diff options
author | Paul Moore <paul@paul-moore.com> | 2021-08-03 14:12:50 -0400 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2021-08-12 12:30:43 -0400 |
commit | fcc601279004a7f4c2f6ebf766acb4556b0f5e65 (patch) | |
tree | 74c69d88f74c74c5a7fa7bb5e63db387cf7c946f /tests/38-basic-pfc_coverage.pfc | |
parent | 17cbd2c253ce63e5e9e3cec867ff58efbe8b5fdc (diff) | |
download | libseccomp-fcc601279004a7f4c2f6ebf766acb4556b0f5e65.tar.gz |
tests: various additions to improve code coverage
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'tests/38-basic-pfc_coverage.pfc')
-rw-r--r-- | tests/38-basic-pfc_coverage.pfc | 569 |
1 files changed, 569 insertions, 0 deletions
diff --git a/tests/38-basic-pfc_coverage.pfc b/tests/38-basic-pfc_coverage.pfc index 8d3c53b..450401f 100644 --- a/tests/38-basic-pfc_coverage.pfc +++ b/tests/38-basic-pfc_coverage.pfc @@ -3,6 +3,9 @@ # # filter for arch x86_64 (3221225534) if ($arch == 3221225534) + # filter for syscall "exit_group" (231) [priority: 65535] + if ($syscall == 231) + action LOG; # filter for syscall "exit" (60) [priority: 65535] if ($syscall == 60) action TRACE(1); @@ -97,6 +100,9 @@ if ($arch == 3221225534) action ALLOW; # filter for arch x86 (1073741827) if ($arch == 1073741827) + # filter for syscall "exit_group" (252) [priority: 65535] + if ($syscall == 252) + action LOG; # filter for syscall "fstat" (108) [priority: 65535] if ($syscall == 108) action KILL_PROCESS; @@ -127,6 +133,569 @@ if ($arch == 1073741827) action KILL; # default action action ALLOW; +# filter for arch x32 (3221225534) +if ($arch == 3221225534) + # filter for syscall "exit_group" (1073742055) [priority: 65535] + if ($syscall == 1073742055) + action LOG; + # filter for syscall "exit" (1073741884) [priority: 65535] + if ($syscall == 1073741884) + action TRACE(1); + # filter for syscall "fstat" (1073741829) [priority: 65535] + if ($syscall == 1073741829) + action KILL_PROCESS; + # filter for syscall "close" (1073741827) [priority: 65535] + if ($syscall == 1073741827) + action ERRNO(1); + # filter for syscall "open" (1073741826) [priority: 65535] + if ($syscall == 1073741826) + action KILL; + # filter for syscall "write" (1073741825) [priority: 65532] + if ($syscall == 1073741825) + if ($a0 == 0) + else + if ($a1 > 1) + else + if ($a2 >= 2) + else + action TRAP; + # filter for syscall "read" (1073741824) [priority: 65531] + if ($syscall == 1073741824) + if ($a0 == 0) + if ($a1 >= 1) + if ($a2 > 2) + if ($a3 & 0x0000000f == 3) + action KILL; + # default action + action ALLOW; +# filter for arch arm (1073741864) +if ($arch == 1073741864) + # filter for syscall "exit_group" (248) [priority: 65535] + if ($syscall == 248) + action LOG; + # filter for syscall "fstat" (108) [priority: 65535] + if ($syscall == 108) + action KILL_PROCESS; + # filter for syscall "close" (6) [priority: 65535] + if ($syscall == 6) + action ERRNO(1); + # filter for syscall "open" (5) [priority: 65535] + if ($syscall == 5) + action KILL; + # filter for syscall "exit" (1) [priority: 65535] + if ($syscall == 1) + action TRACE(1); + # filter for syscall "write" (4) [priority: 65532] + if ($syscall == 4) + if ($a0 == 0) + else + if ($a1 > 1) + else + if ($a2 >= 2) + else + action TRAP; + # filter for syscall "read" (3) [priority: 65531] + if ($syscall == 3) + if ($a0 == 0) + if ($a1 >= 1) + if ($a2 > 2) + if ($a3 & 0x0000000f == 3) + action KILL; + # default action + action ALLOW; +# filter for arch aarch64 (3221225655) +if ($arch == 3221225655) + # filter for syscall "open" (4294957130) [priority: 65535] + if ($syscall == 4294957130) + action KILL; + # filter for syscall "exit_group" (94) [priority: 65535] + if ($syscall == 94) + action LOG; + # filter for syscall "exit" (93) [priority: 65535] + if ($syscall == 93) + action TRACE(1); + # filter for syscall "fstat" (80) [priority: 65535] + if ($syscall == 80) + action KILL_PROCESS; + # filter for syscall "close" (57) [priority: 65535] + if ($syscall == 57) + action ERRNO(1); + # filter for syscall "write" (64) [priority: 65527] + if ($syscall == 64) + if ($a0.hi32 == 0) + if ($a0.lo32 == 0) + else + if ($a1.hi32 > 0) + else + if ($a1.hi32 == 0) + if ($a1.lo32 > 1) + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a1.hi32 > 0) + else + if ($a1.hi32 == 0) + if ($a1.lo32 > 1) + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + # filter for syscall "read" (63) [priority: 65525] + if ($syscall == 63) + if ($a0.hi32 == 0) + if ($a0.lo32 == 0) + if ($a1.hi32 > 0) + if ($a2.hi32 > 0) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a2.hi32 == 0) + if ($a2.lo32 > 2) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a1.hi32 == 0) + if ($a1.lo32 >= 1) + if ($a2.hi32 > 0) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a2.hi32 == 0) + if ($a2.lo32 > 2) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + # default action + action ALLOW; +# filter for arch mipsel (1073741832) +if ($arch == 1073741832) + # filter for syscall "exit_group" (246) [priority: 65535] + if ($syscall == 246) + action LOG; + # filter for syscall "fstat" (108) [priority: 65535] + if ($syscall == 108) + action KILL_PROCESS; + # filter for syscall "close" (6) [priority: 65535] + if ($syscall == 6) + action ERRNO(1); + # filter for syscall "open" (5) [priority: 65535] + if ($syscall == 5) + action KILL; + # filter for syscall "exit" (1) [priority: 65535] + if ($syscall == 1) + action TRACE(1); + # filter for syscall "write" (4) [priority: 65532] + if ($syscall == 4) + if ($a0 == 0) + else + if ($a1 > 1) + else + if ($a2 >= 2) + else + action TRAP; + # filter for syscall "read" (3) [priority: 65531] + if ($syscall == 3) + if ($a0 == 0) + if ($a1 >= 1) + if ($a2 > 2) + if ($a3 & 0x0000000f == 3) + action KILL; + # default action + action ALLOW; +# filter for arch mipsel64 (3221225480) +if ($arch == 3221225480) + # filter for syscall "exit_group" (5205) [priority: 65535] + if ($syscall == 5205) + action LOG; + # filter for syscall "exit" (5058) [priority: 65535] + if ($syscall == 5058) + action TRACE(1); + # filter for syscall "fstat" (5005) [priority: 65535] + if ($syscall == 5005) + action KILL_PROCESS; + # filter for syscall "close" (5003) [priority: 65535] + if ($syscall == 5003) + action ERRNO(1); + # filter for syscall "open" (5002) [priority: 65535] + if ($syscall == 5002) + action KILL; + # filter for syscall "write" (5001) [priority: 65527] + if ($syscall == 5001) + if ($a0.hi32 == 0) + if ($a0.lo32 == 0) + else + if ($a1.hi32 > 0) + else + if ($a1.hi32 == 0) + if ($a1.lo32 > 1) + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a1.hi32 > 0) + else + if ($a1.hi32 == 0) + if ($a1.lo32 > 1) + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + # filter for syscall "read" (5000) [priority: 65525] + if ($syscall == 5000) + if ($a0.hi32 == 0) + if ($a0.lo32 == 0) + if ($a1.hi32 > 0) + if ($a2.hi32 > 0) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a2.hi32 == 0) + if ($a2.lo32 > 2) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a1.hi32 == 0) + if ($a1.lo32 >= 1) + if ($a2.hi32 > 0) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a2.hi32 == 0) + if ($a2.lo32 > 2) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + # default action + action ALLOW; +# filter for arch mipsel64n32 (3758096392) +if ($arch == 3758096392) + # filter for syscall "exit_group" (6205) [priority: 65535] + if ($syscall == 6205) + action LOG; + # filter for syscall "exit" (6058) [priority: 65535] + if ($syscall == 6058) + action TRACE(1); + # filter for syscall "fstat" (6005) [priority: 65535] + if ($syscall == 6005) + action KILL_PROCESS; + # filter for syscall "close" (6003) [priority: 65535] + if ($syscall == 6003) + action ERRNO(1); + # filter for syscall "open" (6002) [priority: 65535] + if ($syscall == 6002) + action KILL; + # filter for syscall "write" (6001) [priority: 65532] + if ($syscall == 6001) + if ($a0 == 0) + else + if ($a1 > 1) + else + if ($a2 >= 2) + else + action TRAP; + # filter for syscall "read" (6000) [priority: 65531] + if ($syscall == 6000) + if ($a0 == 0) + if ($a1 >= 1) + if ($a2 > 2) + if ($a3 & 0x0000000f == 3) + action KILL; + # default action + action ALLOW; +# filter for arch ppc64le (3221225493) +if ($arch == 3221225493) + # filter for syscall "exit_group" (234) [priority: 65535] + if ($syscall == 234) + action LOG; + # filter for syscall "fstat" (108) [priority: 65535] + if ($syscall == 108) + action KILL_PROCESS; + # filter for syscall "close" (6) [priority: 65535] + if ($syscall == 6) + action ERRNO(1); + # filter for syscall "open" (5) [priority: 65535] + if ($syscall == 5) + action KILL; + # filter for syscall "exit" (1) [priority: 65535] + if ($syscall == 1) + action TRACE(1); + # filter for syscall "write" (4) [priority: 65527] + if ($syscall == 4) + if ($a0.hi32 == 0) + if ($a0.lo32 == 0) + else + if ($a1.hi32 > 0) + else + if ($a1.hi32 == 0) + if ($a1.lo32 > 1) + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a1.hi32 > 0) + else + if ($a1.hi32 == 0) + if ($a1.lo32 > 1) + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + # filter for syscall "read" (3) [priority: 65525] + if ($syscall == 3) + if ($a0.hi32 == 0) + if ($a0.lo32 == 0) + if ($a1.hi32 > 0) + if ($a2.hi32 > 0) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a2.hi32 == 0) + if ($a2.lo32 > 2) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a1.hi32 == 0) + if ($a1.lo32 >= 1) + if ($a2.hi32 > 0) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a2.hi32 == 0) + if ($a2.lo32 > 2) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + # default action + action ALLOW; +# filter for arch sh (1073741866) +if ($arch == 1073741866) + # filter for syscall "exit_group" (252) [priority: 65535] + if ($syscall == 252) + action LOG; + # filter for syscall "fstat" (108) [priority: 65535] + if ($syscall == 108) + action KILL_PROCESS; + # filter for syscall "close" (6) [priority: 65535] + if ($syscall == 6) + action ERRNO(1); + # filter for syscall "open" (5) [priority: 65535] + if ($syscall == 5) + action KILL; + # filter for syscall "exit" (1) [priority: 65535] + if ($syscall == 1) + action TRACE(1); + # filter for syscall "write" (4) [priority: 65532] + if ($syscall == 4) + if ($a0 == 0) + else + if ($a1 > 1) + else + if ($a2 >= 2) + else + action TRAP; + # filter for syscall "read" (3) [priority: 65531] + if ($syscall == 3) + if ($a0 == 0) + if ($a1 >= 1) + if ($a2 > 2) + if ($a3 & 0x0000000f == 3) + action KILL; + # default action + action ALLOW; +# filter for arch riscv64 (3221225715) +if ($arch == 3221225715) + # filter for syscall "open" (4294957130) [priority: 65535] + if ($syscall == 4294957130) + action KILL; + # filter for syscall "exit_group" (94) [priority: 65535] + if ($syscall == 94) + action LOG; + # filter for syscall "exit" (93) [priority: 65535] + if ($syscall == 93) + action TRACE(1); + # filter for syscall "fstat" (80) [priority: 65535] + if ($syscall == 80) + action KILL_PROCESS; + # filter for syscall "close" (57) [priority: 65535] + if ($syscall == 57) + action ERRNO(1); + # filter for syscall "write" (64) [priority: 65527] + if ($syscall == 64) + if ($a0.hi32 == 0) + if ($a0.lo32 == 0) + else + if ($a1.hi32 > 0) + else + if ($a1.hi32 == 0) + if ($a1.lo32 > 1) + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a1.hi32 > 0) + else + if ($a1.hi32 == 0) + if ($a1.lo32 > 1) + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + else + if ($a2.hi32 > 0) + else + if ($a2.hi32 == 0) + if ($a2.lo32 >= 2) + else + action TRAP; + else + action TRAP; + # filter for syscall "read" (63) [priority: 65525] + if ($syscall == 63) + if ($a0.hi32 == 0) + if ($a0.lo32 == 0) + if ($a1.hi32 > 0) + if ($a2.hi32 > 0) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a2.hi32 == 0) + if ($a2.lo32 > 2) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a1.hi32 == 0) + if ($a1.lo32 >= 1) + if ($a2.hi32 > 0) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + else + if ($a2.hi32 == 0) + if ($a2.lo32 > 2) + if ($a3.hi32 & 0x00000000 == 0) + if ($a3.lo32 & 0x0000000f == 3) + action KILL; + # default action + action ALLOW; # invalid architecture action action KILL; # |