types

package

v0.5.8 Latest Latest Go to latest Published: Apr 24, 2024 License: Apache-2.0 Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bytedance/vArmor

Documentation ¶

Index ¶

Constants
type AaLogRecord
type BehaviorData
type BpfTraceEvent
type Enforcer
- func GetEnforcerType(enforcer string) Enforcer
type ModelingStatus
type PolicyStatus
type ProfileStatus
type SeccompLogRecord
type Status

Constants ¶

View Source

const (
	// VarmorPolicy Enforcer
	AppArmor Enforcer = 0x00000001
	BPF      Enforcer = 0x00000002
	Seccomp  Enforcer = 0x00000004
	Unknown  Enforcer = 0x00000008

	// VarmorPolicy Mode
	AlwaysAllowMode      varmor.VarmorPolicyMode = "AlwaysAllow"
	RuntimeDefaultMode   varmor.VarmorPolicyMode = "RuntimeDefault"
	EnhanceProtectMode   varmor.VarmorPolicyMode = "EnhanceProtect"
	BehaviorModelingMode varmor.VarmorPolicyMode = "BehaviorModeling"
	DefenseInDepthMode   varmor.VarmorPolicyMode = "DefenseInDepth"

	// VarmorPolicy Phase
	VarmorPolicyPending    varmor.VarmorPolicyPhase = "Pending"
	VarmorPolicyModeling   varmor.VarmorPolicyPhase = "Modeling"
	VarmorPolicyCompleted  varmor.VarmorPolicyPhase = "Completed"
	VarmorPolicyProtecting varmor.VarmorPolicyPhase = "Protecting"
	VarmorPolicyError      varmor.VarmorPolicyPhase = "Error"
	VarmorPolicyFailed     varmor.VarmorPolicyPhase = "Failed"
	VarmorPolicyUnknown    varmor.VarmorPolicyPhase = "Unknown"
	VarmorPolicyUnchanged  varmor.VarmorPolicyPhase = "Unchanged"

	// VarmorPolicy Condition Type
	VarmorPolicyCreated varmor.VarmorPolicyConditionType = "Created"
	VarmorPolicyUpdated varmor.VarmorPolicyConditionType = "Updated"

	// ArmorProfile Condition Type
	ArmorProfileReady      varmor.ArmorProfileConditionType      = "Ready"
	ArmorProfileModelReady varmor.ArmorProfileModelConditionType = "Ready"

	// AppArmor Profile process Status
	Succeeded Status = "succeeded"
	Failed    Status = "failed"

	// AgentLabelSelector is the label selector for agents.
	AgentLabelSelector string = "app.kubernetes.io/component=varmor-agent"

	// Event type for the bpf tracer
	SchedProcessFork uint32 = 1
	SchedProcessExec uint32 = 2
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AaLogRecord ¶

type AaLogRecord struct {
	Resource      string
	ActiveHat     string
	AaMode        string
	Time          int64
	Operation     string
	Profile       string
	Name          string
	Name2         string
	Attr          string
	Parent        uint64
	Pid           uint64
	Task          uint64
	Info          string
	ErrorCode     int32
	DeniedMask    string
	RequestedMask string
	MagicToken    uint64
	Family        string
	Protocol      string
	SockType      string
	Fsuid         uint64
	Ouid          uint64
	Signal        string
	Peer          string
	PeerProfile   string
	Bus           string
	Path          string
	Interface     string
	Member        string
}

type BehaviorData ¶

type BehaviorData struct {
	Namespace     string               `json:"namespace"`
	ProfileName   string               `json:"armorProfile"` //  varmor-{namespace}-{name}
	DynamicResult varmor.DynamicResult `json:"dynamicResult"`
	NodeName      string               `json:"nodeName"`
	Status        Status               `json:"status"`
	Message       string               `json:"message"`
}

BehaviorData describes the behavior data of the target container that collected by agents.

type BpfTraceEvent ¶ added in v0.5.5

type BpfTraceEvent struct {
	Type       uint32
	ParentPid  uint32
	ParentTgid uint32
	ChildPid   uint32
	ChildTgid  uint32
	MntNsId    uint32
	ParentTask [16]uint8
	ChildTask  [16]uint8
	Filename   [64]uint8
}

type Enforcer ¶ added in v0.5.6

type Enforcer int

func GetEnforcerType ¶ added in v0.5.6

func GetEnforcerType(enforcer string) Enforcer

type ModelingStatus ¶

type ModelingStatus struct {
	CompletedNumber int
	FailedNumber    int
	NodeMessages    map[string]string // Use NodeName as its key
}

ModelingStatus used to cache the status of ArmorProfileModel objects.

type PolicyStatus ¶

type PolicyStatus struct {
	SuccessedNumber int
	FailedNumber    int
	NodeMessages    map[string]string // Use NodeName as its key
}

PolicyStatus used to cache the status of ArmorProfile and VarmorProfile objects.

type ProfileStatus ¶

type ProfileStatus struct {
	Namespace   string `json:"namespace"`
	ProfileName string `json:"armorProfile"` //  varmor-{namespace}-{name} or varmor-cluster-{namespace}-{name}
	NodeName    string `json:"nodeName"`
	Status      Status `json:"status"`
	Message     string `json:"message"`
}

ProfileStatus describes the process result of an ArmorProfile object by agents.

type SeccompLogRecord ¶ added in v0.5.6

type SeccompLogRecord struct {
	Time    int64
	Pid     uint64
	Exe     string
	Comm    string
	Syscall string
}

type Status ¶

type Status string

Source Files ¶

View all Source files

types.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL