profileloader

package
v0.0.0-...-24e3e83 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 16, 2020 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Overview

Copyright © 2020 GUILLAUME FOURNIER

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ContainerMetadata 

type ContainerMetadata struct {
	ContainerID    string
	ProfileVersion ProfileVersion
	Image          string
	Tag            string
	Pod            string
	Namespace      string
	Labels         labels.Labels
	Netns          uint64
	Pidns          uint64
}

ContainerMetadata - Keeps track of the running containers

type ProfileLoader 

type ProfileLoader struct {
	EventChan              chan model.ProbeEvent
	SecurityProbeClientSet *spclientset.Clientset
	LoadedProfiles         map[ProfileVersion]*ProfileMetadata
	RunningContainers      map[string]*ContainerMetadata
	MapIDMapName           map[uint32]string
	// contains filtered or unexported fields
}

ProfileLoader - ProfileLoader processor

func (*ProfileLoader) CommitSecurityProfile 

func (pl *ProfileLoader) CommitSecurityProfile(profile *ProfileMetadata, container *ContainerMetadata) error

CommitSecurityProfile - Ensures that the provided profile is the one used by the provided container When necessary, will either update and / or delete the profile currently in use once the commit is done.

func (*ProfileLoader) DeleteKeyValue 

func (pl *ProfileLoader) DeleteKeyValue(kv *keyvalue.KeyValue) error

DeleteKeyValue - Deletes a key value in the kernel

func (*ProfileLoader) DeleteMapOfMapsKeyValue 

func (pl *ProfileLoader) DeleteMapOfMapsKeyValue(kv *keyvalue.MapOfMapsKeyValue) error

DeleteMapOfMapsKeyValue - Deletes a map-of-maps key value in the kernel

func (*ProfileLoader) DeleteProfileMappings 

func (pl *ProfileLoader) DeleteProfileMappings(profile *ProfileMetadata, container *ContainerMetadata) error

DeleteProfileMappings - Removes the mappings between a profile and a container

func (*ProfileLoader) DeleteSecurityProfile 

func (pl *ProfileLoader) DeleteSecurityProfile(profile *v1.SecurityProfile) error

DeleteSecurityProfile - Deletes a security profile from the kernel.

func (*ProfileLoader) GetEventChan 

func (pl *ProfileLoader) GetEventChan() chan model.ProbeEvent

GetEventChan - Returns event channel

func (*ProfileLoader) GetName 

func (pl *ProfileLoader) GetName() model.ProcessorName

GetName - Returns the processor name

func (*ProfileLoader) InsertMapOfMapsKeyValue 

func (pl *ProfileLoader) InsertMapOfMapsKeyValue(kv *keyvalue.MapOfMapsKeyValue) error

InsertMapOfMapsKeyValue - Inserts a map-of-maps key value in the kernel

func (*ProfileLoader) InsertSecurityProfile 

func (pl *ProfileLoader) InsertSecurityProfile(profile *v1.SecurityProfile) error

InsertSecurityProfile - Inserts a security profile in the kernel.

func (*ProfileLoader) PutKeyValue 

func (pl *ProfileLoader) PutKeyValue(kv *keyvalue.KeyValue) error

PutKeyValue - Inserts a key value in the kernel

func (*ProfileLoader) Start 

func (pl *ProfileLoader) Start(nsp model.NSPInterface) error

Start - Starts tracer

func (*ProfileLoader) Stop 

func (pl *ProfileLoader) Stop() error

Stop - Stop tracer

func (*ProfileLoader) SwapProfileMappings 

func (pl *ProfileLoader) SwapProfileMappings(profile *ProfileMetadata, container *ContainerMetadata) error

SwapProfileMappings - Ensures that the mappings between the profile and the container in kernel are correct.

type ProfileMetadata 

type ProfileMetadata struct {
	ProfileVersion ProfileVersion
	Profile        *v1.SecurityProfile
	ContainerIDs   []string
}

ProfileMetadata - Keeps track of the usage of a profile at runtime

func (*ProfileMetadata) AddContainerID 

func (pm *ProfileMetadata) AddContainerID(containerID string)

AddContainerID - Appends a container ID to the list of containers of this profile, only if it is not already in the list.

func (*ProfileMetadata) RemoveContainerID 

func (pm *ProfileMetadata) RemoveContainerID(containerID string)

RemoveContainerID - Removes a container ID from the list of container IDs

type ProfileVersion 

type ProfileVersion struct {
	UID             types.UID
	ResourceVersion string
}

ProfileVersion - Profile unique key

func (ProfileVersion) Equals 

func (pv ProfileVersion) Equals(otherPV ProfileVersion) bool

Equals - Returns true if the two ProfileVersion are identical

func (ProfileVersion) HasSameResourceVersion 

func (pv ProfileVersion) HasSameResourceVersion(otherPV ProfileVersion) bool

HasSameResourceVersion - Returns true if the ResourceVersions match

func (ProfileVersion) HasSameUID 

func (pv ProfileVersion) HasSameUID(otherPV ProfileVersion) bool

HasSameUID - Returns true if the UIDs match

func (ProfileVersion) IsEmpty 

func (pv ProfileVersion) IsEmpty() bool

IsEmpty - Returns true if the UID and the ResourceVersion are empty

type ProfileVersionSet 

type ProfileVersionSet []ProfileVersion

ProfileVersionSet - Defines a unique set of ProfileVersion

func (*ProfileVersionSet) Add 

func (pvs *ProfileVersionSet) Add(profileVersion ProfileVersion)

Add - Adds a new ProfileVersion to the set

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.