I hereby claim:
- I am fbs on github.
- I am fbs (https://keybase.io/fbs) on keybase.
- I have a public key ASBXpZb9ymk2rtP89nvu2R1T9Rsools_Ub-vNzMopv-nWgo
To claim this, I am signing this object:
#define RESET "\033[0m" | |
#define RED "\033[31m" | |
#define GREEN "\033[32m" | |
#define YELLOW "\033[33m" | |
#define BRED "\033[41m" | |
#define TIME strftime("%H:%M:%S", nsecs) | |
BEGIN { |
#include <linux/skbuff.h> | |
#include <uapi/linux/if_ether.h> | |
#include <uapi/linux/if_arp.h> | |
#include <net/neighbour.h> | |
// lacking a nice macaddress printer :( | |
struct mac { | |
char common[3]; | |
char h1; | |
char h2; |
diff --git a/src/ast/semantic_analyser.cpp b/src/ast/semantic_analyser.cpp | |
index cb637ca..baa4b11 100644 | |
--- a/src/ast/semantic_analyser.cpp | |
+++ b/src/ast/semantic_analyser.cpp | |
@@ -1026,8 +1026,29 @@ void SemanticAnalyser::visit(Binop &binop) | |
auto get_int_literal = [](const auto expr) -> long { | |
return static_cast<ast::Integer*>(expr)->n; | |
}; | |
- auto left = binop.left; | |
- auto right = binop.right; |
# Lockdown: | |
## ubuntu 19.10 | |
Uses old version of lockdown | |
- bpf syscall fully blocked | |
## fedora 31 | |
Official lockdown |
``` | |
Attaching 1 probe... | |
Input: text1 | |
Input: text2 | |
Input: text3 | |
Input: text1 | |
bpf got: 5 text1 | |
bpf got: 5 text2 | |
bpf got: 5 text3 | |
bpf got: 5 text1 |
I hereby claim:
To claim this, I am signing this object:
Checking bashreadline | |
Checking biolatency | |
Checking biosnoop | |
Change detected for script: biosnoop | |
--- master_biosnoop 2019-07-25 21:42:10.027857087 +0000 | |
+++ new_biosnoop 2019-07-25 21:42:10.071858153 +0000 | |
@@ -403,7 +403,7 @@ | |
%11 = getelementptr %printf_t.0, %printf_t.0* %printf_args, i32 0, i32 0 | |
store i64 1, i64* %11 |
#include <linux/bpf.h> | |
BEGIN{ | |
@cmd[0] = "MAP_CREATE"; | |
@cmd[1] = "MAP_LOOKUP_ELEM"; | |
@cmd[2] = "MAP_UPDATE_ELEM"; | |
@cmd[3] = "MAP_DELETE_ELEM"; | |
@cmd[4] = "MAP_GET_NEXT_KEY"; | |
@cmd[5] = "PROG_LOAD"; | |
@cmd[6] = "OBJ_PIN"; |
#!/bin/bash | |
# Let bpftrace count kills | |
# do a lot of kills for x seconds | |
# Setup extra kill tracer | |
# Setup bpftrace map clear tracer | |
# Loop: | |
# Send single kill | |
# dump map content |
### Keybase proof | |
I hereby claim: | |
* I am fbs on github. | |
* I am fbs (https://keybase.io/fbs) on keybase. | |
* I have a public key ASByjEQpj6lqBb0F-goKMOXTu-QUNJ9uYjnaptCenn-cVgo | |
To claim this, I am signing this object: |