selectors

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 29, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ActionTypeInvalid        = -1
	ActionTypePost           = 0
	ActionTypeFollowFd       = 1
	ActionTypeSigKill        = 2
	ActionTypeUnfollowFd     = 3
	ActionTypeOverride       = 4
	ActionTypeCopyFd         = 5
	ActionTypeGetUrl         = 6
	ActionTypeDnsLookup      = 7
	ActionTypeNoPost         = 8
	ActionTypeSignal         = 9
	ActionTypeTrackSock      = 10
	ActionTypeUntrackSock    = 11
	ActionTypeNotifyEnforcer = 12
)
View Source 
const (
	ActionRateLimitScopeThread = iota
	ActionRateLimitScopeProcess
	ActionRateLimitScopeGlobal
)
View Source 
const (
	SelectorOpGT  = 1
	SelectorOpLT  = 2
	SelectorOpEQ  = 3
	SelectorOpNEQ = 4
	// Pid and Namespace ops
	SelectorOpIn    = 5
	SelectorOpNotIn = 6
	// String ops
	SelectorOpPrefix  = 8
	SelectorOpPostfix = 9
	// Map ops
	SelectorInMap    = 10
	SelectorNotInMap = 11

	SelectorOpMASK = 12

	// socket ops
	SelectorOpSaddr        = 13
	SelectorOpDaddr        = 14
	SelectorOpSport        = 15
	SelectorOpDport        = 16
	SelectorOpProtocol     = 17
	SelectorOpNotSport     = 18
	SelectorOpNotDport     = 19
	SelectorOpSportPriv    = 20
	SelectorOpNotSportPriv = 21
	SelectorOpDportPriv    = 22
	SelectorOpNotDportPriv = 23
	SelectorOpNotSaddr     = 24
	SelectorOpNotDaddr     = 25
	// file ops
	SelectorOpNotPrefix  = 26
	SelectorOpNotPostfix = 27
	// more socket ops
	SelectorOpFamily = 28
	SelectorOpState  = 29
)
View Source 
const (
	StringMapsNumSubMaps      = 11
	StringMapsNumSubMapsSmall = 8
	MaxStringMapsSize         = 4096 + 2
	StringPrefixMaxLength     = 256
	StringPostfixMaxLength    = 128

	StringMapSize7a = 512
)

Variables

View Source 
var (
	StringMapsSizes = [StringMapsNumSubMaps]int{
		stringMapSize0,
		stringMapSize1,
		stringMapSize2,
		stringMapSize3,
		stringMapSize4,
		stringMapSize5,
		stringMapSize6,
		stringMapSize7,
		stringMapSize8,
		stringMapSize9,
		stringMapSize10,
	}
)

Functions

func ActionTypeFromString added in v0.10.0 

func ActionTypeFromString(action string) int32

func AdvanceSelectorLength 

func AdvanceSelectorLength(k *KernelSelectorData) uint32

func ArgPostfixSelectorValue added in v1.0.0 

func ArgPostfixSelectorValue(v string, removeNul bool) ([]byte, uint32)

func ArgSelectorValue 

func ArgSelectorValue(v string) ([]byte, uint32)

func ArgStringSelectorValue added in v1.0.0 

func ArgStringSelectorValue(v string, removeNul bool) ([MaxStringMapsSize]byte, int, error)

func GetCurrentOffset added in v0.10.0 

func GetCurrentOffset(k *KernelSelectorData) uint32

func HasOverride 

func HasOverride(spec *v1alpha1.KProbeSpec) bool

func HasSigkillAction added in v1.0.0 

func HasSigkillAction(kspec *v1alpha1.KProbeSpec) bool

func InitKernelReturnSelectors added in v1.1.0 

func InitKernelReturnSelectors(selectors []v1alpha1.KProbeSelector, returnArg *v1alpha1.KProbeArg, actionArgTable *idtable.Table) ([4096]byte, error)

func InitKernelSelectors 

func InitKernelSelectors(selectors []v1alpha1.KProbeSelector, args []v1alpha1.KProbeArg, actionArgTable *idtable.Table) ([4096]byte, error)

The byte array storing the selector configuration has the following format array := [N][S1_off][S2_off]...[SN_off][S1][S2][...][SN] 

N: is the number of selectors (u32)
Sx_off: is the relative offset of  selector x (diff of Sx to Sx_off)
Sx: holds the data for the selector

Each selector x starts with its length in bytes, and then stores a number of sections for the different matchers. Each section will typically starts with its length in bytes.

Sx := [length] 

[matchPIDs]
[matchNamespaces]
[matchCapabilities]
[matchNamespaceChanges]
[matchCapabilityChanges]
[matchArgs]
[matchActions]

matchPIDs := [length][PID1][PID2]...[PIDn] matchNamespaces := [length][NSx][NSy]...[NSn] matchCapabilities := [length][CAx][CAy]...[CAn] matchNamespaceChanges := [length][NCx][NCy]...[NCn] matchCapabilityChanges := [length][CAx][CAy]...[CAn] matchArgs := [length][ARGx][ARGy]...[ARGn] PIDn := [op][flags][nValues][v1]...[vn] Argn := [index][op][valueGen] NSn := namespace[op][valueInt] NCn := [op][valueInt] CAn := [type][op][namespacecap][valueInt] valueGen := [type][len][v] valueInt := [len][v]

For some examples, see kernel_test.go

func MatchActionSigKill 

func MatchActionSigKill(spec interface{}) bool

func ParseMatchAction added in v0.9.0 

func ParseMatchAction(k *KernelSelectorState, action *v1alpha1.ActionSelector, actionArgTable *idtable.Table) error

func ParseMatchActions added in v0.9.0 

func ParseMatchActions(k *KernelSelectorState, actions []v1alpha1.ActionSelector, actionArgTable *idtable.Table) error

func ParseMatchArg added in v0.9.0 

func ParseMatchArg(k *KernelSelectorState, arg *v1alpha1.ArgSelector, sig []v1alpha1.KProbeArg) error

func ParseMatchArgs added in v0.9.0 

func ParseMatchArgs(k *KernelSelectorState, args []v1alpha1.ArgSelector, sig []v1alpha1.KProbeArg) error

func ParseMatchBinaries added in v0.9.0 

func ParseMatchBinaries(k *KernelSelectorState, binarys []v1alpha1.BinarySelector, selIdx int) error

func ParseMatchBinary added in v0.9.0 

func ParseMatchBinary(k *KernelSelectorState, b *v1alpha1.BinarySelector, selIdx int) error

func ParseMatchCapabilities added in v0.9.0 

func ParseMatchCapabilities(k *KernelSelectorState, actions []v1alpha1.CapabilitiesSelector) error

func ParseMatchCapabilityChanges added in v0.9.0 

func ParseMatchCapabilityChanges(k *KernelSelectorState, actions []v1alpha1.CapabilitiesSelector) error

func ParseMatchCaps added in v0.9.0 

func ParseMatchCaps(k *KernelSelectorState, action *v1alpha1.CapabilitiesSelector) error

func ParseMatchNamespace added in v0.9.0 

func ParseMatchNamespace(k *KernelSelectorState, action *v1alpha1.NamespaceSelector) error

func ParseMatchNamespaceChange added in v0.9.0 

func ParseMatchNamespaceChange(k *KernelSelectorState, action *v1alpha1.NamespaceChangesSelector) error

func ParseMatchNamespaceChanges added in v0.9.0 

func ParseMatchNamespaceChanges(k *KernelSelectorState, actions []v1alpha1.NamespaceChangesSelector) error

func ParseMatchNamespaces added in v0.9.0 

func ParseMatchNamespaces(k *KernelSelectorState, actions []v1alpha1.NamespaceSelector) error

func ParseMatchPid added in v0.9.0 

func ParseMatchPid(k *KernelSelectorState, pid *v1alpha1.PIDSelector) error

func ParseMatchPids added in v0.9.0 

func ParseMatchPids(k *KernelSelectorState, matchPids []v1alpha1.PIDSelector) error

func SelectorOp added in v0.9.0 

func SelectorOp(op string) (uint32, error)

func WriteSelectorByteArray 

func WriteSelectorByteArray(k *KernelSelectorData, b []byte, size uint32)

func WriteSelectorInt32 

func WriteSelectorInt32(k *KernelSelectorData, v int32)

func WriteSelectorInt64 

func WriteSelectorInt64(k *KernelSelectorData, v int64)

func WriteSelectorLength 

func WriteSelectorLength(k *KernelSelectorData, loff uint32)

func WriteSelectorOffsetUint32 added in v0.10.0 

func WriteSelectorOffsetUint32(k *KernelSelectorData, loff uint32, val uint32)

func WriteSelectorUint32 

func WriteSelectorUint32(k *KernelSelectorData, v uint32)

func WriteSelectorUint64 

func WriteSelectorUint64(k *KernelSelectorData, v uint64)

Types

type ActionArgEntry added in v0.8.4 

type ActionArgEntry struct {
	// contains filtered or unexported fields
}

Action argument table entry (for URL and FQDN arguments)

func (*ActionArgEntry) GetArg added in v0.8.4 

func (g *ActionArgEntry) GetArg() string

func (*ActionArgEntry) SetID added in v0.8.4 

func (g *ActionArgEntry) SetID(id idtable.EntryID)

type KernelLPMTrie4 added in v1.0.0 

type KernelLPMTrie4 struct {
	// contains filtered or unexported fields
}

type KernelLPMTrie6 added in v1.0.0 

type KernelLPMTrie6 struct {
	// contains filtered or unexported fields
}

type KernelLPMTrieStringPostfix added in v1.0.0 

type KernelLPMTrieStringPostfix struct {
	// contains filtered or unexported fields
}

type KernelLPMTrieStringPrefix added in v1.0.0 

type KernelLPMTrieStringPrefix struct {
	// contains filtered or unexported fields
}

type KernelSelectorData added in v1.1.0 

type KernelSelectorData struct {
	// contains filtered or unexported fields
}

type KernelSelectorMaps added in v1.0.0 

type KernelSelectorMaps struct {
	// contains filtered or unexported fields
}

type KernelSelectorState 

type KernelSelectorState struct {
	// contains filtered or unexported fields
}

func InitKernelReturnSelectorState added in v1.1.0 

func InitKernelReturnSelectorState(selectors []v1alpha1.KProbeSelector, returnArg *v1alpha1.KProbeArg,
	actionArgTable *idtable.Table, listReader ValueReader, maps *KernelSelectorMaps) (*KernelSelectorState, error)

func InitKernelSelectorState added in v0.8.3 

func InitKernelSelectorState(selectors []v1alpha1.KProbeSelector, args []v1alpha1.KProbeArg,
	actionArgTable *idtable.Table, listReader ValueReader, maps *KernelSelectorMaps) (*KernelSelectorState, error)

func NewKernelSelectorState added in v0.9.0 

func NewKernelSelectorState(listReader ValueReader, maps *KernelSelectorMaps) *KernelSelectorState

func (*KernelSelectorState) AddMatchBinaries added in v1.1.0 

func (k *KernelSelectorState) AddMatchBinaries(i int, sel MatchBinariesSelectorOptions)

func (*KernelSelectorState) Addr4Maps added in v0.11.0 

func (k *KernelSelectorState) Addr4Maps() []map[KernelLPMTrie4]struct{}

func (*KernelSelectorState) Addr4MapsMaxEntries added in v0.11.0 

func (k *KernelSelectorState) Addr4MapsMaxEntries() int

Addr4MapsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) Addr6Maps added in v0.11.0 

func (k *KernelSelectorState) Addr6Maps() []map[KernelLPMTrie6]struct{}

func (*KernelSelectorState) Addr6MapsMaxEntries added in v0.11.0 

func (k *KernelSelectorState) Addr6MapsMaxEntries() int

Addr6MapsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) Buffer added in v0.8.3 

func (k *KernelSelectorState) Buffer() [4096]byte

func (KernelSelectorState) MatchBinaries added in v1.1.0 

func (k KernelSelectorState) MatchBinaries() map[int]MatchBinariesSelectorOptions

func (KernelSelectorState) MatchBinariesPaths added in v1.1.0 

func (k KernelSelectorState) MatchBinariesPaths() map[int][][processapi.BINARY_PATH_MAX_LEN]byte

func (*KernelSelectorState) MatchBinariesPathsMaxEntries added in v1.1.0 

func (k *KernelSelectorState) MatchBinariesPathsMaxEntries() int

MatchBinariesPathsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) StringMaps added in v1.0.0 

func (k *KernelSelectorState) StringMaps(subMap int) []map[[MaxStringMapsSize]byte]struct{}

func (*KernelSelectorState) StringMapsMaxEntries added in v1.0.0 

func (k *KernelSelectorState) StringMapsMaxEntries(subMap int) int

StringMapsMaxEntries returns the maximum entries over all maps inside a particular map of map

func (*KernelSelectorState) StringPostfixMaps added in v1.0.0 

func (k *KernelSelectorState) StringPostfixMaps() []map[KernelLPMTrieStringPostfix]struct{}

func (*KernelSelectorState) StringPostfixMapsMaxEntries added in v1.0.0 

func (k *KernelSelectorState) StringPostfixMapsMaxEntries() int

StringPostfixMapsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) StringPrefixMaps added in v1.0.0 

func (k *KernelSelectorState) StringPrefixMaps() []map[KernelLPMTrieStringPrefix]struct{}

func (*KernelSelectorState) StringPrefixMapsMaxEntries added in v1.0.0 

func (k *KernelSelectorState) StringPrefixMapsMaxEntries() int

StringPrefixMapsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) ValueMaps added in v0.8.3 

func (k *KernelSelectorState) ValueMaps() []ValueMap

func (*KernelSelectorState) ValueMapsMaxEntries added in v0.11.0 

func (k *KernelSelectorState) ValueMapsMaxEntries() int

ValueMapsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) WriteMatchBinariesPath added in v1.1.0 

func (k *KernelSelectorState) WriteMatchBinariesPath(selectorID int, path string)

type MatchBinariesSelectorOptions added in v1.1.0 

type MatchBinariesSelectorOptions struct {
	Op    uint32
	MapID uint32
}

type SelectorStringMaps added in v1.0.0 

type SelectorStringMaps [StringMapsNumSubMaps]map[[MaxStringMapsSize]byte]struct{}

type StringMapLists added in v1.0.0 

type StringMapLists [StringMapsNumSubMaps][]map[[MaxStringMapsSize]byte]struct{}

type ValueMap added in v0.11.0 

type ValueMap struct {
	Data map[[8]byte]struct{}
}

type ValueReader added in v0.11.0 

type ValueReader interface {
	Read(value string, ty uint32) ([]uint32, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.