index : blog

        

            
            
        
        
0#!/bin/python
1
2import subprocess
3
4from sys import exit, argv
5from pathlib import Path
6
7
8
9HELP = """Usage: syscalls.py [OPTIONS] [FP]
10
11OPTIONS
12    -r <program path>           Records syscalls
13    -p <strace output file>     Prints the used syscalls from your 'strace.txt'.
14                                If the path is omitted, it looks after 'strace.txt'
15                                in your current directory.
16"""
17
18
19STRACE_OUTPUT_FP = Path("strace.txt")
20
21SCMP_BOUNDARY_MARKER = "---- SECCOMP BOUNDARY ----"
22
23
24
25def main(args):
26    if len(args) == 1 or len(args) > 3:
27        print(HELP)
28        exit(1)
29
30    if "h" in args[1] or "help" in args[1]:
31        print(HELP)
32        exit(0)
33
34    if args[1] == "-r":
35        if len(args) != 3:
36            print("Need filepath to program")
37            exit(1)
38
39        strace_run(args[2])
40
41    if args[1] == "-p":
42        fp = STRACE_OUTPUT_FP if len(args) == 2 else args[2]
43        gather_unique_syscalls(fp)
44
45    print("Unknown argument")
46    exit(1)
47
48
49def strace_run(program):
50    cmd = [
51        "strace",
52        "-o",
53        STRACE_OUTPUT_FP,
54        str(program)
55    ]
56    run_command(cmd)
57    exit(0)
58
59
60def gather_unique_syscalls(fp):
61    if not fp.exists():
62        print("File does not exist:", fp)
63        exit(1)
64
65    content = open_file_or_exit(fp)
66    boundary_idx = next(
67        (i for i, s in enumerate(content) if SCMP_BOUNDARY_MARKER in s), None
68    )
69
70    if boundary_idx == None:
71        print("Cannot find seccomp boundary marker")
72        exit(1)
73
74    boundary_idx += 1
75
76    after_boundary = content[boundary_idx:]
77    syscalls = set()
78
79    for i, line in enumerate(after_boundary):
80        idx = line.find("(")
81
82        if idx == -1:
83            syscall = f"[ERR: at line {i + boundary_idx}]"
84            continue
85        else:
86            syscall = line[:idx]
87
88        syscalls.add(syscall)
89
90    print("/** Copy pasta from dev/syscalls.py */")
91    print("SECCOMP_ALLOWED_SYSCALLS :: string.[")
92
93    for item in syscalls:
94        code = f'    "{item.upper()}",'
95        print(code)
96
97    print("];")
98    exit(0)
99
100
101def run_command(cmd):
102    try:
103        subprocess.run(cmd, text=True, check=True)
104    except subprocess.CalledProcessError as e:
105        print(f"Command failed {e.returncode}: {e.stderr}")
106        exit(1)
107
108
109def open_file_or_exit(fp):
110    try:
111        with open(fp, 'r', encoding="utf8") as f:
112            return f.readlines()
113    except Exception as e:
114        print(e)
115        exit(1)
116
117
118if __name__ == "__main__":
119    args = argv
120
121    try:
122        main(args)
123    except KeyboardInterrupt:
124        print("Terminated by user")
125        exit(1)
126
127