Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | filter: remove superfluous jumps | Alice Frosi | 2023-04-18 | 1 | -25/+25 | |
| | ||||||
* | test: add test for and_ne | Alice Frosi | 2023-04-18 | 1 | -10/+38 | |
| | ||||||
* | filter: add and_ne operation | Alice Frosi | 2023-04-18 | 1 | -4/+39 | |
| | ||||||
* | test: add unit test for and operation | Alice Frosi | 2023-04-18 | 1 | -0/+66 | |
| | ||||||
* | filter: add and operation | Alice Frosi | 2023-04-18 | 2 | -10/+57 | |
| | ||||||
* | Fix filter offset for gt and lt | Alice Frosi | 2023-04-14 | 1 | -2/+2 | |
| | ||||||
* | Add test for BPF filter comparison operations | Alice Frosi | 2023-04-14 | 1 | -28/+110 | |
| | ||||||
* | Add comparison operations to the BPF filter | Alice Frosi | 2023-04-13 | 1 | -2/+20 | |
| | ||||||
* | Fix tests | Alice Frosi | 2023-04-13 | 5 | -29/+35 | |
| | ||||||
* | Fix offset after refactoring | Alice Frosi | 2023-04-12 | 1 | -1/+5 | |
| | ||||||
* | Refactor tests to use same struct arg as the filter | Alice Frosi | 2023-04-12 | 6 | -43/+45 | |
| | ||||||
* | Add other comparison operation for the BPF filter | Alice Frosi | 2023-04-12 | 4 | -39/+122 | |
| | ||||||
* | filter: define arg_cmp and arg_type | Alice Frosi | 2023-04-06 | 6 | -49/+56 | |
| | ||||||
* | Refactor makefile | Alice Frosi | 2023-04-06 | 1 | -12/+20 | |
| | ||||||
* | Add support for 64 bits arguments | Alice Frosi | 2023-04-06 | 6 | -34/+195 | |
| | ||||||
* | fix filter test | Alice Frosi | 2023-04-03 | 2 | -85/+72 | |
| | ||||||
* | filter: fix filter | Alice Frosi | 2023-04-03 | 4 | -56/+133 | |
| | | | | | An additional notification is need either when we jump from an instruction without arguments then at the end of the argument checks. | |||||
* | filter: load argument to check | Alice Frosi | 2023-03-31 | 2 | -1/+10 | |
| | ||||||
* | tests: add tests for filtering the syscalls | Alice Frosi | 2023-03-31 | 4 | -3/+122 | |
| | ||||||
* | test: moving shareable function in a separate file | Alice Frosi | 2023-03-30 | 4 | -176/+238 | |
| | ||||||
* | Create common function to install the BPF filter | Alice Frosi | 2023-03-30 | 5 | -42/+40 | |
| | ||||||
* | test: rename test-filter.c to test_filter_build.c | Alice Frosi | 2023-03-30 | 2 | -4/+4 | |
| | ||||||
* | test: fix filter order | Alice Frosi | 2023-03-29 | 1 | -43/+60 | |
| | ||||||
* | cooker: fix argument evaluation | Alice Frosi | 2023-03-29 | 1 | -19/+66 | |
| | | | | | Check sequentially the arguments for a syscall entry. If the check isn't successful then pass to the next entry. | |||||
* | test: fix cooker directory | Alice Frosi | 2023-03-29 | 1 | -1/+1 | |
| | ||||||
* | cooker: add filter.c/.h to the Makefile | Alice Frosi | 2023-03-29 | 1 | -3/+17 | |
| | | | | Integration of filter part in cooker. The filter requires the AUDIT_ARCH variable. | |||||
* | Rename cooker and eater with seitan prefix | Alice Frosi | 2023-03-28 | 23 | -6/+8 | |
| | ||||||
* | seitan: use die function to terminate on error | Alice Frosi | 2023-03-28 | 1 | -18/+10 | |
| | ||||||
* | seitan: remove unused variables and functions | Alice Frosi | 2023-03-24 | 1 | -64/+1 | |
| | | | | This was a left over of the previous version | |||||
* | Add missing pre-requirement to seitan target | Alice Frosi | 2023-03-24 | 1 | -1/+1 | |
| | ||||||
* | Replace errExit with die | Alice Frosi | 2023-03-24 | 2 | -17/+14 | |
| | ||||||
* | Move util.h and util.c in common | Alice Frosi | 2023-03-24 | 3 | -3/+4 | |
| | ||||||
* | Add license header to the integration tests | Alice Frosi | 2023-03-24 | 1 | -0/+7 | |
| | ||||||
* | cleanup commited files | Alice Frosi | 2023-03-24 | 1 | -0/+0 | |
| | ||||||
* | tests: Adjust project directory and add license headers | Alice Frosi | 2023-03-24 | 4 | -16/+64 | |
| | ||||||
* | Re-arrange repository structure | Alice Frosi | 2023-03-24 | 37 | -44/+16 | |
| | ||||||
* | Remove filter dir | Alice Frosi | 2023-03-24 | 3 | -38320/+0 | |
| | ||||||
* | Re-organize project and add license header | Alice Frosi | 2023-03-24 | 44 | -208/+38478 | |
| | ||||||
* | filter: add logging mode | Alice Frosi | 2023-03-23 | 5 | -35/+64 | |
| | | | | | The logging mode creates a BPF filter where all the syscalls trigger a notification to the seccomp notifier. | |||||
* | seitan: receiving seccomp notifier with socket | Alice Frosi | 2023-03-23 | 1 | -22/+126 | |
| | | | | | | | | OCI spec and container runtimes expect to send the seccomp notifer fd through a unix socket. This mode is complementary of retrieving the file descriptor using the pid of the target process. Add option to log the syscalls. | |||||
* | cooker: Initial import of new implementation | Stefano Brivio | 2023-03-20 | 19 | -0/+3179 | |
| | | | | Signed-off-by: Stefano Brivio <sbrivio@redhat.com> | |||||
* | tests: add unit tests for op_resolvedfd | Alice Frosi | 2023-03-15 | 1 | -1/+77 | |
| | ||||||
* | seitan: add op_resolvedfd | Alice Frosi | 2023-03-15 | 2 | -0/+36 | |
| | | | | | | The op_resolvedfd verifies that the fd points to a path. Signed-off-by: Alice Frosi <afrosi@redhat.com> | |||||
* | tests: add test for op_cmp | Alice Frosi | 2023-02-27 | 1 | -1/+63 | |
| | ||||||
* | seitan: add op_cmp | Alice Frosi | 2023-02-27 | 2 | -0/+15 | |
| | | | | | The operation op_cmp allows to compare 2 areas of memory and if they don't match to jump to an operation. | |||||
* | seitan: add op_end | Alice Frosi | 2023-02-27 | 2 | -0/+4 | |
| | | | | | The op_end signal to terminate reading the operations. This is useful for the introductions of branches for the matches. | |||||
* | test: fix arguments and offsets | Alice Frosi | 2023-02-27 | 1 | -6/+7 | |
| | ||||||
* | seitan: copy immediate args with op_copy | Alice Frosi | 2023-02-27 | 3 | -12/+22 | |
| | ||||||
* | tests: add test for op_copy | Alice Frosi | 2023-02-23 | 1 | -0/+64 | |
| | | | | | | The target process tries to perform a connect syscall and we need to check that the struct sockaddr_un is correctly copied from the memory of the target process | |||||
* | operations: add op_copy | Alice Frosi | 2023-02-23 | 3 | -5/+62 | |
| |