def test_ls(policy_parser: PolicyParser, setup_testdir):
ls = which('ls')
text = """
#![profile '%s']
fs('%s', read|exec)
fs('/etc/ld.so.cache', read|exec|getattr)
fs('/usr/lib/ld-2.31.so', read|exec|getattr)
fs('/lib64/ld-linux-x86-64.so.2', read)
fs('/usr/lib/libcap.so.2', read|exec|getattr)
fs('/usr/lib/libc.so.6', read|exec|getattr)
fs('/usr/lib/locale/locale-archive', read|getattr)
fs('/usr/share', exec)
fs('/proc', exec)
fs('/tmp/bpfbox', read|exec|getattr)
fs('/tmp/bpfbox/a', getattr)
fs('/tmp/bpfbox/b', getattr)
fs('/tmp/bpfbox/c', getattr)
fs('/tmp/bpfbox/d', getattr)
proc('/usr/bin/ls', getattr)
""" % (ls, ls)
policy_parser.process_policy_text(text)
out = subprocess.check_output([ls, '/tmp/bpfbox']).decode('utf-8')
assert out.strip() == '\n'.join(sorted(os.listdir('/tmp/bpfbox')))
def test_procfs_other_process(bpf_program: BPFProgram, caplog, setup_testdir):
sleep_path = which('sleep')
Commands.add_profile(OPEN_PATH, False)
Commands.add_fs_rule(OPEN_PATH, '/tmp/bpfbox/a', FS_ACCESS.READ, BPFBOX_ACTION.TAINT)
Commands.add_fs_rule(OPEN_PATH, '/proc', FS_ACCESS.EXEC)
Commands.add_procfs_rule(OPEN_PATH, sleep_path, FS_ACCESS.READ | FS_ACCESS.EXEC)
subprocess.check_call([OPEN_PATH, 'proc-self'])
sleep_pid = subprocess.Popen([sleep_path, '10']).pid
subprocess.check_call([OPEN_PATH, 'proc-other', str(sleep_pid)])
def test_ipc_check_target(bpf_program: BPFProgram, caplog):
sleep_path = which('sleep')
Commands.add_profile(IPC_PATH, False)
Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT)
target_pid = subprocess.Popen([sleep_path, '10']).pid
rc = subprocess.Popen([IPC_PATH, 'check-target', str(target_pid)]).wait()
assert rc == 1
Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGCHECK)
target_pid = subprocess.Popen([sleep_path, '10']).pid
rc = subprocess.Popen([IPC_PATH, 'check-target', str(target_pid)]).wait()
assert rc == 0
def test_ipc_policy(policy_parser: PolicyParser, setup_testdir):
sleep_path = which('sleep')
text = """
#![profile '%s']
#[taint]
signal(self, sigcheck)
signal('%s', sigkill)
""" % (IPC_PATH, sleep_path)
policy_parser.process_policy_text(text)
target_pid = subprocess.Popen([sleep_path, '10']).pid
rc = subprocess.Popen([IPC_PATH, 'kill-target', str(target_pid)]).wait()
assert rc == 0
def test_open_procfs_rules(policy_parser: PolicyParser, setup_testdir):
sleep_path = which('sleep')
text = """
#![profile '%s']
#[taint]
fs('/tmp/bpfbox/a', read)
fs('/proc', exec)
proc('%s', read|exec)
""" % (OPEN_PATH, sleep_path)
policy_parser.process_policy_text(text)
# /proc/self should always work
subprocess.check_call([OPEN_PATH, 'proc-self'])
sleep_pid = subprocess.Popen([sleep_path, '10']).pid
subprocess.check_call([OPEN_PATH, 'proc-other', str(sleep_pid)])
def test_ipc_stop_target(bpf_program: BPFProgram, caplog):
sleep_path = which('sleep')
Commands.add_profile(IPC_PATH, False)
Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT)
target_pid = subprocess.Popen([sleep_path, '10']).pid
rc = subprocess.Popen([IPC_PATH, 'stop-target', str(target_pid)]).wait()
try:
os.kill(target_pid, signal.SIGCONT)
except:
pass
assert rc == 1
Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGSTOP)
target_pid = subprocess.Popen([sleep_path, '10']).pid
rc = subprocess.Popen([IPC_PATH, 'stop-target', str(target_pid)]).wait()
try:
os.kill(target_pid, signal.SIGCONT)
except:
pass
assert rc == 0
def test_open_proc_other_not_allowed(policy_parser: PolicyParser,
setup_testdir):
sleep_path = which('sleep')
text = """
#![profile '%s']
#[taint]
fs('/tmp/bpfbox/a', read)
fs('/proc', exec)
""" % (OPEN_PATH)
policy_parser.process_policy_text(text)
# /proc/self should always work
subprocess.check_call([OPEN_PATH, 'proc-self'])
sleep_pid = subprocess.Popen([sleep_path, '10']).pid
with pytest.raises(subprocess.CalledProcessError):
subprocess.check_call([OPEN_PATH, 'proc-other', str(sleep_pid)])
rc = subprocess.Popen([IPC_PATH, 'kill-self']).wait()
assert rc == -signal.SIGKILL
def test_ipc_kill_self(bpf_program: BPFProgram, caplog):
Commands.add_profile(IPC_PATH, False)
Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT)
rc = subprocess.Popen([IPC_PATH, 'kill-self']).wait()
assert rc == 1
Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGKILL)
rc = subprocess.Popen([IPC_PATH, 'kill-self']).wait()
assert rc == -signal.SIGKILL
@pytest.mark.skipif(not which('sleep'), reason='sleep not found on system')
def test_ipc_kill_target(bpf_program: BPFProgram, caplog):
sleep_path = which('sleep')
Commands.add_profile(IPC_PATH, False)
Commands.add_ipc_rule(IPC_PATH, IPC_PATH, IPC_ACCESS.SIGCHECK, BPFBOX_ACTION.TAINT)
target_pid = subprocess.Popen([sleep_path, '10']).pid
rc = subprocess.Popen([IPC_PATH, 'kill-target', str(target_pid)]).wait()
assert rc == 1
Commands.add_ipc_rule(IPC_PATH, sleep_path, IPC_ACCESS.SIGKILL)
target_pid = subprocess.Popen([sleep_path, '10']).pid
rc = subprocess.Popen([IPC_PATH, 'kill-target', str(target_pid)]).wait()
assert rc == 0
