/**< wstawianie elementów do Drzewa AVL za https://www.geeksforgeeks.org/insertion-in-an-avl-tree
przechodzenie drzewa levelorder za https://www.interviewbit.com/blog/level-order-traversal/#1-c-implementation
reszta moja
*/
#include <iostream>
#include <fstream>
#include <vector>
#include <queue>
#include <algorithm>
#include <sys/syscall.h>
using namespace std;
struct SyscallStruct{
string name;
int number;
};
struct SyscallNode
{
int number;
int left = -1;
int right = -1;
};
vector<SyscallStruct> syscalls ({{"__NR_read", __NR_read}, {"__NR_write", __NR_write}, {"__NR_open", __NR_open}, {"__NR_close", __NR_close}, {"__NR_stat", __NR_stat}, {"__NR_fstat", __NR_fstat}, {"__NR_lstat", __NR_lstat}, {"__NR_poll", __NR_poll}, {"__NR_lseek", __NR_lseek}, {"__NR_mmap", __NR_mmap}, {"__NR_mprotect", __NR_mprotect}, {"__NR_munmap", __NR_munmap}, {"__NR_brk", __NR_brk}, {"__NR_rt_sigaction", __NR_rt_sigaction}, {"__NR_rt_sigprocmask", __NR_rt_sigprocmask}, {"__NR_rt_sigreturn", __NR_rt_sigreturn}, {"__NR_ioctl", __NR_ioctl}, {"__NR_pread64", __NR_pread64}, {"__NR_pwrite64", __NR_pwrite64}, {"__NR_readv", __NR_readv}, {"__NR_writev", __NR_writev}, {"__NR_access", __NR_access}, {"__NR_pipe", __NR_pipe}, {"__NR_select", __NR_select}, {"__NR_sched_yield", __NR_sched_yield}, {"__NR_mremap", __NR_mremap}, {"__NR_msync", __NR_msync}, {"__NR_mincore", __NR_mincore}, {"__NR_madvise", __NR_madvise}, {"__NR_shmget", __NR_shmget}, {"__NR_shmat", __NR_shmat}, {"__NR_shmctl", __NR_shmctl}, {"__NR_dup", __NR_dup}, {"__NR_dup2", __NR_dup2}, {"__NR_pause", __NR_pause}, {"__NR_nanosleep", __NR_nanosleep}, {"__NR_getitimer", __NR_getitimer}, {"__NR_alarm", __NR_alarm}, {"__NR_setitimer", __NR_setitimer}, {"__NR_getpid", __NR_getpid}, {"__NR_sendfile", __NR_sendfile}, {"__NR_socket", __NR_socket}, {"__NR_connect", __NR_connect}, {"__NR_accept", __NR_accept}, {"__NR_sendto", __NR_sendto}, {"__NR_recvfrom", __NR_recvfrom}, {"__NR_sendmsg", __NR_sendmsg}, {"__NR_recvmsg", __NR_recvmsg}, {"__NR_shutdown", __NR_shutdown}, {"__NR_bind", __NR_bind}, {"__NR_listen", __NR_listen}, {"__NR_getsockname", __NR_getsockname}, {"__NR_getpeername", __NR_getpeername}, {"__NR_socketpair", __NR_socketpair}, {"__NR_setsockopt", __NR_setsockopt}, {"__NR_getsockopt", __NR_getsockopt}, {"__NR_clone", __NR_clone}, {"__NR_fork", __NR_fork}, {"__NR_vfork", __NR_vfork}, {"__NR_execve", __NR_execve}, {"__NR_exit", __NR_exit}, {"__NR_wait4", __NR_wait4}, {"__NR_kill", __NR_kill}, {"__NR_uname", __NR_uname}, {"__NR_semget", __NR_semget}, {"__NR_semop", __NR_semop}, {"__NR_semctl", __NR_semctl}, {"__NR_shmdt", __NR_shmdt}, {"__NR_msgget", __NR_msgget}, {"__NR_msgsnd", __NR_msgsnd}, {"__NR_msgrcv", __NR_msgrcv}, {"__NR_msgctl", __NR_msgctl}, {"__NR_fcntl", __NR_fcntl}, {"__NR_flock", __NR_flock}, {"__NR_fsync", __NR_fsync}, {"__NR_fdatasync", __NR_fdatasync}, {"__NR_truncate", __NR_truncate}, {"__NR_ftruncate", __NR_ftruncate}, {"__NR_getdents", __NR_getdents}, {"__NR_getcwd", __NR_getcwd}, {"__NR_chdir", __NR_chdir}, {"__NR_fchdir", __NR_fchdir}, {"__NR_rename", __NR_rename}, {"__NR_mkdir", __NR_mkdir}, {"__NR_rmdir", __NR_rmdir}, {"__NR_creat", __NR_creat}, {"__NR_link", __NR_link}, {"__NR_unlink", __NR_unlink}, {"__NR_symlink", __NR_symlink}, {"__NR_readlink", __NR_readlink}, {"__NR_chmod", __NR_chmod}, {"__NR_fchmod", __NR_fchmod}, {"__NR_chown", __NR_chown}, {"__NR_fchown", __NR_fchown}, {"__NR_lchown", __NR_lchown}, {"__NR_umask", __NR_umask}, {"__NR_gettimeofday", __NR_gettimeofday}, {"__NR_getrlimit", __NR_getrlimit}, {"__NR_getrusage", __NR_getrusage}, {"__NR_sysinfo", __NR_sysinfo}, {"__NR_times", __NR_times}, {"__NR_ptrace", __NR_ptrace}, {"__NR_getuid", __NR_getuid}, {"__NR_syslog", __NR_syslog}, {"__NR_getgid", __NR_getgid}, {"__NR_setuid", __NR_setuid}, {"__NR_setgid", __NR_setgid}, {"__NR_geteuid", __NR_geteuid}, {"__NR_getegid", __NR_getegid}, {"__NR_setpgid", __NR_setpgid}, {"__NR_getppid", __NR_getppid}, {"__NR_getpgrp", __NR_getpgrp}, {"__NR_setsid", __NR_setsid}, {"__NR_setreuid", __NR_setreuid}, {"__NR_setregid", __NR_setregid}, {"__NR_getgroups", __NR_getgroups}, {"__NR_setgroups", __NR_setgroups}, {"__NR_setresuid", __NR_setresuid}, {"__NR_getresuid", __NR_getresuid}, {"__NR_setresgid", __NR_setresgid}, {"__NR_getresgid", __NR_getresgid}, {"__NR_getpgid", __NR_getpgid}, {"__NR_setfsuid", __NR_setfsuid}, {"__NR_setfsgid", __NR_setfsgid}, {"__NR_getsid", __NR_getsid}, {"__NR_capget", __NR_capget}, {"__NR_capset", __NR_capset}, {"__NR_rt_sigpending", __NR_rt_sigpending}, {"__NR_rt_sigtimedwait", __NR_rt_sigtimedwait}, {"__NR_rt_sigqueueinfo", __NR_rt_sigqueueinfo}, {"__NR_rt_sigsuspend", __NR_rt_sigsuspend}, {"__NR_sigaltstack", __NR_sigaltstack}, {"__NR_utime", __NR_utime}, {"__NR_mknod", __NR_mknod}, {"__NR_uselib", __NR_uselib}, {"__NR_personality", __NR_personality}, {"__NR_ustat", __NR_ustat}, {"__NR_statfs", __NR_statfs}, {"__NR_fstatfs", __NR_fstatfs}, {"__NR_sysfs", __NR_sysfs}, {"__NR_getpriority", __NR_getpriority}, {"__NR_setpriority", __NR_setpriority}, {"__NR_sched_setparam", __NR_sched_setparam}, {"__NR_sched_getparam", __NR_sched_getparam}, {"__NR_sched_setscheduler", __NR_sched_setscheduler}, {"__NR_sched_getscheduler", __NR_sched_getscheduler}, {"__NR_sched_get_priority_max", __NR_sched_get_priority_max}, {"__NR_sched_get_priority_min", __NR_sched_get_priority_min}, {"__NR_sched_rr_get_interval", __NR_sched_rr_get_interval}, {"__NR_mlock", __NR_mlock}, {"__NR_munlock", __NR_munlock}, {"__NR_mlockall", __NR_mlockall}, {"__NR_munlockall", __NR_munlockall}, {"__NR_vhangup", __NR_vhangup}, {"__NR_modify_ldt", __NR_modify_ldt}, {"__NR_pivot_root", __NR_pivot_root}, {"__NR__sysctl", __NR__sysctl}, {"__NR_prctl", __NR_prctl}, {"__NR_arch_prctl", __NR_arch_prctl}, {"__NR_adjtimex", __NR_adjtimex}, {"__NR_setrlimit", __NR_setrlimit}, {"__NR_chroot", __NR_chroot}, {"__NR_sync", __NR_sync}, {"__NR_acct", __NR_acct}, {"__NR_settimeofday", __NR_settimeofday}, {"__NR_mount", __NR_mount}, {"__NR_umount2", __NR_umount2}, {"__NR_swapon", __NR_swapon}, {"__NR_swapoff", __NR_swapoff}, {"__NR_reboot", __NR_reboot}, {"__NR_sethostname", __NR_sethostname}, {"__NR_setdomainname", __NR_setdomainname}, {"__NR_iopl", __NR_iopl}, {"__NR_ioperm", __NR_ioperm}, {"__NR_create_module", __NR_create_module}, {"__NR_init_module", __NR_init_module}, {"__NR_delete_module", __NR_delete_module}, {"__NR_get_kernel_syms", __NR_get_kernel_syms}, {"__NR_query_module", __NR_query_module}, {"__NR_quotactl", __NR_quotactl}, {"__NR_nfsservctl", __NR_nfsservctl}, {"__NR_getpmsg", __NR_getpmsg}, {"__NR_putpmsg", __NR_putpmsg}, {"__NR_afs_syscall", __NR_afs_syscall}, {"__NR_tuxcall", __NR_tuxcall}, {"__NR_security", __NR_security}, {"__NR_gettid", __NR_gettid}, {"__NR_readahead", __NR_readahead}, {"__NR_setxattr", __NR_setxattr}, {"__NR_lsetxattr", __NR_lsetxattr}, {"__NR_fsetxattr", __NR_fsetxattr}, {"__NR_getxattr", __NR_getxattr}, {"__NR_lgetxattr", __NR_lgetxattr}, {"__NR_fgetxattr", __NR_fgetxattr}, {"__NR_listxattr", __NR_listxattr}, {"__NR_llistxattr", __NR_llistxattr}, {"__NR_flistxattr", __NR_flistxattr}, {"__NR_removexattr", __NR_removexattr}, {"__NR_lremovexattr", __NR_lremovexattr}, {"__NR_fremovexattr", __NR_fremovexattr}, {"__NR_tkill", __NR_tkill}, {"__NR_time", __NR_time}, {"__NR_futex", __NR_futex}, {"__NR_sched_setaffinity", __NR_sched_setaffinity}, {"__NR_sched_getaffinity", __NR_sched_getaffinity}, {"__NR_set_thread_area", __NR_set_thread_area}, {"__NR_io_setup", __NR_io_setup}, {"__NR_io_destroy", __NR_io_destroy}, {"__NR_io_getevents", __NR_io_getevents}, {"__NR_io_submit", __NR_io_submit}, {"__NR_io_cancel", __NR_io_cancel}, {"__NR_get_thread_area", __NR_get_thread_area}, {"__NR_lookup_dcookie", __NR_lookup_dcookie}, {"__NR_epoll_create", __NR_epoll_create}, {"__NR_epoll_ctl_old", __NR_epoll_ctl_old}, {"__NR_epoll_wait_old", __NR_epoll_wait_old}, {"__NR_remap_file_pages", __NR_remap_file_pages}, {"__NR_getdents64", __NR_getdents64}, {"__NR_set_tid_address", __NR_set_tid_address}, {"__NR_restart_syscall", __NR_restart_syscall}, {"__NR_semtimedop", __NR_semtimedop}, {"__NR_fadvise64", __NR_fadvise64}, {"__NR_timer_create", __NR_timer_create}, {"__NR_timer_settime", __NR_timer_settime}, {"__NR_timer_gettime", __NR_timer_gettime}, {"__NR_timer_getoverrun", __NR_timer_getoverrun}, {"__NR_timer_delete", __NR_timer_delete}, {"__NR_clock_settime", __NR_clock_settime}, {"__NR_clock_gettime", __NR_clock_gettime}, {"__NR_clock_getres", __NR_clock_getres}, {"__NR_clock_nanosleep", __NR_clock_nanosleep}, {"__NR_exit_group", __NR_exit_group}, {"__NR_epoll_wait", __NR_epoll_wait}, {"__NR_epoll_ctl", __NR_epoll_ctl}, {"__NR_tgkill", __NR_tgkill}, {"__NR_utimes", __NR_utimes}, {"__NR_vserver", __NR_vserver}, {"__NR_mbind", __NR_mbind}, {"__NR_set_mempolicy", __NR_set_mempolicy}, {"__NR_get_mempolicy", __NR_get_mempolicy}, {"__NR_mq_open", __NR_mq_open}, {"__NR_mq_unlink", __NR_mq_unlink}, {"__NR_mq_timedsend", __NR_mq_timedsend}, {"__NR_mq_timedreceive", __NR_mq_timedreceive}, {"__NR_mq_notify", __NR_mq_notify}, {"__NR_mq_getsetattr", __NR_mq_getsetattr}, {"__NR_kexec_load", __NR_kexec_load}, {"__NR_waitid", __NR_waitid}, {"__NR_add_key", __NR_add_key}, {"__NR_request_key", __NR_request_key}, {"__NR_keyctl", __NR_keyctl}, {"__NR_ioprio_set", __NR_ioprio_set}, {"__NR_ioprio_get", __NR_ioprio_get}, {"__NR_inotify_init", __NR_inotify_init}, {"__NR_inotify_add_watch", __NR_inotify_add_watch}, {"__NR_inotify_rm_watch", __NR_inotify_rm_watch}, {"__NR_migrate_pages", __NR_migrate_pages}, {"__NR_openat", __NR_openat}, {"__NR_mkdirat", __NR_mkdirat}, {"__NR_mknodat", __NR_mknodat}, {"__NR_fchownat", __NR_fchownat}, {"__NR_futimesat", __NR_futimesat}, {"__NR_newfstatat", __NR_newfstatat}, {"__NR_unlinkat", __NR_unlinkat}, {"__NR_renameat", __NR_renameat}, {"__NR_linkat", __NR_linkat}, {"__NR_symlinkat", __NR_symlinkat}, {"__NR_readlinkat", __NR_readlinkat}, {"__NR_fchmodat", __NR_fchmodat}, {"__NR_faccessat", __NR_faccessat}, {"__NR_pselect6", __NR_pselect6}, {"__NR_ppoll", __NR_ppoll}, {"__NR_unshare", __NR_unshare}, {"__NR_set_robust_list", __NR_set_robust_list}, {"__NR_get_robust_list", __NR_get_robust_list}, {"__NR_splice", __NR_splice}, {"__NR_tee", __NR_tee}, {"__NR_sync_file_range", __NR_sync_file_range}, {"__NR_vmsplice", __NR_vmsplice}, {"__NR_move_pages", __NR_move_pages}, {"__NR_utimensat", __NR_utimensat}, {"__NR_epoll_pwait", __NR_epoll_pwait}, {"__NR_signalfd", __NR_signalfd}, {"__NR_timerfd_create", __NR_timerfd_create}, {"__NR_eventfd", __NR_eventfd}, {"__NR_fallocate", __NR_fallocate}, {"__NR_timerfd_settime", __NR_timerfd_settime}, {"__NR_timerfd_gettime", __NR_timerfd_gettime}, {"__NR_accept4", __NR_accept4}, {"__NR_signalfd4", __NR_signalfd4}, {"__NR_eventfd2", __NR_eventfd2}, {"__NR_epoll_create1", __NR_epoll_create1}, {"__NR_dup3", __NR_dup3}, {"__NR_pipe2", __NR_pipe2}, {"__NR_inotify_init1", __NR_inotify_init1}, {"__NR_preadv", __NR_preadv}, {"__NR_pwritev", __NR_pwritev}, {"__NR_rt_tgsigqueueinfo", __NR_rt_tgsigqueueinfo}, {"__NR_perf_event_open", __NR_perf_event_open}, {"__NR_recvmmsg", __NR_recvmmsg}, {"__NR_fanotify_init", __NR_fanotify_init}, {"__NR_fanotify_mark", __NR_fanotify_mark}, {"__NR_prlimit64", __NR_prlimit64}, {"__NR_name_to_handle_at", __NR_name_to_handle_at}, {"__NR_open_by_handle_at", __NR_open_by_handle_at}, {"__NR_clock_adjtime", __NR_clock_adjtime}, {"__NR_syncfs", __NR_syncfs}, {"__NR_sendmmsg", __NR_sendmmsg}, {"__NR_setns", __NR_setns}, {"__NR_getcpu", __NR_getcpu}, {"__NR_process_vm_readv", __NR_process_vm_readv}, {"__NR_process_vm_writev", __NR_process_vm_writev}, {"__NR_kcmp", __NR_kcmp}, {"__NR_finit_module", __NR_finit_module}, {"__NR_sched_setattr", __NR_sched_setattr}, {"__NR_sched_getattr", __NR_sched_getattr}, {"__NR_renameat2", __NR_renameat2}, {"__NR_seccomp", __NR_seccomp}, {"__NR_getrandom", __NR_getrandom}, {"__NR_memfd_create", __NR_memfd_create}, {"__NR_kexec_file_load", __NR_kexec_file_load}, {"__NR_bpf", __NR_bpf}, {"__NR_execveat", __NR_execveat}, {"__NR_userfaultfd", __NR_userfaultfd}, {"__NR_membarrier", __NR_membarrier}, {"__NR_mlock2", __NR_mlock2}, {"__NR_copy_file_range", __NR_copy_file_range}, {"__NR_preadv2", __NR_preadv2}, {"__NR_pwritev2", __NR_pwritev2}, {"__NR_pkey_mprotect", __NR_pkey_mprotect}, {"__NR_pkey_alloc", __NR_pkey_alloc}, {"__NR_pkey_free", __NR_pkey_free}, {"__NR_statx", __NR_statx}, {"__NR_io_pgetevents", __NR_io_pgetevents}, {"__NR_rseq", __NR_rseq}, {"__NR_pidfd_send_signal", __NR_pidfd_send_signal}, {"__NR_io_uring_setup", __NR_io_uring_setup}, {"__NR_io_uring_enter", __NR_io_uring_enter}, {"__NR_io_uring_register", __NR_io_uring_register}, {"__NR_open_tree", __NR_open_tree}, {"__NR_move_mount", __NR_move_mount}, {"__NR_fsopen", __NR_fsopen}, {"__NR_fsconfig", __NR_fsconfig}, {"__NR_fsmount", __NR_fsmount}, {"__NR_fspick", __NR_fspick}, {"__NR_pidfd_open", __NR_pidfd_open}, {"__NR_clone3", __NR_clone3}, {"__NR_close_range", __NR_close_range}, {"__NR_openat2", __NR_openat2}, {"__NR_pidfd_getfd", __NR_pidfd_getfd}, {"__NR_faccessat2", __NR_faccessat2}, {"__NR_process_madvise", __NR_process_madvise}, {"__NR_epoll_pwait2", __NR_epoll_pwait2}, {"__NR_mount_setattr", __NR_mount_setattr}, {"__NR_landlock_create_ruleset", __NR_landlock_create_ruleset}, {"__NR_landlock_add_rule", __NR_landlock_add_rule}, {"__NR_landlock_restrict_self", __NR_landlock_restrict_self}});
SyscallNode * syscallsArray;
int instructionsNumber = 0;
// An AVL tree node
struct Node
{
int number;
struct Node *left;
struct Node *right;
int height;
};
// A utility function to get the height of the tree
int height(struct Node *N)
{
if (N == NULL)
return 0;
return N->height;
}
// A utility function to get maximum of two integers
int max(int a, int b)
{
return (a > b)? a : b;
}
/* Helper function that allocates a new node with the given number and
NULL left and right pointers. */
struct Node* newNode(int number)
{
struct Node* node = (struct Node*)
malloc(sizeof(struct Node));
node->number = number;
node->left = NULL;
node->right = NULL;
node->height = 1; // new node is initially added at leaf
return(node);
}
// A utility function to right rotate subtree rooted with y
// See the diagram given above.
struct Node *rightRotate(struct Node *y)
{
struct Node *x = y->left;
struct Node *T2 = x->right;
// Perform rotation
x->right = y;
y->left = T2;
// Update heights
y->height = max(height(y->left),
height(y->right)) + 1;
x->height = max(height(x->left),
height(x->right)) + 1;
// Return new root
return x;
}
// A utility function to left rotate subtree rooted with x
// See the diagram given above.
struct Node *leftRotate(struct Node *x)
{
struct Node *y = x->right;
struct Node *T2 = y->left;
// Perform rotation
y->left = x;
x->right = T2;
// Update heights
x->height = max(height(x->left),
height(x->right)) + 1;
y->height = max(height(y->left),
height(y->right)) + 1;
// Return new root
return y;
}
// Get Balance factor of node N
int getBalance(struct Node *N)
{
if (N == NULL)
return 0;
return height(N->left) - height(N->right);
}
// Recursive function to insert a number in the subtree rooted
// with node and returns the new root of the subtree.
struct Node* insert(struct Node* node, int number)
{
/* 1. Perform the normal BST insertion */
if (node == NULL)
return(newNode(number));
if (number < node->number)
node->left = insert(node->left, number);
else if (number > node->number)
node->right = insert(node->right, number);
else // Equal numbers are not allowed in BST
return node;
/* 2. Update height of this ancestor node */
node->height = 1 + max(height(node->left),
height(node->right));
/* 3. Get the balance factor of this ancestor
node to check whether this node became
unbalanced */
int balance = getBalance(node);
// If this node becomes unbalanced, then
// there are 4 cases
// Left Left Case
if (balance > 1 && number < node->left->number)
return rightRotate(node);
// Right Right Case
if (balance < -1 && number > node->right->number)
return leftRotate(node);
// Left Right Case
if (balance > 1 && number > node->left->number)
{
node->left = leftRotate(node->left);
return rightRotate(node);
}
// Right Left Case
if (balance < -1 && number < node->right->number)
{
node->right = rightRotate(node->right);
return leftRotate(node);
}
/* return the (unchanged) node pointer */
return node;
}
int height1(struct Node* node)
{
if (node == NULL)
return 0;
else {
// Compute the height of each subtree
int lheight = height1(node->left);
int rheight = height1(node->right);
// Use the larger one
if (lheight > rheight)
return (lheight + 1);
else
return (rheight + 1);
}
}
void LevelOrder(Node * root) {
static int index = 0;
if (root == NULL) return;
queue < Node * > q;
q.push(root);
while (q.empty() == false) {
Node * node = q.front();
q.pop();
bool hasChild = false;
if (node -> left != NULL){
q.push(node -> left);
syscallsArray[index].left = node -> left -> number;
hasChild = true;
}
if (node -> right != NULL){
q.push(node -> right);
syscallsArray[index].right = node -> right -> number;
hasChild = true;
}
syscallsArray[index].number = node -> number;
if (hasChild){
instructionsNumber++;
}
instructionsNumber++;
index++;
}
}
bool comparison (SyscallStruct i, SyscallStruct j)
{
return i.number<j.number;
}
bool getAnswer(string question){
string answer;
while (true){
getline(cin, answer);
if (answer.empty()){
return true;
}
else if (answer.size()==1){
switch (answer[0]){
case 'Y':
case 'y':
return true;
break;
case 'N':
case 'n':
return false;
default:
cout<<question;
}
}
else{
cout<<question;
}
}
}
int main()
{
struct Node *root = NULL;
string inputFilePath;
cout<<"Enter the path to the input file: ";
getline(cin, inputFilePath);
ifstream inputFile(inputFilePath);
if(!inputFile){
cout<<"Couldn't find input file."<<endl;
return 1;
}
string outputFilePath;
cout<<"Enter the path to the output file: ";
getline(cin, outputFilePath);
ofstream outputFile(outputFilePath);
if(!outputFile){
cout<<"Output file couldn't be created."<<endl;
return 1;
}
cout<<"Do you want to use whitelist mode? Y/n: ";
bool whiteListMode = getAnswer("Wrong answer. Try again... Do you want to use whitelist mode? Y/n: ");
string currentSyscall;
sort(syscalls.begin(),syscalls.end(), comparison);
int systemcallsSize = end(syscalls)-begin(syscalls);
int syscallsNumber = 0;
while (getline(inputFile, currentSyscall)){
int i = 0;
for (; i < systemcallsSize; i++){
if ("__NR_"+currentSyscall==syscalls[i].name){
root = insert(root, syscalls[i].number);
break;
}
}
if (i == systemcallsSize){
cout<<"couldn't find "<<currentSyscall<<". Continue? Y/n: ";
if(! getAnswer("Wrong answer. Try again... Continue? Y/n: ")){
return 1;
}
}
else{
syscallsNumber++;
}
}
inputFile.close();
syscallsArray = new SyscallNode[syscallsNumber];
LevelOrder(root);
outputFile<<"BPF_STMT(BPF_LD + BPF_W + BPF_ABS, (offsetof(struct seccomp_data, arch))),"<<endl;
outputFile<<"BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, AUDIT_ARCH_X86_64, 0, "<<instructionsNumber+1<<"),"<<endl;
outputFile<<"BPF_STMT(BPF_LD + BPF_W + BPF_ABS, (offsetof(struct seccomp_data, nr))),"<<endl;
int j;
int k;
for (int i = 0; i < syscallsNumber; i++){
int distance = 0;
if (syscallsArray[i].left!=-1 && syscallsArray[i].right!=-1){
j = i;
while (syscallsArray[i].left!=syscallsArray[++j].number){
distance++;
if (syscallsArray[j].right!=-1 || syscallsArray[j].left!=-1){
distance++;
}
}
k = syscallsArray[i].number+1>systemcallsSize?systemcallsSize:syscallsArray[i].number + 1;
while (syscallsArray[i].number!=syscalls[--k].number);
outputFile<<"BPF_JUMP ( BPF_JMP | BPF_JGE | BPF_K, "<<syscalls[k].name<<", "<<0<<", "<<distance+1<<"),"<<endl;
instructionsNumber--;
do{
distance++;
if (syscallsArray[j].right!=-1 || syscallsArray[j].left!=-1){
distance++;
}
}
while (syscallsArray[i].right!=syscallsArray[++j].number);
outputFile<<"BPF_JUMP ( BPF_JMP | BPF_JEQ | BPF_K, "<<syscalls[k].name<<", "<<instructionsNumber<<", "<<distance<<"),"<<endl;
instructionsNumber--;
}
else if (syscallsArray[i].left!=-1 && syscallsArray[i].right==-1){
j = i;
while (syscallsArray[i].left!=syscallsArray[++j].number){
distance++;
if (syscallsArray[j].right!=-1 || syscallsArray[j].left!=-1){
distance++;
}
}
k = syscallsArray[i].number+1>systemcallsSize?systemcallsSize:syscallsArray[i].number + 1;
while (syscallsArray[i].number!=syscalls[--k].number);
outputFile<<"BPF_JUMP ( BPF_JMP | BPF_JGE | BPF_K, "<<syscalls[k].name<<", "<<0<<", "<<distance+1<<"),"<<endl;
instructionsNumber--;
outputFile<<"BPF_JUMP ( BPF_JMP | BPF_JEQ | BPF_K, "<<syscalls[k].name<<", "<<instructionsNumber<<", "<<instructionsNumber-1<<"),"<<endl;
instructionsNumber--;
}
else if(syscallsArray[i].left==-1 && syscallsArray[i].right!=-1){
k = syscallsArray[i].number+1>systemcallsSize?systemcallsSize:syscallsArray[i].number + 1;
while (syscallsArray[i].number!=syscalls[--k].number);
outputFile<<"BPF_JUMP ( BPF_JMP | BPF_JGE | BPF_K, "<<syscalls[k].name<<", "<<0<<", "<<instructionsNumber-1<<"),"<<endl;
instructionsNumber--;
j = i;
while (syscallsArray[i].right!=syscallsArray[++j].number){
distance++;
if (syscallsArray[j].right!=-1 || syscallsArray[j].left!=-1){
distance++;
}
}
outputFile<<"BPF_JUMP ( BPF_JMP | BPF_JEQ | BPF_K, "<<syscalls[k].name<<", "<<instructionsNumber<<", "<<distance<<"),"<<endl;
instructionsNumber--;
}
else{
k = syscallsArray[i].number+1>systemcallsSize?systemcallsSize:syscallsArray[i].number + 1;
while (syscallsArray[i].number!=syscalls[--k].number);
outputFile<<"BPF_JUMP ( BPF_JMP | BPF_JEQ | BPF_K, "<<syscalls[k].name<<", "<<instructionsNumber<<", "<<instructionsNumber-1<<"),"<<endl;
instructionsNumber--;
}
}
if(whiteListMode){
outputFile<<"BPF_STMT(BPF_RET + BPF_K, SECCOMP_RET_ERRNO | (EPERM & SECCOMP_RET_DATA)),"<<endl;
outputFile<<"BPF_STMT(BPF_RET + BPF_K, SECCOMP_RET_ALLOW),"<<endl;
}
else{
outputFile<<"BPF_STMT(BPF_RET + BPF_K, SECCOMP_RET_ALLOW),"<<endl;
outputFile<<"BPF_STMT(BPF_RET + BPF_K, SECCOMP_RET_ERRNO | (EPERM & SECCOMP_RET_DATA)),"<<endl;
}
outputFile.close();
delete[] syscallsArray;
syscallsArray = nullptr;
cout<<"Seccomp filter created."<<endl;
return 0;
}
Źródło:
Pobierz program!
