summaryrefslogtreecommitdiffstats
path: root/tests/38-basic-pfc_coverage.pfc
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 17:09:30 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 17:09:30 +0000
commit81749f1fe87e489c4e2e7408a0fae9370c3810b3 (patch)
tree2d1345a5762855b6577495d90ac134c4e92d7ff8 /tests/38-basic-pfc_coverage.pfc
parentInitial commit. (diff)
downloadlibseccomp-81749f1fe87e489c4e2e7408a0fae9370c3810b3.tar.xz
libseccomp-81749f1fe87e489c4e2e7408a0fae9370c3810b3.zip
Adding upstream version 2.5.5.upstream/2.5.5upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--tests/38-basic-pfc_coverage.pfc668
1 files changed, 668 insertions, 0 deletions
diff --git a/tests/38-basic-pfc_coverage.pfc b/tests/38-basic-pfc_coverage.pfc
new file mode 100644
index 0000000..3109280
--- /dev/null
+++ b/tests/38-basic-pfc_coverage.pfc
@@ -0,0 +1,668 @@
+#
+# pseudo filter code start
+#
+# filter for arch x86_64 (3221225534)
+if ($arch == 3221225534)
+ # filter for syscall "exit_group" (231) [priority: 65535]
+ if ($syscall == 231)
+ action LOG;
+ # filter for syscall "exit" (60) [priority: 65535]
+ if ($syscall == 60)
+ action TRACE(1);
+ # filter for syscall "fstat" (5) [priority: 65535]
+ if ($syscall == 5)
+ action KILL_PROCESS;
+ # filter for syscall "close" (3) [priority: 65535]
+ if ($syscall == 3)
+ action ERRNO(1);
+ # filter for syscall "open" (2) [priority: 65535]
+ if ($syscall == 2)
+ action KILL;
+ # filter for syscall "write" (1) [priority: 65527]
+ if ($syscall == 1)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ # filter for syscall "read" (0) [priority: 65525]
+ if ($syscall == 0)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ if ($a1.hi32 > 0)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 >= 1)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# filter for arch x86 (1073741827)
+if ($arch == 1073741827)
+ # filter for syscall "exit_group" (252) [priority: 65535]
+ if ($syscall == 252)
+ action LOG;
+ # filter for syscall "fstat" (108) [priority: 65535]
+ if ($syscall == 108)
+ action KILL_PROCESS;
+ # filter for syscall "close" (6) [priority: 65535]
+ if ($syscall == 6)
+ action ERRNO(1);
+ # filter for syscall "open" (5) [priority: 65535]
+ if ($syscall == 5)
+ action KILL;
+ # filter for syscall "exit" (1) [priority: 65535]
+ if ($syscall == 1)
+ action TRACE(1);
+ # filter for syscall "write" (4) [priority: 65532]
+ if ($syscall == 4)
+ if ($a0 == 0)
+ else
+ if ($a1 > 1)
+ else
+ if ($a2 >= 2)
+ else
+ action TRAP;
+ # filter for syscall "read" (3) [priority: 65531]
+ if ($syscall == 3)
+ if ($a0 == 0)
+ if ($a1 >= 1)
+ if ($a2 > 2)
+ if ($a3 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# filter for arch x32 (3221225534)
+if ($arch == 3221225534)
+ # filter for syscall "exit_group" (1073742055) [priority: 65535]
+ if ($syscall == 1073742055)
+ action LOG;
+ # filter for syscall "exit" (1073741884) [priority: 65535]
+ if ($syscall == 1073741884)
+ action TRACE(1);
+ # filter for syscall "fstat" (1073741829) [priority: 65535]
+ if ($syscall == 1073741829)
+ action KILL_PROCESS;
+ # filter for syscall "close" (1073741827) [priority: 65535]
+ if ($syscall == 1073741827)
+ action ERRNO(1);
+ # filter for syscall "open" (1073741826) [priority: 65535]
+ if ($syscall == 1073741826)
+ action KILL;
+ # filter for syscall "write" (1073741825) [priority: 65532]
+ if ($syscall == 1073741825)
+ if ($a0 == 0)
+ else
+ if ($a1 > 1)
+ else
+ if ($a2 >= 2)
+ else
+ action TRAP;
+ # filter for syscall "read" (1073741824) [priority: 65531]
+ if ($syscall == 1073741824)
+ if ($a0 == 0)
+ if ($a1 >= 1)
+ if ($a2 > 2)
+ if ($a3 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# filter for arch arm (1073741864)
+if ($arch == 1073741864)
+ # filter for syscall "exit_group" (248) [priority: 65535]
+ if ($syscall == 248)
+ action LOG;
+ # filter for syscall "fstat" (108) [priority: 65535]
+ if ($syscall == 108)
+ action KILL_PROCESS;
+ # filter for syscall "close" (6) [priority: 65535]
+ if ($syscall == 6)
+ action ERRNO(1);
+ # filter for syscall "open" (5) [priority: 65535]
+ if ($syscall == 5)
+ action KILL;
+ # filter for syscall "exit" (1) [priority: 65535]
+ if ($syscall == 1)
+ action TRACE(1);
+ # filter for syscall "write" (4) [priority: 65532]
+ if ($syscall == 4)
+ if ($a0 == 0)
+ else
+ if ($a1 > 1)
+ else
+ if ($a2 >= 2)
+ else
+ action TRAP;
+ # filter for syscall "read" (3) [priority: 65531]
+ if ($syscall == 3)
+ if ($a0 == 0)
+ if ($a1 >= 1)
+ if ($a2 > 2)
+ if ($a3 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# filter for arch aarch64 (3221225655)
+if ($arch == 3221225655)
+ # filter for syscall "open" (4294957130) [priority: 65535]
+ if ($syscall == 4294957130)
+ action KILL;
+ # filter for syscall "exit_group" (94) [priority: 65535]
+ if ($syscall == 94)
+ action LOG;
+ # filter for syscall "exit" (93) [priority: 65535]
+ if ($syscall == 93)
+ action TRACE(1);
+ # filter for syscall "fstat" (80) [priority: 65535]
+ if ($syscall == 80)
+ action KILL_PROCESS;
+ # filter for syscall "close" (57) [priority: 65535]
+ if ($syscall == 57)
+ action ERRNO(1);
+ # filter for syscall "write" (64) [priority: 65527]
+ if ($syscall == 64)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ # filter for syscall "read" (63) [priority: 65525]
+ if ($syscall == 63)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ if ($a1.hi32 > 0)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 >= 1)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# filter for arch mipsel (1073741832)
+if ($arch == 1073741832)
+ # filter for syscall "exit_group" (4246) [priority: 65535]
+ if ($syscall == 4246)
+ action LOG;
+ # filter for syscall "fstat" (4108) [priority: 65535]
+ if ($syscall == 4108)
+ action KILL_PROCESS;
+ # filter for syscall "close" (4006) [priority: 65535]
+ if ($syscall == 4006)
+ action ERRNO(1);
+ # filter for syscall "open" (4005) [priority: 65535]
+ if ($syscall == 4005)
+ action KILL;
+ # filter for syscall "exit" (4001) [priority: 65535]
+ if ($syscall == 4001)
+ action TRACE(1);
+ # filter for syscall "write" (4004) [priority: 65532]
+ if ($syscall == 4004)
+ if ($a0 == 0)
+ else
+ if ($a1 > 1)
+ else
+ if ($a2 >= 2)
+ else
+ action TRAP;
+ # filter for syscall "read" (4003) [priority: 65531]
+ if ($syscall == 4003)
+ if ($a0 == 0)
+ if ($a1 >= 1)
+ if ($a2 > 2)
+ if ($a3 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# filter for arch mipsel64 (3221225480)
+if ($arch == 3221225480)
+ # filter for syscall "exit_group" (5205) [priority: 65535]
+ if ($syscall == 5205)
+ action LOG;
+ # filter for syscall "exit" (5058) [priority: 65535]
+ if ($syscall == 5058)
+ action TRACE(1);
+ # filter for syscall "fstat" (5005) [priority: 65535]
+ if ($syscall == 5005)
+ action KILL_PROCESS;
+ # filter for syscall "close" (5003) [priority: 65535]
+ if ($syscall == 5003)
+ action ERRNO(1);
+ # filter for syscall "open" (5002) [priority: 65535]
+ if ($syscall == 5002)
+ action KILL;
+ # filter for syscall "write" (5001) [priority: 65527]
+ if ($syscall == 5001)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ # filter for syscall "read" (5000) [priority: 65525]
+ if ($syscall == 5000)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ if ($a1.hi32 > 0)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 >= 1)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# filter for arch mipsel64n32 (3758096392)
+if ($arch == 3758096392)
+ # filter for syscall "exit_group" (6205) [priority: 65535]
+ if ($syscall == 6205)
+ action LOG;
+ # filter for syscall "exit" (6058) [priority: 65535]
+ if ($syscall == 6058)
+ action TRACE(1);
+ # filter for syscall "fstat" (6005) [priority: 65535]
+ if ($syscall == 6005)
+ action KILL_PROCESS;
+ # filter for syscall "close" (6003) [priority: 65535]
+ if ($syscall == 6003)
+ action ERRNO(1);
+ # filter for syscall "open" (6002) [priority: 65535]
+ if ($syscall == 6002)
+ action KILL;
+ # filter for syscall "write" (6001) [priority: 65532]
+ if ($syscall == 6001)
+ if ($a0 == 0)
+ else
+ if ($a1 > 1)
+ else
+ if ($a2 >= 2)
+ else
+ action TRAP;
+ # filter for syscall "read" (6000) [priority: 65531]
+ if ($syscall == 6000)
+ if ($a0 == 0)
+ if ($a1 >= 1)
+ if ($a2 > 2)
+ if ($a3 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# filter for arch ppc64le (3221225493)
+if ($arch == 3221225493)
+ # filter for syscall "exit_group" (234) [priority: 65535]
+ if ($syscall == 234)
+ action LOG;
+ # filter for syscall "fstat" (108) [priority: 65535]
+ if ($syscall == 108)
+ action KILL_PROCESS;
+ # filter for syscall "close" (6) [priority: 65535]
+ if ($syscall == 6)
+ action ERRNO(1);
+ # filter for syscall "open" (5) [priority: 65535]
+ if ($syscall == 5)
+ action KILL;
+ # filter for syscall "exit" (1) [priority: 65535]
+ if ($syscall == 1)
+ action TRACE(1);
+ # filter for syscall "write" (4) [priority: 65527]
+ if ($syscall == 4)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ # filter for syscall "read" (3) [priority: 65525]
+ if ($syscall == 3)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ if ($a1.hi32 > 0)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 >= 1)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# filter for arch riscv64 (3221225715)
+if ($arch == 3221225715)
+ # filter for syscall "open" (4294957130) [priority: 65535]
+ if ($syscall == 4294957130)
+ action KILL;
+ # filter for syscall "exit_group" (94) [priority: 65535]
+ if ($syscall == 94)
+ action LOG;
+ # filter for syscall "exit" (93) [priority: 65535]
+ if ($syscall == 93)
+ action TRACE(1);
+ # filter for syscall "fstat" (80) [priority: 65535]
+ if ($syscall == 80)
+ action KILL_PROCESS;
+ # filter for syscall "close" (57) [priority: 65535]
+ if ($syscall == 57)
+ action ERRNO(1);
+ # filter for syscall "write" (64) [priority: 65527]
+ if ($syscall == 64)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a1.hi32 > 0)
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 > 1)
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ else
+ if ($a2.hi32 > 0)
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 >= 2)
+ else
+ action TRAP;
+ else
+ action TRAP;
+ # filter for syscall "read" (63) [priority: 65525]
+ if ($syscall == 63)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 0)
+ if ($a1.hi32 > 0)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 >= 1)
+ if ($a2.hi32 > 0)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ else
+ if ($a2.hi32 == 0)
+ if ($a2.lo32 > 2)
+ if ($a3.hi32 & 0x00000000 == 0)
+ if ($a3.lo32 & 0x0000000f == 3)
+ action KILL;
+ # default action
+ action ALLOW;
+# invalid architecture action
+action KILL;
+#
+# pseudo filter code end
+#
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-03 11:51:34 +0000