Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | test: fix operations | Alice Frosi | 2023-05-08 | 5 | -274/+244 |
| | | | | Adjust the tests after the refactoring and to use struct gluten_offset | ||||
* | seitan: refactor operations | Alice Frosi | 2023-05-08 | 4 | -188/+231 |
| | | | | | | | | | | | Refactoring: - rename do_operations to eval and reduce the number of arguments - create macro HANDLE_OP - rename all functions with op_*(operation name) - exposed the op_* functions in the operations.h Fixes: - use pread for op_load | ||||
* | cooker updates spilling all over the place | Stefano Brivio | 2023-05-02 | 15 | -283/+677 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Only tangentially related: - make seitan C99 again, so that I can build cooker without warnings - make Makefiles make use of the usual conventions about assigning directory paths in variables, drop numbers.h as requirement for cooker and make it convenient to run stand-alone Makefiles - fix up nr_syscalls.sh to be POSIX, otherwise it will give syntax errors on my system - define a single, common way to refer to offsets in gluten, and functions to use those offsets in a safe way. Immediates are gone: cooker will write any bit of "data" to the read-only section - call const what has to be const - define on-disk layout for gluten - add OP_NR (to check syscall numbers), rename OP_COPY_ARGS to OP_LOAD (it loads _selected_ stuff from arguments) As for cooker itself: - drop ARG_ and arg_ prefixes from struct names, and similar - add/rework functions to build OP_NR, OP_LOAD, OP_CMP, and to write constant data to gluten - add parsing for "compound" arguments, but that's not completely hooked into evaluation for numeric arguments yet Signed-off-by: Stefano Brivio <sbrivio@redhat.com> | ||||
* | filter: add missing license header | Alice Frosi | 2023-04-25 | 2 | -0/+10 |
| | |||||
* | filter: remove logging part | Alice Frosi | 2023-04-25 | 2 | -20/+3 |
| | | | | The logging will be handled different using op_log | ||||
* | seitan: use functions from util.h | Alice Frosi | 2023-04-25 | 2 | -7/+8 |
| | |||||
* | seitan: remove unused options | Alice Frosi | 2023-04-25 | 1 | -108/+3 |
| | |||||
* | test: uncomment test | Alice Frosi | 2023-04-21 | 1 | -1/+1 |
| | |||||
* | test: test various values for op_cmp_type | Alice Frosi | 2023-04-21 | 1 | -8/+83 |
| | |||||
* | Add op_cmp type | Alice Frosi | 2023-04-21 | 2 | -5/+25 |
| | |||||
* | tests: clean-up created file | Alice Frosi | 2023-04-21 | 2 | -1/+3 |
| | |||||
* | operations: fix bug into the reference injection | Alice Frosi | 2023-04-21 | 1 | -2/+2 |
| | |||||
* | operation: remove pid and id | Alice Frosi | 2023-04-21 | 3 | -34/+36 |
| | | | | | Pid and id are reduandant fields as the information are already included in the seccomp request | ||||
* | Replace argp with getopt | Alice Frosi | 2023-04-20 | 2 | -86/+90 |
| | |||||
* | Makefile: fix compilation for cooker for missing numbers.h | Alice Frosi | 2023-04-18 | 1 | -2/+2 |
| | |||||
* | filter: clean-up unused functions | Alice Frosi | 2023-04-18 | 1 | -28/+4 |
| | |||||
* | test: fix test filter with the new filter build | Alice Frosi | 2023-04-18 | 1 | -94/+101 |
| | |||||
* | filter: remove superfluous jumps | Alice Frosi | 2023-04-18 | 1 | -25/+25 |
| | |||||
* | test: add test for and_ne | Alice Frosi | 2023-04-18 | 1 | -10/+38 |
| | |||||
* | filter: add and_ne operation | Alice Frosi | 2023-04-18 | 1 | -4/+39 |
| | |||||
* | test: add unit test for and operation | Alice Frosi | 2023-04-18 | 1 | -0/+66 |
| | |||||
* | filter: add and operation | Alice Frosi | 2023-04-18 | 2 | -10/+57 |
| | |||||
* | Fix filter offset for gt and lt | Alice Frosi | 2023-04-14 | 1 | -2/+2 |
| | |||||
* | Add test for BPF filter comparison operations | Alice Frosi | 2023-04-14 | 1 | -28/+110 |
| | |||||
* | Add comparison operations to the BPF filter | Alice Frosi | 2023-04-13 | 1 | -2/+20 |
| | |||||
* | Fix tests | Alice Frosi | 2023-04-13 | 5 | -29/+35 |
| | |||||
* | Fix offset after refactoring | Alice Frosi | 2023-04-12 | 1 | -1/+5 |
| | |||||
* | Refactor tests to use same struct arg as the filter | Alice Frosi | 2023-04-12 | 6 | -43/+45 |
| | |||||
* | Add other comparison operation for the BPF filter | Alice Frosi | 2023-04-12 | 4 | -39/+122 |
| | |||||
* | filter: define arg_cmp and arg_type | Alice Frosi | 2023-04-06 | 6 | -49/+56 |
| | |||||
* | Refactor makefile | Alice Frosi | 2023-04-06 | 1 | -12/+20 |
| | |||||
* | Add support for 64 bits arguments | Alice Frosi | 2023-04-06 | 6 | -34/+195 |
| | |||||
* | fix filter test | Alice Frosi | 2023-04-03 | 2 | -85/+72 |
| | |||||
* | filter: fix filter | Alice Frosi | 2023-04-03 | 4 | -56/+133 |
| | | | | | An additional notification is need either when we jump from an instruction without arguments then at the end of the argument checks. | ||||
* | filter: load argument to check | Alice Frosi | 2023-03-31 | 2 | -1/+10 |
| | |||||
* | tests: add tests for filtering the syscalls | Alice Frosi | 2023-03-31 | 4 | -3/+122 |
| | |||||
* | test: moving shareable function in a separate file | Alice Frosi | 2023-03-30 | 4 | -176/+238 |
| | |||||
* | Create common function to install the BPF filter | Alice Frosi | 2023-03-30 | 5 | -42/+40 |
| | |||||
* | test: rename test-filter.c to test_filter_build.c | Alice Frosi | 2023-03-30 | 2 | -4/+4 |
| | |||||
* | test: fix filter order | Alice Frosi | 2023-03-29 | 1 | -43/+60 |
| | |||||
* | cooker: fix argument evaluation | Alice Frosi | 2023-03-29 | 1 | -19/+66 |
| | | | | | Check sequentially the arguments for a syscall entry. If the check isn't successful then pass to the next entry. | ||||
* | test: fix cooker directory | Alice Frosi | 2023-03-29 | 1 | -1/+1 |
| | |||||
* | cooker: add filter.c/.h to the Makefile | Alice Frosi | 2023-03-29 | 1 | -3/+17 |
| | | | | Integration of filter part in cooker. The filter requires the AUDIT_ARCH variable. | ||||
* | Rename cooker and eater with seitan prefix | Alice Frosi | 2023-03-28 | 23 | -6/+8 |
| | |||||
* | seitan: use die function to terminate on error | Alice Frosi | 2023-03-28 | 1 | -18/+10 |
| | |||||
* | seitan: remove unused variables and functions | Alice Frosi | 2023-03-24 | 1 | -64/+1 |
| | | | | This was a left over of the previous version | ||||
* | Add missing pre-requirement to seitan target | Alice Frosi | 2023-03-24 | 1 | -1/+1 |
| | |||||
* | Replace errExit with die | Alice Frosi | 2023-03-24 | 2 | -17/+14 |
| | |||||
* | Move util.h and util.c in common | Alice Frosi | 2023-03-24 | 3 | -3/+4 |
| | |||||
* | Add license header to the integration tests | Alice Frosi | 2023-03-24 | 1 | -0/+7 |
| |