Bug Report

Issue:

Kubearmor crashes when adding a policy show below. Note: It is happenning with the below policy only.

Policy:

apiVersion: kubearmor.io/v1

kind: KubeArmorPolicy

metadata:

name: linux-system-policy

spec:

tags : ["MITRE", "T1055.008", "Privilege Escalation", "P-trace"]

message: "Syscalls access...!!!"

policy:

- name: RestrictSyscalls

  rules:

    #- rule: DenyRootFSMount

    #  syscall:

    #    - mount

    #  args:

    #    - rootfs

    #- rule: DenySystemControl

    #  syscall:

    #    - reboot

    #    - init_module

    #    - delete_module

    - rule: DenySleepWith100

      syscall:

        - sleep

      args:

        - 1000

      action: Audit

General Information

Environment description: VM machine running Ubuntu 22.04
Kernel version : Linux kamal-VirtualBox 5.19.0-46-generic #47~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Wed Jun 21 15:35:31 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
Orchestration system version in use (e.g. kubectl version, ...) NA
Link to relevant artifacts (policies, deployments scripts, ...) Policy is show above.
Target containers/pods: It is not kubernetes environment.

To Reproduce

1) Add the policy mentioned above: karmor vm policy add syscall.yaml

Expected behavior

Adding policy should be successful.

Screenshots

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: panic: runtime error: invalid memory address or nil pointer dereference

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x182f530]

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: goroutine 1607 [running]:

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: github.com/kubearmor/KubeArmor/KubeArmor/policy.(*ServiceServer).ContainerPolicy(0xc000c7eb80, {0xc005fe7a00?, 0x559f06?}, 0xc005fe7a00)

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: /home/runner/work/KubeArmor/KubeArmor/KubeArmor/policy/policy.go:34 +0xb0

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: github.com/kubearmor/KubeArmor/protobuf._PolicyService_ContainerPolicy_Handler({0x1be1b20?, 0xc000c7eb80}, {0x215ebf0, 0xc000cd3410}, 0xc0000e62a0, 0x0)

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: /home/runner/work/KubeArmor/KubeArmor/protobuf/policy_grpc.pb.go:91 +0x170

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: google.golang.org/grpc.(*Server).processUnaryRPC(0xc00026a000, {0x2165a00, 0xc000dc2820}, 0xc00036b560, 0xc000cdce70, 0x3129380, 0x0)

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: /home/runner/go/pkg/mod/google.golang.org/grpc@v1.55.0/server.go:1337 +0xdf3

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: google.golang.org/grpc.(*Server).handleStream(0xc00026a000, {0x2165a00, 0xc000dc2820}, 0xc00036b560, 0x0)

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: /home/runner/go/pkg/mod/google.golang.org/grpc@v1.55.0/server.go:1714 +0xa36

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: google.golang.org/grpc.(*Server).serveStreams.func1.1()

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: /home/runner/go/pkg/mod/google.golang.org/grpc@v1.55.0/server.go:959 +0x98

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: created by google.golang.org/grpc.(*Server).serveStreams.func1

Jul 20 00:46:52 kamal-VirtualBox kubearmor[4421]: /home/runner/go/pkg/mod/google.golang.org/grpc@v1.55.0/server.go:957 +0x18c

Jul 20 00:46:52 kamal-VirtualBox systemd[1]: kubearmor.service: Main process exited, code=exited, status=2/INVALIDARGUMENT

Jul 20 00:46:52 kamal-VirtualBox systemd[1]: kubearmor.service: Failed with result 'exit-code'.

Jul 20 00:46:52 kamal-VirtualBox systemd[1]: kubearmor.service: Consumed 8.287s CPU time.

kamal@kamal-VirtualBox:/opt/kubearmor$ sudo systemctl status kubearmor

× kubearmor.service - KubeArmor

 Loaded: loaded (/lib/systemd/system/kubearmor.service; enabled; vendor preset: enabled)

 Active: failed (Result: exit-code) since Thu 2023-07-20 00:46:52 IST; 6min ago

Process: 4421 ExecStart=/opt/kubearmor/kubearmor (code=exited, status=2)

Main PID: 4421 (code=exited, status=2)

    CPU: 8.287s