Documentation
¶
Index ¶
- Constants
- Variables
- func AllPrograms() []*program.Program
- func LoadConfig(bpfDir string, sens []*Sensor) error
- func PathJoin(elem ...string) string
- func RegisterPolicyHandlerAtInit(name string, h policyHandler)
- func RegisterProbeType(probeType string, s probeLoader)
- func UnloadSensors(sens []SensorIface)
- func UpdateStatsMap(m *ebpf.Map, val int64) error
- type LoadProbeArgs
- type Manager
- func (h *Manager) AddSensor(ctx context.Context, name string, sensor *Sensor) error
- func (h *Manager) AddTracingPolicy(ctx context.Context, tp tracingpolicy.TracingPolicy) error
- func (h *Manager) DeleteTracingPolicy(ctx context.Context, name string, namespace string) error
- func (h *Manager) DisableSensor(ctx context.Context, name string) error
- func (h *Manager) DisableTracingPolicy(ctx context.Context, name, namespace string) error
- func (h *Manager) EnableSensor(ctx context.Context, name string) error
- func (h *Manager) EnableTracingPolicy(ctx context.Context, name, namespace string) error
- func (h *Manager) ListOverheads() ([]ProgOverhead, error)
- func (h *Manager) ListSensors(ctx context.Context) (*[]SensorStatus, error)
- func (h *Manager) ListTracingPolicies(_ context.Context) (*tetragon.ListTracingPoliciesResponse, error)
- func (h *Manager) LogSensorsAndProbes(ctx context.Context)
- func (h *Manager) RemoveAllSensors(ctx context.Context) error
- func (h *Manager) RemoveSensor(ctx context.Context, sensorName string) error
- type Prog
- type ProgOverhead
- type Sensor
- func (s *Sensor) AddPostUnloadHook(hook SensorHook)
- func (s *Sensor) Destroy(unpin bool)
- func (s *Sensor) FindPrograms() error
- func (s *Sensor) GetName() string
- func (s *Sensor) IsLoaded() bool
- func (s *Sensor) Load(bpfDir string) (err error)
- func (s *Sensor) Overhead() ([]ProgOverhead, bool)
- func (s Sensor) TotalMemlock() int
- func (s *Sensor) Unload(unpin bool) error
- type SensorHook
- type SensorIface
- type SensorStatus
- type TracingPolicy
- type TracingPolicyState
Constants ¶
const ( BPF_PROG_TYPE_UNSPEC = 0 BPF_PROG_TYPE_SOCKET_FILTER = 1 BPF_PROG_TYPE_KPROBE = 2 BPF_PROG_TYPE_SCHED_CLS = 3 BPF_PROG_TYPE_SCHED_ACT = 4 BPF_PROG_TYPE_TRACEPOINT = 5 BPF_PROG_TYPE_XDP = 6 BPF_PROG_TYPE_PERF_EVENT = 7 BPF_PROG_TYPE_CGROUP_SKB = 8 BPF_PROG_TYPE_CGROUP_SOCK = 9 BPF_PROG_TYPE_LWT_IN = 10 BPF_PROG_TYPE_LWT_OUT = 11 BPF_PROG_TYPE_LWT_XMIT = 12 BPF_PROG_TYPE_SOCK_OPS = 13 BPF_PROG_TYPE_SK_SKB = 14 BPF_PROG_TYPE_CGROUP_DEVICE = 15 BPF_PROG_TYPE_SK_MSG = 16 BPF_PROG_TYPE_RAW_TRACEPOINT = 17 BPF_PROG_TYPE_CGROUP_SOCK_ADDR = 18 BPF_PROG_TYPE_LWT_SEG6LOCAL = 19 BPF_PROG_TYPE_LIRC_MODE2 = 20 BPF_PROG_TYPE_SK_REUSEPORT = 21 BPF_PROG_TYPE_FLOW_DISSECTOR = 22 BPF_PROG_TYPE_CGROUP_SYSCTL = 23 BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE = 24 BPF_PROG_TYPE_CGROUP_SOCKOPT = 25 BPF_PROG_TYPE_TRACING = 26 BPF_PROG_TYPE_STRUCT_OPS = 27 BPF_PROG_TYPE_EXT = 28 BPF_PROG_TYPE_LSM = 29 )
Variables ¶
var ( // AllMaps are all the loaded programs. For use with Unload(). AllMaps = []*program.Map{} )
Functions ¶
func AllPrograms ¶
func LoadConfig ¶
LoadConfig loads the default sensor, including any from the configuration file.
func PathJoin ¶
PathJoin creates a path meant for sensor filenames in /sys/fs/bpf.
At some point, we would like to have a file hierarchy under /sys/fs/bpf for each sensor. see: https://github.com/cilium/tetragon/issues/408
Unfortunately, this requires changes, for properly creating and deleting these directories requires. As an intermediate step, we use this function that uses dashes instead of / to create unique files in flat hierarchy, without needeing to manage directories.
func RegisterPolicyHandlerAtInit ¶ added in v0.9.0
func RegisterPolicyHandlerAtInit(name string, h policyHandler)
RegisterPolicyHandlerAtInit registers a handler for a tracing policy.
func RegisterProbeType ¶
func RegisterProbeType(probeType string, s probeLoader)
RegisterProbeType registers a handler for a probe type string
This function is meant to be called in an init() by sensors that need extra logic when loading a specific probe type.
func UnloadSensors ¶ added in v1.0.0
func UnloadSensors(sens []SensorIface)
Types ¶
type LoadProbeArgs ¶
LoadProbeArgs are the args to the LoadProbe function.
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager handles dynamic sensor management, such as adding / removing sensors at runtime.
func StartSensorManager ¶
StartSensorManager initializes the sensorCtlHandle by spawning a sensor controller goroutine.
The purpose of this goroutine is to serialize loading and unloading of sensors as requested from different goroutines (e.g., different GRPC clients).
func StartSensorManagerWithPF ¶ added in v1.2.1
func StartSensorManagerWithPF( bpfDir string, pfState policyfilter.State, ) (*Manager, error)
func (*Manager) AddTracingPolicy ¶
func (h *Manager) AddTracingPolicy(ctx context.Context, tp tracingpolicy.TracingPolicy) error
AddTracingPolicy adds a new sensor based on a tracing policy NB: if tp implements tracingpolicy.TracingPolicyNamespaced, it will be treated as a namespaced policy
func (*Manager) DeleteTracingPolicy ¶ added in v0.11.0
DeleteTracingPolicy deletes a new sensor based on a tracing policy
func (*Manager) DisableSensor ¶
DisableSensor disables a sensor by name
func (*Manager) DisableTracingPolicy ¶ added in v1.0.0
func (*Manager) EnableSensor ¶
EnableSensor enables a sensor by name
func (*Manager) EnableTracingPolicy ¶ added in v1.0.0
func (*Manager) ListOverheads ¶ added in v1.2.1
func (h *Manager) ListOverheads() ([]ProgOverhead, error)
func (*Manager) ListSensors ¶
func (h *Manager) ListSensors(ctx context.Context) (*[]SensorStatus, error)
func (*Manager) ListTracingPolicies ¶ added in v0.9.0
func (h *Manager) ListTracingPolicies(_ context.Context) (*tetragon.ListTracingPoliciesResponse, error)
ListTracingPolicies returns a list of the active tracing policies
func (*Manager) LogSensorsAndProbes ¶ added in v0.9.0
func (*Manager) RemoveAllSensors ¶ added in v1.0.0
type ProgOverhead ¶ added in v1.2.1
type Sensor ¶
type Sensor struct {
// Name is a human-readbale description.
Name string
// Policy namespace the sensor is part of.
Namespace string
// Policy name the sensor is part of.
Policy string
// When loaded this contains bpffs root directory
BpfDir string
// Progs are all the BPF programs that exist on the filesystem.
Progs []*program.Program
// Maps are all the BPF Maps that the progs use.
Maps []*program.Map
// Loaded indicates whether the sensor has been Loaded.
Loaded bool
// Destroyed indicates whether the sensor had been destroyed.
Destroyed bool
// PostLoadHook can optionally contain a pointer to a function to be
// called during sensor loading, after the programs and maps being
// loaded.
PostLoadHook SensorHook
// PreUnloadHook can optionally contain a pointer to a function to be
// called during sensor unloading, prior to the programs and maps being
// unloaded.
PreUnloadHook SensorHook
// PostUnloadHook can optionally contain a pointer to a function to be
// called during sensor unloading, after the programs and maps being
// unloaded.
PostUnloadHook SensorHook
// DestroyHook can optionally contain a pointer to a function to be called
// when removing the sensor, sensor cannot be loaded again after this hook
// being triggered and must be recreated.
DestroyHook SensorHook
}
Sensor is a set of BPF programs and maps that are managed as a unit.
func SensorBuilder ¶
func SensorBuilder(tp tracingpolicy.TracingPolicy, name string, p []*program.Program, m []*program.Map) *Sensor
func SensorCombine ¶
func SensorCombine(tp tracingpolicy.TracingPolicy, name string, sensors ...*Sensor) *Sensor
func (*Sensor) AddPostUnloadHook ¶ added in v1.2.1
func (s *Sensor) AddPostUnloadHook(hook SensorHook)
func (*Sensor) Destroy ¶ added in v1.0.0
Destroy will unload the hook and call DestroyHook, this hook is usually used to clean up resources that were created during creation of the sensor.
func (*Sensor) FindPrograms ¶
FindPrograms finds all the BPF programs in the sensor on the filesytem.
func (*Sensor) Overhead ¶ added in v1.2.1
func (s *Sensor) Overhead() ([]ProgOverhead, bool)
func (Sensor) TotalMemlock ¶ added in v1.2.1
type SensorHook ¶ added in v1.0.0
type SensorHook func() error
SensorHook is the function signature for an optional function that can be called during sensor unloading and removing.
type SensorIface ¶ added in v1.2.0
type SensorIface interface {
GetName() string
IsLoaded() bool
Load(bpfDir string) error
Unload(unpin bool) error
Destroy(unpin bool)
// TotalMemlock is the total amount of memlock bytes for BPF maps used by
// the sensor's programs.
TotalMemlock() int
Overhead() ([]ProgOverhead, bool)
}
SensorIface is an interface for sensors.Sensor that allows implementing sensors for testing.
func GetMergedSensorFromParserPolicy ¶
func GetMergedSensorFromParserPolicy(tp tracingpolicy.TracingPolicy) (SensorIface, error)
func SensorsFromPolicy ¶ added in v0.9.0
func SensorsFromPolicy(tp tracingpolicy.TracingPolicy, filterID policyfilter.PolicyID) ([]SensorIface, error)
revive:disable:exported
type SensorStatus ¶
type TracingPolicy ¶ added in v0.9.0
type TracingPolicy interface {
// TpName returns the name of the policy.
TpName() string
// TpSpec returns the specification of the policy
TpSpec() *v1alpha1.TracingPolicySpec
// TpInfo returns a description of the policy
TpInfo() string
}
TracingPolicy is an interface for a tracing policy This is implemented by v1alpha1.types.TracingPolicy and config.GenericTracingConf. The former is what is the k8s API server uses, and the latter is used when we load files directly (e.g., via the cli).
type TracingPolicyState ¶ added in v1.1.0
type TracingPolicyState int
const ( UnknownState TracingPolicyState = iota EnabledState DisabledState LoadErrorState ErrorState LoadingState UnloadingState )
func (TracingPolicyState) ToTetragonState ¶ added in v1.1.0
func (s TracingPolicyState) ToTetragonState() tetragon.TracingPolicyState
Source Files
Directories