-
Notifications
You must be signed in to change notification settings - Fork 16
/
Copy pathseccomp.py
executable file
·78 lines (61 loc) · 2.52 KB
/
seccomp.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
import os, sys, subprocess, signal
import json
SECCOMP_PROFILE = ('{"defaultAction": "SCMP_ACT_ALLOW",'
'"architectures": ['
'"SCMP_ARCH_X86_64",'
'"SCMP_ARCH_X86",'
'"SCMP_ARCH_X32"],'
'"syscalls": []}'
)
SECCOMP_PROFILE_WL = ('{"defaultAction": "SCMP_ACT_ERRNO",'
'"architectures": ['
'"SCMP_ARCH_X86_64",'
'"SCMP_ARCH_X86",'
'"SCMP_ARCH_X32"],'
'"syscalls": []}'
)
class Seccomp():
"""
This class can be used to create a graph and run DFS and BFS on it
"""
def __init__(self, logger):
self.logger = logger
def loadDefaultTemplate(self):
return json.loads(SECCOMP_PROFILE)
def loadDefaultTemplateWl(self):
return json.loads(SECCOMP_PROFILE_WL)
def loadTemplate(self, profilePath):
try:
myProfile = open(profilePath, 'r')
myProfileStr = myProfile.read()
result = json.loads(myProfileStr)
except Exception as e:
self.logger.warning("Trying to load old profile from: %s, but doesn't exist: %s", profilePath, str(e))
result = ""
return result
def syscallTemplateWl(self):
return json.loads('{"name": "","action": "SCMP_ACT_ALLOW","args": []}')
def createProfile(self, syscalls):
template = self.loadDefaultTemplate() # load json as dict
nameList = json.loads('{ "names": [], "action": "SCMP_ACT_ERRNO"}')
nameList["names"] = syscalls
template["syscalls"].append(nameList)
return json.dumps(template, indent=4)
def createProfileWhitelist(self, syscalls):
template = self.loadDefaultTemplateWl() # load json as dict
for call in syscalls:
newsyscall = self.syscallTemplateWl()
newsyscall["name"] = call
template["syscalls"].append(newsyscall)
return json.dumps(template, indent=4)
def createProfileWithOld(self, profilePath, syscalls):
self.logger.debug("createProfileWithOld called with profilePath: %s", profilePath)
if ( self.loadTemplate(profilePath) == "" ): # load json as dict
return self.createProfile(syscalls)
newTemplate = self.loadDefaultTemplate()
for syscallItem in oldTemplate["syscalls"]:
if ( syscallItem["name"] in syscalls ):
newsyscall = self.syscallTemplate()
newsyscall["name"] = syscallItem["name"]
newTemplate["syscalls"].append(newsyscall)
return json.dumps(newTemplate, indent=4)