aboutgitcodelistschat:MatrixIRC
Commit message (Collapse)AuthorAgeFilesLines
...
* gluten: remove unused enum value_typeAlice Frosi2023-05-111-5/+0
|
* Add missing license header to tests/unit/test_errors.cAlice Frosi2023-05-111-0/+5
|
* Clean-up error message and testAlice Frosi2023-05-115-58/+122
| | | | | | | | Refactoring error messages: - standardize error messages and functions - return on error instead of exit - test error when target doesn't exist - include ability to capture stderr and stdout in the tests
* ops: check for SECCOMP_DATAAlice Frosi2023-05-102-3/+6
| | | | Add check if offset type is SECCOMP_DATA and the seccomp request is set.
* seitan: add check for limits to op_cmpAlice Frosi2023-05-102-3/+39
| | | | Adding the offset limits checks and unit tests.
* Refactoring of gluten_read/writeAlice Frosi2023-05-105-60/+86
| | | | | | | | Refactor includes: - use static inline instead of macro - return -1 if there is an error and don't exit - eval return 0 or -1 - adjust code and tests
* gluten: check limitsAlice Frosi2023-05-095-11/+183
| | | | | | Add bounds checking: - if offset is larger then the maximum per offset type - if memcpy is reading/writing inside gluten
* test: fix operationsAlice Frosi2023-05-085-274/+244
| | | | Adjust the tests after the refactoring and to use struct gluten_offset
* seitan: refactor operationsAlice Frosi2023-05-084-188/+231
| | | | | | | | | | | Refactoring: - rename do_operations to eval and reduce the number of arguments - create macro HANDLE_OP - rename all functions with op_*(operation name) - exposed the op_* functions in the operations.h Fixes: - use pread for op_load
* cooker updates spilling all over the placeStefano Brivio2023-05-0215-283/+677
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Only tangentially related: - make seitan C99 again, so that I can build cooker without warnings - make Makefiles make use of the usual conventions about assigning directory paths in variables, drop numbers.h as requirement for cooker and make it convenient to run stand-alone Makefiles - fix up nr_syscalls.sh to be POSIX, otherwise it will give syntax errors on my system - define a single, common way to refer to offsets in gluten, and functions to use those offsets in a safe way. Immediates are gone: cooker will write any bit of "data" to the read-only section - call const what has to be const - define on-disk layout for gluten - add OP_NR (to check syscall numbers), rename OP_COPY_ARGS to OP_LOAD (it loads _selected_ stuff from arguments) As for cooker itself: - drop ARG_ and arg_ prefixes from struct names, and similar - add/rework functions to build OP_NR, OP_LOAD, OP_CMP, and to write constant data to gluten - add parsing for "compound" arguments, but that's not completely hooked into evaluation for numeric arguments yet Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
* filter: add missing license headerAlice Frosi2023-04-252-0/+10
|
* filter: remove logging partAlice Frosi2023-04-252-20/+3
| | | | The logging will be handled different using op_log
* seitan: use functions from util.hAlice Frosi2023-04-252-7/+8
|
* seitan: remove unused optionsAlice Frosi2023-04-251-108/+3
|
* test: uncomment testAlice Frosi2023-04-211-1/+1
|
* test: test various values for op_cmp_typeAlice Frosi2023-04-211-8/+83
|
* Add op_cmp typeAlice Frosi2023-04-212-5/+25
|
* tests: clean-up created fileAlice Frosi2023-04-212-1/+3
|
* operations: fix bug into the reference injectionAlice Frosi2023-04-211-2/+2
|
* operation: remove pid and idAlice Frosi2023-04-213-34/+36
| | | | | Pid and id are reduandant fields as the information are already included in the seccomp request
* Replace argp with getoptAlice Frosi2023-04-202-86/+90
|
* Makefile: fix compilation for cooker for missing numbers.hAlice Frosi2023-04-181-2/+2
|
* filter: clean-up unused functionsAlice Frosi2023-04-181-28/+4
|
* test: fix test filter with the new filter buildAlice Frosi2023-04-181-94/+101
|
* filter: remove superfluous jumpsAlice Frosi2023-04-181-25/+25
|
* test: add test for and_neAlice Frosi2023-04-181-10/+38
|
* filter: add and_ne operationAlice Frosi2023-04-181-4/+39
|
* test: add unit test for and operationAlice Frosi2023-04-181-0/+66
|
* filter: add and operationAlice Frosi2023-04-182-10/+57
|
* Fix filter offset for gt and ltAlice Frosi2023-04-141-2/+2
|
* Add test for BPF filter comparison operationsAlice Frosi2023-04-141-28/+110
|
* Add comparison operations to the BPF filterAlice Frosi2023-04-131-2/+20
|
* Fix testsAlice Frosi2023-04-135-29/+35
|
* Fix offset after refactoringAlice Frosi2023-04-121-1/+5
|
* Refactor tests to use same struct arg as the filterAlice Frosi2023-04-126-43/+45
|
* Add other comparison operation for the BPF filterAlice Frosi2023-04-124-39/+122
|
* filter: define arg_cmp and arg_typeAlice Frosi2023-04-066-49/+56
|
* Refactor makefileAlice Frosi2023-04-061-12/+20
|
* Add support for 64 bits argumentsAlice Frosi2023-04-066-34/+195
|
* fix filter testAlice Frosi2023-04-032-85/+72
|
* filter: fix filterAlice Frosi2023-04-034-56/+133
| | | | | An additional notification is need either when we jump from an instruction without arguments then at the end of the argument checks.
* filter: load argument to checkAlice Frosi2023-03-312-1/+10
|
* tests: add tests for filtering the syscallsAlice Frosi2023-03-314-3/+122
|
* test: moving shareable function in a separate fileAlice Frosi2023-03-304-176/+238
|
* Create common function to install the BPF filterAlice Frosi2023-03-305-42/+40
|
* test: rename test-filter.c to test_filter_build.cAlice Frosi2023-03-302-4/+4
|
* test: fix filter orderAlice Frosi2023-03-291-43/+60
|
* cooker: fix argument evaluationAlice Frosi2023-03-291-19/+66
| | | | | Check sequentially the arguments for a syscall entry. If the check isn't successful then pass to the next entry.
* test: fix cooker directoryAlice Frosi2023-03-291-1/+1
|
* cooker: add filter.c/.h to the MakefileAlice Frosi2023-03-291-3/+17
| | | | Integration of filter part in cooker. The filter requires the AUDIT_ARCH variable.
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-06 04:55:25 +0000