summaryrefslogtreecommitdiffstats
path: root/tests/55-basic-pfc_binary_tree.pfc
diff options
context:
space:
mode:
Diffstat (limited to 'tests/55-basic-pfc_binary_tree.pfc')
-rw-r--r--tests/55-basic-pfc_binary_tree.pfc182
1 files changed, 182 insertions, 0 deletions
diff --git a/tests/55-basic-pfc_binary_tree.pfc b/tests/55-basic-pfc_binary_tree.pfc
new file mode 100644
index 0000000..ba3244c
--- /dev/null
+++ b/tests/55-basic-pfc_binary_tree.pfc
@@ -0,0 +1,182 @@
+#
+# pseudo filter code start
+#
+# filter for arch x86_64 (3221225534)
+if ($arch == 3221225534)
+ if ($syscall > 2)
+ if ($syscall > 10)
+ if ($syscall > 14)
+ # filter for syscall "pwrite64" (18) [priority: 65531]
+ if ($syscall == 18)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 107)
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 == 108)
+ action ERRNO(18);
+ # filter for syscall "pread64" (17) [priority: 65533]
+ if ($syscall == 17)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 106)
+ action ERRNO(17);
+ # filter for syscall "ioctl" (16) [priority: 65535]
+ if ($syscall == 16)
+ action ERRNO(16);
+ # filter for syscall "rt_sigreturn" (15) [priority: 65535]
+ if ($syscall == 15)
+ action ERRNO(15);
+ else # ($syscall <= 14)
+ # filter for syscall "rt_sigprocmask" (14) [priority: 65535]
+ if ($syscall == 14)
+ action ERRNO(14);
+ # filter for syscall "rt_sigaction" (13) [priority: 65535]
+ if ($syscall == 13)
+ action ERRNO(13);
+ # filter for syscall "brk" (12) [priority: 65535]
+ if ($syscall == 12)
+ action ERRNO(12);
+ # filter for syscall "munmap" (11) [priority: 65535]
+ if ($syscall == 11)
+ action ERRNO(11);
+ else # ($syscall <= 10)
+ if ($syscall > 6)
+ # filter for syscall "mprotect" (10) [priority: 65533]
+ if ($syscall == 10)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 105)
+ action ERRNO(10);
+ # filter for syscall "mmap" (9) [priority: 65535]
+ if ($syscall == 9)
+ action ERRNO(9);
+ # filter for syscall "lseek" (8) [priority: 65533]
+ if ($syscall == 8)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 104)
+ action ERRNO(8);
+ # filter for syscall "poll" (7) [priority: 65535]
+ if ($syscall == 7)
+ action ERRNO(7);
+ else # ($syscall <= 6)
+ # filter for syscall "lstat" (6) [priority: 65535]
+ if ($syscall == 6)
+ action ERRNO(6);
+ # filter for syscall "fstat" (5) [priority: 65533]
+ if ($syscall == 5)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 103)
+ action ERRNO(5);
+ # filter for syscall "stat" (4) [priority: 65535]
+ if ($syscall == 4)
+ action ERRNO(4);
+ # filter for syscall "close" (3) [priority: 65535]
+ if ($syscall == 3)
+ action ERRNO(3);
+ else # ($syscall <= 2)
+ # filter for syscall "open" (2) [priority: 65535]
+ if ($syscall == 2)
+ action ERRNO(2);
+ # filter for syscall "write" (1) [priority: 65533]
+ if ($syscall == 1)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 102)
+ action ERRNO(1);
+ # filter for syscall "read" (0) [priority: 65531]
+ if ($syscall == 0)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 100)
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 == 101)
+ action ERRNO(0);
+ # default action
+ action ALLOW;
+# filter for arch aarch64 (3221225655)
+if ($arch == 3221225655)
+ if ($syscall > 62)
+ if ($syscall > 139)
+ if ($syscall > 226)
+ # filter for syscall "lstat" (4294957133) [priority: 65535]
+ if ($syscall == 4294957133)
+ action ERRNO(6);
+ # filter for syscall "open" (4294957130) [priority: 65535]
+ if ($syscall == 4294957130)
+ action ERRNO(2);
+ # filter for syscall "poll" (4294957127) [priority: 65535]
+ if ($syscall == 4294957127)
+ action ERRNO(7);
+ # filter for syscall "stat" (4294957122) [priority: 65535]
+ if ($syscall == 4294957122)
+ action ERRNO(4);
+ else # ($syscall <= 226)
+ # filter for syscall "mprotect" (226) [priority: 65533]
+ if ($syscall == 226)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 105)
+ action ERRNO(10);
+ # filter for syscall "mmap" (222) [priority: 65535]
+ if ($syscall == 222)
+ action ERRNO(9);
+ # filter for syscall "munmap" (215) [priority: 65535]
+ if ($syscall == 215)
+ action ERRNO(11);
+ # filter for syscall "brk" (214) [priority: 65535]
+ if ($syscall == 214)
+ action ERRNO(12);
+ else # ($syscall <= 139)
+ if ($syscall > 68)
+ # filter for syscall "rt_sigreturn" (139) [priority: 65535]
+ if ($syscall == 139)
+ action ERRNO(15);
+ # filter for syscall "rt_sigprocmask" (135) [priority: 65535]
+ if ($syscall == 135)
+ action ERRNO(14);
+ # filter for syscall "rt_sigaction" (134) [priority: 65535]
+ if ($syscall == 134)
+ action ERRNO(13);
+ # filter for syscall "fstat" (80) [priority: 65533]
+ if ($syscall == 80)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 103)
+ action ERRNO(5);
+ else # ($syscall <= 68)
+ # filter for syscall "pwrite64" (68) [priority: 65531]
+ if ($syscall == 68)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 107)
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 == 108)
+ action ERRNO(18);
+ # filter for syscall "pread64" (67) [priority: 65533]
+ if ($syscall == 67)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 106)
+ action ERRNO(17);
+ # filter for syscall "write" (64) [priority: 65533]
+ if ($syscall == 64)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 102)
+ action ERRNO(1);
+ # filter for syscall "read" (63) [priority: 65531]
+ if ($syscall == 63)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 100)
+ if ($a1.hi32 == 0)
+ if ($a1.lo32 == 101)
+ action ERRNO(0);
+ else # ($syscall <= 62)
+ # filter for syscall "lseek" (62) [priority: 65533]
+ if ($syscall == 62)
+ if ($a0.hi32 == 0)
+ if ($a0.lo32 == 104)
+ action ERRNO(8);
+ # filter for syscall "close" (57) [priority: 65535]
+ if ($syscall == 57)
+ action ERRNO(3);
+ # filter for syscall "ioctl" (29) [priority: 65535]
+ if ($syscall == 29)
+ action ERRNO(16);
+ # default action
+ action ALLOW;
+# invalid architecture action
+action KILL;
+#
+# pseudo filter code end
+#
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-23 19:25:11 +0000