ops

package

v1.2.0 Latest Latest Go to latest Published: Sep 5, 2024 License: Apache-2.0 Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cilium/tetragon

Links

Open Source Insights

Documentation ¶

Constants ¶

View Source

const (
	MSG_OP_UNDEF = 0
	// MSG_OP_EXECVE event indicates a process was created. The 'PID'
	// and 'Common' fields will be populated. This event is positioned
	// after exec() calls have been validated so failed syscalls will
	// not be reported. To generate events provide the '-e' option to
	// tetragon, without the option the hook only populates the data
	// store for later use by above events.
	MSG_OP_EXECVE = 5
	MSG_OP_EXIT   = 7

	MSG_OP_GENERIC_KPROBE     = 13
	MSG_OP_GENERIC_TRACEPOINT = 14
	MSG_OP_GENERIC_UPROBE     = 15
	MSG_OP_GENERIC_LSM        = 16

	// MSG_OP_CLONE notifies user-space that a clone() event has occurred.
	MSG_OP_CLONE    = 23
	MSG_OP_DATA     = 24
	MSG_OP_CGROUP   = 25
	MSG_OP_LOADER   = 26
	MSG_OP_THROTTLE = 27

	// just for testing
	MSG_OP_TEST = 254
)

OpCodes must be in sync with msg_ops enum in bpf/lib/msg_types.h and should have a human-readable representation in OpCodeStrings.

Variables ¶

View Source

var OpCodeStrings = map[OpCode]string{
	MSG_OP_UNDEF:              "Undef",
	MSG_OP_EXECVE:             "Execve",
	MSG_OP_EXIT:               "Exit",
	MSG_OP_GENERIC_KPROBE:     "GenericKprobe",
	MSG_OP_GENERIC_TRACEPOINT: "GenericTracepoint",
	MSG_OP_GENERIC_UPROBE:     "GenericUprobe",
	MSG_OP_GENERIC_LSM:        "GenericLSM",
	MSG_OP_CLONE:              "Clone",
	MSG_OP_DATA:               "Data",
	MSG_OP_CGROUP:             "Cgroup",
	MSG_OP_LOADER:             "Loader",
	MSG_OP_THROTTLE:           "Throttle",
	MSG_OP_TEST:               "Test",
}

Functions ¶

This section is empty.

Types ¶

type CgroupOpCode ¶ added in v0.8.4

type CgroupOpCode int

const (
	MSG_OP_CGROUP_UNDEF       CgroupOpCode = iota
	MSG_OP_CGROUP_MKDIR       CgroupOpCode = 1
	MSG_OP_CGROUP_RMDIR       CgroupOpCode = 2
	MSG_OP_CGROUP_RELEASE     CgroupOpCode = 3
	MSG_OP_CGROUP_ATTACH_TASK CgroupOpCode = 10
)

Cgroup Operations that are sent from BPF side. Right now they are used only for logging and debugging, except for CGROUP_ATTACH_TASK which will be used to detect cgroup configuration.

func (CgroupOpCode) String ¶ added in v0.8.4

func (op CgroupOpCode) String() string

type CgroupState ¶ added in v0.8.4

type CgroupState int

const (
	CGROUP_UNTRACKED    CgroupState = iota // Cgroup was created but we did not track it
	CGROUP_NEW          CgroupState = 1    // Cgroup was just created
	CGROUP_RUNNING      CgroupState = 2    // Cgroup from new => running (fork,exec task inside)
	CGROUP_RUNNING_PROC CgroupState = 3    // Cgroups that were generated from pids of procfs

)

Different cgroup states.

func (CgroupState) String ¶ added in v0.8.4

func (st CgroupState) String() string

type OpCode ¶

type OpCode int

func (OpCode) String ¶

func (op OpCode) String() string

Source Files ¶

View all Source files

ops.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL