Adding Big Endian Support (#48)

* Adding support for BigEndian * Added fix for CI and s390x tests failures * Update CHANGELOG.md
elastic · Feb 28, 2019 · db7d499 · db7d499
1 parent 32a0270
commit db7d499
Show file tree

Hide file tree

Showing 8 changed files with 86 additions and 13 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 ### Changed
 
+- Added support for big endian. #48
+
 ### Removed
 
 ## [0.4.0]

diff --git a/audit.go b/audit.go
@@ -32,6 +32,11 @@ import (
 	"github.com/pkg/errors"
 
 	"github.com/elastic/go-libaudit/auparse"
+	"github.com/elastic/go-libaudit/sys"
+)
+
+var (
+	byteOrder = sys.GetEndian()
 )
 
 const (
@@ -537,7 +542,7 @@ func parseNetlinkAuditMessage(buf []byte) ([]syscall.NetlinkMessage, error) {
 
 	r := bytes.NewReader(buf)
 	m := syscall.NetlinkMessage{}
-	if err := binary.Read(r, binary.LittleEndian, &m.Header); err != nil {
+	if err := binary.Read(r, byteOrder, &m.Header); err != nil {
 		return nil, err
 	}
 	m.Data = buf[syscall.NLMSG_HDRLEN:]
@@ -596,7 +601,7 @@ type AuditStatus struct {
 func (s AuditStatus) toWireFormat() []byte {
 	buf := bytes.NewBuffer(make([]byte, sizeofAuditStatus))
 	buf.Reset()
-	if err := binary.Write(buf, binary.LittleEndian, s); err != nil {
+	if err := binary.Write(buf, byteOrder, s); err != nil {
 		// This never returns an error.
 		panic(err)
 	}
@@ -631,7 +636,7 @@ func (s *AuditStatus) FromWireFormat(buf []byte) error {
 			return nil
 		}
 
-		if err := binary.Read(r, binary.LittleEndian, f); err != nil {
+		if err := binary.Read(r, byteOrder, f); err != nil {
 			return err
 		}
 	}

diff --git a/audit_test.go b/audit_test.go
@@ -21,6 +21,7 @@ package libaudit
 
 import (
 	"encoding/base64"
+	"encoding/binary"
 	"encoding/hex"
 	"flag"
 	"fmt"
@@ -36,6 +37,7 @@ import (
 
 	"github.com/elastic/go-libaudit/rule"
 	"github.com/elastic/go-libaudit/rule/flags"
+	"github.com/elastic/go-libaudit/sys"
 )
 
 // This can be run inside of Docker with:
@@ -152,6 +154,10 @@ func TestListRules(t *testing.T) {
 }
 
 func TestAddRule(t *testing.T) {
+	if sys.GetEndian() != binary.LittleEndian {
+		t.Skip("testRule is for little endian, but test machine is big endian")
+	}
+
 	if os.Geteuid() != 0 {
 		t.Skip("must be root to get audit status")
 	}
@@ -177,6 +183,10 @@ func TestAddRule(t *testing.T) {
 }
 
 func TestAddDuplicateRule(t *testing.T) {
+	if sys.GetEndian() != binary.LittleEndian {
+		t.Skip("testRule is for little endian, but test machine is big endian")
+	}
+
 	if os.Geteuid() != 0 {
 		t.Skip("must be root to get audit status")
 	}
@@ -831,7 +841,13 @@ func kernelVersion() (major int, minor int, err error) {
 		return 0, 0, err
 	}
 	s := info.Release[:]
-	major, pos := extractDecimalNumber(s, 0)
-	minor, _ = extractDecimalNumber(s, pos)
+	// As all major non-Intel architecture return []uint8 instead of []int8 for Utsname.Release following conversion is required
+	temp := make([]int8, len(s))
+	for index, num := range s {
+		temp[index] = int8(num)
+	}
+
+	major, pos := extractDecimalNumber(temp, 0)
+	minor, _ = extractDecimalNumber(temp, pos)
 	return major, minor, nil
 }
diff --git a/netlink.go b/netlink.go
@@ -20,14 +20,15 @@
 package libaudit
 
 import (
-	"encoding/binary"
 	"fmt"
 	"io"
 	"os"
 	"sync/atomic"
 	"syscall"
 
 	"github.com/pkg/errors"
+
+	"github.com/elastic/go-libaudit/sys"
 )
 
 // Generic Netlink Client
@@ -142,11 +143,11 @@ func (c *NetlinkClient) Send(msg syscall.NetlinkMessage) (uint32, error) {
 func serialize(msg syscall.NetlinkMessage) []byte {
 	msg.Header.Len = uint32(syscall.SizeofNlMsghdr + len(msg.Data))
 	b := make([]byte, msg.Header.Len)
-	binary.LittleEndian.PutUint32(b[0:4], msg.Header.Len)
-	binary.LittleEndian.PutUint16(b[4:6], msg.Header.Type)
-	binary.LittleEndian.PutUint16(b[6:8], msg.Header.Flags)
-	binary.LittleEndian.PutUint32(b[8:12], msg.Header.Seq)
-	binary.LittleEndian.PutUint32(b[12:16], msg.Header.Pid)
+	sys.GetEndian().PutUint32(b[0:4], msg.Header.Len)
+	sys.GetEndian().PutUint16(b[4:6], msg.Header.Type)
+	sys.GetEndian().PutUint16(b[6:8], msg.Header.Flags)
+	sys.GetEndian().PutUint32(b[8:12], msg.Header.Seq)
+	sys.GetEndian().PutUint32(b[12:16], msg.Header.Pid)
 	copy(b[16:], msg.Data)
 	return b
 }
@@ -205,7 +206,7 @@ func (c *NetlinkClient) Close() error {
 // describing the problem will be returned.
 func ParseNetlinkError(netlinkData []byte) error {
 	if len(netlinkData) >= 4 {
-		errno := -binary.LittleEndian.Uint32(netlinkData[:4])
+		errno := -sys.GetEndian().Uint32(netlinkData[:4])
 		if errno == 0 {
 			return nil
 		}

diff --git a/rule/binary.go b/rule/binary.go
@@ -23,14 +23,16 @@ import (
 	"io"
 
 	"github.com/pkg/errors"
+
+	"github.com/elastic/go-libaudit/sys"
 )
 
 const (
 	syscallBitmaskSize = 64 // AUDIT_BITMASK_SIZE
 	maxFields          = 64 // AUDIT_MAX_FIELDS
 )
 
-var endianness = binary.LittleEndian
+var endianness = sys.GetEndian()
 
 // WireFormat is the binary representation of a rule as used to exchange rules
 // (commands) with the kernel.

diff --git a/rule/gen_testdata_test.go b/rule/gen_testdata_test.go
@@ -22,6 +22,7 @@ package rule_test
 import (
 	"bufio"
 	"bytes"
+	"encoding/binary"
 	"flag"
 	"io/ioutil"
 	"os"
@@ -34,6 +35,7 @@ import (
 	"gopkg.in/yaml.v2"
 
 	"github.com/elastic/go-libaudit"
+	"github.com/elastic/go-libaudit/sys"
 )
 
 var update = flag.Bool("update", false, "update .golden.yml files")
@@ -47,6 +49,10 @@ var update = flag.Bool("update", false, "update .golden.yml files")
 // The kernel version and auditctl version used to generate the golden data
 // are stored as comments in the YAML file header.
 func TestUpdateGoldenData(t *testing.T) {
+	if sys.GetEndian() != binary.LittleEndian {
+		t.Skip("golden test data is for little endian, but test machine is big endian")
+	}
+
 	if !*update {
 		t.SkipNow()
 	}

diff --git a/rule/rule_integ_test.go b/rule/rule_integ_test.go
@@ -20,6 +20,7 @@
 package rule_test
 
 import (
+	"encoding/binary"
 	"fmt"
 	"io/ioutil"
 	"os"
@@ -32,6 +33,7 @@ import (
 
 	"github.com/elastic/go-libaudit/rule"
 	"github.com/elastic/go-libaudit/rule/flags"
+	"github.com/elastic/go-libaudit/sys"
 )
 
 var tempDir = "/tmp/audit-test"
@@ -48,6 +50,10 @@ type TestCase struct {
 // TestBuild compares the WireFormat (binary data) generated by this package
 // against known golden data generated on Linux with auditctl.
 func TestBuildGolden(t *testing.T) {
+	if sys.GetEndian() != binary.LittleEndian {
+		t.Skip("golden test data is for little endian, but test machine is big endian")
+	}
+
 	goldenFiles, err := filepath.Glob("testdata/*.rules.golden.yml")
 	if err != nil {
 		t.Fatal(err)

diff --git a/sys/endian.go b/sys/endian.go
@@ -0,0 +1,35 @@
+// Licensed to Elasticsearch B.V. under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. Elasticsearch B.V. licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+// +build linux
+
+package sys
+
+import (
+	"encoding/binary"
+	"unsafe"
+)
+
+func GetEndian() binary.ByteOrder {
+	var i int32 = 0x1
+	v := (*[4]byte)(unsafe.Pointer(&i))
+	if v[0] == 0 {
+		return binary.BigEndian
+	} else {
+		return binary.LittleEndian
+	}
+}