diff options
| author | Alice Frosi <afrosi@redhat.com> | 2023-05-17 13:20:13 +0200 |
|---|---|---|
| committer | Alice Frosi <afrosi@redhat.com> | 2023-05-17 13:20:13 +0200 |
| commit | 1e78526693d22abe24c98291a782998573f6b01d (patch) | |
| tree | 9ee8bf1a813e73d63962357fdd2318bd390d3bc0 | |
| parent | 504d9e38a528ca8bf6f658223a1935e9bc537d8a (diff) | |
| download | seitan-1e78526693d22abe24c98291a782998573f6b01d.tar seitan-1e78526693d22abe24c98291a782998573f6b01d.tar.gz seitan-1e78526693d22abe24c98291a782998573f6b01d.tar.bz2 seitan-1e78526693d22abe24c98291a782998573f6b01d.tar.lz seitan-1e78526693d22abe24c98291a782998573f6b01d.tar.xz seitan-1e78526693d22abe24c98291a782998573f6b01d.tar.zst seitan-1e78526693d22abe24c98291a782998573f6b01d.zip | |
Minor fixes for the filter and the eater
Add:
- ignore_args field for the filter.
- use MAX_FILTER to define the filter size in the eater
| -rw-r--r-- | cooker/filter.c | 10 | ||||
| -rw-r--r-- | cooker/filter.h | 1 | ||||
| -rw-r--r-- | eater/Makefile | 5 | ||||
| -rw-r--r-- | eater/eater.c | 4 |
4 files changed, 14 insertions, 6 deletions
diff --git a/cooker/filter.c b/cooker/filter.c index dcd04bf..9ca696b 100644 --- a/cooker/filter.c +++ b/cooker/filter.c @@ -25,6 +25,7 @@ static unsigned int index_entries = 0; * @entries: Index for the arguments for every entry */ struct filter_call_input { + bool ignore_args; bool notify; unsigned int count; int entries[MAX_ENTRIES_SYSCALL]; @@ -59,6 +60,8 @@ static bool has_args(long nr) if (call-> count < 1) return false; + if(call-> ignore_args) + return false; /* Check if the first entry has some arguments */ return need_check_arg(&entries[call->entries[0]]); @@ -160,6 +163,8 @@ void filter_add_arg(int index, struct bpf_arg arg, bool append) set_no_args(&entries[call->entries[0]]); return; } + if(call->ignore_args) + return; if (!append) call->entries[call->count++] = index_entries; memcpy(&entries[index_entries++].args[index], &arg, sizeof(arg)); @@ -169,8 +174,8 @@ void filter_needs_deref(void) { struct filter_call_input *call = filter_input + current_nr; - call->count = MAX_ENTRIES_SYSCALL; - set_no_args(&entries[call->entries[0]]); + call->ignore_args = true; + call->count = 0; } static int table[N_SYSCALL]; @@ -564,7 +569,6 @@ void filter_write(const char *path) n = create_table_syscall(); n = filter_build(filter, n); - fd = open(path, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, S_IRUSR | S_IWUSR); write(fd, filter, sizeof(struct sock_filter) * n); diff --git a/cooker/filter.h b/cooker/filter.h index 0ec1204..a797e07 100644 --- a/cooker/filter.h +++ b/cooker/filter.h @@ -11,6 +11,7 @@ #include <linux/filter.h> #include <linux/audit.h> #include <linux/seccomp.h> +#include <stdbool.h> #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ #define ENDIAN(_lo, _hi) _lo, _hi diff --git a/eater/Makefile b/eater/Makefile index 2e08b1f..1f85126 100644 --- a/eater/Makefile +++ b/eater/Makefile @@ -8,10 +8,11 @@ # Author: Alice Frosi <afrosi@redhat.com> COMMON_DIR :=../common +COOKER_DIR := ../cooker SRCS := $(COMMON_DIR)/common.c eater.c -HEADERS := $(COMMON_DIR)/common.h +HEADERS := $(COMMON_DIR)/common.h $(COOKER_DIR)/filter.h BIN := $(OUTDIR)/seitan-eater -CFLAGS += -Wall -Wextra -pedantic -I$(COMMON_DIR) +CFLAGS += -Wall -Wextra -pedantic -I$(COMMON_DIR) -I$(COOKER_DIR) eater: $(SRCS) $(HEADERS) $(CC) $(CFLAGS) -o $(BIN) $(SRCS) diff --git a/eater/eater.c b/eater/eater.c index 0236637..2169eb6 100644 --- a/eater/eater.c +++ b/eater/eater.c @@ -23,6 +23,8 @@ #include <sys/stat.h> #include "common.h" +#include "filter.h" + static struct option options[] = { { "input", required_argument, NULL, 'i' }, { 0, 0, 0, 0 }, @@ -85,7 +87,7 @@ static void signal_handler(__attribute__((unused)) int s) */ int main(int argc, char **argv) { - struct sock_filter filter[1024]; + struct sock_filter filter[MAX_FILTER]; struct arguments arguments; struct sigaction act; int fd, flags; |