysinfo> */ cmp $0x93,%esi je 0xffffffff8100825b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x94,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ee4d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_rr_get_interval> */ cmp $0x87,%esi je 0xffffffff81008265 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007398 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x8a,%esi je 0xffffffff81008260 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007130 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x8b,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8134d910 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sysfs> */ cmp $0x71,%esi je 0xffffffff81008256 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007400 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x77,%esi je 0xffffffff81008233 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810073de - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x7a,%esi je 0xffffffff8100822e - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100747d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x7b,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ac660 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setfsgid> */ cmp $0x88,%esi je 0xffffffff8100816b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x89,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8136e710 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_statfs> */ cmp $0x8f,%esi je 0xffffffff810080ad - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100718f - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x90,%esi je 0xffffffff810080a8 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x91,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ed590 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_getscheduler> */ cmp $0x60,%esi je 0xffffffff810080c1 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x61,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ade30 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getrlimit> */ cmp $0x8d,%esi je 0xffffffff810080bc - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x8e,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ed0f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_setparam> */ cmp $0x5c,%esi je 0xffffffff810080b7 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810071f2 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x5d,%esi je 0xffffffff810080b2 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x5e,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131cd50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_lchown> */ cmp $0x54,%esi je 0xffffffff810080d5 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007220 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x57,%esi je 0xffffffff810080d0 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007209 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x58,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff813392b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_symlink> */ cmp $0x5a,%esi je 0xffffffff81008166 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x5b,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131c740 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fchmod> */ cmp $0x55,%esi je 0xffffffff810080e9 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x56,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81339740 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_link> */ cmp $0x51,%esi je 0xffffffff810080e4 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810072c7 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x52,%esi je 0xffffffff810080df - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x53,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81338860 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mkdir> */ cmp $0x43,%esi je 0xffffffff810080da - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007317 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x49,%esi je 0xffffffff81008279 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810072f5 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x4c,%esi je 0xffffffff81008274 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810072de - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x4d,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131ba30 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_ftruncate> */ cmp $0x1b,%esi je 0xffffffff8100826f - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810074ea - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x26,%esi je 0xffffffff810080cb - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810074c2 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x2c,%esi je 0xffffffff810080c6 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100753c - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x32,%esi je 0xffffffff8100826a - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810073c7 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x33,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81b96530 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getsockname> */ cmp $0x4f,%esi je 0xffffffff81008189 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x50,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131bee0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_chdir> */ cmp $0x4a,%esi je 0xffffffff81008184 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x4b,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8136b4b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fdatasync> */ cmp $0x46,%esi je 0xffffffff8100817f - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007344 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x47,%esi je 0xffffffff8100817a - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x48,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8133b120 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fcntl> */ cmp $0x3d,%esi je 0xffffffff81008175 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007372 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x40,%esi je 0xffffffff81008170 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100735b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x41,%esi je 0xffffffff81008283 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x42,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff814fc3b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_semctl> */ cmp $0x44,%esi je 0xffffffff8100827e - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x45,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff814f9070 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_msgsnd> */ cmp $0x3e,%esi je 0xffffffff81008102 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x3f,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810acfd0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_newuname> */ cmp $0x39,%esi je 0xffffffff810080fd - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007494 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x3a,%esi je 0xffffffff810080f8 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x3c,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ call 0xffffffff810953b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_exit> */ cmp $0x82,%esi je 0xffffffff81008116 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100755e - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x84,%esi je 0xffffffff81008111 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x85,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff813385b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mknod> */ cmp $0x30,%esi je 0xffffffff8100810c - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x31,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81b95d60 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_bind> */ cmp $0x74,%esi je 0xffffffff81008107 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100742d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x75,%esi je 0xffffffff81008161 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x76,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ac030 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getresuid> */ cmp $0x6b,%esi je 0xffffffff8100815c - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100745b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x6e,%esi je 0xffffffff81008157 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007444 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x6f,%esi je 0xffffffff81008152 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x70,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810acfb0 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_setsid> */ cmp $0x72,%esi je 0xffffffff8100814d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x73,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ca380 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getgroups> */ cmp $0x6c,%esi je 0xffffffff81008148 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x6d,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810acc50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setpgid> */ cmp $0x68,%esi je 0xffffffff81008143 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810074ab - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x69,%esi je 0xffffffff8100813e - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x6a,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810aba10 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setgid> */ cmp $0x78,%esi je 0xffffffff810081b1 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x79,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810accb0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getpgid> */ cmp $0x35,%esi je 0xffffffff810081ac - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x38,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8108e160 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_clone> */ cmp $0x66,%esi je 0xffffffff810081a7 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x67,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81106d40 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_syslog> */ cmp $0x21,%esi je 0xffffffff810081a2 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100758c - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x24,%esi je 0xffffffff81008193 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007525 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x25,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81156b80 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_alarm> */ cmp $0xb,%esi je 0xffffffff8100819d - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810075fe - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x16,%esi je 0xffffffff81008198 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810075dc - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x19,%esi je 0xffffffff8100818e - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810075ae - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1a,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff812cf360 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_msync> */ cmp $0x22,%esi je 0xffffffff810081c5 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x23,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81146f40 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_nanosleep> */ cmp $0x29,%esi je 0xffffffff810081c0 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007575 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x2a,%esi je 0xffffffff810081d9 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x2b,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81b96230 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_accept> */ cmp $0x7d,%esi je 0xffffffff810081d4 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x7e,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8109d1f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_capset> */ cmp $0x27,%esi je 0xffffffff810081cf - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x28,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff813226a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sendfile64> */ cmp $0x1e,%esi je 0xffffffff810081ca - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810075c5 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1f,%esi je 0xffffffff81007ff9 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x20,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8134d100 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_dup> */ cmp $0x17,%esi je 0xffffffff81007ff4 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x18,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ee330 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_sched_yield> */ cmp $0x1c,%esi je 0xffffffff81007fef - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1d,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81500420 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_shmget> */ cmp $0x11,%esi je 0xffffffff81007fea - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff8100762b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x12,%esi je 0xffffffff81007fe5 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x15,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131be80 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_access> */ cmp $0x5,%esi je 0xffffffff81007fe0 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007659 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x8,%esi je 0xffffffff81007fdb - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007642 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x9,%esi je 0xffffffff81007fd6 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xa,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff812ccdc0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mprotect> */ cmp $0xc,%esi je 0xffffffff81007fd1 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xe,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810a3110 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_rt_sigprocmask> */ cmp $0x6,%esi je 0xffffffff81007fcc - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x7,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff813409b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_poll> */ cmp $0x2,%esi je 0xffffffff81007fc7 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007951 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x3,%esi je 0xffffffff81007fc2 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x4,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81329c00 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_newstat> */ cmp $0x135,%esi je 0xffffffff81007fbd - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810077ca - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x138,%esi je 0xffffffff81007fb8 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x139,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8113b920 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_finit_module> */ cmp $0x211,%esi je 0xffffffff81007fb3 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810078ea - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x212,%esi je 0xffffffff81007fae - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x213,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81161e90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_get_robust_list> */ cmp $0x1b4,%esi je 0xffffffff81007f81 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007d69 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1b5,%esi je 0xffffffff81007f7c - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1b6,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810bb6a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pidfd_getfd> */ cmp $0xbb,%esi je 0xffffffff81007f77 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007a04 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xbc,%esi je 0xffffffff81007f72 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xbd,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8135ae20 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_lsetxattr> */ cmp $0x115,%esi je 0xffffffff81007f6d - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007e64 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x11d,%esi je 0xffffffff81007f68 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007e39 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x120,%esi je 0xffffffff81007f63 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007dd0 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x121,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81388970 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_signalfd4> */ cmp $0x206,%esi je 0xffffffff81007fa9 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810077e7 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x207,%esi je 0xffffffff81007fa4 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x208,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8132d6f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_execve> */ cmp $0x20a,%esi je 0xffffffff81007f9f - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x20b,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810a7000 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_rt_sigtimedwait_time64> */ cmp $0x132,%esi je 0xffffffff81007f9a - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x134,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810c4860 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setns> */ cmp $0x204,%esi je 0xffffffff81007f95 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x205,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81c24420 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_recvfrom> */ cmp $0x1a9,%esi je 0xffffffff81007f90 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007868 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1aa,%esi je 0xffffffff81007f8b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1ab,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff815bb5a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_io_uring_register> */ cmp $0x146,%esi je 0xffffffff81007f86 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff810078a2 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x14b,%esi je 0xffffffff8100804e - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007885 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x14c,%esi je 0xffffffff81008049 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x14d,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81392f30 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_io_pgetevents> */ cmp $0x14f,%esi je 0xffffffff81008044 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1a8,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810a73d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pidfd_send_signal> */ cmp $0x149,%esi je 0xffffffff8100803f - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x14a,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff812cce90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pkey_alloc> */ cmp $0x143,%esi je 0xffffffff8100803a - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007907 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x144,%esi je 0xffffffff81008035 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x145,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff812c24f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mlock2> */ cmp $0x1ad,%esi je 0xffffffff81008030 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1ae,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81371800 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fsopen> */ cmp $0x20f,%esi je 0xffffffff8100802b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x210,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8116c910 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_kexec_load> */ cmp $0x140,%esi je 0xffffffff810081bb - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x141,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff811f2320 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_bpf> */ cmp $0x12c,%esi je 0xffffffff810081b6 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007984 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x12f,%esi je 0xffffffff81007f5e - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007967 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x130,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff813a6a30 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_open_by_handle_at> */ test %esi,%esi je 0xffffffff81008026 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81321500 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_write> */ cmp $0x12d,%esi je 0xffffffff81008021 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x12e,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ae750 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_prlimit64> */ cmp $0x125,%esi je 0xffffffff8100801c - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007a21 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x126,%esi je 0xffffffff81008017 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x12a,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81267190 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_perf_event_open> */ cmp $0xee,%esi je 0xffffffff81008076 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007abf - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xfc,%esi je 0xffffffff81008071 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007a8a - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x102,%esi je 0xffffffff8100806c - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007a5b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x105,%esi je 0xffffffff81008067 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007a3e - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x106,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81329ca0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_newfstatat> */ cmp $0xb3,%esi je 0xffffffff81008058 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xba,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ac6d0 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_gettid> */ cmp $0x123,%esi je 0xffffffff81008062 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x124,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8134cec0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_dup3> */ cmp $0x103,%esi je 0xffffffff8100805d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x104,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131cc50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fchownat> */ cmp $0xff,%esi je 0xffffffff81008099 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007b0a - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x100,%esi je 0xffffffff81008094 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x101,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131d8e0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_openat> */ cmp $0xf5,%esi je 0xffffffff8100808f - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007c1e - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xfa,%esi je 0xffffffff8100808a - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007c01 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xfb,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81585ee0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_ioprio_set> */ cmp $0xe1,%esi je 0xffffffff81008053 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007b6f - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xe7,%esi je 0xffffffff810083be - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007b44 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xea,%esi je 0xffffffff81008085 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007b27 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xeb,%esi je 0xffffffff81008201 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xed,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8130d160 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mbind> */ cmp $0xfd,%esi je 0xffffffff810081fc - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xfe,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81380750 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_inotify_add_watch> */ cmp $0xe8,%esi je 0xffffffff810081f7 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xe9,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81387270 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_epoll_ctl> */ cmp $0xe4,%esi je 0xffffffff810081f2 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007b9c - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xe5,%esi je 0xffffffff810081ed - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xe6,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81153260 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_clock_nanosleep> */ cmp $0xdb,%esi je 0xffffffff810081e8 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007bd6 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xdf,%esi je 0xffffffff810081e3 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007bb9 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xe0,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81151ca0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_timer_gettime> */ cmp $0xe2,%esi je 0xffffffff81008229 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xe3,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81152780 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_clock_settime> */ cmp $0xdc,%esi je 0xffffffff81008224 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xdd,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8127f200 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fadvise64> */ cmp $0xd8,%esi je 0xffffffff8100821f - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007c49 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xd9,%esi je 0xffffffff8100821a - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xda,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8108b310 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_set_tid_address> */ cmp $0xf8,%esi je 0xffffffff81008215 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xf9,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8150a450 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_request_key> */ cmp $0xf1,%esi je 0xffffffff81008210 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007c66 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xf2,%esi je 0xffffffff8100820b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xf3,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81504670 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mq_timedreceive> */ cmp $0xd2,%esi je 0xffffffff81008206 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xd5,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81386520 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_epoll_create> */ cmp $0xef,%esi je 0xffffffff81008139 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xf0,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff815040f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mq_open> */ cmp $0xa7,%esi je 0xffffffff81008134 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007ce7 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xa8,%esi je 0xffffffff8100812f - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xa9,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810c7f10 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_reboot> */ cmp $0x9e,%esi je 0xffffffff8100812a - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007d21 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xa1,%esi je 0xffffffff81008125 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007d04 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xa2,%esi je 0xffffffff81008120 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xa3,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81169770 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_acct> */ cmp $0xa5,%esi je 0xffffffff810080f3 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xa6,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81353560 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_umount> */ cmp $0x9f,%esi je 0xffffffff810080ee - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xa0,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810ae7b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setrlimit> */ cmp $0x9a,%esi je 0xffffffff81008012 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007d86 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x9b,%esi je 0xffffffff8100800d - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x9d,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810af910 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_prctl> */ cmp $0xab,%esi je 0xffffffff81008008 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0xac,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810370f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_iopl> */ cmp $0x1b2,%esi je 0xffffffff8100811b - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1b3,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8108e1c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_clone3> */ cmp $0x98,%esi je 0xffffffff81008080 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x99,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131e160 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_vhangup> */ cmp $0x1cd,%esi je 0xffffffff8100807b - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007e0a - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x201,%esi je 0xffffffff810081de - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007ded - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x202,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8133d130 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_ioctl> */ cmp $0x11e,%esi je 0xffffffff81008319 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x11f,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8138a0b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_timerfd_gettime> */ cmp $0x1ce,%esi je 0xffffffff81008314 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x200,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff810a8ce0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_rt_sigaction> */ cmp $0x1ca,%esi je 0xffffffff8100830f - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007ea1 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1cb,%esi je 0xffffffff8100830a - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1cc,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff815111a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_lsm_set_self_attr> */ cmp $0x11a,%esi je 0xffffffff81008305 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007ebe - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x11b,%esi je 0xffffffff81008300 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x11c,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8138ae90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_eventfd> */ cmp $0x10d,%esi je 0xffffffff810082fb - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007ef8 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x110,%esi je 0xffffffff810082f6 - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007edb - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x113,%esi je 0xffffffff810082f1 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x114,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8136ac60 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_tee> */ cmp $0x1c8,%esi je 0xffffffff810082ec - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x1c9,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff813570d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_statmount> */ cmp $0x118,%esi je 0xffffffff810082e7 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x119,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff813875f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_epoll_pwait> */ cmp $0x10e,%esi je 0xffffffff810082e2 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x10f,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81340c30 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_ppoll> */ cmp $0x10a,%esi je 0xffffffff810082dd - 0xffffffff81006b30 + x32_sys_call /* */ jbe 0xffffffff81007f23 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x10b,%esi je 0xffffffff810082d8 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x10c,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff8131c8c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fchmodat> */ cmp $0x108,%esi je 0xffffffff810082d3 - 0xffffffff81006b30 + x32_sys_call /* */ cmp $0x109,%esi jne 0xffffffff81006bb7 - 0xffffffff81006b30 + x32_sys_call /* */ jmp 0xffffffff81339650 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_linkat> */ jmp 0xffffffff8127ed80 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_process_mrelease> */ jmp 0xffffffff81315860 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_memfd_secret> */ jmp 0xffffffff8135b2d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fgetxattr> */ jmp 0xffffffff8135aea0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fsetxattr> */ jmp 0xffffffff8153fc50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_landlock_add_rule> */ jmp 0xffffffff810ed8b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_getattr> */ jmp 0xffffffff813a6890 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_name_to_handle_at> */ jmp 0xffffffff81b961d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_accept4> */ jmp 0xffffffff8131bcc0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fallocate> */ jmp 0xffffffff8136b780 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sync_file_range> */ jmp 0xffffffff8135ada0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setxattr> */ jmp 0xffffffff81284070 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_readahead> */ jmp 0xffffffff8131da40 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_openat2> */ jmp 0xffffffff8131e100 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_close_range> */ jmp 0xffffffff81323480 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_copy_file_range> */ jmp 0xffffffff815a7ff0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_io_uring_enter> */ jmp 0xffffffff815a80a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_io_uring_setup> */ jmp 0xffffffff81321a40 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_writev> */ jmp 0xffffffff8136b270 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_syncfs> */ jmp 0xffffffff810a3720 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_rt_sigpending> */ jmp 0xffffffff81c24330 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_recvmsg> */ jmp 0xffffffff81c24250 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_sendmsg> */ jmp 0xffffffff81161d90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_set_robust_list> */ jmp 0xffffffff81096270 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_waitid> */ jmp 0xffffffff8113e8f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_kcmp> */ jmp 0xffffffff810af970 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getcpu> */ jmp 0xffffffff8131dfe0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_close> */ jmp 0xffffffff8131d780 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_open> */ jmp 0xffffffff81329c50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_newlstat> */ jmp 0xffffffff812c8660 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_brk> */ jmp 0xffffffff8103b8d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mmap> */ jmp 0xffffffff8131ff00 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_lseek> */ jmp 0xffffffff81329d00 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_newfstat> */ jmp 0xffffffff81321850 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pwrite64> */ jmp 0xffffffff81321610 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pread64> */ jmp 0xffffffff812f2dc0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_madvise> */ jmp 0xffffffff813407c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_select> */ jmp 0xffffffff81500540 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_shmctl> */ jmp 0xffffffff813219e0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_readv> */ jmp 0xffffffff813220a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_preadv64v2> */ jmp 0xffffffff810ad990 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setdomainname> */ jmp 0xffffffff81356fe0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pivot_root> */ jmp 0xffffffff81039330 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_modify_ldt> */ jmp 0xffffffff81380680 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_inotify_init1> */ jmp 0xffffffff8132f870 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pipe2> */ jmp 0xffffffff81384870 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fanotify_mark> */ jmp 0xffffffff813213b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_read> */ jmp 0xffffffff81504bd0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_mq_notify> */ jmp 0xffffffff813566b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_move_mount> */ jmp 0xffffffff810f6970 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_membarrier> */ jmp 0xffffffff8138ef10 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_userfaultfd> */ jmp 0xffffffff812cce30 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pkey_mprotect> */ jmp 0xffffffff810750c0 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_uretprobe> */ jmp 0xffffffff81329ff0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_statx> */ jmp 0xffffffff812ccee0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pkey_free> */ jmp 0xffffffff81151ea0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_timer_getoverrun> */ jmp 0xffffffff813b7d30 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_quotactl> */ jmp 0xffffffff81338510 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mknodat> */ jmp 0xffffffff813864c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_epoll_create1> */ jmp 0xffffffff8136c070 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_futimesat> */ jmp 0xffffffff813387c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mkdirat> */ jmp 0xffffffff81585f40 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_ioprio_get> */ jmp 0xffffffff8130a9a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_set_mempolicy> */ jmp 0xffffffff81511260 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_lsm_list_modules> */ jmp 0xffffffff812c2810 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_munlockall> */ jmp 0xffffffff810a7430 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_tgkill> */ jmp 0xffffffff8150be50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_keyctl> */ jmp 0xffffffff815048f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mq_getsetattr> */ jmp 0xffffffff8130aa00 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_migrate_pages> */ jmp 0xffffffff813809e0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_inotify_rm_watch> */ jmp 0xffffffff81140790 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_settimeofday> */ jmp 0xffffffff812f2ea0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_process_madvise> */ jmp 0xffffffff810ed070 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_setscheduler> */ jmp 0xffffffff810ed6b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_getparam> */ jmp 0xffffffff8131cf30 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fchown> */ jmp 0xffffffff8131ccd0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_chown> */ jmp 0xffffffff810ab6d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setpriority> */ jmp 0xffffffff81140510 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_gettimeofday> */ jmp 0xffffffff81b968f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sendto> */ jmp 0xffffffff81156ce0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setitimer> */ jmp 0xffffffff81338ff0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_unlink> */ jmp 0xffffffff81338b20 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_rmdir> */ jmp 0xffffffff81501090 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_shmdt> */ jmp 0xffffffff81339f50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_rename> */ jmp 0xffffffff8131c0c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fchdir> */ jmp 0xffffffff8131dee0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_creat> */ jmp 0xffffffff81140d00 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_adjtimex> */ jmp 0xffffffff813563b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mount> */ jmp 0xffffffff8108e0e0 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_vfork> */ jmp 0xffffffff8108e070 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_fork> */ jmp 0xffffffff810a7270 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_kill> */ jmp 0xffffffff810ca510 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setgroups> */ jmp 0xffffffff81b96fc0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_shutdown> */ jmp 0xffffffff8136c130 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_utime> */ jmp 0xffffffff810a9410 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_rt_sigsuspend> */ jmp 0xffffffff810bb460 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pidfd_open> */ jmp 0xffffffff8136b1e0 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_sync> */ jmp 0xffffffff8131c260 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_chroot> */ jmp 0xffffffff81031bc0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_arch_prctl> */ jmp 0xffffffff812fae70 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_swapoff> */ jmp 0xffffffff812faf10 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_swapon> */ jmp 0xffffffff8130aa60 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_get_mempolicy> */ jmp 0xffffffff810abd60 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setuid> */ jmp 0xffffffff810ac7d0 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_getgid> */ jmp 0xffffffff810ac810 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_getegid> */ jmp 0xffffffff810ab8d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setregid> */ jmp 0xffffffff810acd10 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_getpgrp> */ jmp 0xffffffff810ac700 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_getppid> */ jmp 0xffffffff810ac790 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_geteuid> */ jmp 0xffffffff810abfd0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setresuid> */ jmp 0xffffffff8131c920 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_chmod> */ jmp 0xffffffff8136e870 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_ustat> */ jmp 0xffffffff814fc270 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_semget> */ jmp 0xffffffff81096120 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_wait4> */ jmp 0xffffffff814f8eb0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_msgctl> */ jmp 0xffffffff814f9220 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_msgrcv> */ jmp 0xffffffff8136b3d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fsync> */ jmp 0xffffffff8136d3b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getcwd> */ jmp 0xffffffff812ceff0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mremap> */ jmp 0xffffffff811566d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getitimer> */ jmp 0xffffffff8132f8d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pipe> */ jmp 0xffffffff812c7160 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_munmap> */ jmp 0xffffffff8134cf20 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_dup2> */ jmp 0xffffffff810ac750 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_getuid> */ jmp 0xffffffff81b95ba0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_socketpair> */ jmp 0xffffffff810ac380 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getresgid> */ jmp 0xffffffff81384810 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fanotify_init> */ jmp 0xffffffff8116de80 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_kexec_file_load> */ jmp 0xffffffff81b958c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_socket> */ jmp 0xffffffff810a93b0 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_pause> */ jmp 0xffffffff81500c90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_shmat> */ jmp 0xffffffff810ac6a0 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_getpid> */ jmp 0xffffffff8109d1a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_capget> */ jmp 0xffffffff81b96400 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_connect> */ jmp 0xffffffff81032c40 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_compat_sys_x32_rt_sigreturn> */ jmp 0xffffffff81151fc0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_timer_settime> */ jmp 0xffffffff810a2e20 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_restart_syscall> */ jmp 0xffffffff81152b90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_clock_getres> */ jmp 0xffffffff81152920 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_clock_gettime> */ jmp 0xffffffff813873d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_epoll_wait> */ jmp 0xffffffff813806e0 - 0xffffffff81006b30 + x32_sys_call /* <__ia32_sys_inotify_init> */ jmp 0xffffffff8136c0d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_utimes> */ jmp 0xffffffff81392ab0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_io_cancel> */ jmp 0xffffffff815044f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mq_timedsend> */ jmp 0xffffffff81504230 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mq_unlink> */ jmp 0xffffffff8150a3f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_add_key> */ jmp 0xffffffff8133def0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getdents64> */ jmp 0xffffffff812ca0b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_remap_file_pages> */ jmp 0xffffffff814fd900 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_semtimedop> */ jmp 0xffffffff811523c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_timer_delete> */ jmp 0xffffffff810ac560 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setfsuid> */ jmp 0xffffffff810ac320 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setresgid> */ jmp 0xffffffff812c2490 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mlock> */ jmp 0xffffffff810ee350 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_get_priority_max> */ jmp 0xffffffff810aee50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getrusage> */ jmp 0xffffffff810aeef0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_umask> */ jmp 0xffffffff81329dd0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_readlink> */ jmp 0xffffffff8133dcb0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getdents> */ jmp 0xffffffff810abbe0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setreuid> */ jmp 0xffffffff810ee410 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_get_priority_min> */ jmp 0xffffffff8136e7c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fstatfs> */ jmp 0xffffffff8108e900 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_personality> */ jmp 0xffffffff81b95ed0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_listen> */ jmp 0xffffffff812c0920 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mincore> */ jmp 0xffffffff8131b740 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_truncate> */ jmp 0xffffffff813993b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_flock> */ jmp 0xffffffff814f8d90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_msgget> */ jmp 0xffffffff814fdcb0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_semop> */ jmp 0xffffffff8135b6f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_lremovexattr> */ jmp 0xffffffff81160ff0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_futex> */ jmp 0xffffffff813922e0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_io_setup> */ jmp 0xffffffff81c244a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_recvmmsg_time64> */ jmp 0xffffffff81151c00 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_timer_create> */ jmp 0xffffffff81161a90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_futex_wait> */ jmp 0xffffffff81319ee0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_memfd_create> */ jmp 0xffffffff813923b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_io_destroy> */ jmp 0xffffffff810ee1b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_getaffinity> */ jmp 0xffffffff811401b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_time> */ jmp 0xffffffff8135b4d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_llistxattr> */ jmp 0xffffffff8113bdc0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_delete_module> */ jmp 0xffffffff812c27d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mlockall> */ jmp 0xffffffff810ac850 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_times> */ jmp 0xffffffff81392d90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_io_getevents> */ jmp 0xffffffff81339e90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_renameat> */ jmp 0xffffffff81329d50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_readlinkat> */ jmp 0xffffffff81339210 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_symlinkat> */ jmp 0xffffffff81340840 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_pselect6> */ jmp 0xffffffff8136bef0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_utimensat> */ jmp 0xffffffff81161cf0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_futex_requeue> */ jmp 0xffffffff8136a5e0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_splice> */ jmp 0xffffffff8108e6d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_unshare> */ jmp 0xffffffff8131bdc0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_faccessat> */ jmp 0xffffffff81389ef0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_timerfd_create> */ jmp 0xffffffff81388a90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_signalfd> */ jmp 0xffffffff81511200 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_lsm_get_self_attr> */ jmp 0xffffffff81357130 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_listmount> */ jmp 0xffffffff812de850 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mseal> */ jmp 0xffffffff81389f50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_timerfd_settime> */ jmp 0xffffffff810783f0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_map_shadow_stack> */ jmp 0xffffffff8130ca50 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_set_mempolicy_home_node> */ jmp 0xffffffff810a7a00 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_rt_sigqueueinfo> */ jmp 0xffffffff8109f7b0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_ptrace> */ jmp 0xffffffff81338f10 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_unlinkat> */ jmp 0xffffffff81312f00 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_move_pages> */ jmp 0xffffffff8153fbf0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_landlock_create_ruleset> */ jmp 0xffffffff81371aa0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fspick> */ jmp 0xffffffff81322280 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_pwritev64> */ jmp 0xffffffff8136a580 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_vmsplice> */ jmp 0xffffffff81c242c0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_sendmmsg> */ jmp 0xffffffff8135b530 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_flistxattr> */ jmp 0xffffffff81b96cf0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_setsockopt> */ jmp 0xffffffff812de300 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_process_vm_writev> */ jmp 0xffffffff81392970 - 0xffffffff81006b30 + x32_sys_call /* <__x64_compat_sys_io_submit> */ jmp 0xffffffff8135b750 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fremovexattr> */ jmp 0xffffffff81b96670 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getpeername> */ jmp 0xffffffff8135b210 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getxattr> */ jmp 0xffffffff810ab730 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getpriority> */ jmp 0xffffffff810acd60 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_getsid> */ jmp 0xffffffff8119e490 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_seccomp> */ jmp 0xffffffff810ed150 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sched_setattr> */ jmp 0xffffffff81152b40 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_clock_adjtime> */ jmp 0xffffffff8138ae30 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_eventfd2> */ jmp 0xffffffff81272810 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_rseq> */ jmp 0xffffffff8127a6d0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_cachestat> */ jmp 0xffffffff81357030 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_mount_setattr> */ jmp 0xffffffff8131be20 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_faccessat2> */ jmp 0xffffffff81037090 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_ioperm> */ jmp 0xffffffff810ad310 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_sethostname> */ jmp 0xffffffff81371dc0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_fsconfig> */ jmp 0xffffffff81354f90 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_open_tree> */ call 0xffffffff810954a0 - 0xffffffff81006b30 + x32_sys_call /* <__x64_sys_exit_group> */ .size x32_sys_call, . - x32_sys_call .globl ia32_sys_call .type ia32_sys_call @function ia32_sys_call: endbr64 cmp $0xed,%esi je 0xffffffff81006662 - 0xffffffff81004e60 + ia32_sys_call /* */ ja 0xffffffff81004eec - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x76,%esi je 0xffffffff8100665d - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005e1e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xb4,%esi je 0xffffffff81006658 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810054b9 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xd1,%esi je 0xffffffff81006653 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005afe - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xe0,%esi je 0xffffffff8100664e - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100531a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xe7,%esi je 0xffffffff81006649 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81004f8e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xea,%esi je 0xffffffff81006644 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81004f71 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xeb,%esi je 0xffffffff8100663f - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8135b720 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_lremovexattr> */ cmp $0x15d,%esi je 0xffffffff8100663a - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005167 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x199,%esi je 0xffffffff81006635 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005102 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1b5,%esi je 0xffffffff81006630 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005092 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1c2,%esi je 0xffffffff8100662b - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005055 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1c9,%esi je 0xffffffff81006626 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81004fd6 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1cc,%esi je 0xffffffff81006621 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81004fb9 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1cd,%esi je 0xffffffff8100661c - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1ce,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812de880 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mseal> */ cmp $0xe8,%esi je 0xffffffff81006617 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xe9,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8135b500 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_llistxattr> */ cmp $0xe4,%esi je 0xffffffff81006b08 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005001 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xe5,%esi je 0xffffffff81006b03 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xe6,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8135b2a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_lgetxattr> */ cmp $0x1ca,%esi je 0xffffffff81006afe - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1cb,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81511230 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_lsm_get_self_attr> */ cmp $0x1c6,%esi je 0xffffffff81006af9 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100501a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1c7,%esi je 0xffffffff81006af4 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1c8,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81161d20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_futex_requeue> */ cmp $0xe2,%esi je 0xffffffff81006aef - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xe3,%esi jne 0xffffffff81005033 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8135ae60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_lsetxattr> */ cmp $0x1c4,%esi je 0xffffffff81006aea - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1c5,%esi jne 0xffffffff81005044 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81078490 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_map_shadow_stack> */ cmp $0xe1,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8103aba0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ia32_readahead> */ cmp $0x1c3,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8127a860 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_cachestat> */ cmp $0x1bc,%esi je 0xffffffff81006ae5 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100545b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1bf,%esi je 0xffffffff81006ae0 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810050e5 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1c0,%esi je 0xffffffff81006adb - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1c1,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff811617c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_futex_waitv> */ cmp $0x1a8,%esi je 0xffffffff81006ad6 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005a58 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1af,%esi je 0xffffffff81006ad1 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005a2d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1b2,%esi je 0xffffffff81006acc - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005d97 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1b3,%esi je 0xffffffff81006ac7 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1b4,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8131e130 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_close_range> */ cmp $0x1bd,%esi je 0xffffffff81006ac2 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1be,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8153ff40 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_landlock_restrict_self> */ cmp $0x178,%esi je 0xffffffff81006abd - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005238 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x18c,%esi je 0xffffffff81006ab8 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810051fb - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x193,%esi je 0xffffffff81006ab3 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810052a4 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x196,%esi je 0xffffffff81006aae - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810051de - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x197,%esi je 0xffffffff81006aa9 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x198,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81151d20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timer_gettime> */ cmp $0x127,%esi je 0xffffffff81006aa4 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100556d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x142,%esi je 0xffffffff81006a9f - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100551e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x150,%esi je 0xffffffff81006a9a - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005386 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x157,%esi je 0xffffffff81006a95 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100535b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x15a,%esi je 0xffffffff81006a90 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810052cf - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x15b,%esi je 0xffffffff81006a8b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x15c,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812de340 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_process_vm_writev> */ cmp $0x194,%esi je 0xffffffff81006a86 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x195,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81152b70 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_adjtime> */ cmp $0x17f,%esi je 0xffffffff81006a81 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100548a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x189,%esi je 0xffffffff81006a7c - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100528b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x18a,%esi je 0xffffffff81006a77 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x18b,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff815004b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_shmget> */ cmp $0x16b,%esi je 0xffffffff81006a72 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810060a5 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x172,%esi je 0xffffffff81006a6d - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005acf - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x175,%esi je 0xffffffff81006a68 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006073 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x176,%esi je 0xffffffff81006a63 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x177,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810f6ad0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_membarrier> */ cmp $0x181,%esi je 0xffffffff81006a5e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x182,%esi jne 0xffffffff810052ec - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812729a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_rseq> */ cmp $0x190,%esi je 0xffffffff81006a59 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810052fd - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x191,%esi je 0xffffffff81006a54 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x192,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff814f8f10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_msgctl> */ cmp $0x158,%esi je 0xffffffff81006a4f - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x159,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81c24280 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sendmmsg> */ cmp $0x180,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81031c60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_arch_prctl> */ cmp $0x18e,%esi je 0xffffffff81006a4a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x18f,%esi jne 0xffffffff81005e7c - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff814f8e20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_msgget> */ cmp $0xd8,%esi je 0xffffffff81006a45 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100597b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xdb,%esi je 0xffffffff81006a40 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005874 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xdc,%esi je 0xffffffff81006a3b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xdd,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8133b2d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_fcntl64> */ cmp $0x154,%esi je 0xffffffff81006a36 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810053bf - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x155,%esi je 0xffffffff81006a31 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x156,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff813a6a90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_open_by_handle_at> */ cmp $0x149,%esi je 0xffffffff81006a2c - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810053f1 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x14d,%esi je 0xffffffff81006a27 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810053d8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x14e,%esi je 0xffffffff81006a22 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x14f,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810a7c80 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_rt_tgsigqueueinfo> */ cmp $0x152,%esi je 0xffffffff81006a1d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x153,%esi jne 0xffffffff8100541c - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff813848f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_fanotify_mark> */ cmp $0x14b,%esi je 0xffffffff81006a18 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x14c,%esi jne 0xffffffff8100542d - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff813806b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_inotify_init1> */ cmp $0x146,%esi je 0xffffffff81006a13 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100543e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x147,%esi je 0xffffffff81006a0e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x148,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8138ae60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_eventfd2> */ cmp $0x151,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81c244e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_recvmmsg_time32> */ cmp $0x14a,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8134cef0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_dup3> */ cmp $0x144,%esi je 0xffffffff81006a09 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x145,%esi jne 0xffffffff81005db4 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8138a260 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timerfd_settime32> */ cmp $0x1b9,%esi je 0xffffffff81006a04 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100608c - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1ba,%esi je 0xffffffff810069ff - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1bb,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff813b82e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_quotactl_fd> */ cmp $0x17c,%esi je 0xffffffff810069fa - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005e8d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x17d,%esi je 0xffffffff810069f5 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x17e,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812cd020 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pkey_free> */ cmp $0x96,%esi je 0xffffffff810069f0 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005bab - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xa4,%esi je 0xffffffff810069eb - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005b6e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xae,%esi je 0xffffffff810069e6 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100616a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xb1,%esi je 0xffffffff810069e1 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005b51 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xb2,%esi je 0xffffffff810069dc - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xb3,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810a9510 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_rt_sigsuspend> */ cmp $0x135,%esi je 0xffffffff810069d7 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810057e0 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x13c,%esi je 0xffffffff810069d2 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810057b5 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x13f,%esi je 0xffffffff810069cd - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810055ca - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x140,%esi je 0xffffffff810069c8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x141,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81388cd0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_signalfd> */ cmp $0x10a,%esi je 0xffffffff810069c3 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005674 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x119,%esi je 0xffffffff810069be - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005633 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x121,%esi je 0xffffffff810069b9 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005604 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x124,%esi je 0xffffffff810069b4 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810055e7 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x125,%esi je 0xffffffff810069af - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x126,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8130aa30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_migrate_pages> */ cmp $0x13d,%esi je 0xffffffff810069aa - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x13e,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810af9f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getcpu> */ cmp $0x122,%esi je 0xffffffff810069a5 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x123,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff813806e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_inotify_init> */ cmp $0x11e,%esi je 0xffffffff810069a0 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810056bf - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x11f,%esi je 0xffffffff8100699b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x120,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8150edb0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_keyctl> */ cmp $0x112,%esi je 0xffffffff81006996 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810058e6 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x116,%esi je 0xffffffff81006991 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005857 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x117,%esi je 0xffffffff8100698c - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x118,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81504f00 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mq_timedreceive_time32> */ cmp $0xfa,%esi je 0xffffffff81006987 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100573e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x103,%esi je 0xffffffff81006982 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005713 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x107,%esi je 0xffffffff8100697d - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810056d8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x108,%esi je 0xffffffff81006978 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x109,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81152fa0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_gettime32> */ cmp $0x11b,%esi je 0xffffffff81006973 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x11c,%esi jne 0xffffffff810056f1 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81096240 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_waitid> */ cmp $0x105,%esi je 0xffffffff8100696e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x106,%esi jne 0xffffffff81005702 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81151f30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timer_getoverrun> */ cmp $0x11a,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81504c60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_mq_getsetattr> */ cmp $0x104,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff811522c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timer_settime32> */ cmp $0x100,%esi je 0xffffffff81006969 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100577b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x101,%esi je 0xffffffff81006964 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x102,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8108b350 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_set_tid_address> */ cmp $0xf4,%esi je 0xffffffff8100695f - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005891 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xf7,%esi je 0xffffffff8100695a - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005798 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xf8,%esi je 0xffffffff81006955 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xf9,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81392c20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_io_cancel> */ cmp $0xfe,%esi je 0xffffffff81006950 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xff,%esi jne 0xffffffff810058bc - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81387320 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_epoll_ctl> */ cmp $0xf5,%esi je 0xffffffff8100694b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xf6,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff813924a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_io_destroy> */ cmp $0x139,%esi je 0xffffffff81006946 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100581d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x13a,%esi je 0xffffffff81006941 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x13b,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8136ad40 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_tee> */ cmp $0x12e,%esi je 0xffffffff8100693c - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005950 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x132,%esi je 0xffffffff81006937 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100583a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x133,%esi je 0xffffffff81006932 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x134,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81341200 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_pselect6_time32> */ cmp $0x137,%esi je 0xffffffff8100692d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x138,%esi jne 0xffffffff810059a6 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81161dd0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_get_robust_list> */ cmp $0x130,%esi je 0xffffffff81006928 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x131,%esi jne 0xffffffff81005911 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81329d90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_readlinkat> */ cmp $0x114,%esi je 0xffffffff81006923 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x115,%esi jne 0xffffffff810059b7 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81504950 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_mq_open> */ cmp $0xd9,%esi je 0xffffffff8100691e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xda,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812c0950 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mincore> */ cmp $0xf1,%esi je 0xffffffff81006919 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810058cd - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xf2,%esi je 0xffffffff81006914 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xf3,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8104a070 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_set_thread_area> */ cmp $0xfc,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ call 0xffffffff810954d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_exit_group> */ cmp $0xef,%esi je 0xffffffff8100690f - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xf0,%esi jne 0xffffffff81005922 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81162120 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_futex_time32> */ cmp $0x10e,%esi je 0xffffffff8100690a - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005933 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x10f,%esi je 0xffffffff81006905 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x110,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8103ab20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ia32_fadvise64_64> */ cmp $0x12f,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff813396d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_linkat> */ cmp $0xee,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810a76c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_tkill> */ cmp $0x10c,%esi je 0xffffffff81006900 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x10d,%esi jne 0xffffffff810059e1 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8136eaa0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_fstatfs64> */ cmp $0x12b,%esi je 0xffffffff810068fb - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810059c8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x12c,%esi je 0xffffffff810068f6 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x12d,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81338f80 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_unlinkat> */ cmp $0xd5,%esi je 0xffffffff810068f1 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810059f2 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xd6,%esi je 0xffffffff810068ec - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xd7,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ac580 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setfsuid> */ cmp $0x136,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8108e700 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_unshare> */ cmp $0x113,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8130ab30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_get_mempolicy> */ cmp $0x129,%esi je 0xffffffff810068e7 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x12a,%esi jne 0xffffffff81005a0b - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8131cc90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fchownat> */ cmp $0x10b,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81153650 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_nanosleep_time32> */ cmp $0xd3,%esi je 0xffffffff810068e2 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xd4,%esi jne 0xffffffff81005a1c - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8131cd10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_chown> */ cmp $0x128,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81338810 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mkdirat> */ cmp $0xd2,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ac350 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setresgid> */ cmp $0x1ac,%esi je 0xffffffff810068dd - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005a95 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1ad,%esi je 0xffffffff810068d8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1ae,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81371950 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fsopen> */ cmp $0x1a1,%esi je 0xffffffff810068d3 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005dc5 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1a5,%esi je 0xffffffff810068ce - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005ab2 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1a6,%esi je 0xffffffff810068c9 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1a7,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ee560 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_rr_get_interval> */ cmp $0x1aa,%esi je 0xffffffff810068c4 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1ab,%esi jne 0xffffffff81005df0 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff815bb5d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_io_uring_register> */ cmp $0x1a3,%esi je 0xffffffff810068bf - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1a4,%esi jne 0xffffffff810060da - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff814fd9c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_semtimedop> */ cmp $0x16f,%esi je 0xffffffff810068ba - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005ec8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x170,%esi je 0xffffffff810068b5 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x171,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81b96930 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sendto> */ cmp $0xc4,%esi je 0xffffffff810068b0 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810061e5 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xcb,%esi je 0xffffffff810068ab - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006199 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xce,%esi je 0xffffffff810068a6 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810061c8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xcf,%esi je 0xffffffff810068a1 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xd0,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ac000 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setresuid> */ cmp $0xaf,%esi je 0xffffffff8100689c - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xb0,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810a3630 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_rt_sigpending> */ cmp $0x9d,%esi je 0xffffffff81006897 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005c17 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xa1,%esi je 0xffffffff81006892 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005bfa - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xa2,%esi je 0xffffffff8100688d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xa3,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812cf020 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mremap> */ cmp $0x87,%esi je 0xffffffff81006888 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005c92 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x8f,%esi je 0xffffffff81006883 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005c46 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x92,%esi je 0xffffffff8100687e - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005c75 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x93,%esi je 0xffffffff81006879 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x94,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8136b550 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fdatasync> */ cmp $0x9f,%esi je 0xffffffff81006874 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xa0,%esi jne 0xffffffff81005cfa - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ee470 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_get_priority_min> */ cmp $0x9a,%esi je 0xffffffff8100686f - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005cc8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x9b,%esi je 0xffffffff8100686a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x9c,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ed0b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_setscheduler> */ cmp $0x8c,%esi je 0xffffffff81006865 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005d51 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x8d,%esi je 0xffffffff81006860 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x8e,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81340ee0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_select> */ cmp $0x90,%esi je 0xffffffff8100685b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x91,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81321a10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_readv> */ cmp $0x7d,%esi je 0xffffffff81006856 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005d0b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x83,%esi je 0xffffffff81006851 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005ce1 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x84,%esi je 0xffffffff8100684c - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x85,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8131c190 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fchdir> */ cmp $0x98,%esi je 0xffffffff81006847 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x99,%esi jne 0xffffffff81005d2d - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812c2810 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_munlockall> */ cmp $0x80,%esi je 0xffffffff81006842 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x81,%esi jne 0xffffffff81005d6a - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8113bdf0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_delete_module> */ cmp $0x9e,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ee330 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_yield> */ cmp $0x7a,%esi je 0xffffffff8100683d - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005d3e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x7b,%esi je 0xffffffff81006838 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x7c,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81141090 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_adjtimex_time32> */ cmp $0x97,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812c26c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_munlock> */ cmp $0x78,%esi je 0xffffffff81006833 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x79,%esi jne 0xffffffff81005d78 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810adbe0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setdomainname> */ cmp $0x8a,%esi je 0xffffffff8100682e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x8b,%esi jne 0xffffffff81005d86 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81167810 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setfsgid16> */ cmp $0x7e,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8116df10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sigprocmask> */ cmp $0x77,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8103b210 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sigreturn> */ cmp $0x88,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8108e940 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_personality> */ cmp $0x1b0,%esi je 0xffffffff81006829 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1b1,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81371c30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fspick> */ cmp $0x143,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8138aec0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_eventfd> */ cmp $0x19d,%esi je 0xffffffff81006824 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005e01 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x19e,%esi je 0xffffffff8100681f - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1a0,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81393650 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_io_pgetevents_time64> */ cmp $0x1a9,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff815a8110 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_io_uring_setup> */ cmp $0x19b,%esi je 0xffffffff8100681a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x19c,%esi jne 0xffffffff81005ea6 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8136bfb0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_utimensat> */ cmp $0x3d,%esi je 0xffffffff81006815 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005ff0 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x58,%esi je 0xffffffff81006810 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005f8a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x67,%esi je 0xffffffff8100680b - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005f2b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x6e,%esi je 0xffffffff81006806 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005f09 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x73,%esi je 0xffffffff81006801 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005ee1 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x74,%esi je 0xffffffff810067fc - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x75,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81501330 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ipc> */ cmp $0x18d,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81500d70 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_shmat> */ cmp $0x17a,%esi je 0xffffffff810067f7 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x17b,%esi jne 0xffffffff81005eb7 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81322480 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_pwritev2> */ cmp $0x19a,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8138a130 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timerfd_gettime> */ cmp $0x179,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff813234c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_copy_file_range> */ cmp $0x16d,%esi je 0xffffffff810067f2 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x16e,%esi jne 0xffffffff81005ef8 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81b96d30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setsockopt> */ cmp $0x6f,%esi je 0xffffffff810067ed - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x72,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810961e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_wait4> */ cmp $0x16c,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81b96200 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_accept4> */ cmp $0x6b,%esi je 0xffffffff810067e8 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005f5c - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x6c,%esi je 0xffffffff810067e3 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x6d,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ad030 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_uname> */ cmp $0x5f,%esi je 0xffffffff810067de - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005fce - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x64,%esi je 0xffffffff810067d9 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81005f73 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x65,%esi je 0xffffffff810067d4 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x66,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81c24560 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_socketcall> */ cmp $0x69,%esi je 0xffffffff810067cf - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x6a,%esi jne 0xffffffff81006306 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8132a1b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_newstat> */ cmp $0x61,%esi je 0xffffffff810067ca - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x63,%esi jne 0xffffffff8100603b - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8136e8c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_statfs> */ cmp $0x4b,%esi je 0xffffffff810067c5 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100634d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x52,%esi je 0xffffffff810067c0 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100632b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x55,%esi je 0xffffffff810067bb - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006314 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x56,%esi je 0xffffffff810067b6 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x57,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812faf40 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_swapon> */ cmp $0x5c,%esi je 0xffffffff810067b1 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006045 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x5d,%esi je 0xffffffff810067ac - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x5e,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8131c7d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fchmod> */ cmp $0x1b,%esi je 0xffffffff810067a7 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100646d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x2d,%esi je 0xffffffff810067a2 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810063f5 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x34,%esi je 0xffffffff8100679d - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100642a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x39,%esi je 0xffffffff81006798 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100605c - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x3b,%esi je 0xffffffff81006793 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x3c,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810aef30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_umask> */ cmp $0x60,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ab760 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getpriority> */ cmp $0x5a,%esi je 0xffffffff8100678e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x5b,%esi jne 0xffffffff8100644c - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812c7190 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_munmap> */ cmp $0x36,%esi je 0xffffffff81006789 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x37,%esi je 0xffffffff81005356 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81003d20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ni_syscall> */ cmp $0x173,%esi je 0xffffffff81006784 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x174,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81c24300 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_recvmsg> */ cmp $0x1b7,%esi je 0xffffffff8100677f - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1b8,%esi jne 0xffffffff810060e7 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812f2ed0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_process_madvise> */ cmp $0x164,%esi je 0xffffffff8100677a - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006111 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x168,%esi je 0xffffffff81006775 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810060f8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x169,%esi je 0xffffffff81006770 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x16a,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81b96430 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_connect> */ cmp $0x1a2,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff815045b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mq_timedsend> */ cmp $0x1b6,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810bb730 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pidfd_getfd> */ cmp $0x166,%esi je 0xffffffff8100676b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x167,%esi jne 0xffffffff8100613c - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81b958f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_socket> */ cmp $0x161,%esi je 0xffffffff81006766 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100614d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x162,%esi je 0xffffffff81006761 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x163,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff816f86f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getrandom> */ cmp $0x165,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff811f2360 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_bpf> */ cmp $0x15f,%esi je 0xffffffff8100675c - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x160,%esi jne 0xffffffff81006254 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810eda70 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_getattr> */ cmp $0xab,%esi je 0xffffffff81006757 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100621e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xac,%esi je 0xffffffff81006752 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xad,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8103b2e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_rt_sigreturn> */ cmp $0xc8,%esi je 0xffffffff8100674d - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810062ba - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xc9,%esi je 0xffffffff81006748 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xca,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ac810 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getegid> */ cmp $0xcc,%esi je 0xffffffff81006743 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xcd,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ca430 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getgroups> */ cmp $0xbb,%esi je 0xffffffff8100673e - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006265 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xc1,%esi je 0xffffffff81006739 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006237 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xc2,%esi je 0xffffffff81006734 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xc3,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8103ad90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ia32_stat64> */ cmp $0xa8,%esi je 0xffffffff8100672f - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xaa,%esi jne 0xffffffff81006290 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff811675b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setresgid16> */ cmp $0xbf,%esi je 0xffffffff8100672a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xc0,%esi jne 0xffffffff810062d3 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff812c6080 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mmap_pgoff> */ cmp $0x15e,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8113b9c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_finit_module> */ cmp $0xb8,%esi je 0xffffffff81006725 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810062a1 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xb9,%esi je 0xffffffff81006720 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xba,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810a8370 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sigaltstack> */ cmp $0xa5,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff811674a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getresuid16> */ cmp $0xb6,%esi je 0xffffffff8100671b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xb7,%esi jne 0xffffffff810062e4 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8136d3e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getcwd> */ cmp $0xc6,%esi je 0xffffffff81006716 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xc7,%esi jne 0xffffffff810062f5 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ac750 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getuid> */ cmp $0xbe,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8108e0e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_vfork> */ cmp $0xb5,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8103aa90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ia32_pwrite64> */ cmp $0xc5,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8103ae30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ia32_fstat64> */ cmp $0x68,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81156fe0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_setitimer> */ cmp $0x53,%esi je 0xffffffff81006711 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x54,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81329b90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_lstat> */ cmp $0x4f,%esi je 0xffffffff8100670c - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100637a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x50,%esi je 0xffffffff81006707 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x51,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff811679f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setgroups16> */ cmp $0x44,%esi je 0xffffffff81006702 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810063a0 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x48,%esi je 0xffffffff810066fd - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100638d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x49,%esi je 0xffffffff810066f8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x4a,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ad550 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sethostname> */ cmp $0x4d,%esi je 0xffffffff810066f3 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x4e,%esi jne 0xffffffff810063c2 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81140970 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_gettimeofday> */ cmp $0x46,%esi je 0xffffffff810066ee - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x47,%esi jne 0xffffffff810063d0 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff811671c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setregid16> */ cmp $0x41,%esi je 0xffffffff810066e9 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810063de - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x42,%esi je 0xffffffff810066e4 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x43,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810a8e60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sigaction> */ cmp $0x4c,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ae590 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_old_getrlimit> */ cmp $0x45,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810a91f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ssetmask> */ cmp $0x3f,%esi je 0xffffffff810066df - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x40,%esi jne 0xffffffff810064c0 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ac700 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getppid> */ cmp $0x25,%esi je 0xffffffff810066da - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810064ea - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x29,%esi je 0xffffffff810066d5 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810064ad - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x2a,%esi je 0xffffffff810066d0 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x2b,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ac990 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_times> */ cmp $0x31,%esi je 0xffffffff810066cb - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100645a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x32,%esi je 0xffffffff810066c6 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x33,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81169820 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_acct> */ cmp $0x59,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8133e130 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_old_readdir> */ cmp $0x2f,%esi je 0xffffffff810066c1 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x30,%esi jne 0xffffffff810064ce - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810a9320 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_signal> */ cmp $0xd,%esi je 0xffffffff810066bc - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006558 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x15,%esi je 0xffffffff810066b7 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006536 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x18,%esi je 0xffffffff810066b2 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff8100650c - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x19,%esi je 0xffffffff810066ad - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1a,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8109f670 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ptrace> */ cmp $0x27,%esi je 0xffffffff810066a8 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x28,%esi jne 0xffffffff810064dc - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81338b90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_rmdir> */ cmp $0x3e,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8136eb00 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ustat> */ cmp $0x2e,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81167230 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setgid16> */ cmp $0x26,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81339fb0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_rename> */ cmp $0x21,%esi je 0xffffffff810066a3 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006523 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x22,%esi je 0xffffffff8100669e - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x24,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8136b1e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sync> */ cmp $0x16,%esi je 0xffffffff81006699 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x17,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81167310 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setuid16> */ cmp $0x1d,%esi je 0xffffffff81006694 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x1e,%esi jne 0xffffffff81006585 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8136c340 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_utime32> */ cmp $0x12,%esi je 0xffffffff8100668f - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff81006593 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x13,%esi je 0xffffffff8100668a - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x14,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810ac6a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getpid> */ cmp $0x6,%esi je 0xffffffff81006685 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810065b9 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xa,%esi je 0xffffffff81006680 - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810065a6 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xb,%esi je 0xffffffff8100667b - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0xc,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8131bfd0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_chdir> */ cmp $0x1c,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81329be0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fstat> */ cmp $0xf,%esi je 0xffffffff81006676 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x10,%esi jne 0xffffffff810065db - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81167080 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_lchown16> */ cmp $0x8,%esi je 0xffffffff81006671 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x9,%esi jne 0xffffffff810065e9 - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff813397a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_link> */ cmp $0x3,%esi je 0xffffffff8100666c - 0xffffffff81004e60 + ia32_sys_call /* */ jbe 0xffffffff810065f7 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x4,%esi je 0xffffffff81006667 - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x5,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8131dc60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_open> */ cmp $0xe,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff81338600 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mknod> */ cmp $0x7,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810961b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_waitpid> */ cmp $0x1,%esi je 0xffffffff81006b0d - 0xffffffff81004e60 + ia32_sys_call /* */ cmp $0x2,%esi jne 0xffffffff8100660a - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff8108e070 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fork> */ test %esi,%esi jne 0xffffffff8100606e - 0xffffffff81004e60 + ia32_sys_call /* */ jmp 0xffffffff810a2e20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_restart_syscall> */ jmp 0xffffffff8135b4a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_listxattr> */ jmp 0xffffffff81511320 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_lsm_list_modules> */ jmp 0xffffffff815111d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_lsm_set_self_attr> */ jmp 0xffffffff81357100 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_statmount> */ jmp 0xffffffff8130ca80 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_set_mempolicy_home_node> */ jmp 0xffffffff8131db50 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_openat2> */ jmp 0xffffffff811520c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timer_settime> */ jmp 0xffffffff8113e920 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_kcmp> */ jmp 0xffffffff8135b6c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_removexattr> */ jmp 0xffffffff8135b5e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_flistxattr> */ jmp 0xffffffff8135b3a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fgetxattr> */ jmp 0xffffffff810ac6d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_gettid> */ jmp 0xffffffff810ac0c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getresuid> */ jmp 0xffffffff8103aa10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ia32_pread64> */ jmp 0xffffffff8136b440 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fsync> */ jmp 0xffffffff8135b780 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fremovexattr> */ jmp 0xffffffff81321530 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_write> */ jmp 0xffffffff813213e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_read> */ jmp 0xffffffff8131df60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_creat> */ jmp 0xffffffff8131c950 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_chmod> */ jmp 0xffffffff8132d690 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_execve> */ jmp 0xffffffff81339060 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_unlink> */ jmp 0xffffffff8131e070 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_close> */ jmp 0xffffffff8131ff60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_lseek> */ jmp 0xffffffff81329b40 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_stat> */ jmp 0xffffffff810a93b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pause> */ jmp 0xffffffff813536f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_oldumount> */ jmp 0xffffffff810ebfa0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_nice> */ jmp 0xffffffff8131beb0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_access> */ jmp 0xffffffff813388e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mkdir> */ jmp 0xffffffff81140480 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_stime32> */ jmp 0xffffffff81167a10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getuid16> */ jmp 0xffffffff81356500 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mount> */ jmp 0xffffffff811403a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_time32> */ jmp 0xffffffff81167ab0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getgid16> */ jmp 0xffffffff81167b00 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getegid16> */ jmp 0xffffffff81167a60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_geteuid16> */ jmp 0xffffffff8132f900 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pipe> */ jmp 0xffffffff8134d220 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_dup> */ jmp 0xffffffff810a7320 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_kill> */ jmp 0xffffffff8134d010 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_dup2> */ jmp 0xffffffff810acfb0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setsid> */ jmp 0xffffffff810acd10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getpgrp> */ jmp 0xffffffff811672a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setreuid16> */ jmp 0xffffffff810aeea0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_getrusage> */ jmp 0xffffffff810a85c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sigpending> */ jmp 0xffffffff810a9670 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sigsuspend> */ jmp 0xffffffff810a9120 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sgetmask> */ jmp 0xffffffff81167900 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getgroups16> */ jmp 0xffffffff81140b10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_settimeofday> */ jmp 0xffffffff81339300 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_symlink> */ jmp 0xffffffff8131cd90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_lchown> */ jmp 0xffffffff81166fd0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_chown16> */ jmp 0xffffffff8109d220 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_capset> */ jmp 0xffffffff8109d1d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_capget> */ jmp 0xffffffff810ae170 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_getrlimit> */ jmp 0xffffffff81340af0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_poll> */ jmp 0xffffffff8103a9a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ia32_ftruncate64> */ jmp 0xffffffff8103a940 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ia32_truncate64> */ jmp 0xffffffff81322860 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sendfile> */ jmp 0xffffffff810ab900 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setregid> */ jmp 0xffffffff810ac790 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_geteuid> */ jmp 0xffffffff810ac7d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getgid> */ jmp 0xffffffff810af940 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_prctl> */ jmp 0xffffffff811676c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getresgid16> */ jmp 0xffffffff810ed370 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_setattr> */ jmp 0xffffffff8119e4c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_seccomp> */ jmp 0xffffffff81339e20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_renameat2> */ jmp 0xffffffff8132d750 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_execveat> */ jmp 0xffffffff81b95d90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_bind> */ jmp 0xffffffff81b95bd0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_socketpair> */ jmp 0xffffffff81319f10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_memfd_create> */ jmp 0xffffffff8131be50 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_faccessat2> */ jmp 0xffffffff81c243e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_recvfrom> */ jmp 0xffffffff8133d100 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ioctl> */ jmp 0xffffffff8103aee0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ia32_mmap> */ jmp 0xffffffff810ad1b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_olduname> */ jmp 0xffffffff810acc80 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setpgid> */ jmp 0xffffffff813535f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_umount> */ jmp 0xffffffff812c8680 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_brk> */ jmp 0xffffffff81156c30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_alarm> */ jmp 0xffffffff8131bb30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ftruncate> */ jmp 0xffffffff8131b7c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_truncate> */ jmp 0xffffffff8132c6c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_uselib> */ jmp 0xffffffff81329e20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_readlink> */ jmp 0xffffffff81340f60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_old_select> */ jmp 0xffffffff810ae010 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_setrlimit> */ jmp 0xffffffff810ab700 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setpriority> */ jmp 0xffffffff81156890 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_getitimer> */ jmp 0xffffffff810370c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ioperm> */ jmp 0xffffffff8136e910 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_fstatfs> */ jmp 0xffffffff81167130 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fchown16> */ jmp 0xffffffff8132a2b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_newfstat> */ jmp 0xffffffff8132a200 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_newlstat> */ jmp 0xffffffff8131e160 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_vhangup> */ jmp 0xffffffff81b96e90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getsockopt> */ jmp 0xffffffff813220f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_preadv2> */ jmp 0xffffffff810afab0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sysinfo> */ jmp 0xffffffff812fae90 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_swapoff> */ jmp 0xffffffff81037170 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_iopl> */ jmp 0xffffffff81106d70 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_syslog> */ jmp 0xffffffff810c7f40 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_reboot> */ jmp 0xffffffff8131c380 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_chroot> */ jmp 0xffffffff8138a000 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timerfd_settime> */ jmp 0xffffffff81341630 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ppoll_time64> */ jmp 0xffffffff81341080 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_pselect6_time64> */ jmp 0xffffffff81356680 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fsmount> */ jmp 0xffffffff811677b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setfsuid16> */ jmp 0xffffffff8103b020 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ia32_clone> */ jmp 0xffffffff810393c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_modify_ldt> */ jmp 0xffffffff810acff0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_newuname> */ jmp 0xffffffff8113b8f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_init_module> */ jmp 0xffffffff812c27f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mlockall> */ jmp 0xffffffff810acce0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getpgid> */ jmp 0xffffffff813b7f00 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_quotactl> */ jmp 0xffffffff812cce00 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mprotect> */ jmp 0xffffffff812cf390 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_msync> */ jmp 0xffffffff8133e2d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_getdents> */ jmp 0xffffffff81320110 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_llseek> */ jmp 0xffffffff810ed7b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_getparam> */ jmp 0xffffffff810ed120 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_setparam> */ jmp 0xffffffff810ee3b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_get_priority_max> */ jmp 0xffffffff810ace00 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getsid> */ jmp 0xffffffff81321a70 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_writev> */ jmp 0xffffffff813993e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_flock> */ jmp 0xffffffff8134d9c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sysfs> */ jmp 0xffffffff81147210 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_nanosleep_time32> */ jmp 0xffffffff810ee670 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_rr_get_interval_time32> */ jmp 0xffffffff810ed620 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sched_getscheduler> */ jmp 0xffffffff810a32d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_rt_sigprocmask> */ jmp 0xffffffff8131cf60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fchown> */ jmp 0xffffffff810ca540 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setgroups> */ jmp 0xffffffff810abc10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setreuid> */ jmp 0xffffffff8103ade0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ia32_lstat64> */ jmp 0xffffffff81b966a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getpeername> */ jmp 0xffffffff81b96560 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getsockname> */ jmp 0xffffffff81504730 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mq_timedreceive> */ jmp 0xffffffff815a8030 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_io_uring_enter> */ jmp 0xffffffff811611c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_futex> */ jmp 0xffffffff810a6f30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_rt_sigtimedwait_time64> */ jmp 0xffffffff81c24460 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_recvmmsg_time64> */ jmp 0xffffffff81356850 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_move_mount> */ jmp 0xffffffff81355130 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_open_tree> */ jmp 0xffffffff810ac410 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getresgid> */ jmp 0xffffffff81338560 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mknodat> */ jmp 0xffffffff810aba30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setgid> */ jmp 0xffffffff810abd80 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setuid> */ jmp 0xffffffff8103ae80 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ia32_fstatat64> */ jmp 0xffffffff8136c5a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_futimesat_time32> */ jmp 0xffffffff8136e9d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_statfs64> */ jmp 0xffffffff8136c600 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_utimes_time32> */ jmp 0xffffffff810a7510 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_tgkill> */ jmp 0xffffffff81322780 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_sendfile64> */ jmp 0xffffffff8116e4d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sched_getaffinity> */ jmp 0xffffffff8116e310 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sched_setaffinity> */ jmp 0xffffffff81357010 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pivot_root> */ jmp 0xffffffff8130a9d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_set_mempolicy> */ jmp 0xffffffff81339260 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_symlinkat> */ jmp 0xffffffff81161d50 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_set_robust_list> */ jmp 0xffffffff8131bdf0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_faccessat> */ jmp 0xffffffff8131c8f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fchmodat> */ jmp 0xffffffff81339ef0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_renameat> */ jmp 0xffffffff8103ac20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ia32_sync_file_range> */ jmp 0xffffffff8136a700 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_splice> */ jmp 0xffffffff81392210 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_io_setup> */ jmp 0xffffffff81386560 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_epoll_create> */ jmp 0xffffffff81392830 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_io_submit> */ jmp 0xffffffff813932c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_io_getevents_time32> */ jmp 0xffffffff8104a210 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_get_thread_area> */ jmp 0xffffffff812ca0e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_remap_file_pages> */ jmp 0xffffffff813874e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_epoll_wait> */ jmp 0xffffffff81151e20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timer_gettime32> */ jmp 0xffffffff8116c770 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_kexec_load> */ jmp 0xffffffff81152e00 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_settime32> */ jmp 0xffffffff811524e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timer_delete> */ jmp 0xffffffff81151b60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_timer_create> */ jmp 0xffffffff8103acb0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ia32_fadvise64> */ jmp 0xffffffff81504d80 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mq_timedsend_time32> */ jmp 0xffffffff81504390 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mq_unlink> */ jmp 0xffffffff8130d1a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mbind> */ jmp 0xffffffff8150a480 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_request_key> */ jmp 0xffffffff8150a420 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_add_key> */ jmp 0xffffffff81585f70 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ioprio_get> */ jmp 0xffffffff81312f40 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_move_pages> */ jmp 0xffffffff81380ac0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_inotify_rm_watch> */ jmp 0xffffffff813808a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_inotify_add_watch> */ jmp 0xffffffff81585f10 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ioprio_set> */ jmp 0xffffffff81504b40 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_mq_notify> */ jmp 0xffffffff81153190 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_getres_time32> */ jmp 0xffffffff8136c4b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_utimensat_time32> */ jmp 0xffffffff81387730 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_epoll_pwait> */ jmp 0xffffffff8136a5b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_vmsplice> */ jmp 0xffffffff81341380 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_ppoll_time32> */ jmp 0xffffffff810a7980 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_rt_sigqueueinfo> */ jmp 0xffffffff810a70d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_rt_sigtimedwait_time32> */ jmp 0xffffffff810a8b60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_rt_sigaction> */ jmp 0xffffffff81167390 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setresuid16> */ jmp 0xffffffff812c24c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mlock> */ jmp 0xffffffff812ccec0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pkey_alloc> */ jmp 0xffffffff812cce60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pkey_mprotect> */ jmp 0xffffffff81357060 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mount_setattr> */ jmp 0xffffffff81387cb0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_epoll_pwait2> */ jmp 0xffffffff8103ad40 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_ia32_fallocate> */ jmp 0xffffffff81388bb0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_signalfd4> */ jmp 0xffffffff8138a390 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timerfd_gettime32> */ jmp 0xffffffff8132f8a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pipe2> */ jmp 0xffffffff81384840 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fanotify_init> */ jmp 0xffffffff81322380 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_pwritev> */ jmp 0xffffffff81321ff0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_preadv> */ jmp 0xffffffff813864f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_epoll_create1> */ jmp 0xffffffff813a6960 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_name_to_handle_at> */ jmp 0xffffffff810ae780 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_prlimit64> */ jmp 0xffffffff8133e010 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getdents64> */ jmp 0xffffffff812f2e30 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_madvise> */ jmp 0xffffffff810ac680 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setfsgid> */ jmp 0xffffffff815010b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_shmdt> */ jmp 0xffffffff8136b320 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_syncfs> */ jmp 0xffffffff814f92d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_msgrcv> */ jmp 0xffffffff814f9160 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_msgsnd> */ jmp 0xffffffff81393390 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_io_pgetevents> */ jmp 0xffffffff8138ef70 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_userfaultfd> */ jmp 0xffffffff81b96ff0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_shutdown> */ jmp 0xffffffff81c24220 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_sendmsg> */ jmp 0xffffffff81b95f00 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_listen> */ jmp 0xffffffff814fc410 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_semctl> */ jmp 0xffffffff814fc310 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_semget> */ jmp 0xffffffff8132a0d0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_statx> */ jmp 0xffffffff81152850 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_settime> */ jmp 0xffffffff812de2c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_process_vm_readv> */ jmp 0xffffffff810c4890 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setns> */ jmp 0xffffffff811530a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_adjtime32> */ jmp 0xffffffff812671c0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_perf_event_open> */ jmp 0xffffffff81389f20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_timerfd_create> */ jmp 0xffffffff8131dda0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_openat> */ jmp 0xffffffff811533b0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_nanosleep> */ jmp 0xffffffff81152c60 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_getres> */ jmp 0xffffffff811529f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clock_gettime> */ jmp 0xffffffff815005a0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_compat_sys_shmctl> */ jmp 0xffffffff812c2550 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_mlock2> */ jmp 0xffffffff8153fd20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_landlock_add_rule> */ jmp 0xffffffff8108e1f0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_clone3> */ jmp 0xffffffff810bb580 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pidfd_open> */ jmp 0xffffffff81371df0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fsconfig> */ jmp 0xffffffff810a7400 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_pidfd_send_signal> */ jmp 0xffffffff8127edb0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_process_mrelease> */ jmp 0xffffffff81315920 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_memfd_secret> */ jmp 0xffffffff8153fc20 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_landlock_create_ruleset> */ jmp 0xffffffff8131c890 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fchmodat2> */ jmp 0xffffffff8135ade0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_setxattr> */ jmp 0xffffffff81161bd0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_futex_wait> */ jmp 0xffffffff811619e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_futex_wake> */ jmp 0xffffffff81357160 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_listmount> */ jmp 0xffffffff8135b240 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_getxattr> */ jmp 0xffffffff8135aed0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_fsetxattr> */ call 0xffffffff810953e0 - 0xffffffff81004e60 + ia32_sys_call /* <__ia32_sys_exit> */ .size ia32_sys_call, . - ia32_sys_call ================================================ FILE: tests/test_arch_sanity.py ================================================ import inspect from systrack.arch import Arch, ARCH_CLASSES def test_arch_subclass_method_overrides(): # Ensure that Arch methods marked as @final aren't overridden by subclasses final_methods = list(filter(lambda m: hasattr(m[1], '__final__'), inspect.getmembers(Arch, predicate=inspect.isfunction))) for subclass in ARCH_CLASSES: for method_name, super_method in final_methods: if not hasattr(super_method, '__final__'): continue assert issubclass(subclass, Arch) assert getattr(subclass, method_name) is super_method, \ f'{subclass.__name__} class overrides @final method ' \ f'{method_name}() of Arch class!' ================================================ FILE: tests/test_mips.py ================================================ from systrack.arch import ArchMips from .utils import * def test_dummy_syscall_64(): for abi in ('n64', 'n32', 'o32'): # Big-endian assert arch_is_dummy_syscall(ArchMips((6,9), abi, False), True, bytes.fromhex( '03e00008' # jr ra '2402ffa7' # li v0,-89 (-ENOSYS) ) ) # Little-endian assert arch_is_dummy_syscall(ArchMips((6,9), abi, False), False, bytes.fromhex( '0800e003' # jr ra 'eaff0224' # li v0,-22 (-EINVAL) ) ) ================================================ FILE: tests/test_powerpc.py ================================================ from systrack.arch import ArchPowerPC from .utils import * def test_dummy_syscall_simple(): assert arch_is_dummy_syscall(ArchPowerPC((6,8), 'ppc64', False), True, bytes.fromhex( '38 60 ff da' # li r3,-38 '4e 80 00 20' # blr ) ) assert arch_is_dummy_syscall(ArchPowerPC((6,8), 'ppc32', True), True, bytes.fromhex( '94 21 ff f0' # stwu r1,-16(r1) '38 60 ff da' # li r3,-38 '38 21 00 10' # addi r1,r1,16 '4e 80 00 20' # blr ) ) assert not arch_is_dummy_syscall(ArchPowerPC((6,8), 'ppc32', True), True, bytes.fromhex( '94 21 ff f0' # stwu r1,-16(r1) '38 60 ff 00' # li r3,-256 '38 21 00 10' # addi r1,r1,16 '4e 80 00 20' # blr ) ) def test_dummy_syscall_64(): assert arch_is_dummy_syscall(ArchPowerPC((5,0), 'ppc64', False), True, # <.sys_ni_syscall>: (64-bit, v5.0) bytes.fromhex( '7c 08 02 a6' # mflr r0 'f8 01 00 10' # std r0,16(r1) 'f8 21 ff 91' # stdu r1,-112(r1) '4b ee 47 45' # bl c0000000000707e0 <._mcount> '60 00 00 00' # nop '38 21 00 70' # addi r1,r1,112 '38 60 ff da' # li r3,-38 'e8 01 00 10' # ld r0,16(r1) '7c 08 03 a6' # mtlr r0 '4e 80 00 20' # blr '60 00 00 00' # nop '60 00 00 00' # nop ) ) def test_dummy_syscall_32(): assert arch_is_dummy_syscall(ArchPowerPC((6,8), 'ppc32', True), True, bytes.fromhex( # : (32-bit, v6.8) '7c 08 02 a6' # mflr r0 '90 01 00 04' # stw r0,4(r1) '4b f9 20 11' # bl c0039860 <_mcount> '94 21 ff f0' # stwu r1,-16(r1) '38 60 ff da' # li r3,-38 '38 21 00 10' # addi r1,r1,16 '4e 80 00 20' # blr ) ) def test_esoteric_fast_endian_switch_simple(): sym = Symbol(0x0, 0x0, 0x0, 'NOTYPE', 'exc_real_0xc00_system_call') elf = MockELF(True, {sym: bytes.fromhex( # Minimal code example that should match '2c 20 1e be' # cmpdi r0,7870 '41 c2 00 04' # beq- X '7d 9b 02 a6' # X: mfsrr1 r12 '69 8c 00 01' # xori r12,r12,1 '7d 9b 03 a6' # mtsrr1 r12 '4c 00 00 24' # rfid )}) # Should only be available for 64-bit ppc64 ABI assert not ArchPowerPC((6,8), 'ppc32', True).extract_esoteric_syscalls(elf) assert not ArchPowerPC((6,8), 'ppc32', False).extract_esoteric_syscalls(elf) assert not ArchPowerPC((6,8), 'spu', False).extract_esoteric_syscalls(elf) arch = ArchPowerPC((6,8), 'ppc64', False) res = arch.extract_esoteric_syscalls(elf) assert res and res[0][:3] == (7870, 'switch_endian', sym.name) # Also test beq+, and beq (2 encodings) for beq in (0x41e2, 0x4182, 0x41a2): code = elf.symbols_code[sym] code = code[:4] + beq.to_bytes(2, 'big') + code[6:] elf.symbols_code[sym] = code res = arch.extract_esoteric_syscalls(elf) assert res and res[0][:3] == (7870, 'switch_endian', sym.name) def test_esoteric_fast_endian_switch_real(): sym = Symbol(0x0, 0x0, 0x0, 'NOTYPE', 'exc_real_0xc00_system_call') elf = MockELF(True, {sym: bytes.fromhex( # : (64-bit, v6.8) '7d a9 03 a6' # mtctr r13 '7d b1 42 a6' # mfsprg r13,1 'f9 4d 00 88' # std r10,136(r13) '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '89 4d 0a b8' # lbz r10,2744(r13) '2c 0a 00 00' # cmpwi r10,0 '39 40 0c 00' # li r10,3072 '40 82 0d e0' # bne c000000000001a10 '7d 29 02 a6' # mfctr r9 '2c 20 1e be' # cmpdi r0,7870 '41 c2 00 20' # beq- c000000000000c5c '7d 7a 02 a6' # mfsrr0 r11 '7d 9b 02 a6' # mfsrr1 r12 '7c 42 13 78' # mr r2,r2 'e9 4d 00 18' # ld r10,24(r13) '61 4a ca d0' # ori r10,r10,51920 '7d 49 03 a6' # mtctr r10 '4e 80 04 20' # bctr '7d 9b 02 a6' # mfsrr1 r12 '69 8c 00 01' # xori r12,r12,1 '7d 9b 03 a6' # mtsrr1 r12 '7d 2d 4b 78' # mr r13,r9 '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '60 00 00 00' # nop '4c 00 00 24' # rfid '48 00 14 ac' # b c000000000002140 '48 00 00 00' # b c000000000000c98 (infinite loop) )}) # Should only be available for 64-bit ppc64 ABI assert not ArchPowerPC((6,8), 'ppc32', True).extract_esoteric_syscalls(elf) assert not ArchPowerPC((6,8), 'ppc32', False).extract_esoteric_syscalls(elf) assert not ArchPowerPC((6,8), 'spu', False).extract_esoteric_syscalls(elf) res = ArchPowerPC((6,8), 'ppc64', False).extract_esoteric_syscalls(elf) assert res and res[0][:3] == (7870, 'switch_endian', sym.name) ================================================ FILE: tests/test_x86.py ================================================ from systrack.arch import ArchX86 from systrack.elf import ELF from .utils import * def test_x86_no_table_extract_syscall_vaddrs(): elf = ELF(make_test_elf('x86_no_table_syscall_handlers')) arch = ArchX86((6,11), 'x64') vaddrs = arch.extract_syscall_vaddrs(elf) assert len(vaddrs) == 358 arch = ArchX86((6,11), 'x32') vaddrs = arch.extract_syscall_vaddrs(elf) assert len(vaddrs) == 358 arch = ArchX86((6,11), 'ia32') vaddrs = arch.extract_syscall_vaddrs(elf) assert len(vaddrs) == 429 ================================================ FILE: tests/utils.py ================================================ from pathlib import Path from subprocess import check_call from typing import Dict, Union from systrack.arch import Arch from systrack.kernel import Syscall from systrack.elf import Symbol class MockELF: '''Mock ELF class to be used in place of the ELF class provided by Systrack for testing. ''' def __init__(self, big_endian: bool, symbols_with_code: Dict[Symbol,bytes]): self.big_endian = big_endian self.symbols_code = symbols_with_code self.symbols = {} for sym in symbols_with_code: self.symbols[sym.name] = sym def next_symbol(self, sym: Symbol) -> Union[Symbol,None]: return None def vaddr_read(self, vaddr: int, size: int) -> bytes: for sym in self.symbols_code: if sym.real_vaddr == vaddr: code = self.symbols_code[sym] return code.ljust(size, b'\x00') assert False, 'Bad call to mocked ELF.vaddr_read()' def read_symbol(self, sym: Union[str,Symbol]) -> bytes: if not isinstance(sym, Symbol): sym = self.symbols[sym] return self.vaddr_read(sym.real_vaddr, sym.size) def arch_is_dummy_syscall(arch: Arch, big_endian: bool, code: bytes) -> bool: sym = Symbol(0x0, 0x0, len(code), 'FUNC', 'test') sc = Syscall(0x0, 0x0, 'test', 'test', sym, None) elf = MockELF(big_endian, {sym: code}) return arch.is_dummy_syscall(sc, elf) def make_test_elf(name: str) -> Path: target = Path(__file__).parent / 'data' / name check_call(['make', '-C', target.parent, target.name]) return target