aboutgitcodelistschat:MatrixIRC
Commit message (Collapse)AuthorAgeFilesLines
* filter: load argument to checkAlice Frosi2023-03-312-1/+10
|
* tests: add tests for filtering the syscallsAlice Frosi2023-03-314-3/+122
|
* test: moving shareable function in a separate fileAlice Frosi2023-03-304-176/+238
|
* Create common function to install the BPF filterAlice Frosi2023-03-305-42/+40
|
* test: rename test-filter.c to test_filter_build.cAlice Frosi2023-03-302-4/+4
|
* test: fix filter orderAlice Frosi2023-03-291-43/+60
|
* cooker: fix argument evaluationAlice Frosi2023-03-291-19/+66
| | | | | Check sequentially the arguments for a syscall entry. If the check isn't successful then pass to the next entry.
* test: fix cooker directoryAlice Frosi2023-03-291-1/+1
|
* cooker: add filter.c/.h to the MakefileAlice Frosi2023-03-291-3/+17
| | | | Integration of filter part in cooker. The filter requires the AUDIT_ARCH variable.
* Rename cooker and eater with seitan prefixAlice Frosi2023-03-2823-6/+8
|
* seitan: use die function to terminate on errorAlice Frosi2023-03-281-18/+10
|
* seitan: remove unused variables and functionsAlice Frosi2023-03-241-64/+1
| | | | This was a left over of the previous version
* Add missing pre-requirement to seitan targetAlice Frosi2023-03-241-1/+1
|
* Replace errExit with dieAlice Frosi2023-03-242-17/+14
|
* Move util.h and util.c in commonAlice Frosi2023-03-243-3/+4
|
* Add license header to the integration testsAlice Frosi2023-03-241-0/+7
|
* cleanup commited filesAlice Frosi2023-03-241-0/+0
|
* tests: Adjust project directory and add license headersAlice Frosi2023-03-244-16/+64
|
* Re-arrange repository structureAlice Frosi2023-03-2437-44/+16
|
* Remove filter dirAlice Frosi2023-03-243-38320/+0
|
* Re-organize project and add license headerAlice Frosi2023-03-2444-208/+38478
|
* filter: add logging modeAlice Frosi2023-03-235-35/+64
| | | | | The logging mode creates a BPF filter where all the syscalls trigger a notification to the seccomp notifier.
* seitan: receiving seccomp notifier with socketAlice Frosi2023-03-231-22/+126
| | | | | | | | OCI spec and container runtimes expect to send the seccomp notifer fd through a unix socket. This mode is complementary of retrieving the file descriptor using the pid of the target process. Add option to log the syscalls.
* cooker: Initial import of new implementationStefano Brivio2023-03-2019-0/+3179
| | | | Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* tests: add unit tests for op_resolvedfdAlice Frosi2023-03-151-1/+77
|
* seitan: add op_resolvedfdAlice Frosi2023-03-152-0/+36
| | | | | | The op_resolvedfd verifies that the fd points to a path. Signed-off-by: Alice Frosi <afrosi@redhat.com>
* tests: add test for op_cmpAlice Frosi2023-02-271-1/+63
|
* seitan: add op_cmpAlice Frosi2023-02-272-0/+15
| | | | | The operation op_cmp allows to compare 2 areas of memory and if they don't match to jump to an operation.
* seitan: add op_endAlice Frosi2023-02-272-0/+4
| | | | | The op_end signal to terminate reading the operations. This is useful for the introductions of branches for the matches.
* test: fix arguments and offsetsAlice Frosi2023-02-271-6/+7
|
* seitan: copy immediate args with op_copyAlice Frosi2023-02-273-12/+22
|
* tests: add test for op_copyAlice Frosi2023-02-231-0/+64
| | | | | | The target process tries to perform a connect syscall and we need to check that the struct sockaddr_un is correctly copied from the memory of the target process
* operations: add op_copyAlice Frosi2023-02-233-5/+62
|
* tests: generalize the syscall of the targetAlice Frosi2023-02-231-12/+19
| | | | | Refactor the tests to pass the filtered syscall and setting the argument into the shared struct.
* test: fix check of a_blockAlice Frosi2023-02-231-1/+5
|
* tests: adjust do_operations signatureAlice Frosi2023-02-231-7/+7
| | | | Signed-off-by: Alice Frosi <afrosi@redhat.com>
* Rename actions to operationsAlice Frosi2023-02-226-117/+117
| | | | | Replace all the action related names to operations to make them more generic.
* fix formattingAlice Frosi2023-02-228-155/+171
|
* gluten: remove error typeAlice Frosi2023-02-221-1/+0
| | | | The error is always constant and not a reference
* tests: add test for act_inject with the referencesAlice Frosi2023-02-211-8/+35
|
* actions: add reference for the fdsAlice Frosi2023-02-213-15/+40
|
* actions: change pointer to offsetAlice Frosi2023-02-213-25/+11
|
* tests: add act_call and saving return valueAlice Frosi2023-02-211-0/+22
|
* makefile: add variable to set temporary data sizeAlice Frosi2023-02-211-0/+1
|
* actions: cast data for temporary result to uint16_tAlice Frosi2023-02-211-1/+1
|
* tests: add test-action-call when running make test-unitAlice Frosi2023-02-211-2/+2
|
* test: add test for act_callAlice Frosi2023-02-211-1/+23
|
* test: add ignore_ret for checking test resultAlice Frosi2023-02-211-7/+9
|
* action: return error for act_callAlice Frosi2023-02-211-2/+2
|
* actions: set error on act_callAlice Frosi2023-02-211-0/+13
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-05 23:58:39 +0000