model

package
v0.0.0-...-d5876ce Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 28, 2023 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// PathMaxLen is the maximum path allowed
	PathMaxLen = 350
)

Variables

View Source 
var ByteOrder binary.ByteOrder

ByteOrder holds the hosts byte order

View Source 
var (
	// ErrNotEnoughData is used to notify that not enough data was read from the perf buffer
	ErrNotEnoughData = errors.New("not enough data")
)

Functions

func GetHostByteOrder 

func GetHostByteOrder() binary.ByteOrder

GetHostByteOrder guesses the hosts byte order

Types

type AttachType 

type AttachType uint32
const (
	BpfCgroupInetIngress AttachType = iota + 1
	BpfCgroupInetEgress
	BpfCgroupInetSockCreate
	BpfCgroupSockOps
	BpfSkSkbStreamParser
	BpfSkSkbStreamVerdict
	BpfCgroupDevice
	BpfSkMsgVerdict
	BpfCgroupInet4Bind
	BpfCgroupInet6Bind
	BpfCgroupInet4Connect
	BpfCgroupInet6Connect
	BpfCgroupInet4PostBind
	BpfCgroupInet6PostBind
	BpfCgroupUdp4Sendmsg
	BpfCgroupUdp6Sendmsg
	BpfLircMode2
	BpfFlowDissector
	BpfCgroupSysctl
	BpfCgroupUdp4Recvmsg
	BpfCgroupUdp6Recvmsg
	BpfCgroupGetsockopt
	BpfCgroupSetsockopt
	BpfTraceRawTp
	BpfTraceFentry
	BpfTraceFexit
	BpfModifyReturn
	BpfLsmMac
	BpfTraceIter
	BpfCgroupInet4Getpeername
	BpfCgroupInet6Getpeername
	BpfCgroupInet4Getsockname
	BpfCgroupInet6Getsockname
	BpfXdpDevmap
	BpfCgroupInetSockRelease
	BpfXdpCpumap
	BpfSkLookup
	BpfXdp
	BpfSkSkbVerdict
)

func NewAttachType 

func NewAttachType(progType ProgramType, attachType uint32) AttachType

func (AttachType) MarshalJSON 

func (a AttachType) MarshalJSON() ([]byte, error)

func (AttachType) String 

func (a AttachType) String() string

type BPFCmd 

type BPFCmd uint32
const (
	BpfMapCreate BPFCmd = iota
	BpfCmdMapLookupElem
	BpfCmdMapUpdateElem
	BpfCmdMapDeleteElem
	BpfCmdMapGetNextKey
	BpfProgLoad
	BpfObjPin
	BpfObjGet
	BpfProgAttach
	BpfProgDetach
	BpfProgTestRun
	BpfProgGetNextId
	BpfMapGetNextId
	BpfProgGetFdById
	BpfMapGetFdById
	BpfObjGetInfoByFd
	BpfProgQuery
	BpfRawTracepointOpen
	BpfBtfLoad
	BpfBtfGetFdById
	BpfTaskFdQuery
	BpfMapLookupAndDeleteElem
	BpfMapFreeze
	BpfBtfGetNextId
	BpfMapLookupBatch
	BpfMapLookupAndDeleteBatch
	BpfMapUpdateBatch
	BpfMapDeleteBatch
	BpfLinkCreate
	BpfLinkUpdate
	BpfLinkGetFdById
	BpfLinkGetNextId
	BpfEnableStats
	BpfIterCreate
	BpfLinkDetach
	BpfProgBindMap
)

func (BPFCmd) MarshalJSON 

func (cmd BPFCmd) MarshalJSON() ([]byte, error)

func (BPFCmd) String 

func (cmd BPFCmd) String() string

type EBPFKitOptions 

type EBPFKitOptions struct {
	LogLevel logrus.Level

	// static analysis option
	EBPFAssetPath string
	Section       string
	Helper        string
	Map           string
	Dump          bool

	// runtime monitoring options
	AllowedProcesses []string
	OutputDirectory  string
}

func (EBPFKitOptions) GetAllowedProcessesKV 

func (o EBPFKitOptions) GetAllowedProcessesKV(executable string) []ebpf.MapKV

type Event 

type Event struct {
	Timestamp time.Time `json:"timestamp"`
	Command   BPFCmd    `json:"command"`
	Map       *Map      `json:"map,omitempty"`
	Program   *Program  `json:"program,omitempty"`
	Comm      string    `json:"comm,omitempty"`
}

func (Event) String 

func (e Event) String() string

func (*Event) UnmarshalBinary 

func (e *Event) UnmarshalBinary(data []byte, bootTime time.Time) (int, error)

type HelperFunc 

type HelperFunc uint32
const (
	BpfUnspec HelperFunc = iota
	BpfMapLookupElem
	BpfMapUpdateElem
	BpfMapDeleteElem
	BpfProbeRead
	BpfKtimeGetNs
	BpfTracePrintk
	BpfGetPrandomU32
	BpfGetSmpProcessorId
	BpfSkbStoreBytes
	BpfL3CsumReplace
	BpfL4CsumReplace
	BpfTailCall
	BpfCloneRedirect
	BpfGetCurrentPidTgid
	BpfGetCurrentUidGid
	BpfGetCurrentComm
	BpfGetCgroupClassid
	BpfSkbVlanPush
	BpfSkbVlanPop
	BpfSkbGetTunnelKey
	BpfSkbSetTunnelKey
	BpfPerfEventRead
	BpfRedirect
	BpfGetRouteRealm
	BpfPerfEventOutput
	BpfSkbLoadBytes
	BpfGetStackid
	BpfCsumDiff
	BpfSkbGetTunnelOpt
	BpfSkbSetTunnelOpt
	BpfSkbChangeProto
	BpfSkbChangeType
	BpfSkbUnderCgroup
	BpfGetHashRecalc
	BpfGetCurrentTask
	BpfProbeWriteUser
	BpfCurrentTaskUnderCgroup
	BpfSkbChangeTail
	BpfSkbPullData
	BpfCsumUpdate
	BpfSetHashInvalid
	BpfGetNumaNodeId
	BpfSkbChangeHead
	BpfXdpAdjustHead
	BpfProbeReadStr
	BpfGetSocketCookie
	BpfGetSocketUid
	BpfSetHash
	BpfSetsockopt
	BpfSkbAdjustRoom
	BpfRedirectMap
	BpfSkRedirectMap
	BpfSockMapUpdate
	BpfXdpAdjustMeta
	BpfPerfEventReadValue
	BpfPerfProgReadValue
	BpfGetsockopt
	BpfOverrideReturn
	BpfSockOpsCbFlagsSet
	BpfMsgRedirectMap
	BpfMsgApplyBytes
	BpfMsgCorkBytes
	BpfMsgPullData
	BpfBind
	BpfXdpAdjustTail
	BpfSkbGetXfrmState
	BpfGetStack
	BpfSkbLoadBytesRelative
	BpfFibLookup
	BpfSockHashUpdate
	BpfMsgRedirectHash
	BpfSkRedirectHash
	BpfLwtPushEncap
	BpfLwtSeg6StoreBytes
	BpfLwtSeg6AdjustSrh
	BpfLwtSeg6Action
	BpfRcRepeat
	BpfRcKeydown
	BpfSkbCgroupId
	BpfGetCurrentCgroupId
	BpfGetLocalStorage
	BpfSkSelectReuseport
	BpfSkbAncestorCgroupId
	BpfSkLookupTcp
	BpfSkLookupUdp
	BpfSkRelease
	BpfMapPushElem
	BpfMapPopElem
	BpfMapPeekElem
	BpfMsgPushData
	BpfMsgPopData
	BpfRcPointerRel
	BpfSpinLock
	BpfSpinUnlock
	BpfSkFullsock
	BpfTcpSock
	BpfSkbEcnSetCe
	BpfGetListenerSock
	BpfSkcLookupTcp
	BpfTcpCheckSyncookie
	BpfSysctlGetName
	BpfSysctlGetCurrentValue
	BpfSysctlGetNewValue
	BpfSysctlSetNewValue
	BpfStrtol
	BpfStrtoul
	BpfSkStorageGet
	BpfSkStorageDelete
	BpfSendSignal
	BpfTcpGenSyncookie
	BpfSkbOutput
	BpfProbeReadUser
	BpfProbeReadKernel
	BpfProbeReadUserStr
	BpfProbeReadKernelStr
	BpfTcpSendAck
	BpfSendSignalThread
	BpfJiffies64
	BpfReadBranchRecords
	BpfGetNsCurrentPidTgid
	BpfXdpOutput
	BpfGetNetnsCookie
	BpfGetCurrentAncestorCgroupId
	BpfSkAssign
	BpfKtimeGetBootNs
	BpfSeqPrintf
	BpfSeqWrite
	BpfSkCgroupId
	BpfSkAncestorCgroupId
	BpfRingbufOutput
	BpfRingbufReserve
	BpfRingbufSubmit
	BpfRingbufDiscard
	BpfRingbufQuery
	BpfCsumLevel
	BpfSkcToTcp6Sock
	BpfSkcToTcpSock
	BpfSkcToTcpTimewaitSock
	BpfSkcToTcpRequestSock
	BpfSkcToUdp6Sock
	BpfGetTaskStack
	BpfLoadHdrOpt
	BpfStoreHdrOpt
	BpfReserveHdrOpt
	BpfInodeStorageGet
	BpfInodeStorageDelete
	BpfDPath
	BpfCopyFromUser
	BpfSnprintfBtf
	BpfSeqPrintfBtf
	BpfSkbCgroupClassid
	BpfRedirectNeigh
	BpfPerCpuPtr
	BpfThisCpuPtr
	BpfRedirectPeer
	BpfTaskStorageGet
	BpfTaskStorageDelete
	BpfGetCurrentTaskBtf
	BpfBprmOptsSet
	BpfKtimeGetCoarseNs
	BpfImaInodeHash
	BpfSockFromFile
	BpfCheckMtu
	BpfForEachMapElem
	BpfSnprintf
)

func (HelperFunc) MarshalJSON 

func (f HelperFunc) MarshalJSON() ([]byte, error)

func (HelperFunc) String 

func (f HelperFunc) String() string

type LogLevelSanitizer 

type LogLevelSanitizer struct {
	// contains filtered or unexported fields
}

LogLevelSanitizer is a log level sanitizer that ensures that the provided log level exists

func NewLogLevelSanitizer 

func NewLogLevelSanitizer(sanitizedLevel *logrus.Level) *LogLevelSanitizer

NewLogLevelSanitizer creates a new instance of LogLevelSanitizer. The sanitized level will be written in the provided logrus level

func (*LogLevelSanitizer) Set 

func (lls *LogLevelSanitizer) Set(val string) error

func (*LogLevelSanitizer) String 

func (lls *LogLevelSanitizer) String() string

func (*LogLevelSanitizer) Type 

func (lls *LogLevelSanitizer) Type() string

type Map 

type Map struct {
	ID   uint32  `json:"id"`
	Type MapType `json:"type"`
	Name string  `json:"name"`
}

func (Map) String 

func (m Map) String() string

func (*Map) UnmarshalBinary 

func (m *Map) UnmarshalBinary(data []byte) (int, error)

type MapType 

type MapType uint32
const (
	BpfMapTypeUnspec MapType = iota
	BpfMapTypeHash
	BpfMapTypeArray
	BpfMapTypeProgArray
	BpfMapTypePerfEventArray
	BpfMapTypePercpuHash
	BpfMapTypePercpuArray
	BpfMapTypeStackTrace
	BpfMapTypeCgroupArray
	BpfMapTypeLruHash
	BpfMapTypeLruPercpuHash
	BpfMapTypeLpmTrie
	BpfMapTypeArrayOfMaps
	BpfMapTypeHashOfMaps
	BpfMapTypeDevmap
	BpfMapTypeSockmap
	BpfMapTypeCpumap
	BpfMapTypeXskmap
	BpfMapTypeSockhash
	BpfMapTypeCgroupStorage
	BpfMapTypeReuseportSockarray
	BpfMapTypePercpuCgroupStorage
	BpfMapTypeQueue
	BpfMapTypeStack
	BpfMapTypeSkStorage
	BpfMapTypeDevmapHash
	BpfMapTypeStructOps
	BpfMapTypeRingbuf
	BpfMapTypeInodeStorage
	BpfMapTypeTaskStorage
)

func (MapType) MarshalJSON 

func (m MapType) MarshalJSON() ([]byte, error)

func (MapType) String 

func (m MapType) String() string

type Program 

type Program struct {
	ID         uint32       `json:"id"`
	Type       ProgramType  `json:"type"`
	AttachType AttachType   `json:"attach_type,omitempty"`
	Helpers    []HelperFunc `json:"helpers,omitempty"`
	Name       string       `json:"name"`
}

func (Program) String 

func (p Program) String() string

func (*Program) UnmarshalBinary 

func (p *Program) UnmarshalBinary(data []byte) (int, error)

type ProgramType 

type ProgramType uint32
const (
	BpfProgTypeUnspec ProgramType = iota
	BpfProgTypeSocketFilter
	BpfProgTypeKprobe
	BpfProgTypeSchedCls
	BpfProgTypeSchedAct
	BpfProgTypeTracepoint
	BpfProgTypeXdp
	BpfProgTypePerfEvent
	BpfProgTypeCgroupSkb
	BpfProgTypeCgroupSock
	BpfProgTypeLwtIn
	BpfProgTypeLwtOut
	BpfProgTypeLwtXmit
	BpfProgTypeSockOps
	BpfProgTypeSkSkb
	BpfProgTypeCgroupDevice
	BpfProgTypeSkMsg
	BpfProgTypeRawTracepoint
	BpfProgTypeCgroupSockAddr
	BpfProgTypeLwtSeg6local
	BpfProgTypeLircMode2
	BpfProgTypeSkReuseport
	BpfProgTypeFlowDissector
	BpfProgTypeCgroupSysctl
	BpfProgTypeRawTracepointWritable
	BpfProgTypeCgroupSockopt
	BpfProgTypeTracing
	BpfProgTypeStructOps
	BpfProgTypeExt
	BpfProgTypeLsm
	BpfProgTypeSkLookup
)

func (ProgramType) MarshalJSON 

func (p ProgramType) MarshalJSON() ([]byte, error)

func (ProgramType) String 

func (p ProgramType) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.