rules update: add more sensitive host path to sensitive_host_mount macro

Signed-off-by: kaizhe <derek0405@gmail.com>

rules/falco_rules.yaml

@@ -1832,10 +1832,14 @@
 - macro: sensitive_mount
   condition: (container.mount.dest[/proc*] != "N/A" or
               container.mount.dest[/var/run/docker.sock] != "N/A" or
+              container.mount.dest[/var/run/crio/crio.sock] != "N/A" or
               container.mount.dest[/var/lib/kubelet] != "N/A" or
               container.mount.dest[/var/lib/kubelet/pki] != "N/A" or
               container.mount.dest[/] != "N/A" or
+              container.mount.dest[/home*] != "N/A" or
               container.mount.dest[/etc] != "N/A" or
+              container.mount.dest[/etc/kubernetes] != "N/A" or # static pod path
+              container.mount.dest[/etc/kubernetes/manifests] != "N/A" or # static pod path
               container.mount.dest[/root*] != "N/A")
 
 # The steps libcontainer performs to set up the root program for a container are:

rules/k8s_audit_rules.yaml

@@ -1,4 +1,4 @@
-#
+
 # Copyright (C) 2019 The Falco Authors.
 #
 #
@@ -125,7 +125,7 @@
 
 - macro: sensitive_vol_mount
   condition: >
-    (ka.req.pod.volumes.hostpath intersects (/proc, /var/run/docker.sock, /, /etc, /root))
+    (ka.req.pod.volumes.hostpath intersects (/proc, /var/run/docker.sock, /, /etc, /root, /var/run/crio/crio.sock, /home))
 
 - rule: Create Sensitive Mount Pod
   desc: >