diff options
Diffstat (limited to 'lua_scripts')
-rw-r--r-- | lua_scripts/argvenvp.lua | 4 | ||||
-rw-r--r-- | lua_scripts/mapping.lua | 41 | ||||
-rw-r--r-- | lua_scripts/pathmaps/devel/00_default.lua | 8 | ||||
-rw-r--r-- | lua_scripts/pathmaps/emulate/00_default.lua | 7 | ||||
-rw-r--r-- | lua_scripts/pathmaps/install/00_default.lua | 6 | ||||
-rw-r--r-- | lua_scripts/pathmaps/simple/00_default.lua | 6 | ||||
-rw-r--r-- | lua_scripts/pathmaps/tools/00_default.lua | 7 |
7 files changed, 79 insertions, 0 deletions
diff --git a/lua_scripts/argvenvp.lua b/lua_scripts/argvenvp.lua index ac65000..a5480f9 100644 --- a/lua_scripts/argvenvp.lua +++ b/lua_scripts/argvenvp.lua @@ -672,6 +672,10 @@ function sb_execve_postprocess(rule, exec_policy, exec_type, sb.log("debug", string.format("sb_execve_postprocess:type=%s", exec_type)) + if (exec_policy.name) then + table.insert(envp, "__SB2_EXEC_POLICY_NAME="..exec_policy.name) + end + -- End of generic part. Rest of postprocessing depends on type of -- the executable. diff --git a/lua_scripts/mapping.lua b/lua_scripts/mapping.lua index 4688a4a..320ea78 100644 --- a/lua_scripts/mapping.lua +++ b/lua_scripts/mapping.lua @@ -66,6 +66,45 @@ function sb2_procfs_mapper(binary_name, func_name, rp, path, rule) return nil, ret_path, false end +-- all_exec_policies is a table, defined by the mapping rule file +all_exec_policies = nil + +-- return the exec policy used for this process +-- +local active_exec_policy_checked = false +local active_exec_policy_ptr = nil + +function get_active_exec_policy() + if (active_exec_policy_checked == false) then + local ep_name = sb.get_active_exec_policy_name() + + if (ep_name and all_exec_policies ~= nil) then + -- Name of it is known, try to find the object itself + for i = 1, table.maxn(all_exec_policies) do + if all_exec_policies[i].name == ep_name then + active_exec_policy_ptr = all_exec_policies[i] + break + end + end + if (debug_messages_enabled) then + if active_exec_policy_ptr then + sb.log("debug", "Found active Exec policy "..ep_name) + else + sb.log("debug", "FAILED to find active Exec policy "..ep_name) + end + end + else + -- Don't know what exec policy is active + if (debug_messages_enabled) then + sb.log("debug", "Unknown active Exec policy") + end + end + + active_exec_policy_checked = true + end + return active_exec_policy_ptr +end + -- Load mode-specific rules. -- A mode file must define three variables: -- 1. rule_file_interface_version (string) is checked and must match, @@ -98,6 +137,8 @@ function load_and_check_rules() -- -- (version 19 is in intermediate version; -- several interface changes will follow) + -- - added "all_exec_policies" list to all + -- mapping modes -- Differences between version 17 and 18: -- - added sb2_procfs_mapper() -- Differences between version 16 and 17: diff --git a/lua_scripts/pathmaps/devel/00_default.lua b/lua_scripts/pathmaps/devel/00_default.lua index f66a20d..f7d5295 100644 --- a/lua_scripts/pathmaps/devel/00_default.lua +++ b/lua_scripts/pathmaps/devel/00_default.lua @@ -635,3 +635,11 @@ exec_policy_chains = { devel_exec_policies } +-- This table lists all exec policies - this is used when the current +-- process wants to locate the currently active policy +all_exec_policies = { + exec_policy_host_os, + exec_policy_target, + exec_policy_tools, +} + diff --git a/lua_scripts/pathmaps/emulate/00_default.lua b/lua_scripts/pathmaps/emulate/00_default.lua index 421fb61..d7630a5 100644 --- a/lua_scripts/pathmaps/emulate/00_default.lua +++ b/lua_scripts/pathmaps/emulate/00_default.lua @@ -208,3 +208,10 @@ exec_policy_chains = { all_exec_policies_chain } +-- This table lists all exec policies - this is used when the current +-- process wants to locate the currently active policy +all_exec_policies = { + exec_policy_target, + default_exec_policy, +} + diff --git a/lua_scripts/pathmaps/install/00_default.lua b/lua_scripts/pathmaps/install/00_default.lua index 29fcb81..7ca7161 100644 --- a/lua_scripts/pathmaps/install/00_default.lua +++ b/lua_scripts/pathmaps/install/00_default.lua @@ -105,3 +105,9 @@ exec_policy_chains = { all_exec_policies_chain } +-- This table lists all exec policies - this is used when the current +-- process wants to locate the currently active policy +all_exec_policies = { + default_exec_policy, +} + diff --git a/lua_scripts/pathmaps/simple/00_default.lua b/lua_scripts/pathmaps/simple/00_default.lua index 71a7ca2..34ab4ca 100644 --- a/lua_scripts/pathmaps/simple/00_default.lua +++ b/lua_scripts/pathmaps/simple/00_default.lua @@ -120,3 +120,9 @@ exec_policy_chains = { all_exec_policies_chain } +-- This table lists all exec policies - this is used when the current +-- process wants to locate the currently active policy +all_exec_policies = { + default_exec_policy, +} + diff --git a/lua_scripts/pathmaps/tools/00_default.lua b/lua_scripts/pathmaps/tools/00_default.lua index efbf3bc..24f6054 100644 --- a/lua_scripts/pathmaps/tools/00_default.lua +++ b/lua_scripts/pathmaps/tools/00_default.lua @@ -160,3 +160,10 @@ exec_policy_chains = { all_exec_policies_chain } +-- This table lists all exec policies - this is used when the current +-- process wants to locate the currently active policy +all_exec_policies = { + exec_policy_tools, + default_exec_policy, +} + |