From c1cdd7b87ab1c69d5765a39d4e7a22f2c9601cac Mon Sep 17 00:00:00 2001 From: Leonardo Di Giovanna Date: Wed, 4 Dec 2024 17:26:04 +0100 Subject: [PATCH 1/5] fix(decl/syscalls): fix openat2 default arguments Signed-off-by: Leonardo Di Giovanna Co-authored-by: Aldo Lacuku --- pkg/test/step/syscall/openat2/openat2.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/test/step/syscall/openat2/openat2.go b/pkg/test/step/syscall/openat2/openat2.go index c8aa8b70..5b0b345d 100644 --- a/pkg/test/step/syscall/openat2/openat2.go +++ b/pkg/test/step/syscall/openat2/openat2.go @@ -45,11 +45,11 @@ func New(name string, rawArgs map[string]string, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { o := &openAt2Syscall{} o.bindOnlyArgs.DirFD = unix.AT_FDCWD - // o.args.How fields defaulted to 0 + // o.args.How field defaulted to empty struct. argsContainer := reflect.ValueOf(&o.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&o.bindOnlyArgs).Elem() retValContainer := reflect.ValueOf(o).Elem() - defaultedArgs := []string{"dirfd", "mode"} + defaultedArgs := []string{"dirfd", "how"} return base.New(name, rawArgs, fieldBindings, argsContainer, bindOnlyArgsContainer, retValContainer, defaultedArgs, o.run, nil) } From bb7d481c6d3c5eb7e95ab6e4771e0297884b31e4 Mon Sep 17 00:00:00 2001 From: Leonardo Di Giovanna Date: Thu, 5 Dec 2024 12:06:41 +0100 Subject: [PATCH 2/5] fix(decl/syscalls): fix dup3 system call cleanup logic Signed-off-by: Leonardo Di Giovanna Co-authored-by: Aldo Lacuku --- pkg/test/step/syscall/dup3/dup3.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/test/step/syscall/dup3/dup3.go b/pkg/test/step/syscall/dup3/dup3.go index 7975df45..1873ac1b 100644 --- a/pkg/test/step/syscall/dup3/dup3.go +++ b/pkg/test/step/syscall/dup3/dup3.go @@ -43,7 +43,7 @@ type dup3Syscall struct { // New creates a new dup3 system call test step. func New(name string, rawArgs map[string]string, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { - d := &dup3Syscall{} + d := &dup3Syscall{savedFD: -1} // d.args.Flags defaulted to 0 argsContainer := reflect.ValueOf(&d.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&d.bindOnlyArgs).Elem() From ea20627c1d16db1390911c92fa5d45d3b2bab83c Mon Sep 17 00:00:00 2001 From: Leonardo Di Giovanna Date: Thu, 5 Dec 2024 12:43:58 +0100 Subject: [PATCH 3/5] fix(decl/syscalls): fix symlinkat system call cleanup logic Signed-off-by: Leonardo Di Giovanna Co-authored-by: Aldo Lacuku --- pkg/test/step/syscall/symlinkat/symlinkat.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/test/step/syscall/symlinkat/symlinkat.go b/pkg/test/step/syscall/symlinkat/symlinkat.go index 574c5389..0663967a 100644 --- a/pkg/test/step/syscall/symlinkat/symlinkat.go +++ b/pkg/test/step/syscall/symlinkat/symlinkat.go @@ -82,7 +82,7 @@ func (s *symlinkAtSyscall) cleanup(_ context.Context) error { s.savedLinkPath = nil }() - dirFD := unix.AT_FDCWD + dirFD := s.bindOnlyArgs.NewDirFD //nolint:gosec // System call invocation requires access to the raw pointer. savedLinkPathPtr := unsafe.Pointer(&s.savedLinkPath[0]) flags := 0 From 21bf4668255795005d71d96e6495e102354fa15e Mon Sep 17 00:00:00 2001 From: Leonardo Di Giovanna Date: Thu, 5 Dec 2024 13:15:27 +0100 Subject: [PATCH 4/5] fix(decl/syscalls): fix system call argument value parsing Generalize parsing of system call arguments by treating them as map[string]interface{} (instead of map[string]string). This enables field binding at arbitrary level and decouples architecture inner layers from tests input encoding. Signed-off-by: Leonardo Di Giovanna Co-authored-by: Aldo Lacuku --- pkg/test/field/field.go | 19 ++- pkg/test/loader/loader.go | 48 +++--- pkg/test/step/syscall/base/base.go | 135 ++++++++++------ pkg/test/step/syscall/base/parse.go | 152 ++++++++++-------- pkg/test/step/syscall/connect/connect.go | 3 +- pkg/test/step/syscall/dup/dup.go | 6 +- pkg/test/step/syscall/dup2/dup2.go | 2 +- pkg/test/step/syscall/dup2/dup2_arm64.go | 2 +- pkg/test/step/syscall/dup3/dup3.go | 3 +- .../step/syscall/finitmodule/finitmodule.go | 3 +- .../step/syscall/initmodule/initmodule.go | 3 +- pkg/test/step/syscall/kill/kill.go | 3 +- pkg/test/step/syscall/link/link.go | 2 +- pkg/test/step/syscall/link/link_arm64.go | 2 +- pkg/test/step/syscall/linkat/linkat.go | 2 +- pkg/test/step/syscall/open/open.go | 4 +- pkg/test/step/syscall/open/open_arm64.go | 2 +- pkg/test/step/syscall/openat/openat.go | 3 +- pkg/test/step/syscall/openat2/openat2.go | 15 +- pkg/test/step/syscall/read/read.go | 3 +- pkg/test/step/syscall/sendto/sendto.go | 3 +- pkg/test/step/syscall/socket/socket.go | 3 +- pkg/test/step/syscall/symlink/symlink.go | 2 +- .../step/syscall/symlink/symlink_arm64.go | 2 +- pkg/test/step/syscall/symlinkat/symlinkat.go | 3 +- pkg/test/step/syscall/syscall.go | 2 +- pkg/test/step/syscall/write/write.go | 3 +- 27 files changed, 250 insertions(+), 180 deletions(-) diff --git a/pkg/test/field/field.go b/pkg/test/field/field.go index 76ba1691..17f591d6 100644 --- a/pkg/test/field/field.go +++ b/pkg/test/field/field.go @@ -61,6 +61,12 @@ const ( TypeOpenMode Type = "open_mode" // TypeOpenHow specifies that the field contains the openat2 system call open_how parameter. TypeOpenHow Type = "open_how" + // TypeOpenHowFlags specifies that the field contains the openat2 system call open_how flags. + TypeOpenHowFlags Type = "open_how_flags" + // TypeOpenHowMode specifies that the field contains the openat2 system call open_how mode. + TypeOpenHowMode Type = "open_how_mode" + // TypeOpenHowResolve specifies that the field contains the openat2 system call open_how resolve value. + TypeOpenHowResolve Type = "open_how_resolve" // TypeLinkAtFlags specifies that the field contains the linkat system call flags. TypeLinkAtFlags Type = "linkat_flags" // TypeModuleParams specifies that the field contains the init_module system call params. @@ -121,7 +127,7 @@ func Paths(fieldContainer reflect.Type) map[string]struct{} { subFieldPaths := Paths(fieldTy) // Generate the complete field path by prefixing, to each subfield, the current field path. for subFieldPath := range subFieldPaths { - fieldPaths[fieldPath+fieldPathSegmentsSeparator+subFieldPath] = struct{}{} + fieldPaths[JoinFieldPathSegments(fieldPath, subFieldPath)] = struct{}{} } } return fieldPaths @@ -132,16 +138,21 @@ func Path(s string) string { return strings.ToLower(s) } -// splitFieldPath splits the provided field path into multiple segments. -func splitFieldPath(fieldPath string) []string { +// splitFieldPathSegments splits the provided field path into multiple segments. +func splitFieldPathSegments(fieldPath string) []string { return strings.Split(fieldPath, fieldPathSegmentsSeparator) } +// JoinFieldPathSegments joins the provided field path segments into a single field path. +func JoinFieldPathSegments(pathSegments ...string) string { + return strings.Join(pathSegments, fieldPathSegmentsSeparator) +} + // ByName returns information for the field identified by name. The field is searched in the provided fieldContainers, // and the first match is returned. func ByName(name string, fieldContainers ...reflect.Value) (*Field, error) { fieldPath := Path(name) - fieldPathSegments := splitFieldPath(fieldPath) + fieldPathSegments := splitFieldPathSegments(fieldPath) for _, fieldContainer := range fieldContainers { if field := byName(fieldContainer, fieldPath, fieldPathSegments); field != nil { diff --git a/pkg/test/loader/loader.go b/pkg/test/loader/loader.go index 79977397..e55fd6c6 100644 --- a/pkg/test/loader/loader.go +++ b/pkg/test/loader/loader.go @@ -576,7 +576,7 @@ func (s *TestStep) UnmarshalYAML(node *yaml.Node) error { return fmt.Errorf("error decoding syscall parameters: %w", err) } spec = &syscallSpec - fieldBindings = syscallSpec.fieldBindings() + fieldBindings = getFieldBindings("", syscallSpec.Args) default: panic(fmt.Sprintf("unknown test step type %q", decodedType)) } @@ -596,7 +596,7 @@ func (s TestStep) MarshalYAML() (interface{}, error) { switch stepType := s.Type; stepType { case TestStepTypeSyscall: spec := s.Spec.(*TestStepSyscallSpec) - args := make(map[string]string, len(spec.Args)+len(s.FieldBindings)) + args := make(map[string]interface{}, len(spec.Args)+len(s.FieldBindings)) for arg, argValue := range spec.Args { args[arg] = argValue } @@ -640,8 +640,8 @@ func (t *TestStepType) UnmarshalYAML(node *yaml.Node) error { // TestStepSyscallSpec describes a system call test step. type TestStepSyscallSpec struct { - Syscall SyscallName `yaml:"syscall" validate:"-"` - Args map[string]string `yaml:"args" validate:"required"` + Syscall SyscallName `yaml:"syscall" validate:"-"` + Args map[string]interface{} `yaml:"args" validate:"required"` } // TestStepFieldBinding contains the information to perform the binding of a field belonging to a source step. @@ -653,22 +653,34 @@ type TestStepFieldBinding struct { var fieldBindingRegex = regexp.MustCompile(`^\${(.+?)\.(.+)}$`) -func (s *TestStepSyscallSpec) fieldBindings() []*TestStepFieldBinding { +func getFieldBindings(containingArgName string, args map[string]interface{}) []*TestStepFieldBinding { + // The prefix of each contained argument is composed by the containing argument name. + var argsPrefix string + if containingArgName != "" { + argsPrefix = containingArgName + "." + } + var bindings []*TestStepFieldBinding - for arg, argValue := range s.Args { - // Check if the user specified a field binding as value. - match := fieldBindingRegex.FindStringSubmatch(argValue) - if match == nil { - continue - } + for arg, argValue := range args { + switch argValue := argValue.(type) { + case string: + // Check if the user specified a field binding as value. + match := fieldBindingRegex.FindStringSubmatch(argValue) + if match == nil { + continue + } + + bindings = append(bindings, &TestStepFieldBinding{ + SrcStep: match[1], + SrcField: match[2], + LocalField: argsPrefix + arg, + }) - bindings = append(bindings, &TestStepFieldBinding{ - SrcStep: match[1], - SrcField: match[2], - LocalField: arg, - }) - // If an argument value is a field binding, remove it from arguments. - delete(s.Args, arg) + // If an argument value is a field binding, remove it from arguments. + delete(args, arg) + case map[string]interface{}: + bindings = append(bindings, getFieldBindings(arg, argValue)...) + } } return bindings } diff --git a/pkg/test/step/syscall/base/base.go b/pkg/test/step/syscall/base/base.go index daffacd3..8686c999 100644 --- a/pkg/test/step/syscall/base/base.go +++ b/pkg/test/step/syscall/base/base.go @@ -19,7 +19,6 @@ import ( "context" "fmt" "reflect" - "strconv" "github.com/falcosecurity/event-generator/pkg/test/field" "github.com/falcosecurity/event-generator/pkg/test/step" @@ -61,7 +60,7 @@ var _ syscall.Syscall = (*baseSyscall)(nil) var errOpenModeMustBePositive = fmt.Errorf("open mode must be a positive integer") // New creates a new generic system call test step. -func New(stepName string, rawArgs map[string]string, fieldBindings []*step.FieldBinding, argsContainer, +func New(stepName string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding, argsContainer, bindOnlyArgsContainer, retValueContainer reflect.Value, defaultedArgs []string, runFunc, cleanupFunc func(ctx context.Context) error) (syscall.Syscall, error) { if err := checkContainersInvariants(argsContainer, bindOnlyArgsContainer, retValueContainer); err != nil { @@ -72,10 +71,14 @@ func New(stepName string, rawArgs map[string]string, fieldBindings []*step.Field return nil, fmt.Errorf("run function must not be nil") } - unboundArgs, err := setArgFieldValues(argsContainer, rawArgs) + unboundArgs := field.Paths(argsContainer.Type()) + boundArgs, err := setArgFieldValues(argsContainer, rawArgs) if err != nil { return nil, fmt.Errorf("error setting argument field values: %w", err) } + for _, boundArg := range boundArgs { + delete(unboundArgs, boundArg) + } unboundBindOnlyArgs := field.Paths(bindOnlyArgsContainer.Type()) @@ -119,141 +122,179 @@ func checkContainersInvariants(argsContainer, bindOnlyArgsContainer, retValueCon } // setArgFieldValues sets the argument fields in argFieldContainer to the corresponding values in rawArgs. It returns -// the set of arguments that remain to be set. -func setArgFieldValues(argFieldContainer reflect.Value, rawArgs map[string]string) (map[string]struct{}, error) { - unboundArgs := field.Paths(argFieldContainer.Type()) +// the list of set arguments field paths. +func setArgFieldValues(argFieldContainer reflect.Value, rawArgs map[string]interface{}) ([]string, error) { + fmt.Printf("setArgFieldValues rawArgs: %+v\n", rawArgs) + var boundArgs []string for rawArg, rawArgValue := range rawArgs { argField, err := field.ByName(rawArg, argFieldContainer) if err != nil { - return nil, fmt.Errorf("error getting %q argument field info: %w", rawArg, err) + return nil, fmt.Errorf("error getting %q argument field: %w", rawArg, err) } - if err := setArgFieldValue(argField, rawArgValue); err != nil { - return nil, fmt.Errorf("error setting %q argument field value to %q: %w", rawArg, rawArgValue, err) + argFieldBoundArgs, err := setArgFieldValue(argField, rawArgValue) + if err != nil { + return nil, fmt.Errorf("error setting %q argument field value to %v: %w", rawArg, rawArgValue, err) } - delete(unboundArgs, field.Path(rawArg)) + boundArgs = append(boundArgs, argFieldBoundArgs...) } - return unboundArgs, nil + return boundArgs, nil } -// setArgFieldValue sets the value of the field identified by the provided field info to the provided value, parsing it -// differently depending on the field type. +// setArgFieldValue sets the value of the provided field and/or sub-fields to the provided value, parsing it differently +// depending on the field type. // //nolint:gocyclo // Disable cyclomatic complexity check. -func setArgFieldValue(argField *field.Field, value string) error { +func setArgFieldValue(argField *field.Field, value interface{}) ([]string, error) { + boundArgs := []string{argField.Path} argFieldValue := argField.Value switch argFieldType := argField.Type; argFieldType { case field.TypeFD: - fd, err := strconv.Atoi(value) + fd, err := parseInt64(value) if err != nil { - return fmt.Errorf("cannot parse value as FD: %w", err) + return nil, fmt.Errorf("cannot parse value as fd: %w", err) } - argFieldValue.SetInt(int64(fd)) + argFieldValue.SetInt(fd) case field.TypeBuffer: - argFieldValue.Set(reflect.ValueOf([]byte(value))) + buffer, err := parseString(value) + if err != nil { + return nil, fmt.Errorf("cannot parse value as buffer: %w", err) + } + argFieldValue.Set(reflect.ValueOf([]byte(buffer))) case field.TypeBufferLen: bufferLen, err := parseBufferLen(value) if err != nil { - return fmt.Errorf("cannot parse value as buffer length: %w", err) + return nil, fmt.Errorf("cannot parse value as buffer length: %w", err) } - argFieldValue.SetInt(int64(bufferLen)) + argFieldValue.SetInt(bufferLen) case field.TypeFilePath: filePath, err := parseFilePath(value) if err != nil { - return fmt.Errorf("cannot parse value as file path: %w", err) + return nil, fmt.Errorf("cannot parse value as file path: %w", err) } argFieldValue.Set(reflect.ValueOf(filePath)) - case field.TypeOpenFlags: + case field.TypeOpenFlags, field.TypeOpenHowFlags: openFlags, err := parseFlags(value, openFlags) if err != nil { - return fmt.Errorf("cannot parse value as open flags: %w", err) + return nil, fmt.Errorf("cannot parse value as open flags: %w", err) + } + if argFieldValue.CanInt() { + argFieldValue.SetInt(int64(openFlags)) + } else { + argFieldValue.SetUint(uint64(openFlags)) //nolint:gosec // Disable G115 } - argFieldValue.SetInt(int64(openFlags)) - case field.TypeOpenMode: + case field.TypeOpenMode, field.TypeOpenHowMode: openMode, err := parseFlags(value, openModes) if err != nil { - return fmt.Errorf("cannot parse value as open mode: %w", err) + return nil, fmt.Errorf("cannot parse value as open mode: %w", err) } if openMode < 0 { - return errOpenModeMustBePositive + return nil, errOpenModeMustBePositive } argFieldValue.SetUint(uint64(openMode)) case field.TypeOpenHow: - openHow, err := parseOpenHow(value) + fieldBoundArgs, err := setSubArgFieldValues(argField, value) if err != nil { - return fmt.Errorf("cannot parse value as open_how struct: %w", err) + return nil, fmt.Errorf("cannot parse value as open_how struct: %w", err) } - argFieldValue.Set(reflect.ValueOf(*openHow)) + boundArgs = append(boundArgs, fieldBoundArgs...) + case field.TypeOpenHowResolve: + resolveFlags, err := parseFlags(value, openHowResolveFlags) + if err != nil { + return nil, fmt.Errorf("cannot parse value as open resolve value: %w", err) + } + argFieldValue.SetUint(uint64(resolveFlags)) //nolint:gosec // Disable G115 case field.TypeLinkAtFlags: linkAtFlags, err := parseFlags(value, linkAtFlags) if err != nil { - return fmt.Errorf("cannot parse value as linkat flags: %w", err) + return nil, fmt.Errorf("cannot parse value as linkat flags: %w", err) } argFieldValue.SetInt(int64(linkAtFlags)) case field.TypeModuleParams: - argFieldValue.SetString(value) + moduleParams, err := parseString(value) + if err != nil { + return nil, fmt.Errorf("cannot parse value as module params: %w", err) + } + argFieldValue.SetString(moduleParams) case field.TypeFinitModuleFlags: finitModuleFlags, err := parseFlags(value, finitModuleFlags) if err != nil { - return fmt.Errorf("cannot parse value as finit_module flags: %w", err) + return nil, fmt.Errorf("cannot parse value as finit_module flags: %w", err) } argFieldValue.SetInt(int64(finitModuleFlags)) case field.TypeDup3Flags: dup3Flags, err := parseFlags(value, dup3Flags) if err != nil { - return fmt.Errorf("cannot parse value as dup3 flags: %w", err) + return nil, fmt.Errorf("cannot parse value as dup3 flags: %w", err) } argFieldValue.SetInt(int64(dup3Flags)) case field.TypeSocketAddress: sockaddr, err := parseSocketAddress(value) if err != nil { - return fmt.Errorf("cannot parse value as socket address: %w", err) + return nil, fmt.Errorf("cannot parse value as socket address: %w", err) } argFieldValue.Set(reflect.ValueOf(sockaddr)) case field.TypeSocketDomain: socketDomain, err := parseSingleValue(value, socketDomains) if err != nil { - return fmt.Errorf("cannot parse value as socket domain: %w", err) + return nil, fmt.Errorf("cannot parse value as socket domain: %w", err) } argFieldValue.SetInt(int64(socketDomain)) case field.TypeSocketType: socketType, err := parseSingleValue(value, socketTypes) if err != nil { - return fmt.Errorf("cannot parse value as socket type: %w", err) + return nil, fmt.Errorf("cannot parse value as socket type: %w", err) } argFieldValue.SetInt(int64(socketType)) case field.TypeSocketProtocol: socketProtocol, err := parseSingleValue(value, socketProtocols) if err != nil { - return fmt.Errorf("cannot parse value as socket protocol: %w", err) + return nil, fmt.Errorf("cannot parse value as socket protocol: %w", err) } argFieldValue.SetInt(int64(socketProtocol)) case field.TypeSendFlags: sendFlags, err := parseFlags(value, sendFlags) if err != nil { - return fmt.Errorf("cannot parse value as send flags: %w", err) + return nil, fmt.Errorf("cannot parse value as send flags: %w", err) } argFieldValue.SetInt(int64(sendFlags)) case field.TypePID: - pid, err := strconv.Atoi(value) + pid, err := parseInt64(value) if err != nil { - return fmt.Errorf("cannot parse value as PID: %w", err) + return nil, fmt.Errorf("cannot parse value as PID: %w", err) } - argFieldValue.SetInt(int64(pid)) + argFieldValue.SetInt(pid) case field.TypeSignal: signal, err := parseSingleValue(value, signals) if err != nil { - return fmt.Errorf("cannot parse value as signal: %w", err) + return nil, fmt.Errorf("cannot parse value as signal: %w", err) } argFieldValue.SetInt(int64(signal)) case field.TypeUndefined: - return fmt.Errorf("argument field type is undefined") + return nil, fmt.Errorf("argument field type is undefined") default: - return fmt.Errorf("unknown syscall argument field type %q", argFieldType) + return nil, fmt.Errorf("unknown syscall argument field type %q", argFieldType) } - return nil + return boundArgs, nil +} + +func setSubArgFieldValues(argField *field.Field, value interface{}) ([]string, error) { + rawArgs, err := parseMap(value) + if err != nil { + return nil, fmt.Errorf("cannot parse argument field: %w", err) + } + + boundArgs, err := setArgFieldValues(argField.Value, rawArgs) + if err != nil { + return nil, fmt.Errorf("error seting argument sub-fields: %w", err) + } + + for idx := range boundArgs { + boundArgs[idx] = field.JoinFieldPathSegments(argField.Path, boundArgs[idx]) + } + return boundArgs, nil } func (s *baseSyscall) Name() string { @@ -266,6 +307,8 @@ func (s *baseSyscall) Run(ctx context.Context) error { return fmt.Errorf("the following argument fields are not bound yet: %v", unboundArgFields) } + fmt.Printf("argsContainer: %+v\n", s.argsContainer) + fmt.Printf("bindOnlyArgsContainer: %+v\n", s.bindOnlyArgsContainer) return s.runFunc(ctx) } diff --git a/pkg/test/step/syscall/base/parse.go b/pkg/test/step/syscall/base/parse.go index 72e3fa22..8a0b2b2d 100644 --- a/pkg/test/step/syscall/base/parse.go +++ b/pkg/test/step/syscall/base/parse.go @@ -18,94 +18,82 @@ package base import ( "fmt" "net" + "reflect" "strconv" "strings" "golang.org/x/sys/unix" - "gopkg.in/yaml.v3" ) var ( - errNegativeValue = fmt.Errorf("value is negative") + errMustBePositive = fmt.Errorf("value must be positive") + errMustBeString = fmt.Errorf("value must be a string") + errCannotConvertToInt = fmt.Errorf("cannot convert to int") errUnexpectedNullByte = fmt.Errorf("unexpected NULL byte") errPortOutOfRange = fmt.Errorf("port number out of range (0, 65535]") + errMustBeStringOrInt = fmt.Errorf("value must be a string or an int") + errMustBeMap = fmt.Errorf("value must be a map") ) -func parseBufferLen(value string) (int, error) { - bufferLen, err := strconv.Atoi(value) - if err != nil { - return 0, err - } - - if bufferLen < 0 { - return 0, errNegativeValue +func parseInt64(value any) (int64, error) { + v := reflect.ValueOf(value) + if !v.CanInt() { + return 0, errCannotConvertToInt } - return bufferLen, nil + return v.Int(), nil } -func parseFilePath(value string) ([]byte, error) { - if strings.IndexByte(value, 0) != -1 { - return nil, errUnexpectedNullByte +func parseString(value any) (string, error) { + v, ok := value.(string) + if !ok { + return "", errMustBeString } - filePath := make([]byte, len(value)+1) - copy(filePath, value) - return filePath, nil + return v, nil } -func parseOpenHow(value string) (*unix.OpenHow, error) { - dec := yaml.NewDecoder(strings.NewReader(value)) - // Force the decoding to fail if the YAML document contains unknown fields - dec.KnownFields(true) - var openHowView struct { - Flags string `yaml:"flags"` - Mode string `yaml:"mode"` - Resolve string `yaml:"resolve"` - } - if err := dec.Decode(&openHowView); err != nil { - return nil, fmt.Errorf("error decoding: %w", err) +func parseBufferLen(value any) (int64, error) { + bufferLen, err := parseInt64(value) + if err != nil { + return 0, err } - openHow := &unix.OpenHow{} - if openHowView.Flags == "" { - flags, err := parseFlags(openHowView.Flags, openFlags) - if err != nil { - return nil, fmt.Errorf("error parsing flags: %w", err) - } - //nolint:gosec // Disable G115 - openHow.Flags = uint64(flags) + if bufferLen < 0 { + return 0, errMustBePositive } - if openHowView.Mode == "" { - mode, err := parseFlags(openHowView.Mode, openModes) - if err != nil { - return nil, fmt.Errorf("error parsing mode: %w", err) - } - //nolint:gosec // Disable G115 - openHow.Mode = uint64(mode) + return bufferLen, nil +} + +func parseFilePath(value any) ([]byte, error) { + v, err := parseString(value) + if err != nil { + return nil, err } - if openHowView.Resolve == "" { - resolve, err := parseFlags(openHowView.Resolve, openHowResolveFlags) - if err != nil { - return nil, fmt.Errorf("error parsing resolve: %w", err) - } - //nolint:gosec // Disable G115 - openHow.Mode = uint64(resolve) + if strings.IndexByte(v, 0) != -1 { + return nil, errUnexpectedNullByte } - return openHow, nil + filePath := make([]byte, len(v)+1) + copy(filePath, v) + return filePath, nil } -func parseSocketAddress(value string) (unix.Sockaddr, error) { - if strings.HasPrefix(value, "unix://") { - value = value[len("unix://"):] - sockaddr := &unix.SockaddrUnix{Name: value} +func parseSocketAddress(value any) (unix.Sockaddr, error) { + parsedValue, err := parseString(value) + if err != nil { + return nil, err + } + + if strings.HasPrefix(parsedValue, "unix://") { + parsedValue = parsedValue[len("unix://"):] + sockaddr := &unix.SockaddrUnix{Name: parsedValue} return sockaddr, nil } - host, port, err := net.SplitHostPort(value) + host, port, err := net.SplitHostPort(parsedValue) if err != nil { return nil, fmt.Errorf("cannot split address in host and port parts: %w", err) } @@ -143,27 +131,49 @@ func parseSocketAddress(value string) (unix.Sockaddr, error) { return sockaddr, nil } -func parseSingleValue(value string, valuesMap map[string]int) (int, error) { - if parsedValue, ok := valuesMap[value]; ok { - return parsedValue, nil +func parseSingleValue(value any, valuesMap map[string]int) (int, error) { + switch value := value.(type) { + case int: + return value, nil + case string: + if parsedValue, ok := valuesMap[value]; ok { + return parsedValue, nil + } + return strconv.Atoi(value) + default: + return 0, errMustBeStringOrInt } - - return strconv.Atoi(value) } -func parseFlags(value string, flagsMap map[string]int) (int, error) { - if flags, err := strconv.Atoi(value); err == nil { +func parseFlags(value any, flagsMap map[string]int) (int, error) { + switch value := value.(type) { + case int: + return value, nil + case string: + if flags, err := strconv.Atoi(value); err == nil { + return flags, nil + } + + flags := 0 + for _, flag := range strings.Split(value, "|") { + flagValue, ok := flagsMap[flag] + if !ok { + return 0, fmt.Errorf("unknown flag %q", flag) + } + flags |= flagValue + } + return flags, nil + default: + return 0, errMustBeStringOrInt } +} - flags := 0 - for _, flag := range strings.Split(value, "|") { - flagValue, ok := flagsMap[flag] - if !ok { - return 0, fmt.Errorf("unknown flag %q", flag) - } - flags |= flagValue +func parseMap(value any) (map[string]any, error) { + rawArgs, ok := value.(map[string]any) + if !ok { + return nil, errMustBeMap } - return flags, nil + return rawArgs, nil } diff --git a/pkg/test/step/syscall/connect/connect.go b/pkg/test/step/syscall/connect/connect.go index cc2eab52..f185fb93 100644 --- a/pkg/test/step/syscall/connect/connect.go +++ b/pkg/test/step/syscall/connect/connect.go @@ -38,8 +38,7 @@ type connectSyscall struct { } // New creates a new connect system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { c := &connectSyscall{} argsContainer := reflect.ValueOf(&c.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&c.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/dup/dup.go b/pkg/test/step/syscall/dup/dup.go index da037a9b..1dee87d8 100644 --- a/pkg/test/step/syscall/dup/dup.go +++ b/pkg/test/step/syscall/dup/dup.go @@ -37,13 +37,13 @@ type dupSyscall struct { } // New creates a new dup system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { d := &dupSyscall{} argsContainer := reflect.ValueOf(&d.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&d.bindOnlyArgs).Elem() retValContainer := reflect.ValueOf(d).Elem() - return base.New(name, rawArgs, fieldBindings, argsContainer, bindOnlyArgsContainer, retValContainer, nil, d.run, nil) + return base.New(name, rawArgs, fieldBindings, argsContainer, bindOnlyArgsContainer, retValContainer, nil, d.run, + nil) } func (d *dupSyscall) run(_ context.Context) error { diff --git a/pkg/test/step/syscall/dup2/dup2.go b/pkg/test/step/syscall/dup2/dup2.go index 7bedf663..2b2353d2 100644 --- a/pkg/test/step/syscall/dup2/dup2.go +++ b/pkg/test/step/syscall/dup2/dup2.go @@ -42,7 +42,7 @@ type dup2Syscall struct { } // New creates a new dup2 system call test step. -func New(name string, rawArgs map[string]string, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { d := &dup2Syscall{savedFD: -1} argsContainer := reflect.ValueOf(&d.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&d.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/dup2/dup2_arm64.go b/pkg/test/step/syscall/dup2/dup2_arm64.go index 9ab27bc7..b3e07bef 100644 --- a/pkg/test/step/syscall/dup2/dup2_arm64.go +++ b/pkg/test/step/syscall/dup2/dup2_arm64.go @@ -22,6 +22,6 @@ import ( "github.com/falcosecurity/event-generator/pkg/test/step/syscall" ) -func New(_ string, _ map[string]string, _ []*step.FieldBinding) (syscall.Syscall, error) { +func New(_ string, _ map[string]interface{}, _ []*step.FieldBinding) (syscall.Syscall, error) { return nil, fmt.Errorf("not supported by the architecture") } diff --git a/pkg/test/step/syscall/dup3/dup3.go b/pkg/test/step/syscall/dup3/dup3.go index 1873ac1b..f3781c4a 100644 --- a/pkg/test/step/syscall/dup3/dup3.go +++ b/pkg/test/step/syscall/dup3/dup3.go @@ -41,8 +41,7 @@ type dup3Syscall struct { } // New creates a new dup3 system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { d := &dup3Syscall{savedFD: -1} // d.args.Flags defaulted to 0 argsContainer := reflect.ValueOf(&d.args).Elem() diff --git a/pkg/test/step/syscall/finitmodule/finitmodule.go b/pkg/test/step/syscall/finitmodule/finitmodule.go index 29ebd46a..33da0a28 100644 --- a/pkg/test/step/syscall/finitmodule/finitmodule.go +++ b/pkg/test/step/syscall/finitmodule/finitmodule.go @@ -40,8 +40,7 @@ type finitModuleSyscall struct { } // New creates a new finit_module system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { f := &finitModuleSyscall{} // f.args.ParamValues defaulted to "" // f.args.Flags defaulted to 0 diff --git a/pkg/test/step/syscall/initmodule/initmodule.go b/pkg/test/step/syscall/initmodule/initmodule.go index 3df9d006..21d000ed 100644 --- a/pkg/test/step/syscall/initmodule/initmodule.go +++ b/pkg/test/step/syscall/initmodule/initmodule.go @@ -38,8 +38,7 @@ type initModuleSyscall struct { } // New creates a new init_module system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { i := &initModuleSyscall{} // i.args.ParamValues defaulted to "" argsContainer := reflect.ValueOf(&i.args).Elem() diff --git a/pkg/test/step/syscall/kill/kill.go b/pkg/test/step/syscall/kill/kill.go index beae8db7..db45c77b 100644 --- a/pkg/test/step/syscall/kill/kill.go +++ b/pkg/test/step/syscall/kill/kill.go @@ -39,8 +39,7 @@ type killSyscall struct { } // New creates a new kill system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { k := &killSyscall{} argsContainer := reflect.ValueOf(&k.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&k.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/link/link.go b/pkg/test/step/syscall/link/link.go index 59f1e85f..0a163897 100644 --- a/pkg/test/step/syscall/link/link.go +++ b/pkg/test/step/syscall/link/link.go @@ -43,7 +43,7 @@ type linkSyscall struct { } // New creates a new link system call test step. -func New(name string, rawArgs map[string]string, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { l := &linkSyscall{} argsContainer := reflect.ValueOf(&l.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&l.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/link/link_arm64.go b/pkg/test/step/syscall/link/link_arm64.go index 248efeb0..d1f82c3c 100644 --- a/pkg/test/step/syscall/link/link_arm64.go +++ b/pkg/test/step/syscall/link/link_arm64.go @@ -22,6 +22,6 @@ import ( "github.com/falcosecurity/event-generator/pkg/test/step/syscall" ) -func New(_ string, _ map[string]string, _ []*step.FieldBinding) (syscall.Syscall, error) { +func New(_ string, _ map[string]interface{}, _ []*step.FieldBinding) (syscall.Syscall, error) { return nil, fmt.Errorf("not supported by the architecture") } diff --git a/pkg/test/step/syscall/linkat/linkat.go b/pkg/test/step/syscall/linkat/linkat.go index 86e8e465..42a76b48 100644 --- a/pkg/test/step/syscall/linkat/linkat.go +++ b/pkg/test/step/syscall/linkat/linkat.go @@ -45,7 +45,7 @@ type linkAtSyscall struct { } // New creates a new linkat system call test step. -func New(name string, rawArgs map[string]string, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { l := &linkAtSyscall{} l.bindOnlyArgs.OldDirFD = unix.AT_FDCWD l.bindOnlyArgs.NewDirFD = unix.AT_FDCWD diff --git a/pkg/test/step/syscall/open/open.go b/pkg/test/step/syscall/open/open.go index 75d35f64..909c44c3 100644 --- a/pkg/test/step/syscall/open/open.go +++ b/pkg/test/step/syscall/open/open.go @@ -42,9 +42,9 @@ type openSyscall struct { } // New creates a new open system call test step. -func New(name string, rawArgs map[string]string, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { o := &openSyscall{} - // mode defaulted to 0 + // o.args.Mode defaulted to 0 argsContainer := reflect.ValueOf(&o.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&o.bindOnlyArgs).Elem() retValContainer := reflect.ValueOf(o).Elem() diff --git a/pkg/test/step/syscall/open/open_arm64.go b/pkg/test/step/syscall/open/open_arm64.go index 3e0f075f..80db5e23 100644 --- a/pkg/test/step/syscall/open/open_arm64.go +++ b/pkg/test/step/syscall/open/open_arm64.go @@ -22,6 +22,6 @@ import ( "github.com/falcosecurity/event-generator/pkg/test/step/syscall" ) -func New(_ string, _ map[string]string, _ []*step.FieldBinding) (syscall.Syscall, error) { +func New(_ string, _ map[string]interface{}, _ []*step.FieldBinding) (syscall.Syscall, error) { return nil, fmt.Errorf("not supported by the architecture") } diff --git a/pkg/test/step/syscall/openat/openat.go b/pkg/test/step/syscall/openat/openat.go index 6d120815..e43346a7 100644 --- a/pkg/test/step/syscall/openat/openat.go +++ b/pkg/test/step/syscall/openat/openat.go @@ -42,8 +42,7 @@ type openAtSyscall struct { } // New creates a new openat system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { o := &openAtSyscall{} o.bindOnlyArgs.DirFD = unix.AT_FDCWD // o.args.Mode defaulted to 0 diff --git a/pkg/test/step/syscall/openat2/openat2.go b/pkg/test/step/syscall/openat2/openat2.go index 5b0b345d..fc8a6dcf 100644 --- a/pkg/test/step/syscall/openat2/openat2.go +++ b/pkg/test/step/syscall/openat2/openat2.go @@ -17,6 +17,7 @@ package openat2 import ( "context" + "fmt" "reflect" "unsafe" @@ -30,8 +31,12 @@ import ( type openAt2Syscall struct { // args represents arguments that can be provided by value or by binding. args struct { - Pathname []byte `field_type:"file_path"` - How unix.OpenHow `field_type:"open_how"` + Pathname []byte `field_type:"file_path"` + How struct { + Flags uint64 `field_type:"open_how_flags"` + Mode uint64 `field_type:"open_how_mode"` + Resolve uint64 `field_type:"open_how_resolve"` + } `field_type:"open_how"` } // bindOnlyArgs represents arguments that can only be provided by binding. bindOnlyArgs struct { @@ -41,20 +46,20 @@ type openAt2Syscall struct { } // New creates a new openat2 system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { o := &openAt2Syscall{} o.bindOnlyArgs.DirFD = unix.AT_FDCWD // o.args.How field defaulted to empty struct. argsContainer := reflect.ValueOf(&o.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&o.bindOnlyArgs).Elem() retValContainer := reflect.ValueOf(o).Elem() - defaultedArgs := []string{"dirfd", "how"} + defaultedArgs := []string{"dirfd", "how", "how.flags", "how.mode", "how.resolve"} return base.New(name, rawArgs, fieldBindings, argsContainer, bindOnlyArgsContainer, retValContainer, defaultedArgs, o.run, nil) } func (o *openAt2Syscall) run(_ context.Context) error { + fmt.Printf("%+v\n", *o) //nolint:gosec // System call invocation requires access to the raw pointer. pathnamePtr := unsafe.Pointer(&o.args.Pathname[0]) //nolint:gosec // System call invocation requires access to the raw pointer. diff --git a/pkg/test/step/syscall/read/read.go b/pkg/test/step/syscall/read/read.go index 3adf02c4..99061ddd 100644 --- a/pkg/test/step/syscall/read/read.go +++ b/pkg/test/step/syscall/read/read.go @@ -39,8 +39,7 @@ type readSyscall struct { } // New creates a new read system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { r := &readSyscall{} argsContainer := reflect.ValueOf(&r.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&r.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/sendto/sendto.go b/pkg/test/step/syscall/sendto/sendto.go index ae57e2ef..f818c87c 100644 --- a/pkg/test/step/syscall/sendto/sendto.go +++ b/pkg/test/step/syscall/sendto/sendto.go @@ -45,8 +45,7 @@ type sendToSyscall struct { } // New creates a new sendto system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { s := &sendToSyscall{} // s.args.Len defaults to the buffer length at run time, if unbound. argsContainer := reflect.ValueOf(&s.args).Elem() diff --git a/pkg/test/step/syscall/socket/socket.go b/pkg/test/step/syscall/socket/socket.go index 9f3aefa7..9c7a1041 100644 --- a/pkg/test/step/syscall/socket/socket.go +++ b/pkg/test/step/syscall/socket/socket.go @@ -39,8 +39,7 @@ type socketSyscall struct { } // New creates a new socket system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { s := &socketSyscall{} argsContainer := reflect.ValueOf(&s.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&s.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/symlink/symlink.go b/pkg/test/step/syscall/symlink/symlink.go index 311e0217..f2b37850 100644 --- a/pkg/test/step/syscall/symlink/symlink.go +++ b/pkg/test/step/syscall/symlink/symlink.go @@ -43,7 +43,7 @@ type symlinkSyscall struct { } // New creates a new symlink system call test step. -func New(name string, rawArgs map[string]string, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { s := &symlinkSyscall{} argsContainer := reflect.ValueOf(&s.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&s.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/symlink/symlink_arm64.go b/pkg/test/step/syscall/symlink/symlink_arm64.go index 56810aad..c57fee12 100644 --- a/pkg/test/step/syscall/symlink/symlink_arm64.go +++ b/pkg/test/step/syscall/symlink/symlink_arm64.go @@ -22,6 +22,6 @@ import ( "github.com/falcosecurity/event-generator/pkg/test/step/syscall" ) -func New(_ string, _ map[string]string, _ []*step.FieldBinding) (syscall.Syscall, error) { +func New(_ string, _ map[string]interface{}, _ []*step.FieldBinding) (syscall.Syscall, error) { return nil, fmt.Errorf("not supported by the architecture") } diff --git a/pkg/test/step/syscall/symlinkat/symlinkat.go b/pkg/test/step/syscall/symlinkat/symlinkat.go index 0663967a..19b63498 100644 --- a/pkg/test/step/syscall/symlinkat/symlinkat.go +++ b/pkg/test/step/syscall/symlinkat/symlinkat.go @@ -43,8 +43,7 @@ type symlinkAtSyscall struct { } // New creates a new symlinkat system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { s := &symlinkAtSyscall{} s.bindOnlyArgs.NewDirFD = unix.AT_FDCWD argsContainer := reflect.ValueOf(&s.args).Elem() diff --git a/pkg/test/step/syscall/syscall.go b/pkg/test/step/syscall/syscall.go index 20674c59..2421040e 100644 --- a/pkg/test/step/syscall/syscall.go +++ b/pkg/test/step/syscall/syscall.go @@ -74,6 +74,6 @@ const ( // Description contains information to build a new Syscall test step. type Description struct { - RawArgs map[string]string + RawArgs map[string]interface{} FieldBindings []*step.FieldBinding } diff --git a/pkg/test/step/syscall/write/write.go b/pkg/test/step/syscall/write/write.go index c2729716..4871e3ec 100644 --- a/pkg/test/step/syscall/write/write.go +++ b/pkg/test/step/syscall/write/write.go @@ -39,8 +39,7 @@ type writeSyscall struct { } // New creates a new write system call test step. -func New(name string, rawArgs map[string]string, - fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { w := &writeSyscall{} // w.args.Len defaults to the buffer length at run time, if unbound. argsContainer := reflect.ValueOf(&w.args).Elem() From 8bdb1575d6fcc91231d9933a277d2b44975ac8ac Mon Sep 17 00:00:00 2001 From: Leonardo Di Giovanna Date: Thu, 5 Dec 2024 13:31:48 +0100 Subject: [PATCH 5/5] style(decl): replace interface{} with any Signed-off-by: Leonardo Di Giovanna Co-authored-by: Aldo Lacuku --- pkg/test/loader/loader.go | 16 ++++++++-------- pkg/test/step/syscall/base/base.go | 8 ++++---- pkg/test/step/syscall/connect/connect.go | 2 +- pkg/test/step/syscall/dup/dup.go | 2 +- pkg/test/step/syscall/dup2/dup2.go | 2 +- pkg/test/step/syscall/dup2/dup2_arm64.go | 2 +- pkg/test/step/syscall/dup3/dup3.go | 2 +- pkg/test/step/syscall/finitmodule/finitmodule.go | 2 +- pkg/test/step/syscall/initmodule/initmodule.go | 2 +- pkg/test/step/syscall/kill/kill.go | 2 +- pkg/test/step/syscall/link/link.go | 2 +- pkg/test/step/syscall/link/link_arm64.go | 2 +- pkg/test/step/syscall/linkat/linkat.go | 2 +- pkg/test/step/syscall/open/open.go | 2 +- pkg/test/step/syscall/open/open_arm64.go | 2 +- pkg/test/step/syscall/openat/openat.go | 2 +- pkg/test/step/syscall/openat2/openat2.go | 2 +- pkg/test/step/syscall/read/read.go | 2 +- pkg/test/step/syscall/sendto/sendto.go | 2 +- pkg/test/step/syscall/socket/socket.go | 2 +- pkg/test/step/syscall/symlink/symlink.go | 2 +- pkg/test/step/syscall/symlink/symlink_arm64.go | 2 +- pkg/test/step/syscall/symlinkat/symlinkat.go | 2 +- pkg/test/step/syscall/syscall.go | 2 +- pkg/test/step/syscall/write/write.go | 2 +- 25 files changed, 35 insertions(+), 35 deletions(-) diff --git a/pkg/test/loader/loader.go b/pkg/test/loader/loader.go index e55fd6c6..8fff902f 100644 --- a/pkg/test/loader/loader.go +++ b/pkg/test/loader/loader.go @@ -244,7 +244,7 @@ func (r *TestResource) UnmarshalYAML(node *yaml.Node) error { // marshal the content. // TODO: this method should be implemented with a pointer receiver but unfortunately, the yaml.v3 library is only able // to call it if it is implemented with a value receiver. Uniform the receivers once the library is replaced. -func (r TestResource) MarshalYAML() (interface{}, error) { +func (r TestResource) MarshalYAML() (any, error) { switch resourceType := r.Type; resourceType { case TestResourceTypeClientServer: return struct { @@ -271,7 +271,7 @@ func (r TestResource) MarshalYAML() (interface{}, error) { // provide an addition MarshalYAML method for TestResourceFDSpec, as it will not be called by the library if the Spec // field specify "inline" (as it should be in our case). Take care of replace this with a more elegant solution once // yaml.v3 is replaced. -func (r *TestResource) marshalFD() (interface{}, error) { +func (r *TestResource) marshalFD() (any, error) { spec := r.Spec.(*TestResourceFDSpec) subSpec := spec.Spec switch subtype := spec.Subtype; subtype { @@ -592,11 +592,11 @@ func (s *TestStep) UnmarshalYAML(node *yaml.Node) error { // marshal the content. // TODO: this method should be implemented with a pointer receiver but unfortunately, the yaml.v3 library is only able // to call it if it is implemented with a value receiver. Uniform the receivers once the library is replaced. -func (s TestStep) MarshalYAML() (interface{}, error) { +func (s TestStep) MarshalYAML() (any, error) { switch stepType := s.Type; stepType { case TestStepTypeSyscall: spec := s.Spec.(*TestStepSyscallSpec) - args := make(map[string]interface{}, len(spec.Args)+len(s.FieldBindings)) + args := make(map[string]any, len(spec.Args)+len(s.FieldBindings)) for arg, argValue := range spec.Args { args[arg] = argValue } @@ -640,8 +640,8 @@ func (t *TestStepType) UnmarshalYAML(node *yaml.Node) error { // TestStepSyscallSpec describes a system call test step. type TestStepSyscallSpec struct { - Syscall SyscallName `yaml:"syscall" validate:"-"` - Args map[string]interface{} `yaml:"args" validate:"required"` + Syscall SyscallName `yaml:"syscall" validate:"-"` + Args map[string]any `yaml:"args" validate:"required"` } // TestStepFieldBinding contains the information to perform the binding of a field belonging to a source step. @@ -653,7 +653,7 @@ type TestStepFieldBinding struct { var fieldBindingRegex = regexp.MustCompile(`^\${(.+?)\.(.+)}$`) -func getFieldBindings(containingArgName string, args map[string]interface{}) []*TestStepFieldBinding { +func getFieldBindings(containingArgName string, args map[string]any) []*TestStepFieldBinding { // The prefix of each contained argument is composed by the containing argument name. var argsPrefix string if containingArgName != "" { @@ -678,7 +678,7 @@ func getFieldBindings(containingArgName string, args map[string]interface{}) []* // If an argument value is a field binding, remove it from arguments. delete(args, arg) - case map[string]interface{}: + case map[string]any: bindings = append(bindings, getFieldBindings(arg, argValue)...) } } diff --git a/pkg/test/step/syscall/base/base.go b/pkg/test/step/syscall/base/base.go index 8686c999..bf307b7c 100644 --- a/pkg/test/step/syscall/base/base.go +++ b/pkg/test/step/syscall/base/base.go @@ -60,7 +60,7 @@ var _ syscall.Syscall = (*baseSyscall)(nil) var errOpenModeMustBePositive = fmt.Errorf("open mode must be a positive integer") // New creates a new generic system call test step. -func New(stepName string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding, argsContainer, +func New(stepName string, rawArgs map[string]any, fieldBindings []*step.FieldBinding, argsContainer, bindOnlyArgsContainer, retValueContainer reflect.Value, defaultedArgs []string, runFunc, cleanupFunc func(ctx context.Context) error) (syscall.Syscall, error) { if err := checkContainersInvariants(argsContainer, bindOnlyArgsContainer, retValueContainer); err != nil { @@ -123,7 +123,7 @@ func checkContainersInvariants(argsContainer, bindOnlyArgsContainer, retValueCon // setArgFieldValues sets the argument fields in argFieldContainer to the corresponding values in rawArgs. It returns // the list of set arguments field paths. -func setArgFieldValues(argFieldContainer reflect.Value, rawArgs map[string]interface{}) ([]string, error) { +func setArgFieldValues(argFieldContainer reflect.Value, rawArgs map[string]any) ([]string, error) { fmt.Printf("setArgFieldValues rawArgs: %+v\n", rawArgs) var boundArgs []string for rawArg, rawArgValue := range rawArgs { @@ -146,7 +146,7 @@ func setArgFieldValues(argFieldContainer reflect.Value, rawArgs map[string]inter // depending on the field type. // //nolint:gocyclo // Disable cyclomatic complexity check. -func setArgFieldValue(argField *field.Field, value interface{}) ([]string, error) { +func setArgFieldValue(argField *field.Field, value any) ([]string, error) { boundArgs := []string{argField.Path} argFieldValue := argField.Value switch argFieldType := argField.Type; argFieldType { @@ -280,7 +280,7 @@ func setArgFieldValue(argField *field.Field, value interface{}) ([]string, error return boundArgs, nil } -func setSubArgFieldValues(argField *field.Field, value interface{}) ([]string, error) { +func setSubArgFieldValues(argField *field.Field, value any) ([]string, error) { rawArgs, err := parseMap(value) if err != nil { return nil, fmt.Errorf("cannot parse argument field: %w", err) diff --git a/pkg/test/step/syscall/connect/connect.go b/pkg/test/step/syscall/connect/connect.go index f185fb93..c8f44c8d 100644 --- a/pkg/test/step/syscall/connect/connect.go +++ b/pkg/test/step/syscall/connect/connect.go @@ -38,7 +38,7 @@ type connectSyscall struct { } // New creates a new connect system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { c := &connectSyscall{} argsContainer := reflect.ValueOf(&c.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&c.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/dup/dup.go b/pkg/test/step/syscall/dup/dup.go index 1dee87d8..8064e06d 100644 --- a/pkg/test/step/syscall/dup/dup.go +++ b/pkg/test/step/syscall/dup/dup.go @@ -37,7 +37,7 @@ type dupSyscall struct { } // New creates a new dup system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { d := &dupSyscall{} argsContainer := reflect.ValueOf(&d.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&d.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/dup2/dup2.go b/pkg/test/step/syscall/dup2/dup2.go index 2b2353d2..3307b529 100644 --- a/pkg/test/step/syscall/dup2/dup2.go +++ b/pkg/test/step/syscall/dup2/dup2.go @@ -42,7 +42,7 @@ type dup2Syscall struct { } // New creates a new dup2 system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { d := &dup2Syscall{savedFD: -1} argsContainer := reflect.ValueOf(&d.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&d.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/dup2/dup2_arm64.go b/pkg/test/step/syscall/dup2/dup2_arm64.go index b3e07bef..7009e064 100644 --- a/pkg/test/step/syscall/dup2/dup2_arm64.go +++ b/pkg/test/step/syscall/dup2/dup2_arm64.go @@ -22,6 +22,6 @@ import ( "github.com/falcosecurity/event-generator/pkg/test/step/syscall" ) -func New(_ string, _ map[string]interface{}, _ []*step.FieldBinding) (syscall.Syscall, error) { +func New(_ string, _ map[string]any, _ []*step.FieldBinding) (syscall.Syscall, error) { return nil, fmt.Errorf("not supported by the architecture") } diff --git a/pkg/test/step/syscall/dup3/dup3.go b/pkg/test/step/syscall/dup3/dup3.go index f3781c4a..a36012ba 100644 --- a/pkg/test/step/syscall/dup3/dup3.go +++ b/pkg/test/step/syscall/dup3/dup3.go @@ -41,7 +41,7 @@ type dup3Syscall struct { } // New creates a new dup3 system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { d := &dup3Syscall{savedFD: -1} // d.args.Flags defaulted to 0 argsContainer := reflect.ValueOf(&d.args).Elem() diff --git a/pkg/test/step/syscall/finitmodule/finitmodule.go b/pkg/test/step/syscall/finitmodule/finitmodule.go index 33da0a28..a25fdbb4 100644 --- a/pkg/test/step/syscall/finitmodule/finitmodule.go +++ b/pkg/test/step/syscall/finitmodule/finitmodule.go @@ -40,7 +40,7 @@ type finitModuleSyscall struct { } // New creates a new finit_module system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { f := &finitModuleSyscall{} // f.args.ParamValues defaulted to "" // f.args.Flags defaulted to 0 diff --git a/pkg/test/step/syscall/initmodule/initmodule.go b/pkg/test/step/syscall/initmodule/initmodule.go index 21d000ed..c26b73aa 100644 --- a/pkg/test/step/syscall/initmodule/initmodule.go +++ b/pkg/test/step/syscall/initmodule/initmodule.go @@ -38,7 +38,7 @@ type initModuleSyscall struct { } // New creates a new init_module system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { i := &initModuleSyscall{} // i.args.ParamValues defaulted to "" argsContainer := reflect.ValueOf(&i.args).Elem() diff --git a/pkg/test/step/syscall/kill/kill.go b/pkg/test/step/syscall/kill/kill.go index db45c77b..06cffb6b 100644 --- a/pkg/test/step/syscall/kill/kill.go +++ b/pkg/test/step/syscall/kill/kill.go @@ -39,7 +39,7 @@ type killSyscall struct { } // New creates a new kill system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { k := &killSyscall{} argsContainer := reflect.ValueOf(&k.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&k.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/link/link.go b/pkg/test/step/syscall/link/link.go index 0a163897..b39b1954 100644 --- a/pkg/test/step/syscall/link/link.go +++ b/pkg/test/step/syscall/link/link.go @@ -43,7 +43,7 @@ type linkSyscall struct { } // New creates a new link system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { l := &linkSyscall{} argsContainer := reflect.ValueOf(&l.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&l.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/link/link_arm64.go b/pkg/test/step/syscall/link/link_arm64.go index d1f82c3c..6287e111 100644 --- a/pkg/test/step/syscall/link/link_arm64.go +++ b/pkg/test/step/syscall/link/link_arm64.go @@ -22,6 +22,6 @@ import ( "github.com/falcosecurity/event-generator/pkg/test/step/syscall" ) -func New(_ string, _ map[string]interface{}, _ []*step.FieldBinding) (syscall.Syscall, error) { +func New(_ string, _ map[string]any, _ []*step.FieldBinding) (syscall.Syscall, error) { return nil, fmt.Errorf("not supported by the architecture") } diff --git a/pkg/test/step/syscall/linkat/linkat.go b/pkg/test/step/syscall/linkat/linkat.go index 42a76b48..1b742d0e 100644 --- a/pkg/test/step/syscall/linkat/linkat.go +++ b/pkg/test/step/syscall/linkat/linkat.go @@ -45,7 +45,7 @@ type linkAtSyscall struct { } // New creates a new linkat system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { l := &linkAtSyscall{} l.bindOnlyArgs.OldDirFD = unix.AT_FDCWD l.bindOnlyArgs.NewDirFD = unix.AT_FDCWD diff --git a/pkg/test/step/syscall/open/open.go b/pkg/test/step/syscall/open/open.go index 909c44c3..27703745 100644 --- a/pkg/test/step/syscall/open/open.go +++ b/pkg/test/step/syscall/open/open.go @@ -42,7 +42,7 @@ type openSyscall struct { } // New creates a new open system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { o := &openSyscall{} // o.args.Mode defaulted to 0 argsContainer := reflect.ValueOf(&o.args).Elem() diff --git a/pkg/test/step/syscall/open/open_arm64.go b/pkg/test/step/syscall/open/open_arm64.go index 80db5e23..5003cef0 100644 --- a/pkg/test/step/syscall/open/open_arm64.go +++ b/pkg/test/step/syscall/open/open_arm64.go @@ -22,6 +22,6 @@ import ( "github.com/falcosecurity/event-generator/pkg/test/step/syscall" ) -func New(_ string, _ map[string]interface{}, _ []*step.FieldBinding) (syscall.Syscall, error) { +func New(_ string, _ map[string]any, _ []*step.FieldBinding) (syscall.Syscall, error) { return nil, fmt.Errorf("not supported by the architecture") } diff --git a/pkg/test/step/syscall/openat/openat.go b/pkg/test/step/syscall/openat/openat.go index e43346a7..b1ff2dd1 100644 --- a/pkg/test/step/syscall/openat/openat.go +++ b/pkg/test/step/syscall/openat/openat.go @@ -42,7 +42,7 @@ type openAtSyscall struct { } // New creates a new openat system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { o := &openAtSyscall{} o.bindOnlyArgs.DirFD = unix.AT_FDCWD // o.args.Mode defaulted to 0 diff --git a/pkg/test/step/syscall/openat2/openat2.go b/pkg/test/step/syscall/openat2/openat2.go index fc8a6dcf..99ba8ee9 100644 --- a/pkg/test/step/syscall/openat2/openat2.go +++ b/pkg/test/step/syscall/openat2/openat2.go @@ -46,7 +46,7 @@ type openAt2Syscall struct { } // New creates a new openat2 system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { o := &openAt2Syscall{} o.bindOnlyArgs.DirFD = unix.AT_FDCWD // o.args.How field defaulted to empty struct. diff --git a/pkg/test/step/syscall/read/read.go b/pkg/test/step/syscall/read/read.go index 99061ddd..a77aa911 100644 --- a/pkg/test/step/syscall/read/read.go +++ b/pkg/test/step/syscall/read/read.go @@ -39,7 +39,7 @@ type readSyscall struct { } // New creates a new read system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { r := &readSyscall{} argsContainer := reflect.ValueOf(&r.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&r.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/sendto/sendto.go b/pkg/test/step/syscall/sendto/sendto.go index f818c87c..40cb401c 100644 --- a/pkg/test/step/syscall/sendto/sendto.go +++ b/pkg/test/step/syscall/sendto/sendto.go @@ -45,7 +45,7 @@ type sendToSyscall struct { } // New creates a new sendto system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { s := &sendToSyscall{} // s.args.Len defaults to the buffer length at run time, if unbound. argsContainer := reflect.ValueOf(&s.args).Elem() diff --git a/pkg/test/step/syscall/socket/socket.go b/pkg/test/step/syscall/socket/socket.go index 9c7a1041..fa1196d5 100644 --- a/pkg/test/step/syscall/socket/socket.go +++ b/pkg/test/step/syscall/socket/socket.go @@ -39,7 +39,7 @@ type socketSyscall struct { } // New creates a new socket system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { s := &socketSyscall{} argsContainer := reflect.ValueOf(&s.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&s.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/symlink/symlink.go b/pkg/test/step/syscall/symlink/symlink.go index f2b37850..6b94e5ec 100644 --- a/pkg/test/step/syscall/symlink/symlink.go +++ b/pkg/test/step/syscall/symlink/symlink.go @@ -43,7 +43,7 @@ type symlinkSyscall struct { } // New creates a new symlink system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { s := &symlinkSyscall{} argsContainer := reflect.ValueOf(&s.args).Elem() bindOnlyArgsContainer := reflect.ValueOf(&s.bindOnlyArgs).Elem() diff --git a/pkg/test/step/syscall/symlink/symlink_arm64.go b/pkg/test/step/syscall/symlink/symlink_arm64.go index c57fee12..0fcc9fb2 100644 --- a/pkg/test/step/syscall/symlink/symlink_arm64.go +++ b/pkg/test/step/syscall/symlink/symlink_arm64.go @@ -22,6 +22,6 @@ import ( "github.com/falcosecurity/event-generator/pkg/test/step/syscall" ) -func New(_ string, _ map[string]interface{}, _ []*step.FieldBinding) (syscall.Syscall, error) { +func New(_ string, _ map[string]any, _ []*step.FieldBinding) (syscall.Syscall, error) { return nil, fmt.Errorf("not supported by the architecture") } diff --git a/pkg/test/step/syscall/symlinkat/symlinkat.go b/pkg/test/step/syscall/symlinkat/symlinkat.go index 19b63498..f3ce1ede 100644 --- a/pkg/test/step/syscall/symlinkat/symlinkat.go +++ b/pkg/test/step/syscall/symlinkat/symlinkat.go @@ -43,7 +43,7 @@ type symlinkAtSyscall struct { } // New creates a new symlinkat system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { s := &symlinkAtSyscall{} s.bindOnlyArgs.NewDirFD = unix.AT_FDCWD argsContainer := reflect.ValueOf(&s.args).Elem() diff --git a/pkg/test/step/syscall/syscall.go b/pkg/test/step/syscall/syscall.go index 2421040e..0766887c 100644 --- a/pkg/test/step/syscall/syscall.go +++ b/pkg/test/step/syscall/syscall.go @@ -74,6 +74,6 @@ const ( // Description contains information to build a new Syscall test step. type Description struct { - RawArgs map[string]interface{} + RawArgs map[string]any FieldBindings []*step.FieldBinding } diff --git a/pkg/test/step/syscall/write/write.go b/pkg/test/step/syscall/write/write.go index 4871e3ec..d29bd6ab 100644 --- a/pkg/test/step/syscall/write/write.go +++ b/pkg/test/step/syscall/write/write.go @@ -39,7 +39,7 @@ type writeSyscall struct { } // New creates a new write system call test step. -func New(name string, rawArgs map[string]interface{}, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { +func New(name string, rawArgs map[string]any, fieldBindings []*step.FieldBinding) (syscall.Syscall, error) { w := &writeSyscall{} // w.args.Len defaults to the buffer length at run time, if unbound. argsContainer := reflect.ValueOf(&w.args).Elem()