exec

package
v0.8.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 20, 2022 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Overview

SPDX-License-Identifier: Apache-2.0 Copyright Authors of Tetragon

Index

Constants

View Source 
const (
	ParentRefCnt  = 0
	ProcessRefCnt = 1
)
View Source 
const (
	CacheTimerMs = 100
)

Variables

View Source 
var (
	AllEvents []*tetragon.GetEventsResponse
	BasePid   uint32 = 46987
)

Functions

func CheckCloneEvents added in v0.8.3 

func CheckCloneEvents(t *testing.T, events []*tetragon.GetEventsResponse, currentPid uint32, clonePid uint32)

func CheckExecEvents added in v0.8.3 

func CheckExecEvents(t *testing.T, events []*tetragon.GetEventsResponse, parentPid uint32, currentPid uint32)

func CheckPodEvents added in v0.8.3 

func CheckPodEvents(t *testing.T, events []*tetragon.GetEventsResponse)

func CheckProcessEqual added in v0.8.3 

func CheckProcessEqual(t *testing.T, p1, p2 *tetragon.Process)

func CreateCloneEvents added in v0.8.3 

func CreateCloneEvents[CLONE notify.Message, EXIT notify.Message](Pid uint32, Ktime uint64, ParentPid uint32, ParentKtime uint64) (*CLONE, *EXIT)

func CreateEvents added in v0.8.3 

func CreateEvents[EXEC notify.Message, EXIT notify.Message](Pid uint32, Ktime uint64, ParentPid uint32, ParentKtime uint64, Docker string) (*EXEC, *EXEC, *EXEC, *EXIT)

func GetEvents added in v0.8.3 

func GetEvents(t *testing.T, events []*tetragon.GetEventsResponse) (*tetragon.ProcessExec, *tetragon.ProcessExit)

func GetProcessExec 

func GetProcessExec(event *MsgExecveEventUnix, useCache bool) *tetragon.ProcessExec

GetProcessExec returns Exec protobuf message for a given process, including the ancestor list.

func GetProcessExit 

func GetProcessExit(event *MsgExitEventUnix) *tetragon.ProcessExit

GetProcessExit returns Exit protobuf message for a given process.

func GetProcessRefcntFromCache added in v0.8.3 

func GetProcessRefcntFromCache(t *testing.T, Pid uint32, Ktime uint64) uint32

func GrpcDelayedExecK8sOutOfOrder added in v0.8.3 

func GrpcDelayedExecK8sOutOfOrder[EXEC notify.Message, EXIT notify.Message](t *testing.T)

In this case, we get an exit and an exex event (out-of-order). We get the appopriate pod info after the exit event.

func GrpcExecCloneInOrder added in v0.8.3 

func GrpcExecCloneInOrder[EXEC notify.Message, CLONE notify.Message, EXIT notify.Message](t *testing.T)

func GrpcExecCloneOutOfOrder added in v0.8.3 

func GrpcExecCloneOutOfOrder[EXEC notify.Message, CLONE notify.Message, EXIT notify.Message](t *testing.T)

func GrpcExecInOrder added in v0.8.3 

func GrpcExecInOrder[EXEC notify.Message, EXIT notify.Message](t *testing.T)

func GrpcExecMisingParent added in v0.8.3 

func GrpcExecMisingParent[EXEC notify.Message, EXIT notify.Message](t *testing.T)

func GrpcExecOutOfOrder added in v0.8.3 

func GrpcExecOutOfOrder[EXEC notify.Message, EXIT notify.Message](t *testing.T)

func GrpcExecParentOutOfOrder added in v0.8.3 

func GrpcExecParentOutOfOrder[EXEC notify.Message, EXIT notify.Message](t *testing.T)

func GrpcExecPodInfoDelayedInOrder added in v0.8.3 

func GrpcExecPodInfoDelayedInOrder[EXEC notify.Message, EXIT notify.Message](t *testing.T)

In this case, we get an exec and an exit event (in-order). During both events we also miss pod info. We get pod info after at least one cache GC round.

func GrpcExecPodInfoDelayedOutOfOrder added in v0.8.3 

func GrpcExecPodInfoDelayedOutOfOrder[EXEC notify.Message, EXIT notify.Message](t *testing.T)

In this case, we get an exit and an exec event (out-of-order). During the exit event we also miss pod info. We get pod info after at least one cache GC round. In this case exit event should go through the eventcache (missed pod and process info). Once we get the exec info we still have to keep the exit event in the eventcache.

func GrpcExecPodInfoInOrder added in v0.8.3 

func GrpcExecPodInfoInOrder[EXEC notify.Message, EXIT notify.Message](t *testing.T)

In this case, we get an exec and an exit event (in-order) but we miss Pod info. Both of these go through the eventcache to get the pod info. At the end both should have correct pod info and the exit event should also have full process info.

func GrpcExecPodInfoInOrderAfter added in v0.8.3 

func GrpcExecPodInfoInOrderAfter[EXEC notify.Message, EXIT notify.Message](t *testing.T)

In this case, we get an exec and an exit event (in-order). During the exec event we miss pod info. We get pod info before getting the exit event. In this case exec event should go through the eventcache (missed pod info) and exit event should also go through the cache as the procCache has not been updated yet. At the end both should have correct pod info and the exit event should also have full process info.

func GrpcExecPodInfoOutOfOrder added in v0.8.3 

func GrpcExecPodInfoOutOfOrder[EXEC notify.Message, EXIT notify.Message](t *testing.T)

In this case, we get an exit and an exec event (out-of-order) and we also miss Pod info. Both of these go through the eventcache to get the pod info and process info. At the end both should have correct pod info and the exit event should also have full process info.

func GrpcExecPodInfoOutOfOrderAfter added in v0.8.3 

func GrpcExecPodInfoOutOfOrderAfter[EXEC notify.Message, EXIT notify.Message](t *testing.T)

In this case, we get an exit and an exec event (out-of-order). During the exit event we also miss pod info. We get pod info before getting the exec event. In this case exit event should go through the eventcache (missed pod and process info) and exec event should not go through the cache as we have everything. At the end both should have correct pod info and the exit event should also have full process info.

func GrpcMissingExec added in v0.8.3 

func GrpcMissingExec[EXEC notify.Message, EXIT notify.Message](t *testing.T)

func GrpcParentInOrder added in v0.8.3 

func GrpcParentInOrder[EXEC notify.Message, EXIT notify.Message](t *testing.T)

func InitEnv added in v0.8.3 

func InitEnv[EXEC notify.Message, EXIT notify.Message](t *testing.T, cancelWg *sync.WaitGroup, watcher watcher.K8sResourceWatcher) context.CancelFunc

Types

type DummyK8sWatcher added in v0.8.3 

type DummyK8sWatcher struct {
	// contains filtered or unexported fields
}

func NewDummyK8sWatcher added in v0.8.3 

func NewDummyK8sWatcher() *DummyK8sWatcher

func (*DummyK8sWatcher) ClearPod added in v0.8.3 

func (watcher *DummyK8sWatcher) ClearPod()

func (*DummyK8sWatcher) FindPod added in v0.8.3 

func (watcher *DummyK8sWatcher) FindPod(containerID string) (*corev1.Pod, *corev1.ContainerStatus, bool)

func (*DummyK8sWatcher) GetPodInfo added in v0.8.3 

func (watcher *DummyK8sWatcher) GetPodInfo(containerID string, binary string, args string, nspid uint32) (*tetragon.Pod, *hubblev1.Endpoint)

func (*DummyK8sWatcher) SetDummyPod added in v0.8.3 

func (watcher *DummyK8sWatcher) SetDummyPod()

type DummyNotifier added in v0.8.3 

type DummyNotifier[EXEC notify.Message, EXIT notify.Message] struct {
	// contains filtered or unexported fields
}

func (DummyNotifier[EXEC, EXIT]) AddListener added in v0.8.3 

func (n DummyNotifier[EXEC, EXIT]) AddListener(listener server.Listener)

func (DummyNotifier[EXEC, EXIT]) NotifyListener added in v0.8.3 

func (n DummyNotifier[EXEC, EXIT]) NotifyListener(original interface{}, processed *tetragon.GetEventsResponse)

func (DummyNotifier[EXEC, EXIT]) RemoveListener added in v0.8.3 

func (n DummyNotifier[EXEC, EXIT]) RemoveListener(listener server.Listener)

type DummyObserver added in v0.8.3 

type DummyObserver struct {
	// contains filtered or unexported fields
}

func (DummyObserver) AddTracingPolicy added in v0.8.3 

func (o DummyObserver) AddTracingPolicy(ctx context.Context, sensorName string, spec interface{}) error

func (DummyObserver) DelTracingPolicy added in v0.8.3 

func (o DummyObserver) DelTracingPolicy(ctx context.Context, sensorName string) error

func (DummyObserver) DisableSensor added in v0.8.3 

func (o DummyObserver) DisableSensor(ctx context.Context, name string) error

func (DummyObserver) EnableSensor added in v0.8.3 

func (o DummyObserver) EnableSensor(ctx context.Context, name string) error

func (DummyObserver) GetSensorConfig added in v0.8.3 

func (o DummyObserver) GetSensorConfig(ctx context.Context, name string, cfgkey string) (string, error)

func (DummyObserver) ListSensors added in v0.8.3 

func (o DummyObserver) ListSensors(ctx context.Context) (*[]sensors.SensorStatus, error)

func (DummyObserver) RemoveSensor added in v0.8.3 

func (o DummyObserver) RemoveSensor(ctx context.Context, sensorName string) error

func (DummyObserver) SetSensorConfig added in v0.8.3 

func (o DummyObserver) SetSensorConfig(ctx context.Context, name string, cfgkey string, cfgval string) error

type MsgCloneEventUnix 

type MsgCloneEventUnix struct {
	processapi.MsgCloneEvent
}

func (*MsgCloneEventUnix) Cast added in v0.8.3 

func (msg *MsgCloneEventUnix) Cast(o interface{}) notify.Message

func (*MsgCloneEventUnix) HandleMessage 

func (msg *MsgCloneEventUnix) HandleMessage() *tetragon.GetEventsResponse

func (*MsgCloneEventUnix) Notify 

func (msg *MsgCloneEventUnix) Notify() bool

func (*MsgCloneEventUnix) Retry 

func (msg *MsgCloneEventUnix) Retry(internal *process.ProcessInternal, ev notify.Event) error

func (*MsgCloneEventUnix) RetryInternal 

func (msg *MsgCloneEventUnix) RetryInternal(ev notify.Event, timestamp uint64) (*process.ProcessInternal, error)

type MsgExecveEventUnix 

type MsgExecveEventUnix struct {
	processapi.MsgExecveEventUnix
}

func (*MsgExecveEventUnix) Cast added in v0.8.3 

func (msg *MsgExecveEventUnix) Cast(o interface{}) notify.Message

func (*MsgExecveEventUnix) HandleMessage 

func (msg *MsgExecveEventUnix) HandleMessage() *tetragon.GetEventsResponse

func (*MsgExecveEventUnix) Notify 

func (msg *MsgExecveEventUnix) Notify() bool

func (*MsgExecveEventUnix) Retry 

func (msg *MsgExecveEventUnix) Retry(internal *process.ProcessInternal, ev notify.Event) error

func (*MsgExecveEventUnix) RetryInternal 

func (msg *MsgExecveEventUnix) RetryInternal(ev notify.Event, timestamp uint64) (*process.ProcessInternal, error)

type MsgExitEventUnix 

type MsgExitEventUnix struct {
	tetragonAPI.MsgExitEvent
	RefCntDone [2]bool
}

func (*MsgExitEventUnix) Cast added in v0.8.3 

func (msg *MsgExitEventUnix) Cast(o interface{}) notify.Message

func (*MsgExitEventUnix) HandleMessage 

func (msg *MsgExitEventUnix) HandleMessage() *tetragon.GetEventsResponse

func (*MsgExitEventUnix) Notify 

func (msg *MsgExitEventUnix) Notify() bool

func (*MsgExitEventUnix) Retry 

func (msg *MsgExitEventUnix) Retry(internal *process.ProcessInternal, ev notify.Event) error

func (*MsgExitEventUnix) RetryInternal 

func (msg *MsgExitEventUnix) RetryInternal(ev notify.Event, timestamp uint64) (*process.ProcessInternal, error)

type MsgProcessCleanupEventUnix added in v0.8.3 

type MsgProcessCleanupEventUnix struct {
	PID        uint32
	Ktime      uint64
	RefCntDone [2]bool
}

func (*MsgProcessCleanupEventUnix) Cast added in v0.8.3 

func (msg *MsgProcessCleanupEventUnix) Cast(o interface{}) notify.Message

func (*MsgProcessCleanupEventUnix) HandleMessage added in v0.8.3 

func (msg *MsgProcessCleanupEventUnix) HandleMessage() *tetragon.GetEventsResponse

func (*MsgProcessCleanupEventUnix) Notify added in v0.8.3 

func (msg *MsgProcessCleanupEventUnix) Notify() bool

func (*MsgProcessCleanupEventUnix) Retry added in v0.8.3 

func (msg *MsgProcessCleanupEventUnix) Retry(internal *process.ProcessInternal, ev notify.Event) error

func (*MsgProcessCleanupEventUnix) RetryInternal added in v0.8.3 

func (msg *MsgProcessCleanupEventUnix) RetryInternal(ev notify.Event, timestamp uint64) (*process.ProcessInternal, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.