def test_ipc_check_self(bpf_program: BPFProgram, caplog): Commands.add_profile(IPC_PATH, False) Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT) rc = subprocess.Popen([IPC_PATH, 'check-self']).wait() assert rc == 1 Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK) rc = subprocess.Popen([IPC_PATH, 'check-self']).wait() assert rc == 0
def test_ipc_usr1_self(bpf_program: BPFProgram, caplog): Commands.add_profile(IPC_PATH, False) Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT) rc = subprocess.Popen([IPC_PATH, 'usr1-self']).wait() assert rc == 1 Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGMISC) rc = subprocess.Popen([IPC_PATH, 'usr1-self']).wait() assert rc == -signal.SIGUSR1
def load(self, policy: Policy): super().load(policy) state = self.calculate_state_number(policy) for target in self.target: Commands.add_ipc_rule( policy.profile, target, IPC_ACCESS.from_list(self.signal), BPFBOX_ACTION.from_list(self.action), state, )
def test_ipc_check_target(bpf_program: BPFProgram, caplog): sleep_path = which('sleep') Commands.add_profile(IPC_PATH, False) Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'check-target', str(target_pid)]).wait() assert rc == 1 Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGCHECK) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'check-target', str(target_pid)]).wait() assert rc == 0
def __call__(self, profile: str) -> int: if self.other_exe == 'self': other_exe = profile else: other_exe = self.other_exe return Commands.add_ipc_rule(profile, other_exe, self.access, self.action)
def test_ipc_stop_self(bpf_program: BPFProgram, caplog): Commands.add_profile(IPC_PATH, False) Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT) p = subprocess.Popen([IPC_PATH, 'stop-self']) try: rc = p.wait(1) except subprocess.TimeoutExpired: os.kill(p.pid, signal.SIGCONT) rc = p.wait(1) assert rc == 1 Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGSTOP) p = subprocess.Popen([IPC_PATH, 'stop-self']) try: rc = p.wait(1) except subprocess.TimeoutExpired: os.kill(p.pid, signal.SIGCONT) rc = p.wait(1) assert rc == 0
def test_ipc_stop_target(bpf_program: BPFProgram, caplog): sleep_path = which('sleep') Commands.add_profile(IPC_PATH, False) Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'stop-target', str(target_pid)]).wait() try: os.kill(target_pid, signal.SIGCONT) except: pass assert rc == 1 Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGSTOP) target_pid = subprocess.Popen([sleep_path, '10']).pid rc = subprocess.Popen([IPC_PATH, 'stop-target', str(target_pid)]).wait() try: os.kill(target_pid, signal.SIGCONT) except: pass assert rc == 0