Albert S. crtxcr

0 Followers · 0 Following

• https://quitesimple.org
• Joined on 2020-04-10

Repositories

23

Projects Packages Public Activity Starred Repositories

crtxcr pushed to master at crtxcr/exile.h 2021-09-06 21:57:53 +02:00

215032f32c enable_no_fs(): Fix corresponding test by adding missing default policy

411e00715d Rename qssb_append_default_syscall_policy() to better distinguish it from qssb_append_syscall_default_policy()

8a9b1730de test: Remove argc,argv from tests as there was no use for them

b2b501d97e test: Refactor: Put seccomp tests into child processes ; Simplfy .sh

26f391f736 test: implement test_seccomp_errno()

Compare 5 commits »

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-09-06 21:53:44 +02:00

215032f32c enable_no_fs(): Fix corresponding test by adding missing default policy

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-09-05 17:24:45 +02:00

411e00715d Rename qssb_append_default_syscall_policy() to better distinguish it from qssb_append_syscall_default_policy()

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-09-05 17:14:13 +02:00

8a9b1730de test: Remove argc,argv from tests as there was no use for them

b2b501d97e test: Refactor: Put seccomp tests into child processes ; Simplfy .sh

26f391f736 test: implement test_seccomp_errno()

68fd1a0a87 test: test_seccomp_blacklisted_call_permitted(): Add missing default policy

b0d0beab22 README.md: Update

Compare 5 commits »

crtxcr closed issue crtxcr/exile.h#15 2021-09-05 17:09:05 +02:00

test.sh is too shaky with seccomp

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-09-05 16:53:42 +02:00

91a9b778eb test: Remove argc,argv from tests as there was no use for them

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-09-05 16:51:02 +02:00

91ae11bd0a test: Refactor: Put seccomp tests into child processes ; Simplfy .sh

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-09-05 12:32:24 +02:00

83487c1699 test: implement test_seccomp_errno()

430044bb95 test: test_seccomp_blacklisted_call_permitted(): Add missing default policy

443203aac4 README.md: Update

da19843875 test: Add test ensuring seccomp ends with default rule, minor fixes

Compare 4 commits »

crtxcr synced commits to master at crtxcr/hs9001 from mirror 2021-08-19 22:24:56 +02:00

3a6a1b2aa9 bash-ctrlr: Improve reverse bash search performance

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-08-16 23:34:07 +02:00

89c5496fab README.md: Update

f79e3f42c4 test: Add test ensuring seccomp adds with default rule, minor fixes

06218966ac check_policy_sanity(): Add syscall policy checks

18940b312c test.sh: Log exit code, print yes/no instead of 1/0

Compare 4 commits »

crtxcr opened issue crtxcr/exile.h#15 2021-08-16 23:22:42 +02:00

test.sh is too shaky with seccomp

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-08-15 19:00:01 +02:00

b6c3171619 fixup! WIP! Rewrite syscall policy logic

8f222d93a0 fixup! policy: Add disable_syscall_filter policy. Add defaults only on enable.

ad9afc6de4 fixup! policy: Add disable_syscall_filter policy. Add defaults only on enable.

0f9bf246a9 policy: Add disable_syscall_filter policy. Add defaults only on enable.

b2a0c1f39d qssb_entry_append(): Check for overflow

Compare 8 commits »

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-08-12 22:01:40 +02:00

a0d2cbd895 WIP! Rewrite syscall policy logic

crtxcr opened issue crtxcr/exile.h#14 2021-08-12 12:48:48 +02:00

seccomp: support Deny -> Permit -> Default Deny

crtxcr created pull request crtxcr/exile.h#13 2021-08-12 12:31:00 +02:00

WIP/fixbpf

crtxcr closed pull request crtxcr/exile.h#11 2021-08-12 12:30:41 +02:00

WIP/nofs

crtxcr opened issue crtxcr/exile.h#12 2021-08-12 12:30:15 +02:00

Allow x32 system calls

crtxcr created branch WIP/fixbpf in crtxcr/exile.h 2021-08-12 12:29:34 +02:00

crtxcr pushed to WIP/fixbpf at crtxcr/exile.h 2021-08-12 12:29:34 +02:00

51844ea3ab bpf: Deny x32 system calls for now

66c6d28dcd bpf: Check arch value

5cd45c09b7 bpf: Use SECCOMP_RET_KILL_PROCESS instead SECCOMP_RET_KILL

Compare 3 commits »

crtxcr pushed to master at crtxcr/exile.h 2021-08-12 11:38:45 +02:00

fa06287b13 Use new qssb_append_*_syscall functions, remove old fields

68694723fe Begin qssb_append_*_syscall family of functions

4a4d551e75 Introduce "no_fs" and "no_new_fd" options.

Compare 3 commits »