diff options
| author | Stefano Brivio <sbrivio@redhat.com> | 2023-05-16 03:19:01 +0200 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2023-05-16 07:20:25 +0200 |
| commit | 7ab2bda2e69d4a862572be4b5e389a6aa864470d (patch) | |
| tree | fa9653204a4ab9581b76499c95d76d16d467301d /cooker/gluten.c | |
| parent | 049bd1ca828da835f2903b88adcf9ce0bdacd6e4 (diff) | |
| download | seitan-7ab2bda2e69d4a862572be4b5e389a6aa864470d.tar seitan-7ab2bda2e69d4a862572be4b5e389a6aa864470d.tar.gz seitan-7ab2bda2e69d4a862572be4b5e389a6aa864470d.tar.bz2 seitan-7ab2bda2e69d4a862572be4b5e389a6aa864470d.tar.lz seitan-7ab2bda2e69d4a862572be4b5e389a6aa864470d.tar.xz seitan-7ab2bda2e69d4a862572be4b5e389a6aa864470d.tar.zst seitan-7ab2bda2e69d4a862572be4b5e389a6aa864470d.zip | |
cooker, seitan: Now with 100% more gluten
Pseudorandom changes and progress around cooker and seitan:
- cooker:
- rename matching functions, split match.c
- fix up SELECT semantics
- add some form of handling for all syscalls in the example
(some stubs)
- OP_CMP for all basic and compound types except for flags
- link jumps to next block and next match
- completed implementation of tags
- gluten write
- filter clean-ups, write filters (probably not working)
- seitan:
- load gluten and source instructions and data from there
$ ./seitan-cooker cooker/example.hjson example.gluten example.bpf
Parsing block 0
Parsing match 0: connect
Found description for connect
0: OP_NR: if syscall number is not 0, jump to next block
Parsing match argument fd
setting tag reference 'fd'
tag 'fd' now refers to seccomp data at 0
Parsing match argument addr
allocating 128 at offset 0
1: OP_LOAD: #0 < args[1] (size: 128)
C#0: (INT) 1
2: OP_CMP: if temporary data: #0 NE (size: 4) read-only data: #0, jump to next block
C#4: (STRING:24) /var/run/pr-helper.sock
3: OP_CMP: if temporary data: #0 NE (size: 24) read-only data: #4, jump to next block
Linking match...
Linking block...
linked jump of instruction #0 to #4
linked jump of instruction #2 to #4
linked jump of instruction #3 to #4
Parsing block 1
Parsing match 0: ioctl
Found description for ioctl
4: OP_NR: if syscall number is not 112, jump to next block
Parsing match argument path
Parsing match argument request
C#28: (INT) 1074025674
5: OP_CMP: if seccomp data: #1 NE (size: 4) read-only data: #28, jump to next block
Parsing match argument ifr
allocating 40 at offset 128
6: OP_LOAD: #128 < args[2] (size: 40)
C#32: (STRING:5) tap0
7: OP_CMP: if temporary data: #128 NE (size: 5) read-only data: #32, jump to next block
C#37: (INT) 1
8: OP_CMP: if temporary data: #128 NE (size: 4) read-only data: #37, jump to next block
Linking match...
Linking block...
linked jump of instruction #4 to #9
linked jump of instruction #5 to #9
linked jump of instruction #7 to #9
linked jump of instruction #8 to #9
Parsing block 2
Parsing match 0: unshare
Found description for unshare
9: OP_NR: if syscall number is not 164, jump to next block
Parsing match argument flags
Linking match...
Linking block...
linked jump of instruction #9 to #10
Parsing block 3
Parsing match 0: unshare
Found description for unshare
10: OP_NR: if syscall number is not 164, jump to next block
Parsing match argument flags
Linking match...
Linking block...
linked jump of instruction #10 to #11
Parsing block 4
Parsing match 0: mknod
Found description for mknod
11: OP_NR: if syscall number is not 164, jump to next block
Parsing match argument path
allocating 1 at offset 168
12: OP_LOAD: #168 < args[0] (size: 1)
setting tag reference 'path'
tag 'path' now refers to temporary data at 168
Parsing match argument mode
Parsing match argument major
Parsing match argument minor
setting tag reference 'minor'
tag 'minor' now refers to seccomp data at 2
Linking match...
Linking block...
linked jump of instruction #11 to #13
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'cooker/gluten.c')
| -rw-r--r-- | cooker/gluten.c | 58 |
1 files changed, 55 insertions, 3 deletions
diff --git a/cooker/gluten.c b/cooker/gluten.c index 6460798..05d408f 100644 --- a/cooker/gluten.c +++ b/cooker/gluten.c @@ -32,6 +32,15 @@ size_t gluten_size[TYPE_COUNT] = { }; +const char *jump_name[JUMP_COUNT] = { "next block", "next match", "end" }; + +/** + * gluten_alloc() - Allocate in temporary (seitan read-write) data area + * @g: gluten context + * @size: Bytes to allocate + * + * Return: offset to allocated area + */ struct gluten_offset gluten_alloc(struct gluten_ctx *g, size_t size) { struct gluten_offset ret = g->dp; @@ -43,16 +52,59 @@ struct gluten_offset gluten_alloc(struct gluten_ctx *g, size_t size) return ret; } +/** + * gluten_alloc() - Allocate storage for given type in temporary data area + * @g: gluten context + * @type: Data type + * + * Return: offset to allocated area + */ struct gluten_offset gluten_alloc_type(struct gluten_ctx *g, enum type type) { return gluten_alloc(g, gluten_size[type]); } -void gluten_init(struct gluten_ctx *g) +void gluten_add_tag(struct gluten_ctx *g, const char *name, + struct gluten_offset offset) { - (void)g; + int i; + + for (i = 0; i < TAGS_MAX && g->tags[i].name; i++); + if (i == TAGS_MAX) + die("Too many tags"); + + g->tags[i].name = name; + g->tags[i].offset = offset; + + debug(" tag '%s' now refers to %s at %i", + name, gluten_offset_name[offset.type], offset.offset); +} - g->ip.type = g->lr.type = OFFSET_INSTRUCTION; +/** + * gluten_init() - Initialise gluten structures and layout + * @g: gluten context + */ +void gluten_init(struct gluten_ctx *g) +{ + g->ip.type = g->lr.type = g->mr.type = OFFSET_INSTRUCTION; + g->ip.offset = g->lr.offset = g->mr.offset = 0; g->dp.type = OFFSET_DATA; g->cp.type = OFFSET_RO_DATA; } + +void gluten_write(struct gluten_ctx *g, const char *path) +{ + ssize_t n; + int fd; + + fd = open(path, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, + S_IRUSR | S_IWUSR); + + if ((n = write(fd, &g->g, sizeof(g->g))) == -1) + die("Failed to write gluten: %s", strerror(errno)); + + if (n != sizeof(g->g)) + die("Failed to write %i bytes of gluten", sizeof(g->g) - n); + + close(fd); +} |