代码拉取完成,页面将自动刷新
Index: chromium-122.0.6261.128/sandbox/features.gni
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/features.gni
+++ chromium-122.0.6261.128/sandbox/features.gni
@@ -9,7 +9,8 @@
use_seccomp_bpf = (is_linux || is_chromeos || is_android) &&
(current_cpu == "x86" || current_cpu == "x64" ||
current_cpu == "arm" || current_cpu == "arm64" ||
- current_cpu == "mipsel" || current_cpu == "mips64el")
+ current_cpu == "mipsel" || current_cpu == "mips64el" ||
+ current_cpu == "riscv64")
# SSBD (Speculative Store Bypass Disable) is a mitigation of Spectre Variant 4.
# As Spectre Variant 4 can be mitigated by site isolation, opt-out SSBD on site
Index: chromium-122.0.6261.128/sandbox/linux/bpf_dsl/linux_syscall_ranges.h
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/bpf_dsl/linux_syscall_ranges.h
+++ chromium-122.0.6261.128/sandbox/linux/bpf_dsl/linux_syscall_ranges.h
@@ -56,6 +56,13 @@
#define MAX_PUBLIC_SYSCALL __NR_syscalls
#define MAX_SYSCALL MAX_PUBLIC_SYSCALL
+#elif defined(__riscv)
+
+#include <asm/unistd.h>
+#define MIN_SYSCALL 0u
+#define MAX_PUBLIC_SYSCALL __NR_syscalls
+#define MAX_SYSCALL MAX_PUBLIC_SYSCALL
+
#else
#error "Unsupported architecture"
#endif
Index: chromium-122.0.6261.128/sandbox/linux/bpf_dsl/seccomp_macros.h
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/bpf_dsl/seccomp_macros.h
+++ chromium-122.0.6261.128/sandbox/linux/bpf_dsl/seccomp_macros.h
@@ -343,6 +343,48 @@ struct regs_struct {
#define SECCOMP_PT_PARM4(_regs) (_regs).regs[3]
#define SECCOMP_PT_PARM5(_regs) (_regs).regs[4]
#define SECCOMP_PT_PARM6(_regs) (_regs).regs[5]
+
+#elif defined(__riscv)
+struct regs_struct {
+ unsigned long regs[32];
+};
+
+#define SECCOMP_ARCH AUDIT_ARCH_RISCV64
+
+#define SECCOMP_REG(_ctx, _reg) ((_ctx)->uc_mcontext.__gregs[_reg])
+
+#define SECCOMP_RESULT(_ctx) SECCOMP_REG(_ctx, REG_A0)
+#define SECCOMP_SYSCALL(_ctx) SECCOMP_REG(_ctx, REG_A0+7)
+#define SECCOMP_IP(_ctx) (_ctx)->uc_mcontext.__gregs[REG_PC]
+#define SECCOMP_PARM1(_ctx) SECCOMP_REG(_ctx, REG_A0)
+#define SECCOMP_PARM2(_ctx) SECCOMP_REG(_ctx, REG_A0+1)
+#define SECCOMP_PARM3(_ctx) SECCOMP_REG(_ctx, REG_A0+2)
+#define SECCOMP_PARM4(_ctx) SECCOMP_REG(_ctx, REG_A0+3)
+#define SECCOMP_PARM5(_ctx) SECCOMP_REG(_ctx, REG_A0+4)
+#define SECCOMP_PARM6(_ctx) SECCOMP_REG(_ctx, REG_A0+5)
+#define SECCOMP_PARM7(_ctx) SECCOMP_REG(_ctx, REG_A0+6)
+
+#define SECCOMP_NR_IDX (offsetof(struct arch_seccomp_data, nr))
+#define SECCOMP_ARCH_IDX (offsetof(struct arch_seccomp_data, arch))
+#define SECCOMP_IP_MSB_IDX \
+ (offsetof(struct arch_seccomp_data, instruction_pointer) + 4)
+#define SECCOMP_IP_LSB_IDX \
+ (offsetof(struct arch_seccomp_data, instruction_pointer) + 0)
+#define SECCOMP_ARG_MSB_IDX(nr) \
+ (offsetof(struct arch_seccomp_data, args) + 8 * (nr) + 4)
+#define SECCOMP_ARG_LSB_IDX(nr) \
+ (offsetof(struct arch_seccomp_data, args) + 8 * (nr) + 0)
+
+#define SECCOMP_PT_RESULT(_regs) (_regs).regs[REG_A0]
+#define SECCOMP_PT_SYSCALL(_regs) (_regs).regs[REG_A0+7]
+#define SECCOMP_PT_IP(_regs) (_regs).regs[REG_PC]
+#define SECCOMP_PT_PARM1(_regs) (_regs).regs[REG_A0]
+#define SECCOMP_PT_PARM2(_regs) (_regs).regs[REG_A0+1]
+#define SECCOMP_PT_PARM3(_regs) (_regs).regs[REG_A0+2]
+#define SECCOMP_PT_PARM4(_regs) (_regs).regs[REG_A0+3]
+#define SECCOMP_PT_PARM5(_regs) (_regs).regs[REG_A0+4]
+#define SECCOMP_PT_PARM6(_regs) (_regs).regs[REG_A0+5]
+#define SECCOMP_PT_PARM7(_regs) (_regs).regs[REG_A0+6]
#else
#error Unsupported target platform
Index: chromium-122.0.6261.128/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
+++ chromium-122.0.6261.128/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc
@@ -60,6 +60,9 @@ bool IsBaselinePolicyAllowed(int sysno)
#if defined(__mips__)
SyscallSets::IsMipsPrivate(sysno) ||
#endif
+#if defined(__riscv)
+ SyscallSets::IsRiscvPrivate(sysno) ||
+#endif
SyscallSets::IsAllowedOperationOnFd(sysno);
// clang-format on
}
@@ -193,7 +196,7 @@ ResultExpr EvaluateSyscallImpl(int fs_de
return RestrictFcntlCommands();
#endif
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
// fork() is never used as a system call (clone() is used instead), but we
// have seen it in fallback code on Android.
if (sysno == __NR_fork) {
@@ -255,7 +258,7 @@ ResultExpr EvaluateSyscallImpl(int fs_de
}
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
if (sysno == __NR_mmap)
return RestrictMmapFlags();
#endif
@@ -276,7 +279,7 @@ ResultExpr EvaluateSyscallImpl(int fs_de
return RestrictPrctl();
#if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
if (sysno == __NR_socketpair) {
// Only allow AF_UNIX, PF_UNIX. Crash if anything else is seen.
static_assert(AF_UNIX == PF_UNIX,
@@ -366,7 +369,7 @@ ResultExpr EvaluateSyscallImpl(int fs_de
// Allow creating pipes, but don't allow weird flags to pipe2().
// O_NOTIFICATION_PIPE (== O_EXCL) can be used to create
// "notification pipes", which are rarely used.
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
if (sysno == __NR_pipe) {
return Allow();
}
Index: chromium-122.0.6261.128/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
+++ chromium-122.0.6261.128/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc
@@ -37,6 +37,7 @@
#if (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_LACROS)) && \
!defined(__arm__) && !defined(__aarch64__) && \
+ !defined(__riscv) && \
!defined(PTRACE_GET_THREAD_AREA)
// Also include asm/ptrace-abi.h since ptrace.h in older libc (for instance
// the one in Ubuntu 16.04 LTS) is missing PTRACE_GET_THREAD_AREA.
@@ -463,8 +464,10 @@ ResultExpr RestrictPtrace() {
#endif
return Switch(request)
.Cases({
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
PTRACE_GETREGS, PTRACE_GETFPREGS, PTRACE_GET_THREAD_AREA,
+#endif
+#if !defined(__aarch64__)
PTRACE_GETREGSET,
#endif
#if defined(__arm__)
Index: chromium-122.0.6261.128/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
+++ chromium-122.0.6261.128/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc
@@ -103,7 +103,7 @@ bool SyscallSets::IsUmask(int sysno) {
// Both EPERM and ENOENT are valid errno unless otherwise noted in comment.
bool SyscallSets::IsFileSystem(int sysno) {
switch (sysno) {
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_access: // EPERM not a valid errno.
case __NR_chmod:
case __NR_chown:
@@ -136,7 +136,7 @@ bool SyscallSets::IsFileSystem(int sysno
case __NR_faccessat2:
case __NR_fchmodat:
case __NR_fchownat: // Should be called chownat ?
-#if defined(__x86_64__) || defined(__aarch64__)
+#if defined(__x86_64__) || defined(__aarch64__) || defined(__riscv)
case __NR_newfstatat: // fstatat(). EPERM not a valid errno.
#elif defined(__i386__) || defined(__arm__) || \
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS))
@@ -241,7 +241,7 @@ bool SyscallSets::IsAllowedFileSystemAcc
case __NR_oldfstat:
#endif
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_sync_file_range: // EPERM not a valid errno.
#elif defined(__arm__)
case __NR_arm_sync_file_range: // EPERM not a valid errno.
@@ -260,7 +260,7 @@ bool SyscallSets::IsDeniedFileSystemAcce
#if defined(__i386__) || defined(__arm__)
case __NR_fchown32:
#endif
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_getdents: // EPERM not a valid errno.
#endif
case __NR_getdents64: // EPERM not a valid errno.
@@ -339,7 +339,7 @@ bool SyscallSets::IsProcessPrivilegeChan
bool SyscallSets::IsProcessGroupOrSession(int sysno) {
switch (sysno) {
case __NR_setpgid:
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_getpgrp:
#endif
case __NR_setsid:
@@ -373,7 +373,7 @@ bool SyscallSets::IsAllowedSignalHandlin
case __NR_rt_sigqueueinfo:
case __NR_rt_sigsuspend:
case __NR_rt_tgsigqueueinfo:
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_signalfd:
#endif
case __NR_signalfd4:
@@ -397,12 +397,12 @@ bool SyscallSets::IsAllowedOperationOnFd
switch (sysno) {
case __NR_close:
case __NR_dup:
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_dup2:
#endif
case __NR_dup3:
#if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_shutdown:
#endif
return true;
@@ -441,7 +441,7 @@ bool SyscallSets::IsAllowedProcessStartO
return true;
case __NR_clone: // Should be parameter-restricted.
case __NR_setns: // Privileged.
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_fork:
#endif
#if defined(__i386__) || defined(__x86_64__)
@@ -452,7 +452,7 @@ bool SyscallSets::IsAllowedProcessStartO
#endif
case __NR_set_tid_address:
case __NR_unshare:
-#if !defined(__mips__) && !defined(__aarch64__)
+#if !defined(__mips__) && !defined(__aarch64__) && !defined(__riscv)
case __NR_vfork:
#endif
default:
@@ -477,7 +477,7 @@ bool SyscallSets::IsAllowedFutex(int sys
bool SyscallSets::IsAllowedEpoll(int sysno) {
switch (sysno) {
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_epoll_create:
case __NR_epoll_wait:
#endif
@@ -499,7 +499,7 @@ bool SyscallSets::IsAllowedEpoll(int sys
bool SyscallSets::IsDeniedGetOrModifySocket(int sysno) {
switch (sysno) {
#if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_accept:
case __NR_accept4:
case __NR_bind:
@@ -553,7 +553,7 @@ bool SyscallSets::IsAllowedAddressSpaceA
case __NR_mincore:
case __NR_mlockall:
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_mmap:
#endif
#if defined(__i386__) || defined(__arm__) || \
@@ -586,7 +586,7 @@ bool SyscallSets::IsAllowedGeneralIo(int
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS))
case __NR__llseek:
#endif
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_poll:
#endif
case __NR_ppoll:
@@ -607,7 +607,7 @@ bool SyscallSets::IsAllowedGeneralIo(int
case __NR_recv:
#endif
#if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_recvfrom: // Could specify source.
case __NR_recvmsg: // Could specify source.
#endif
@@ -622,7 +622,7 @@ bool SyscallSets::IsAllowedGeneralIo(int
case __NR_send:
#endif
#if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_sendmsg: // Could specify destination.
case __NR_sendto: // Could specify destination.
#endif
@@ -671,7 +671,7 @@ bool SyscallSets::IsSeccomp(int sysno) {
bool SyscallSets::IsAllowedBasicScheduler(int sysno) {
switch (sysno) {
case __NR_sched_yield:
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_pause:
#endif
case __NR_nanosleep:
@@ -755,7 +755,7 @@ bool SyscallSets::IsNuma(int sysno) {
case __NR_getcpu:
case __NR_mbind:
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_migrate_pages:
#endif
case __NR_move_pages:
@@ -790,7 +790,7 @@ bool SyscallSets::IsGlobalProcessEnviron
switch (sysno) {
case __NR_acct: // Privileged.
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_getrlimit:
#endif
#if defined(__i386__) || defined(__arm__)
@@ -825,7 +825,7 @@ bool SyscallSets::IsDebug(int sysno) {
bool SyscallSets::IsGlobalSystemStatus(int sysno) {
switch (sysno) {
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR__sysctl:
case __NR_sysfs:
#endif
@@ -843,7 +843,7 @@ bool SyscallSets::IsGlobalSystemStatus(i
bool SyscallSets::IsEventFd(int sysno) {
switch (sysno) {
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_eventfd:
#endif
case __NR_eventfd2:
@@ -895,6 +895,7 @@ bool SyscallSets::IsKeyManagement(int sy
}
#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || \
+ defined(__riscv) || \
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS))
bool SyscallSets::IsSystemVSemaphores(int sysno) {
switch (sysno) {
@@ -914,7 +915,7 @@ bool SyscallSets::IsSystemVSemaphores(in
#endif
#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || \
- defined(__aarch64__) || \
+ defined(__aarch64__) || defined(__riscv) || \
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS))
// These give a lot of ambient authority and bypass the setuid sandbox.
bool SyscallSets::IsSystemVSharedMemory(int sysno) {
@@ -931,6 +932,7 @@ bool SyscallSets::IsSystemVSharedMemory(
#endif
#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || \
+ defined(__riscv) || \
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS))
bool SyscallSets::IsSystemVMessageQueue(int sysno) {
switch (sysno) {
@@ -962,6 +964,7 @@ bool SyscallSets::IsSystemVIpc(int sysno
bool SyscallSets::IsAnySystemV(int sysno) {
#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || \
+ defined(__riscv) || \
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS))
return IsSystemVMessageQueue(sysno) || IsSystemVSemaphores(sysno) ||
IsSystemVSharedMemory(sysno);
@@ -999,7 +1002,7 @@ bool SyscallSets::IsAdvancedScheduler(in
bool SyscallSets::IsInotify(int sysno) {
switch (sysno) {
case __NR_inotify_add_watch:
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_inotify_init:
#endif
case __NR_inotify_init1:
@@ -1134,7 +1137,7 @@ bool SyscallSets::IsMisc(int sysno) {
#if defined(__x86_64__)
case __NR_tuxcall:
#endif
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_vserver:
#endif
return true;
@@ -1193,6 +1196,18 @@ bool SyscallSets::IsMipsMisc(int sysno)
}
#endif // defined(__mips__)
+#if defined(__riscv)
+bool SyscallSets::IsRiscvPrivate(int sysno) {
+ switch (sysno) {
+ case __NR_riscv_hwprobe:
+ case __NR_riscv_flush_icache:
+ return true;
+ default:
+ return false;
+ }
+}
+#endif // defined(__riscv)
+
bool SyscallSets::IsGoogle3Threading(int sysno) {
switch (sysno) {
case __NR_getitimer:
Index: chromium-122.0.6261.128/sandbox/linux/seccomp-bpf-helpers/syscall_sets.h
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/seccomp-bpf-helpers/syscall_sets.h
+++ chromium-122.0.6261.128/sandbox/linux/seccomp-bpf-helpers/syscall_sets.h
@@ -52,7 +52,7 @@ class SANDBOX_EXPORT SyscallSets {
#endif
#if defined(__x86_64__) || defined(__arm__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
static bool IsNetworkSocketInformation(int sysno);
#endif
@@ -79,18 +79,21 @@ class SANDBOX_EXPORT SyscallSets {
static bool IsAsyncIo(int sysno);
static bool IsKeyManagement(int sysno);
#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || \
- (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS))
+ (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS)) || \
+ defined(__riscv)
static bool IsSystemVSemaphores(int sysno);
#endif
#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || \
defined(__aarch64__) || \
- (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS))
+ (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS)) || \
+ defined(__riscv)
// These give a lot of ambient authority and bypass the setuid sandbox.
static bool IsSystemVSharedMemory(int sysno);
#endif
#if defined(__x86_64__) || defined(__arm__) || defined(__aarch64__) || \
- (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS))
+ (defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_64_BITS)) || \
+ defined(__riscv)
static bool IsSystemVMessageQueue(int sysno);
#endif
@@ -117,6 +120,9 @@ class SANDBOX_EXPORT SyscallSets {
static bool IsMipsPrivate(int sysno);
static bool IsMipsMisc(int sysno);
#endif // defined(__mips__)
+#if defined(__riscv)
+ static bool IsRiscvPrivate(int sysno);
+#endif
static bool IsGoogle3Threading(int sysno);
};
Index: chromium-122.0.6261.128/sandbox/linux/seccomp-bpf/syscall.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/seccomp-bpf/syscall.cc
+++ chromium-122.0.6261.128/sandbox/linux/seccomp-bpf/syscall.cc
@@ -18,7 +18,7 @@ namespace sandbox {
namespace {
#if defined(ARCH_CPU_X86_FAMILY) || defined(ARCH_CPU_ARM_FAMILY) || \
- defined(ARCH_CPU_MIPS_FAMILY)
+ defined(ARCH_CPU_MIPS_FAMILY) || defined(ARCH_CPU_RISCV_FAMILY)
// Number that's not currently used by any Linux kernel ABIs.
const int kInvalidSyscallNumber = 0x351d3;
#else
@@ -308,6 +308,28 @@ asm(// We need to be able to tell the ke
"2:ret\n"
".cfi_endproc\n"
".size SyscallAsm, .-SyscallAsm\n"
+#elif defined(__riscv)
+ ".text\n"
+ ".align 2\n"
+ ".type SyscallAsm, %function\n"
+ "SyscallAsm:\n"
+ ".cfi_startproc\n"
+ "bgez a0,1f\n"
+ "lla a0,2f\n"
+ "j 2f\n"
+ "1:mv a7, a0\n"
+ "ld a0, (a1)\n"
+ "ld a2, 16(a1)\n"
+ "ld a3, 24(a1)\n"
+ "ld a4, 32(a1)\n"
+ "ld a5, 40(a1)\n"
+ "ld a6, 48(a1)\n"
+ "ld a1, 8(a1)\n"
+ // Enter the kernel
+ "scall\n"
+ "2:ret\n"
+ ".cfi_endproc\n"
+ ".size SyscallAsm, .-SyscallAsm\n"
#endif
); // asm
@@ -319,6 +341,10 @@ intptr_t SyscallAsm(intptr_t nr, const i
extern "C" {
intptr_t SyscallAsm(intptr_t nr, const intptr_t args[8]);
}
+#elif defined(__riscv)
+extern "C" {
+intptr_t SyscallAsm(intptr_t nr, const intptr_t args[7]);
+}
#endif
} // namespace
@@ -351,6 +377,10 @@ intptr_t Syscall::Call(int nr,
// where that makes sense.
#if defined(__mips__)
const intptr_t args[8] = {p0, p1, p2, p3, p4, p5, p6, p7};
+#elif defined(__riscv)
+ DCHECK_EQ(p7, 0) << " Support for syscalls with more than seven arguments "
+ "not added for this architecture";
+ const intptr_t args[7] = {p0, p1, p2, p3, p4, p5, p6};
#else
DCHECK_EQ(p6, 0) << " Support for syscalls with more than six arguments not "
"added for this architecture";
@@ -425,6 +455,8 @@ intptr_t Syscall::Call(int nr,
ret = inout;
}
+#elif defined(__riscv)
+ intptr_t ret = SyscallAsm(nr, args);
#else
#error "Unimplemented architecture"
#endif
Index: chromium-122.0.6261.128/sandbox/linux/services/credentials.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/services/credentials.cc
+++ chromium-122.0.6261.128/sandbox/linux/services/credentials.cc
@@ -80,7 +80,7 @@ bool ChrootToSafeEmptyDir() {
pid_t pid = -1;
alignas(16) char stack_buf[PTHREAD_STACK_MIN];
#if defined(ARCH_CPU_X86_FAMILY) || defined(ARCH_CPU_ARM_FAMILY) || \
- defined(ARCH_CPU_MIPS_FAMILY)
+ defined(ARCH_CPU_MIPS_FAMILY) || defined(ARCH_CPU_RISCV_FAMILY)
// The stack grows downward.
void* stack = stack_buf + sizeof(stack_buf);
#else
Index: chromium-122.0.6261.128/sandbox/linux/services/syscall_wrappers.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/services/syscall_wrappers.cc
+++ chromium-122.0.6261.128/sandbox/linux/services/syscall_wrappers.cc
@@ -61,7 +61,7 @@ long sys_clone(unsigned long flags,
#if defined(ARCH_CPU_X86_64)
return syscall(__NR_clone, flags, child_stack, ptid, ctid, tls);
#elif defined(ARCH_CPU_X86) || defined(ARCH_CPU_ARM_FAMILY) || \
- defined(ARCH_CPU_MIPS_FAMILY)
+ defined(ARCH_CPU_MIPS_FAMILY) || defined(ARCH_CPU_RISCV_FAMILY)
// CONFIG_CLONE_BACKWARDS defined.
return syscall(__NR_clone, flags, child_stack, ptid, tls, ctid);
#endif
Index: chromium-122.0.6261.128/sandbox/linux/syscall_broker/broker_process.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/syscall_broker/broker_process.cc
+++ chromium-122.0.6261.128/sandbox/linux/syscall_broker/broker_process.cc
@@ -122,44 +122,46 @@ bool BrokerProcess::IsSyscallBrokerable(
// and are default disabled in Android. So, we should refuse to broker them
// to be consistent with the platform's restrictions.
switch (sysno) {
-#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID)
+#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID) && !defined(__riscv)
case __NR_access:
#endif
case __NR_faccessat:
case __NR_faccessat2:
return !fast_check || policy_->allowed_command_set.test(COMMAND_ACCESS);
-#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID)
+#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID) && !defined(__riscv)
case __NR_mkdir:
#endif
case __NR_mkdirat:
return !fast_check || policy_->allowed_command_set.test(COMMAND_MKDIR);
-#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID)
+#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID) && !defined(__riscv)
case __NR_open:
#endif
case __NR_openat:
return !fast_check || policy_->allowed_command_set.test(COMMAND_OPEN);
-#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID)
+#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID) && !defined(__riscv)
case __NR_readlink:
#endif
case __NR_readlinkat:
return !fast_check || policy_->allowed_command_set.test(COMMAND_READLINK);
-#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID)
+#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID) && !defined(__riscv)
case __NR_rename:
#endif
+#ifdef __NR_renameat
case __NR_renameat:
+#endif
case __NR_renameat2:
return !fast_check || policy_->allowed_command_set.test(COMMAND_RENAME);
-#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID)
+#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID) && !defined(__riscv)
case __NR_rmdir:
return !fast_check || policy_->allowed_command_set.test(COMMAND_RMDIR);
#endif
-#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID)
+#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID) && !defined(__riscv)
case __NR_stat:
case __NR_lstat:
#endif
@@ -169,7 +171,7 @@ bool BrokerProcess::IsSyscallBrokerable(
#if defined(__NR_fstatat64)
case __NR_fstatat64:
#endif
-#if defined(__x86_64__) || defined(__aarch64__)
+#if defined(__x86_64__) || defined(__aarch64__) || defined(__riscv)
case __NR_newfstatat:
#endif
return !fast_check || policy_->allowed_command_set.test(COMMAND_STAT);
@@ -184,7 +186,7 @@ bool BrokerProcess::IsSyscallBrokerable(
return !fast_check || policy_->allowed_command_set.test(COMMAND_STAT);
#endif
-#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID)
+#if !defined(__aarch64__) && !BUILDFLAG(IS_ANDROID) && !defined(__riscv)
case __NR_unlink:
return !fast_check || policy_->allowed_command_set.test(COMMAND_UNLINK);
#endif
Index: chromium-122.0.6261.128/sandbox/linux/system_headers/linux_seccomp.h
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/system_headers/linux_seccomp.h
+++ chromium-122.0.6261.128/sandbox/linux/system_headers/linux_seccomp.h
@@ -39,6 +39,10 @@
#define EM_AARCH64 183
#endif
+#ifndef EM_RISCV
+#define EM_RISCV 243
+#endif
+
#ifndef __AUDIT_ARCH_64BIT
#define __AUDIT_ARCH_64BIT 0x80000000
#endif
@@ -71,6 +75,10 @@
#define AUDIT_ARCH_AARCH64 (EM_AARCH64 | __AUDIT_ARCH_64BIT | __AUDIT_ARCH_LE)
#endif
+#ifndef AUDIT_ARCH_RISCV64
+#define AUDIT_ARCH_RISCV64 (EM_RISCV|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
+#endif
+
// For prctl.h
#ifndef PR_SET_SECCOMP
#define PR_SET_SECCOMP 22
Index: chromium-122.0.6261.128/sandbox/linux/system_headers/linux_signal.h
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/system_headers/linux_signal.h
+++ chromium-122.0.6261.128/sandbox/linux/system_headers/linux_signal.h
@@ -13,7 +13,7 @@
// (not undefined, but defined different values and in different memory
// layouts). So, fill the gap here.
#if defined(__i386__) || defined(__x86_64__) || defined(__arm__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
#define LINUX_SIGHUP 1
#define LINUX_SIGINT 2
Index: chromium-122.0.6261.128/sandbox/linux/system_headers/linux_stat.h
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/system_headers/linux_stat.h
+++ chromium-122.0.6261.128/sandbox/linux/system_headers/linux_stat.h
@@ -150,7 +150,7 @@ struct kernel_stat {
int st_blocks;
int st_pad4[14];
};
-#elif defined(__aarch64__)
+#elif defined(__aarch64__) || defined(__riscv)
struct kernel_stat {
unsigned long st_dev;
unsigned long st_ino;
Index: chromium-122.0.6261.128/sandbox/linux/system_headers/linux_syscalls.h
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/linux/system_headers/linux_syscalls.h
+++ chromium-122.0.6261.128/sandbox/linux/system_headers/linux_syscalls.h
@@ -35,5 +35,9 @@
#include "sandbox/linux/system_headers/arm64_linux_syscalls.h"
#endif
+#if defined(__riscv) && __riscv_xlen == 64
+#include "sandbox/linux/system_headers/riscv64_linux_syscalls.h"
+#endif
+
#endif // SANDBOX_LINUX_SYSTEM_HEADERS_LINUX_SYSCALLS_H_
Index: chromium-122.0.6261.128/sandbox/linux/system_headers/riscv64_linux_syscalls.h
===================================================================
--- /dev/null
+++ chromium-122.0.6261.128/sandbox/linux/system_headers/riscv64_linux_syscalls.h
@@ -0,0 +1,1226 @@
+// Copyright 2014 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef SANDBOX_LINUX_SYSTEM_HEADERS_RISCV64_LINUX_SYSCALLS_H_
+#define SANDBOX_LINUX_SYSTEM_HEADERS_RISCV64_LINUX_SYSCALLS_H_
+
+#include <asm-generic/unistd.h>
+
+#if !defined(__NR_io_setup)
+#define __NR_io_setup 0
+#endif
+
+#if !defined(__NR_io_destroy)
+#define __NR_io_destroy 1
+#endif
+
+#if !defined(__NR_io_submit)
+#define __NR_io_submit 2
+#endif
+
+#if !defined(__NR_io_cancel)
+#define __NR_io_cancel 3
+#endif
+
+#if !defined(__NR_io_getevents)
+#define __NR_io_getevents 4
+#endif
+
+#if !defined(__NR_setxattr)
+#define __NR_setxattr 5
+#endif
+
+#if !defined(__NR_lsetxattr)
+#define __NR_lsetxattr 6
+#endif
+
+#if !defined(__NR_fsetxattr)
+#define __NR_fsetxattr 7
+#endif
+
+#if !defined(__NR_getxattr)
+#define __NR_getxattr 8
+#endif
+
+#if !defined(__NR_lgetxattr)
+#define __NR_lgetxattr 9
+#endif
+
+#if !defined(__NR_fgetxattr)
+#define __NR_fgetxattr 10
+#endif
+
+#if !defined(__NR_listxattr)
+#define __NR_listxattr 11
+#endif
+
+#if !defined(__NR_llistxattr)
+#define __NR_llistxattr 12
+#endif
+
+#if !defined(__NR_flistxattr)
+#define __NR_flistxattr 13
+#endif
+
+#if !defined(__NR_removexattr)
+#define __NR_removexattr 14
+#endif
+
+#if !defined(__NR_lremovexattr)
+#define __NR_lremovexattr 15
+#endif
+
+#if !defined(__NR_fremovexattr)
+#define __NR_fremovexattr 16
+#endif
+
+#if !defined(__NR_getcwd)
+#define __NR_getcwd 17
+#endif
+
+#if !defined(__NR_lookup_dcookie)
+#define __NR_lookup_dcookie 18
+#endif
+
+#if !defined(__NR_eventfd2)
+#define __NR_eventfd2 19
+#endif
+
+#if !defined(__NR_epoll_create1)
+#define __NR_epoll_create1 20
+#endif
+
+#if !defined(__NR_epoll_ctl)
+#define __NR_epoll_ctl 21
+#endif
+
+#if !defined(__NR_epoll_pwait)
+#define __NR_epoll_pwait 22
+#endif
+
+#if !defined(__NR_dup)
+#define __NR_dup 23
+#endif
+
+#if !defined(__NR_dup3)
+#define __NR_dup3 24
+#endif
+
+#if !defined(__NR_fcntl)
+#define __NR_fcntl 25
+#endif
+
+#if !defined(__NR_inotify_init1)
+#define __NR_inotify_init1 26
+#endif
+
+#if !defined(__NR_inotify_add_watch)
+#define __NR_inotify_add_watch 27
+#endif
+
+#if !defined(__NR_inotify_rm_watch)
+#define __NR_inotify_rm_watch 28
+#endif
+
+#if !defined(__NR_ioctl)
+#define __NR_ioctl 29
+#endif
+
+#if !defined(__NR_ioprio_set)
+#define __NR_ioprio_set 30
+#endif
+
+#if !defined(__NR_ioprio_get)
+#define __NR_ioprio_get 31
+#endif
+
+#if !defined(__NR_flock)
+#define __NR_flock 32
+#endif
+
+#if !defined(__NR_mknodat)
+#define __NR_mknodat 33
+#endif
+
+#if !defined(__NR_mkdirat)
+#define __NR_mkdirat 34
+#endif
+
+#if !defined(__NR_unlinkat)
+#define __NR_unlinkat 35
+#endif
+
+#if !defined(__NR_symlinkat)
+#define __NR_symlinkat 36
+#endif
+
+#if !defined(__NR_linkat)
+#define __NR_linkat 37
+#endif
+
+#if !defined(__NR_renameat)
+#define __NR_renameat 38
+#endif
+
+#if !defined(__NR_umount2)
+#define __NR_umount2 39
+#endif
+
+#if !defined(__NR_mount)
+#define __NR_mount 40
+#endif
+
+#if !defined(__NR_pivot_root)
+#define __NR_pivot_root 41
+#endif
+
+#if !defined(__NR_nfsservctl)
+#define __NR_nfsservctl 42
+#endif
+
+#if !defined(__NR_statfs)
+#define __NR_statfs 43
+#endif
+
+#if !defined(__NR_fstatfs)
+#define __NR_fstatfs 44
+#endif
+
+#if !defined(__NR_truncate)
+#define __NR_truncate 45
+#endif
+
+#if !defined(__NR_ftruncate)
+#define __NR_ftruncate 46
+#endif
+
+#if !defined(__NR_fallocate)
+#define __NR_fallocate 47
+#endif
+
+#if !defined(__NR_faccessat)
+#define __NR_faccessat 48
+#endif
+
+#if !defined(__NR_chdir)
+#define __NR_chdir 49
+#endif
+
+#if !defined(__NR_fchdir)
+#define __NR_fchdir 50
+#endif
+
+#if !defined(__NR_chroot)
+#define __NR_chroot 51
+#endif
+
+#if !defined(__NR_fchmod)
+#define __NR_fchmod 52
+#endif
+
+#if !defined(__NR_fchmodat)
+#define __NR_fchmodat 53
+#endif
+
+#if !defined(__NR_fchownat)
+#define __NR_fchownat 54
+#endif
+
+#if !defined(__NR_fchown)
+#define __NR_fchown 55
+#endif
+
+#if !defined(__NR_openat)
+#define __NR_openat 56
+#endif
+
+#if !defined(__NR_close)
+#define __NR_close 57
+#endif
+
+#if !defined(__NR_vhangup)
+#define __NR_vhangup 58
+#endif
+
+#if !defined(__NR_pipe2)
+#define __NR_pipe2 59
+#endif
+
+#if !defined(__NR_quotactl)
+#define __NR_quotactl 60
+#endif
+
+#if !defined(__NR_getdents64)
+#define __NR_getdents64 61
+#endif
+
+#if !defined(__NR_lseek)
+#define __NR_lseek 62
+#endif
+
+#if !defined(__NR_read)
+#define __NR_read 63
+#endif
+
+#if !defined(__NR_write)
+#define __NR_write 64
+#endif
+
+#if !defined(__NR_readv)
+#define __NR_readv 65
+#endif
+
+#if !defined(__NR_writev)
+#define __NR_writev 66
+#endif
+
+#if !defined(__NR_pread64)
+#define __NR_pread64 67
+#endif
+
+#if !defined(__NR_pwrite64)
+#define __NR_pwrite64 68
+#endif
+
+#if !defined(__NR_preadv)
+#define __NR_preadv 69
+#endif
+
+#if !defined(__NR_pwritev)
+#define __NR_pwritev 70
+#endif
+
+#if !defined(__NR_sendfile)
+#define __NR_sendfile 71
+#endif
+
+#if !defined(__NR_pselect6)
+#define __NR_pselect6 72
+#endif
+
+#if !defined(__NR_ppoll)
+#define __NR_ppoll 73
+#endif
+
+#if !defined(__NR_signalfd4)
+#define __NR_signalfd4 74
+#endif
+
+#if !defined(__NR_vmsplice)
+#define __NR_vmsplice 75
+#endif
+
+#if !defined(__NR_splice)
+#define __NR_splice 76
+#endif
+
+#if !defined(__NR_tee)
+#define __NR_tee 77
+#endif
+
+#if !defined(__NR_readlinkat)
+#define __NR_readlinkat 78
+#endif
+
+#if !defined(__NR_newfstatat)
+#define __NR_newfstatat 79
+#endif
+
+#if !defined(__NR_fstat)
+#define __NR_fstat 80
+#endif
+
+#if !defined(__NR_sync)
+#define __NR_sync 81
+#endif
+
+#if !defined(__NR_fsync)
+#define __NR_fsync 82
+#endif
+
+#if !defined(__NR_fdatasync)
+#define __NR_fdatasync 83
+#endif
+
+#if !defined(__NR_sync_file_range)
+#define __NR_sync_file_range 84
+#endif
+
+#if !defined(__NR_timerfd_create)
+#define __NR_timerfd_create 85
+#endif
+
+#if !defined(__NR_timerfd_settime)
+#define __NR_timerfd_settime 86
+#endif
+
+#if !defined(__NR_timerfd_gettime)
+#define __NR_timerfd_gettime 87
+#endif
+
+#if !defined(__NR_utimensat)
+#define __NR_utimensat 88
+#endif
+
+#if !defined(__NR_acct)
+#define __NR_acct 89
+#endif
+
+#if !defined(__NR_capget)
+#define __NR_capget 90
+#endif
+
+#if !defined(__NR_capset)
+#define __NR_capset 91
+#endif
+
+#if !defined(__NR_personality)
+#define __NR_personality 92
+#endif
+
+#if !defined(__NR_exit)
+#define __NR_exit 93
+#endif
+
+#if !defined(__NR_exit_group)
+#define __NR_exit_group 94
+#endif
+
+#if !defined(__NR_waitid)
+#define __NR_waitid 95
+#endif
+
+#if !defined(__NR_set_tid_address)
+#define __NR_set_tid_address 96
+#endif
+
+#if !defined(__NR_unshare)
+#define __NR_unshare 97
+#endif
+
+#if !defined(__NR_futex)
+#define __NR_futex 98
+#endif
+
+#if !defined(__NR_set_robust_list)
+#define __NR_set_robust_list 99
+#endif
+
+#if !defined(__NR_get_robust_list)
+#define __NR_get_robust_list 100
+#endif
+
+#if !defined(__NR_nanosleep)
+#define __NR_nanosleep 101
+#endif
+
+#if !defined(__NR_getitimer)
+#define __NR_getitimer 102
+#endif
+
+#if !defined(__NR_setitimer)
+#define __NR_setitimer 103
+#endif
+
+#if !defined(__NR_kexec_load)
+#define __NR_kexec_load 104
+#endif
+
+#if !defined(__NR_init_module)
+#define __NR_init_module 105
+#endif
+
+#if !defined(__NR_delete_module)
+#define __NR_delete_module 106
+#endif
+
+#if !defined(__NR_timer_create)
+#define __NR_timer_create 107
+#endif
+
+#if !defined(__NR_timer_gettime)
+#define __NR_timer_gettime 108
+#endif
+
+#if !defined(__NR_timer_getoverrun)
+#define __NR_timer_getoverrun 109
+#endif
+
+#if !defined(__NR_timer_settime)
+#define __NR_timer_settime 110
+#endif
+
+#if !defined(__NR_timer_delete)
+#define __NR_timer_delete 111
+#endif
+
+#if !defined(__NR_clock_settime)
+#define __NR_clock_settime 112
+#endif
+
+#if !defined(__NR_clock_gettime)
+#define __NR_clock_gettime 113
+#endif
+
+#if !defined(__NR_clock_getres)
+#define __NR_clock_getres 114
+#endif
+
+#if !defined(__NR_clock_nanosleep)
+#define __NR_clock_nanosleep 115
+#endif
+
+#if !defined(__NR_syslog)
+#define __NR_syslog 116
+#endif
+
+#if !defined(__NR_ptrace)
+#define __NR_ptrace 117
+#endif
+
+#if !defined(__NR_sched_setparam)
+#define __NR_sched_setparam 118
+#endif
+
+#if !defined(__NR_sched_setscheduler)
+#define __NR_sched_setscheduler 119
+#endif
+
+#if !defined(__NR_sched_getscheduler)
+#define __NR_sched_getscheduler 120
+#endif
+
+#if !defined(__NR_sched_getparam)
+#define __NR_sched_getparam 121
+#endif
+
+#if !defined(__NR_sched_setaffinity)
+#define __NR_sched_setaffinity 122
+#endif
+
+#if !defined(__NR_sched_getaffinity)
+#define __NR_sched_getaffinity 123
+#endif
+
+#if !defined(__NR_sched_yield)
+#define __NR_sched_yield 124
+#endif
+
+#if !defined(__NR_sched_get_priority_max)
+#define __NR_sched_get_priority_max 125
+#endif
+
+#if !defined(__NR_sched_get_priority_min)
+#define __NR_sched_get_priority_min 126
+#endif
+
+#if !defined(__NR_sched_rr_get_interval)
+#define __NR_sched_rr_get_interval 127
+#endif
+
+#if !defined(__NR_restart_syscall)
+#define __NR_restart_syscall 128
+#endif
+
+#if !defined(__NR_kill)
+#define __NR_kill 129
+#endif
+
+#if !defined(__NR_tkill)
+#define __NR_tkill 130
+#endif
+
+#if !defined(__NR_tgkill)
+#define __NR_tgkill 131
+#endif
+
+#if !defined(__NR_sigaltstack)
+#define __NR_sigaltstack 132
+#endif
+
+#if !defined(__NR_rt_sigsuspend)
+#define __NR_rt_sigsuspend 133
+#endif
+
+#if !defined(__NR_rt_sigaction)
+#define __NR_rt_sigaction 134
+#endif
+
+#if !defined(__NR_rt_sigprocmask)
+#define __NR_rt_sigprocmask 135
+#endif
+
+#if !defined(__NR_rt_sigpending)
+#define __NR_rt_sigpending 136
+#endif
+
+#if !defined(__NR_rt_sigtimedwait)
+#define __NR_rt_sigtimedwait 137
+#endif
+
+#if !defined(__NR_rt_sigqueueinfo)
+#define __NR_rt_sigqueueinfo 138
+#endif
+
+#if !defined(__NR_rt_sigreturn)
+#define __NR_rt_sigreturn 139
+#endif
+
+#if !defined(__NR_setpriority)
+#define __NR_setpriority 140
+#endif
+
+#if !defined(__NR_getpriority)
+#define __NR_getpriority 141
+#endif
+
+#if !defined(__NR_reboot)
+#define __NR_reboot 142
+#endif
+
+#if !defined(__NR_setregid)
+#define __NR_setregid 143
+#endif
+
+#if !defined(__NR_setgid)
+#define __NR_setgid 144
+#endif
+
+#if !defined(__NR_setreuid)
+#define __NR_setreuid 145
+#endif
+
+#if !defined(__NR_setuid)
+#define __NR_setuid 146
+#endif
+
+#if !defined(__NR_setresuid)
+#define __NR_setresuid 147
+#endif
+
+#if !defined(__NR_getresuid)
+#define __NR_getresuid 148
+#endif
+
+#if !defined(__NR_setresgid)
+#define __NR_setresgid 149
+#endif
+
+#if !defined(__NR_getresgid)
+#define __NR_getresgid 150
+#endif
+
+#if !defined(__NR_setfsuid)
+#define __NR_setfsuid 151
+#endif
+
+#if !defined(__NR_setfsgid)
+#define __NR_setfsgid 152
+#endif
+
+#if !defined(__NR_times)
+#define __NR_times 153
+#endif
+
+#if !defined(__NR_setpgid)
+#define __NR_setpgid 154
+#endif
+
+#if !defined(__NR_getpgid)
+#define __NR_getpgid 155
+#endif
+
+#if !defined(__NR_getsid)
+#define __NR_getsid 156
+#endif
+
+#if !defined(__NR_setsid)
+#define __NR_setsid 157
+#endif
+
+#if !defined(__NR_getgroups)
+#define __NR_getgroups 158
+#endif
+
+#if !defined(__NR_setgroups)
+#define __NR_setgroups 159
+#endif
+
+#if !defined(__NR_uname)
+#define __NR_uname 160
+#endif
+
+#if !defined(__NR_sethostname)
+#define __NR_sethostname 161
+#endif
+
+#if !defined(__NR_setdomainname)
+#define __NR_setdomainname 162
+#endif
+
+#if !defined(__NR_getrlimit)
+#define __NR_getrlimit 163
+#endif
+
+#if !defined(__NR_setrlimit)
+#define __NR_setrlimit 164
+#endif
+
+#if !defined(__NR_getrusage)
+#define __NR_getrusage 165
+#endif
+
+#if !defined(__NR_umask)
+#define __NR_umask 166
+#endif
+
+#if !defined(__NR_prctl)
+#define __NR_prctl 167
+#endif
+
+#if !defined(__NR_getcpu)
+#define __NR_getcpu 168
+#endif
+
+#if !defined(__NR_gettimeofday)
+#define __NR_gettimeofday 169
+#endif
+
+#if !defined(__NR_settimeofday)
+#define __NR_settimeofday 170
+#endif
+
+#if !defined(__NR_adjtimex)
+#define __NR_adjtimex 171
+#endif
+
+#if !defined(__NR_getpid)
+#define __NR_getpid 172
+#endif
+
+#if !defined(__NR_getppid)
+#define __NR_getppid 173
+#endif
+
+#if !defined(__NR_getuid)
+#define __NR_getuid 174
+#endif
+
+#if !defined(__NR_geteuid)
+#define __NR_geteuid 175
+#endif
+
+#if !defined(__NR_getgid)
+#define __NR_getgid 176
+#endif
+
+#if !defined(__NR_getegid)
+#define __NR_getegid 177
+#endif
+
+#if !defined(__NR_gettid)
+#define __NR_gettid 178
+#endif
+
+#if !defined(__NR_sysinfo)
+#define __NR_sysinfo 179
+#endif
+
+#if !defined(__NR_mq_open)
+#define __NR_mq_open 180
+#endif
+
+#if !defined(__NR_mq_unlink)
+#define __NR_mq_unlink 181
+#endif
+
+#if !defined(__NR_mq_timedsend)
+#define __NR_mq_timedsend 182
+#endif
+
+#if !defined(__NR_mq_timedreceive)
+#define __NR_mq_timedreceive 183
+#endif
+
+#if !defined(__NR_mq_notify)
+#define __NR_mq_notify 184
+#endif
+
+#if !defined(__NR_mq_getsetattr)
+#define __NR_mq_getsetattr 185
+#endif
+
+#if !defined(__NR_msgget)
+#define __NR_msgget 186
+#endif
+
+#if !defined(__NR_msgctl)
+#define __NR_msgctl 187
+#endif
+
+#if !defined(__NR_msgrcv)
+#define __NR_msgrcv 188
+#endif
+
+#if !defined(__NR_msgsnd)
+#define __NR_msgsnd 189
+#endif
+
+#if !defined(__NR_semget)
+#define __NR_semget 190
+#endif
+
+#if !defined(__NR_semctl)
+#define __NR_semctl 191
+#endif
+
+#if !defined(__NR_semtimedop)
+#define __NR_semtimedop 192
+#endif
+
+#if !defined(__NR_semop)
+#define __NR_semop 193
+#endif
+
+#if !defined(__NR_shmget)
+#define __NR_shmget 194
+#endif
+
+#if !defined(__NR_shmctl)
+#define __NR_shmctl 195
+#endif
+
+#if !defined(__NR_shmat)
+#define __NR_shmat 196
+#endif
+
+#if !defined(__NR_shmdt)
+#define __NR_shmdt 197
+#endif
+
+#if !defined(__NR_socket)
+#define __NR_socket 198
+#endif
+
+#if !defined(__NR_socketpair)
+#define __NR_socketpair 199
+#endif
+
+#if !defined(__NR_bind)
+#define __NR_bind 200
+#endif
+
+#if !defined(__NR_listen)
+#define __NR_listen 201
+#endif
+
+#if !defined(__NR_accept)
+#define __NR_accept 202
+#endif
+
+#if !defined(__NR_connect)
+#define __NR_connect 203
+#endif
+
+#if !defined(__NR_getsockname)
+#define __NR_getsockname 204
+#endif
+
+#if !defined(__NR_getpeername)
+#define __NR_getpeername 205
+#endif
+
+#if !defined(__NR_sendto)
+#define __NR_sendto 206
+#endif
+
+#if !defined(__NR_recvfrom)
+#define __NR_recvfrom 207
+#endif
+
+#if !defined(__NR_setsockopt)
+#define __NR_setsockopt 208
+#endif
+
+#if !defined(__NR_getsockopt)
+#define __NR_getsockopt 209
+#endif
+
+#if !defined(__NR_shutdown)
+#define __NR_shutdown 210
+#endif
+
+#if !defined(__NR_sendmsg)
+#define __NR_sendmsg 211
+#endif
+
+#if !defined(__NR_recvmsg)
+#define __NR_recvmsg 212
+#endif
+
+#if !defined(__NR_readahead)
+#define __NR_readahead 213
+#endif
+
+#if !defined(__NR_brk)
+#define __NR_brk 214
+#endif
+
+#if !defined(__NR_munmap)
+#define __NR_munmap 215
+#endif
+
+#if !defined(__NR_mremap)
+#define __NR_mremap 216
+#endif
+
+#if !defined(__NR_add_key)
+#define __NR_add_key 217
+#endif
+
+#if !defined(__NR_request_key)
+#define __NR_request_key 218
+#endif
+
+#if !defined(__NR_keyctl)
+#define __NR_keyctl 219
+#endif
+
+#if !defined(__NR_clone)
+#define __NR_clone 220
+#endif
+
+#if !defined(__NR_execve)
+#define __NR_execve 221
+#endif
+
+#if !defined(__NR_mmap)
+#define __NR_mmap 222
+#endif
+
+#if !defined(__NR_fadvise64)
+#define __NR_fadvise64 223
+#endif
+
+#if !defined(__NR_swapon)
+#define __NR_swapon 224
+#endif
+
+#if !defined(__NR_swapoff)
+#define __NR_swapoff 225
+#endif
+
+#if !defined(__NR_mprotect)
+#define __NR_mprotect 226
+#endif
+
+#if !defined(__NR_msync)
+#define __NR_msync 227
+#endif
+
+#if !defined(__NR_mlock)
+#define __NR_mlock 228
+#endif
+
+#if !defined(__NR_munlock)
+#define __NR_munlock 229
+#endif
+
+#if !defined(__NR_mlockall)
+#define __NR_mlockall 230
+#endif
+
+#if !defined(__NR_munlockall)
+#define __NR_munlockall 231
+#endif
+
+#if !defined(__NR_mincore)
+#define __NR_mincore 232
+#endif
+
+#if !defined(__NR_madvise)
+#define __NR_madvise 233
+#endif
+
+#if !defined(__NR_remap_file_pages)
+#define __NR_remap_file_pages 234
+#endif
+
+#if !defined(__NR_mbind)
+#define __NR_mbind 235
+#endif
+
+#if !defined(__NR_get_mempolicy)
+#define __NR_get_mempolicy 236
+#endif
+
+#if !defined(__NR_set_mempolicy)
+#define __NR_set_mempolicy 237
+#endif
+
+#if !defined(__NR_migrate_pages)
+#define __NR_migrate_pages 238
+#endif
+
+#if !defined(__NR_move_pages)
+#define __NR_move_pages 239
+#endif
+
+#if !defined(__NR_rt_tgsigqueueinfo)
+#define __NR_rt_tgsigqueueinfo 240
+#endif
+
+#if !defined(__NR_perf_event_open)
+#define __NR_perf_event_open 241
+#endif
+
+#if !defined(__NR_accept4)
+#define __NR_accept4 242
+#endif
+
+#if !defined(__NR_recvmmsg)
+#define __NR_recvmmsg 243
+#endif
+
+#if !defined(__NR_riscv_hwprobe)
+#define __NR_riscv_hwprobe 258
+#endif
+
+#if !defined(__NR_riscv_flush_icache)
+#define __NR_riscv_flush_icache 259
+#endif
+
+#if !defined(__NR_wait4)
+#define __NR_wait4 260
+#endif
+
+#if !defined(__NR_prlimit64)
+#define __NR_prlimit64 261
+#endif
+
+#if !defined(__NR_fanotify_init)
+#define __NR_fanotify_init 262
+#endif
+
+#if !defined(__NR_fanotify_mark)
+#define __NR_fanotify_mark 263
+#endif
+
+#if !defined(__NR_name_to_handle_at)
+#define __NR_name_to_handle_at 264
+#endif
+
+#if !defined(__NR_open_by_handle_at)
+#define __NR_open_by_handle_at 265
+#endif
+
+#if !defined(__NR_clock_adjtime)
+#define __NR_clock_adjtime 266
+#endif
+
+#if !defined(__NR_syncfs)
+#define __NR_syncfs 267
+#endif
+
+#if !defined(__NR_setns)
+#define __NR_setns 268
+#endif
+
+#if !defined(__NR_sendmmsg)
+#define __NR_sendmmsg 269
+#endif
+
+#if !defined(__NR_process_vm_readv)
+#define __NR_process_vm_readv 270
+#endif
+
+#if !defined(__NR_process_vm_writev)
+#define __NR_process_vm_writev 271
+#endif
+
+#if !defined(__NR_kcmp)
+#define __NR_kcmp 272
+#endif
+
+#if !defined(__NR_finit_module)
+#define __NR_finit_module 273
+#endif
+
+#if !defined(__NR_sched_setattr)
+#define __NR_sched_setattr 274
+#endif
+
+#if !defined(__NR_sched_getattr)
+#define __NR_sched_getattr 275
+#endif
+
+#if !defined(__NR_renameat2)
+#define __NR_renameat2 276
+#endif
+
+#if !defined(__NR_seccomp)
+#define __NR_seccomp 277
+#endif
+
+#if !defined(__NR_getrandom)
+#define __NR_getrandom 278
+#endif
+
+#if !defined(__NR_memfd_create)
+#define __NR_memfd_create 279
+#endif
+
+#if !defined(__NR_bpf)
+#define __NR_bpf 280
+#endif
+
+#if !defined(__NR_execveat)
+#define __NR_execveat 281
+#endif
+
+#if !defined(__NR_userfaultfd)
+#define __NR_userfaultfd 282
+#endif
+
+#if !defined(__NR_membarrier)
+#define __NR_membarrier 283
+#endif
+
+#if !defined(__NR_mlock2)
+#define __NR_mlock2 284
+#endif
+
+#if !defined(__NR_copy_file_range)
+#define __NR_copy_file_range 285
+#endif
+
+#if !defined(__NR_preadv2)
+#define __NR_preadv2 286
+#endif
+
+#if !defined(__NR_pwritev2)
+#define __NR_pwritev2 287
+#endif
+
+#if !defined(__NR_pkey_mprotect)
+#define __NR_pkey_mprotect 288
+#endif
+
+#if !defined(__NR_pkey_alloc)
+#define __NR_pkey_alloc 289
+#endif
+
+#if !defined(__NR_pkey_free)
+#define __NR_pkey_free 290
+#endif
+
+#if !defined(__NR_statx)
+#define __NR_statx 291
+#endif
+
+#if !defined(__NR_io_pgetevents)
+#define __NR_io_pgetevents 292
+#endif
+
+#if !defined(__NR_rseq)
+#define __NR_rseq 293
+#endif
+
+#if !defined(__NR_kexec_file_load)
+#define __NR_kexec_file_load 294
+#endif
+
+#if !defined(__NR_pidfd_send_signal)
+#define __NR_pidfd_send_signal 424
+#endif
+
+#if !defined(__NR_io_uring_setup)
+#define __NR_io_uring_setup 425
+#endif
+
+#if !defined(__NR_io_uring_enter)
+#define __NR_io_uring_enter 426
+#endif
+
+#if !defined(__NR_io_uring_register)
+#define __NR_io_uring_register 427
+#endif
+
+#if !defined(__NR_open_tree)
+#define __NR_open_tree 428
+#endif
+
+#if !defined(__NR_move_mount)
+#define __NR_move_mount 429
+#endif
+
+#if !defined(__NR_fsopen)
+#define __NR_fsopen 430
+#endif
+
+#if !defined(__NR_fsconfig)
+#define __NR_fsconfig 431
+#endif
+
+#if !defined(__NR_fsmount)
+#define __NR_fsmount 432
+#endif
+
+#if !defined(__NR_fspick)
+#define __NR_fspick 433
+#endif
+
+#if !defined(__NR_pidfd_open)
+#define __NR_pidfd_open 434
+#endif
+
+#if !defined(__NR_clone3)
+#define __NR_clone3 435
+#endif
+
+#if !defined(__NR_close_range)
+#define __NR_close_range 436
+#endif
+
+#if !defined(__NR_openat2)
+#define __NR_openat2 437
+#endif
+
+#if !defined(__NR_pidfd_getfd)
+#define __NR_pidfd_getfd 438
+#endif
+
+#if !defined(__NR_faccessat2)
+#define __NR_faccessat2 439
+#endif
+
+#if !defined(__NR_process_madvise)
+#define __NR_process_madvise 440
+#endif
+
+#if !defined(__NR_epoll_pwait2)
+#define __NR_epoll_pwait2 441
+#endif
+
+#if !defined(__NR_mount_setattr)
+#define __NR_mount_setattr 442
+#endif
+
+#if !defined(__NR_quotactl_path)
+#define __NR_quotactl_path 443
+#endif
+
+#if !defined(__NR_landlock_create_ruleset)
+#define __NR_landlock_create_ruleset 444
+#endif
+
+#if !defined(__NR_landlock_add_rule)
+#define __NR_landlock_add_rule 445
+#endif
+
+#if !defined(__NR_landlock_restrict_self)
+#define __NR_landlock_restrict_self 446
+#endif
+
+#endif // SANDBOX_LINUX_SYSTEM_HEADERS_RISCV64_LINUX_SYSCALLS_H_
Index: chromium-122.0.6261.128/sandbox/policy/linux/bpf_cdm_policy_linux.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/policy/linux/bpf_cdm_policy_linux.cc
+++ chromium-122.0.6261.128/sandbox/policy/linux/bpf_cdm_policy_linux.cc
@@ -33,7 +33,7 @@ ResultExpr CdmProcessPolicy::EvaluateSys
case __NR_ftruncate:
case __NR_fallocate:
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_getrlimit:
#endif
#if defined(__i386__) || defined(__arm__)
Index: chromium-122.0.6261.128/sandbox/policy/linux/bpf_cros_amd_gpu_policy_linux.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/policy/linux/bpf_cros_amd_gpu_policy_linux.cc
+++ chromium-122.0.6261.128/sandbox/policy/linux/bpf_cros_amd_gpu_policy_linux.cc
@@ -38,7 +38,7 @@ ResultExpr CrosAmdGpuProcessPolicy::Eval
case __NR_sched_setscheduler:
case __NR_sysinfo:
case __NR_uname:
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_readlink:
case __NR_stat:
#endif
Index: chromium-122.0.6261.128/sandbox/policy/linux/bpf_gpu_policy_linux.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/policy/linux/bpf_gpu_policy_linux.cc
+++ chromium-122.0.6261.128/sandbox/policy/linux/bpf_gpu_policy_linux.cc
@@ -73,7 +73,7 @@ ResultExpr GpuProcessPolicy::EvaluateSys
(defined(ARCH_CPU_MIPS_FAMILY) && defined(ARCH_CPU_32_BITS))
case __NR_ftruncate64:
#endif
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_getdents:
#endif
case __NR_getdents64:
Index: chromium-122.0.6261.128/sandbox/policy/linux/bpf_network_policy_linux.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/policy/linux/bpf_network_policy_linux.cc
+++ chromium-122.0.6261.128/sandbox/policy/linux/bpf_network_policy_linux.cc
@@ -255,7 +255,7 @@ ResultExpr NetworkProcessPolicy::Evaluat
case __NR_fdatasync:
case __NR_fsync:
case __NR_mremap:
-#if !defined(__aarch64__)
+#if !defined(__aarch64__) && !defined(__riscv)
case __NR_getdents:
#endif
case __NR_getdents64:
Index: chromium-122.0.6261.128/sandbox/policy/linux/bpf_print_compositor_policy_linux.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/policy/linux/bpf_print_compositor_policy_linux.cc
+++ chromium-122.0.6261.128/sandbox/policy/linux/bpf_print_compositor_policy_linux.cc
@@ -33,7 +33,7 @@ ResultExpr PrintCompositorProcessPolicy:
case __NR_fdatasync:
case __NR_fsync:
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined (__riscv)
case __NR_getrlimit:
#endif
#if defined(__i386__) || defined(__arm__)
Index: chromium-122.0.6261.128/sandbox/policy/linux/bpf_renderer_policy_linux.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/policy/linux/bpf_renderer_policy_linux.cc
+++ chromium-122.0.6261.128/sandbox/policy/linux/bpf_renderer_policy_linux.cc
@@ -82,7 +82,7 @@ ResultExpr RendererProcessPolicy::Evalua
case __NR_ftruncate64:
#endif
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_getrlimit:
case __NR_setrlimit:
// We allow setrlimit to dynamically adjust the address space limit as
Index: chromium-122.0.6261.128/sandbox/policy/linux/bpf_service_policy_linux.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/policy/linux/bpf_service_policy_linux.cc
+++ chromium-122.0.6261.128/sandbox/policy/linux/bpf_service_policy_linux.cc
@@ -26,7 +26,7 @@ ResultExpr ServiceProcessPolicy::Evaluat
return RestrictIoctl();
// Allow the system calls below.
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_getrlimit:
#endif
#if defined(__i386__) || defined(__arm__)
Index: chromium-122.0.6261.128/sandbox/policy/linux/bpf_utility_policy_linux.cc
===================================================================
--- chromium-122.0.6261.128.orig/sandbox/policy/linux/bpf_utility_policy_linux.cc
+++ chromium-122.0.6261.128/sandbox/policy/linux/bpf_utility_policy_linux.cc
@@ -34,7 +34,7 @@ ResultExpr UtilityProcessPolicy::Evaluat
case __NR_fdatasync:
case __NR_fsync:
#if defined(__i386__) || defined(__x86_64__) || defined(__mips__) || \
- defined(__aarch64__)
+ defined(__aarch64__) || defined(__riscv)
case __NR_getrlimit:
#endif
#if defined(__i386__) || defined(__arm__)
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手