def test_ls(policy_parser: PolicyParser, setup_testdir): ls = which('ls') text = """ #![profile '%s'] fs('%s', read|exec) fs('/etc/ld.so.cache', read|exec|getattr) fs('/usr/lib/ld-2.31.so', read|exec|getattr) fs('/lib64/ld-linux-x86-64.so.2', read) fs('/usr/lib/libcap.so.2', read|exec|getattr) fs('/usr/lib/libc.so.6', read|exec|getattr) fs('/usr/lib/locale/locale-archive', read|getattr) fs('/usr/share', exec) fs('/proc', exec) fs('/tmp/bpfbox', read|exec|getattr) fs('/tmp/bpfbox/a', getattr) fs('/tmp/bpfbox/b', getattr) fs('/tmp/bpfbox/c', getattr) fs('/tmp/bpfbox/d', getattr) proc('/usr/bin/ls', getattr) """ % (ls, ls) policy_parser.process_policy_text(text) out = subprocess.check_output([ls, '/tmp/bpfbox']).decode('utf-8') assert out.strip() == '\n'.join(sorted(os.listdir('/tmp/bpfbox')))
def test_procfs_other_process(bpf_program: BPFProgram, caplog, setup_testdir): sleep_path = which('sleep') Commands.add_profile(OPEN_PATH, False) Commands.add_fs_rule(OPEN_PATH, '/tmp/bpfbox/a', FS_ACCESS.READ, BPFBOX_ACTION.TAINT) Commands.add_fs_rule(OPEN_PATH, '/proc', FS_ACCESS.EXEC) Commands.add_procfs_rule(OPEN_PATH, sleep_path, FS_ACCESS.READ | FS_ACCESS.EXEC) subprocess.check_call([OPEN_PATH, 'proc-self']) sleep_pid = subprocess.Popen([sleep_path, '10']).pid subprocess.check_call([OPEN_PATH, 'proc-other', str(sleep_pid)])
def test_ipc_check_target(bpf_program: BPFProgram, caplog): sleep_path = which('sleep') Commands.add_profile(IPC_PATH, False) Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'check-target', str(target_pid)]).wait() assert rc == 1 Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGCHECK) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'check-target', str(target_pid)]).wait() assert rc == 0
def test_ipc_policy(policy_parser: PolicyParser, setup_testdir): sleep_path = which('sleep') text = """ #![profile '%s'] #[taint] signal(self, sigcheck) signal('%s', sigkill) """ % (IPC_PATH, sleep_path) policy_parser.process_policy_text(text) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'kill-target', str(target_pid)]).wait() assert rc == 0
def test_open_procfs_rules(policy_parser: PolicyParser, setup_testdir): sleep_path = which('sleep') text = """ #![profile '%s'] #[taint] fs('/tmp/bpfbox/a', read) fs('/proc', exec) proc('%s', read|exec) """ % (OPEN_PATH, sleep_path) policy_parser.process_policy_text(text) # /proc/self should always work subprocess.check_call([OPEN_PATH, 'proc-self']) sleep_pid = subprocess.Popen([sleep_path, '10']).pid subprocess.check_call([OPEN_PATH, 'proc-other', str(sleep_pid)])
def test_ipc_stop_target(bpf_program: BPFProgram, caplog): sleep_path = which('sleep') Commands.add_profile(IPC_PATH, False) Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'stop-target', str(target_pid)]).wait() try: os.kill(target_pid, signal.SIGCONT) except: pass assert rc == 1 Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGSTOP) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'stop-target', str(target_pid)]).wait() try: os.kill(target_pid, signal.SIGCONT) except: pass assert rc == 0
def test_open_proc_other_not_allowed(policy_parser: PolicyParser, setup_testdir): sleep_path = which('sleep') text = """ #![profile '%s'] #[taint] fs('/tmp/bpfbox/a', read) fs('/proc', exec) """ % (OPEN_PATH) policy_parser.process_policy_text(text) # /proc/self should always work subprocess.check_call([OPEN_PATH, 'proc-self']) sleep_pid = subprocess.Popen([sleep_path, '10']).pid with pytest.raises(subprocess.CalledProcessError): subprocess.check_call([OPEN_PATH, 'proc-other', str(sleep_pid)])
rc = subprocess.Popen([IPC_PATH, 'kill-self']).wait() assert rc == -signal.SIGKILL def test_ipc_kill_self(bpf_program: BPFProgram, caplog): Commands.add_profile(IPC_PATH, False) Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT) rc = subprocess.Popen([IPC_PATH, 'kill-self']).wait() assert rc == 1 Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGKILL) rc = subprocess.Popen([IPC_PATH, 'kill-self']).wait() assert rc == -signal.SIGKILL @pytest.mark.skipif(not which('sleep'), reason='sleep not found on system') def test_ipc_kill_target(bpf_program: BPFProgram, caplog): sleep_path = which('sleep') Commands.add_profile(IPC_PATH, False) Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'kill-target', str(target_pid)]).wait() assert rc == 1 Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGKILL) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'kill-target', str(target_pid)]).wait() assert rc == 0