ebpf

package
v0.0.0-...-eb3d71d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 27, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package ebpf holds ebpf related files

Package ebpf holds ebpf related files

Index

Constants

This section is empty.

Variables

View Source 
var (
	ZeroUint8MapItem  = BytesMapItem([]byte{0})
	ZeroUint32MapItem = BytesMapItem([]byte{0, 0, 0, 0})
	ZeroUint64MapItem = BytesMapItem([]byte{0, 0, 0, 0, 0, 0, 0, 0})
)

Zero table items

View Source 
var (
	// BufferSelectorSyscallMonitorKey is the key used to select the active syscall monitor buffer key
	BufferSelectorSyscallMonitorKey = ZeroUint32MapItem
	// BufferSelectorERPCMonitorKey is the key used to select the active eRPC monitor buffer key
	BufferSelectorERPCMonitorKey = Uint32MapItem(1)
	// BufferSelectorDiscarderMonitorKey is the key used to select the active discarder monitor buffer key
	BufferSelectorDiscarderMonitorKey = Uint32MapItem(2)
	// BufferSelectorApproverMonitorKey is the key used to select the active approver monitor buffer key
	BufferSelectorApproverMonitorKey = Uint32MapItem(3)
)
View Source 
var Uint32FlagsZeroMapItem = make([]byte, 8)

Uint32FlagsZeroMapItem value used to reset the map entry

View Source 
var Uint64FlagsZeroMapItem = make([]byte, 16)

Uint64FlagsZeroMapItem value used to reset the map entry

Functions

func IsSyscallWrapperRequired 

func IsSyscallWrapperRequired() (bool, error)

IsSyscallWrapperRequired checks whether the wrapper is required

func NewDefaultOptions 

func NewDefaultOptions() manager.Options

NewDefaultOptions returns a new instance of the default runtime security manager options

func NewRuntimeSecurityManager 

func NewRuntimeSecurityManager(supportsRingBuffers, useFentry bool) *manager.Manager

NewRuntimeSecurityManager returns a new instance of the runtime security module manager

Types

type BytesMapItem 

type BytesMapItem []byte

BytesMapItem describes a raw table key or value

func (BytesMapItem) MarshalBinary 

func (i BytesMapItem) MarshalBinary() ([]byte, error)

MarshalBinary returns the binary representation of a BytesMapItem

type OffsetGuesserLoader 

type OffsetGuesserLoader struct {
	// contains filtered or unexported fields
}

OffsetGuesserLoader defines an eBPF Loader

func NewOffsetGuesserLoader 

func NewOffsetGuesserLoader(config *config.Config) *OffsetGuesserLoader

NewOffsetGuesserLoader returns a new OffsetGuesserLoader

func (*OffsetGuesserLoader) Close 

func (l *OffsetGuesserLoader) Close() error

Close the OffsetGuesserLoader

func (*OffsetGuesserLoader) Load 

func (l *OffsetGuesserLoader) Load() (bytecode.AssetReader, error)

Load eBPF programs

type ProbeLoader 

type ProbeLoader struct {
	// contains filtered or unexported fields
}

ProbeLoader defines an eBPF ProbeLoader

func NewProbeLoader 

func NewProbeLoader(config *config.Config, useSyscallWrapper, useRingBuffer bool, useFentry bool, statsdClient statsd.ClientInterface) *ProbeLoader

NewProbeLoader returns a new Loader

func (*ProbeLoader) Close 

func (l *ProbeLoader) Close() error

Close the ProbeLoader

func (*ProbeLoader) Load 

func (l *ProbeLoader) Load() (bytecode.AssetReader, bool, error)

Load eBPF programs

type StringMapItem 

type StringMapItem struct {
	// contains filtered or unexported fields
}

StringMapItem describes an string table key or value

func NewStringMapItem 

func NewStringMapItem(str string, size int) *StringMapItem

NewStringMapItem returns a new StringMapItem

func (*StringMapItem) MarshalBinary 

func (i *StringMapItem) MarshalBinary() ([]byte, error)

MarshalBinary returns the binary representation of a StringMapItem

type UInt32RangeMapItem 

type UInt32RangeMapItem struct {
	Min uint32
	Max uint32
}

UInt32RangeMapItem defines a uint32 range map item

func NewUInt32RangeMapItem 

func NewUInt32RangeMapItem(min, max uint32) *UInt32RangeMapItem

NewUInt32RangeMapItem returns a new UInt32RangeMapItem

func (*UInt32RangeMapItem) MarshalBinary 

func (i *UInt32RangeMapItem) MarshalBinary() ([]byte, error)

MarshalBinary returns the binary representation of a UInt32RangeMapItem

type Uint16MapItem 

type Uint16MapItem uint16

Uint16MapItem describes an uint16 table key or value

func (Uint16MapItem) MarshalBinary 

func (i Uint16MapItem) MarshalBinary() ([]byte, error)

MarshalBinary returns the binary representation of a Uint16MapItem

type Uint32FlagsMapItem 

type Uint32FlagsMapItem uint32

Uint32FlagsMapItem describes an flags table key or value

func NewUint32FlagsMapItem 

func NewUint32FlagsMapItem(i uint32) *Uint32FlagsMapItem

NewUint32FlagsMapItem returns a new Uint32FlagsMapItem

func (*Uint32FlagsMapItem) MarshalBinary 

func (i *Uint32FlagsMapItem) MarshalBinary() ([]byte, error)

MarshalBinary returns the binary representation of a Uint32FlagsMapItem

type Uint32MapItem 

type Uint32MapItem uint32

Uint32MapItem describes an uint32 table key or value

func (Uint32MapItem) MarshalBinary 

func (i Uint32MapItem) MarshalBinary() ([]byte, error)

MarshalBinary returns the binary representation of a Uint32MapItem

type Uint64FlagsMapItem 

type Uint64FlagsMapItem uint64

Uint64FlagsMapItem describes an flags table key or value

func NewUint64FlagsMapItem 

func NewUint64FlagsMapItem(i uint64) *Uint64FlagsMapItem

NewUint64FlagsMapItem returns a new Uint64FlagsMapItem

func (*Uint64FlagsMapItem) MarshalBinary 

func (i *Uint64FlagsMapItem) MarshalBinary() ([]byte, error)

MarshalBinary returns the binary representation of a Uint64FlagsMapItem

type Uint64MapItem 

type Uint64MapItem uint64

Uint64MapItem describes an uint64 table key or value

func (Uint64MapItem) MarshalBinary 

func (i Uint64MapItem) MarshalBinary() ([]byte, error)

MarshalBinary returns the binary representation of a Uint64MapItem

type Uint8MapItem 

type Uint8MapItem uint8

Uint8MapItem describes an uint8 table key or value

func (Uint8MapItem) MarshalBinary 

func (i Uint8MapItem) MarshalBinary() ([]byte, error)

MarshalBinary returns the binary representation of a Uint8MapItem

Source Files

View all Source files

Directories

Path Synopsis
Package kernel holds kernel related files
 Package kernel holds kernel related files
Package probes holds probes related files
 Package probes holds probes related files
rawpacket
Package rawpacket holds rawpacket related files
 Package rawpacket holds rawpacket related files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.