Thomas Pasquier
Thomas Pasquier
We would want to run CamFlow on Raspberry Pi (testing on V3 model B) Progress to this point: - kernel build on the pi as of commit https://github.com/CamFlow/camflow-dev/commit/6b084cf7d02686f04bcc453110b8228980913a9a `make compile...
Adding the following line: `prov_policy.prov_node_filter = ENT_INODE_UNKNOWN & ENT_INODE_DIRECTORY & ENT_INODE_DIRECTORY & ENT_ENV;` here https://github.com/CamFlow/camflow-dev/blob/0fab1b96c7d7ee0511dbcfef8ae2b9f3b86fe43d/security/provenance/hooks.c#L2905 should work. It should be added when whole provenance capture is selected in the kernel...
Add: - Log if we overwrite. - Means to have some information about the state of the buffers.
There is two options that come to my mind: - As node attributes (current implemented approach); - As a separate node in the graph? (in the same way, the "machine"...
One of the two socket pair is not connected. Neither through `socket_create` nor `socker_pair_create`.  Expectation is for the second socket to be connected too. Looking at CamFlow's code it...
At the moment we verify that we do not crash by running CamFlow for a while in a VM. It helps catch some issues, but we need a more systematic...
Selective provenance capture only support IPv4 for now. IPv6 needs to be supported.
Look at stuff like: https://nostillsearching.wordpress.com/2012/09/22/compiling-linux-kernel-and-running-it-using-qemu/