コード例 #1
0
def test_ipc_check_self(bpf_program: BPFProgram, caplog):
    Commands.add_profile(IPC_PATH, False)
    Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT)

    rc = subprocess.Popen([IPC_PATH, 'check-self']).wait()
    assert rc == 1

    Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK)
    rc = subprocess.Popen([IPC_PATH, 'check-self']).wait()
    assert rc == 0
コード例 #2
0
def test_ipc_usr1_self(bpf_program: BPFProgram, caplog):
    Commands.add_profile(IPC_PATH, False)
    Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT)

    rc = subprocess.Popen([IPC_PATH, 'usr1-self']).wait()
    assert rc == 1

    Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGMISC)
    rc = subprocess.Popen([IPC_PATH, 'usr1-self']).wait()
    assert rc == -signal.SIGUSR1
コード例 #3
0
ファイル: policy.py プロジェクト: nam-jaehyun/bpfbox
 def load(self, policy: Policy):
     super().load(policy)
     state = self.calculate_state_number(policy)
     for target in self.target:
         Commands.add_ipc_rule(
             policy.profile,
             target,
             IPC_ACCESS.from_list(self.signal),
             BPFBOX_ACTION.from_list(self.action),
             state,
         )
コード例 #4
0
def test_ipc_check_target(bpf_program: BPFProgram, caplog):
    sleep_path = which('sleep')
    Commands.add_profile(IPC_PATH, False)
    Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT)

    target_pid = subprocess.Popen([sleep_path, '10']).pid
    rc = subprocess.Popen([IPC_PATH, 'check-target', str(target_pid)]).wait()
    assert rc == 1

    Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGCHECK)
    target_pid = subprocess.Popen([sleep_path, '10']).pid
    rc = subprocess.Popen([IPC_PATH, 'check-target', str(target_pid)]).wait()
    assert rc == 0
コード例 #5
0
ファイル: dsl.py プロジェクト: keyolk/bpfbox
 def __call__(self, profile: str) -> int:
     if self.other_exe == 'self':
         other_exe = profile
     else:
         other_exe = self.other_exe
     return Commands.add_ipc_rule(profile, other_exe, self.access,
                                  self.action)
コード例 #6
0
def test_ipc_stop_self(bpf_program: BPFProgram, caplog):
    Commands.add_profile(IPC_PATH, False)
    Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT)

    p = subprocess.Popen([IPC_PATH, 'stop-self'])
    try:
        rc = p.wait(1)
    except subprocess.TimeoutExpired:
        os.kill(p.pid, signal.SIGCONT)
        rc = p.wait(1)
    assert rc == 1

    Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGSTOP)
    p = subprocess.Popen([IPC_PATH, 'stop-self'])
    try:
        rc = p.wait(1)
    except subprocess.TimeoutExpired:
        os.kill(p.pid, signal.SIGCONT)
        rc = p.wait(1)
    assert rc == 0
コード例 #7
0
def test_ipc_stop_target(bpf_program: BPFProgram, caplog):
    sleep_path = which('sleep')
    Commands.add_profile(IPC_PATH, False)
    Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT)

    target_pid = subprocess.Popen([sleep_path, '10']).pid
    rc = subprocess.Popen([IPC_PATH, 'stop-target', str(target_pid)]).wait()
    try:
        os.kill(target_pid, signal.SIGCONT)
    except:
        pass
    assert rc == 1

    Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGSTOP)
    target_pid = subprocess.Popen([sleep_path, '10']).pid
    rc = subprocess.Popen([IPC_PATH, 'stop-target', str(target_pid)]).wait()
    try:
        os.kill(target_pid, signal.SIGCONT)
    except:
        pass
    assert rc == 0