Improve shellcraft.<arch>.freebsd

[io12]

Right now we have shellcraft.<arch>.linux with a full set of syscalls and high-level wrappers like dupsh(), but shellcraft.<arch>.freebsd still needs a generic syscall template and specific syscalls.

[zachriggle]

Yep, this would be useful! Please contribute a Pull Request and we can get this in. We don’t have a way to test BSD currently, but I expect it would be useful for macOS indirectly

On Sun, Mar 10, 2019 at 4:20 PM io12 ***@***.***> wrote: Right now we have shellcraft.<arch>.linux with a full set of syscalls and high-level wrappers like dupsh(), but shellcraft.<arch>.freebsd still needs a generic syscall template and specific syscalls. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#1284>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAG0GCbp_jZBz4sL3Y3MDOOhT75eqsxLks5vVXcmgaJpZM4bngtS> .

-- *Zach Riggle*

[io12]

I'll start work on a PR, but properly abstracting over multiple POSIX kernels (for macOS and other OSes) will require a bit of work. Maybe we could have a shellcraft.<arch>.posix with the lowest common denominator between UNIXes (shared syscalls and high-level wrappers) and have Linux/FreeBSD shadow it? Then OS-specific syscalls like seccomp could be only in shellcraft.<arch>.linux. Also, functions might need to be modified to include a flag whether the syscalls are POSIX or kernel-specific. We need some way to get a list of POSIX and OS-specific syscall prototypes.

[zachriggle]

I don't think there will be too much benefit by pulling out the POSIX spec, I was referring to macOS having some BSD roots and made a naive assumption that some basic syscalls (read/write/execve) would be conveniently compatible.

I don't think we would need to change functions since we can just pull out which syscalls are valid via the presence of __NR_ defenitions (or the BSD equivalent).

My PR suggestion was simply for the shellcraft.freebsd.syscall arch-specific templates themself, we can address auto-generating stubs in a future PR.

[io12]

Okay, I can make generic shellcraft.freebsd.syscall templates. The main difference with Linux is FreeBSD mirrors its syscall ABI after its ABI for regular functions, so syscall arguments are sometimes passed on the stack. Only the x86 32-bit syscall interface seems documented from what I can tell, so will probably have to peek at FreeBSD libc code.