diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 17:09:30 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-15 17:09:30 +0000 |
commit | 81749f1fe87e489c4e2e7408a0fae9370c3810b3 (patch) | |
tree | 2d1345a5762855b6577495d90ac134c4e92d7ff8 /tests/55-basic-pfc_binary_tree.pfc | |
parent | Initial commit. (diff) | |
download | libseccomp-81749f1fe87e489c4e2e7408a0fae9370c3810b3.tar.xz libseccomp-81749f1fe87e489c4e2e7408a0fae9370c3810b3.zip |
Adding upstream version 2.5.5.upstream/2.5.5upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'tests/55-basic-pfc_binary_tree.pfc')
-rw-r--r-- | tests/55-basic-pfc_binary_tree.pfc | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/tests/55-basic-pfc_binary_tree.pfc b/tests/55-basic-pfc_binary_tree.pfc new file mode 100644 index 0000000..ba3244c --- /dev/null +++ b/tests/55-basic-pfc_binary_tree.pfc @@ -0,0 +1,182 @@ +# +# pseudo filter code start +# +# filter for arch x86_64 (3221225534) +if ($arch == 3221225534) + if ($syscall > 2) + if ($syscall > 10) + if ($syscall > 14) + # filter for syscall "pwrite64" (18) [priority: 65531] + if ($syscall == 18) + if ($a0.hi32 == 0) + if ($a0.lo32 == 107) + if ($a1.hi32 == 0) + if ($a1.lo32 == 108) + action ERRNO(18); + # filter for syscall "pread64" (17) [priority: 65533] + if ($syscall == 17) + if ($a0.hi32 == 0) + if ($a0.lo32 == 106) + action ERRNO(17); + # filter for syscall "ioctl" (16) [priority: 65535] + if ($syscall == 16) + action ERRNO(16); + # filter for syscall "rt_sigreturn" (15) [priority: 65535] + if ($syscall == 15) + action ERRNO(15); + else # ($syscall <= 14) + # filter for syscall "rt_sigprocmask" (14) [priority: 65535] + if ($syscall == 14) + action ERRNO(14); + # filter for syscall "rt_sigaction" (13) [priority: 65535] + if ($syscall == 13) + action ERRNO(13); + # filter for syscall "brk" (12) [priority: 65535] + if ($syscall == 12) + action ERRNO(12); + # filter for syscall "munmap" (11) [priority: 65535] + if ($syscall == 11) + action ERRNO(11); + else # ($syscall <= 10) + if ($syscall > 6) + # filter for syscall "mprotect" (10) [priority: 65533] + if ($syscall == 10) + if ($a0.hi32 == 0) + if ($a0.lo32 == 105) + action ERRNO(10); + # filter for syscall "mmap" (9) [priority: 65535] + if ($syscall == 9) + action ERRNO(9); + # filter for syscall "lseek" (8) [priority: 65533] + if ($syscall == 8) + if ($a0.hi32 == 0) + if ($a0.lo32 == 104) + action ERRNO(8); + # filter for syscall "poll" (7) [priority: 65535] + if ($syscall == 7) + action ERRNO(7); + else # ($syscall <= 6) + # filter for syscall "lstat" (6) [priority: 65535] + if ($syscall == 6) + action ERRNO(6); + # filter for syscall "fstat" (5) [priority: 65533] + if ($syscall == 5) + if ($a0.hi32 == 0) + if ($a0.lo32 == 103) + action ERRNO(5); + # filter for syscall "stat" (4) [priority: 65535] + if ($syscall == 4) + action ERRNO(4); + # filter for syscall "close" (3) [priority: 65535] + if ($syscall == 3) + action ERRNO(3); + else # ($syscall <= 2) + # filter for syscall "open" (2) [priority: 65535] + if ($syscall == 2) + action ERRNO(2); + # filter for syscall "write" (1) [priority: 65533] + if ($syscall == 1) + if ($a0.hi32 == 0) + if ($a0.lo32 == 102) + action ERRNO(1); + # filter for syscall "read" (0) [priority: 65531] + if ($syscall == 0) + if ($a0.hi32 == 0) + if ($a0.lo32 == 100) + if ($a1.hi32 == 0) + if ($a1.lo32 == 101) + action ERRNO(0); + # default action + action ALLOW; +# filter for arch aarch64 (3221225655) +if ($arch == 3221225655) + if ($syscall > 62) + if ($syscall > 139) + if ($syscall > 226) + # filter for syscall "lstat" (4294957133) [priority: 65535] + if ($syscall == 4294957133) + action ERRNO(6); + # filter for syscall "open" (4294957130) [priority: 65535] + if ($syscall == 4294957130) + action ERRNO(2); + # filter for syscall "poll" (4294957127) [priority: 65535] + if ($syscall == 4294957127) + action ERRNO(7); + # filter for syscall "stat" (4294957122) [priority: 65535] + if ($syscall == 4294957122) + action ERRNO(4); + else # ($syscall <= 226) + # filter for syscall "mprotect" (226) [priority: 65533] + if ($syscall == 226) + if ($a0.hi32 == 0) + if ($a0.lo32 == 105) + action ERRNO(10); + # filter for syscall "mmap" (222) [priority: 65535] + if ($syscall == 222) + action ERRNO(9); + # filter for syscall "munmap" (215) [priority: 65535] + if ($syscall == 215) + action ERRNO(11); + # filter for syscall "brk" (214) [priority: 65535] + if ($syscall == 214) + action ERRNO(12); + else # ($syscall <= 139) + if ($syscall > 68) + # filter for syscall "rt_sigreturn" (139) [priority: 65535] + if ($syscall == 139) + action ERRNO(15); + # filter for syscall "rt_sigprocmask" (135) [priority: 65535] + if ($syscall == 135) + action ERRNO(14); + # filter for syscall "rt_sigaction" (134) [priority: 65535] + if ($syscall == 134) + action ERRNO(13); + # filter for syscall "fstat" (80) [priority: 65533] + if ($syscall == 80) + if ($a0.hi32 == 0) + if ($a0.lo32 == 103) + action ERRNO(5); + else # ($syscall <= 68) + # filter for syscall "pwrite64" (68) [priority: 65531] + if ($syscall == 68) + if ($a0.hi32 == 0) + if ($a0.lo32 == 107) + if ($a1.hi32 == 0) + if ($a1.lo32 == 108) + action ERRNO(18); + # filter for syscall "pread64" (67) [priority: 65533] + if ($syscall == 67) + if ($a0.hi32 == 0) + if ($a0.lo32 == 106) + action ERRNO(17); + # filter for syscall "write" (64) [priority: 65533] + if ($syscall == 64) + if ($a0.hi32 == 0) + if ($a0.lo32 == 102) + action ERRNO(1); + # filter for syscall "read" (63) [priority: 65531] + if ($syscall == 63) + if ($a0.hi32 == 0) + if ($a0.lo32 == 100) + if ($a1.hi32 == 0) + if ($a1.lo32 == 101) + action ERRNO(0); + else # ($syscall <= 62) + # filter for syscall "lseek" (62) [priority: 65533] + if ($syscall == 62) + if ($a0.hi32 == 0) + if ($a0.lo32 == 104) + action ERRNO(8); + # filter for syscall "close" (57) [priority: 65535] + if ($syscall == 57) + action ERRNO(3); + # filter for syscall "ioctl" (29) [priority: 65535] + if ($syscall == 29) + action ERRNO(16); + # default action + action ALLOW; +# invalid architecture action +action KILL; +# +# pseudo filter code end +# |