Add support for 64 bits arguments

1 files changed, 32 insertions, 4 deletions

diff --git a/cooker/filter.h b/cooker/filter.h
index c8e74be..7705414 100644
--- a/cooker/filter.h
+++ b/cooker/filter.h
@@ -1,25 +1,53 @@
 #ifndef FILTER_H_
 #define FILTER_H_
 
+#include <stdint.h>
+
 #include <linux/filter.h>
 #include <linux/audit.h>
 #include <linux/seccomp.h>
 
+#if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
+#define ENDIAN(_lo, _hi) _lo, _hi
+#define LO_ARG(idx) offsetof(struct seccomp_data, args[(idx)])
+#define HI_ARG(idx) offsetof(struct seccomp_data, args[(idx)]) + sizeof(__u32)
+#define get_hi(x) ((uint32_t)((x) >> 32))
+#define get_lo(x) ((uint32_t)((x)&0xffffffff))
+#elif __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
+#define ENDIAN(_lo, _hi) _hi, _lo
+#define LO_ARG(idx) offsetof(struct seccomp_data, args[(idx)]) + sizeof(__u32)
+#define HI_ARG(idx) offsetof(struct seccomp_data, args[(idx)])
+#define get_lo(x) ((uint32_t)((x) >> 32))
+#define get_hi(x) ((uint32_t)((x)&0xffffffff))
+#else
+#error "Unknown endianness"
+#endif
+
 #define JGE(nr, right, left) \
 	BPF_JUMP(BPF_JMP | BPF_JGE | BPF_K, (nr), (right), (left))
 #define JUMPA(jump) BPF_JUMP(BPF_JMP | BPF_JA, (jump), 0, 0)
-#define EQ(nr, a1, a2) BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, (nr), (a1), (a2))
+#define EQ(x, a1, a2) BPF_JUMP(BPF_JMP | BPF_JEQ | BPF_K, (x), (a1), (a2))
 #define LOAD(x) BPF_STMT(BPF_LD | BPF_W | BPF_ABS, (x))
-
 #define MAX_FILTER 1024
 
 #define MAX_JUMPS 128
 #define EMPTY -1
 
+enum arg_type { NO_CHECK, U32, U64 };
+
+union arg_value {
+	uint32_t v32;
+	uint64_t v64;
+};
+
+struct arg {
+	enum arg_type type;
+	union arg_value value;
+};
+
 struct bpf_call {
 	char *name;
-	int args[6];
-	bool check_arg[6];
+	struct arg args[6];
 };
 
 struct syscall_entry {