auth

package
v1.14.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 14, 2023 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Overview

Package auth represents the BPF map used to keep track of authentication state between security identities. +groupName=maps

Index

Constants

View Source
const (
	MapName = "cilium_auth_map"
)

Variables

This section is empty.

Functions

func InitAuthMap

func InitAuthMap(maxEntries int) error

InitAuthMap initializes the auth map.

func OpenAuthMap

func OpenAuthMap() error

OpenAuthMap opens the auth map for access.

Types

type AuthInfo

type AuthInfo struct {
	Expiration uint64 `align:"expiration"`
}

AuthInfo implements the bpf.MapValue interface.

Must be in sync with struct auth_info in <bpf/lib/common.h> +k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=github.com/go-faster/cilium/pkg/bpf.MapValue

func (*AuthInfo) DeepCopy

func (in *AuthInfo) DeepCopy() *AuthInfo

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthInfo.

func (*AuthInfo) DeepCopyInto

func (in *AuthInfo) DeepCopyInto(out *AuthInfo)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthInfo) DeepCopyMapValue

func (in *AuthInfo) DeepCopyMapValue() bpf.MapValue

DeepCopyMapValue is an autogenerated deepcopy function, copying the receiver, creating a new bpf.MapValue.

func (*AuthInfo) GetValuePtr

func (r *AuthInfo) GetValuePtr() unsafe.Pointer

GetValuePtr returns the unsafe pointer to the BPF value.

func (*AuthInfo) String

func (r *AuthInfo) String() string

type AuthKey

type AuthKey struct {
	LocalIdentity  uint32 `align:"local_sec_label"`
	RemoteIdentity uint32 `align:"remote_sec_label"`
	RemoteNodeID   uint16 `align:"remote_node_id"`
	AuthType       uint8  `align:"auth_type"`
	Pad            uint8  `align:"pad"`
}

AuthKey implements the bpf.MapKey interface.

Must be in sync with struct auth_key in <bpf/lib/common.h> +k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=github.com/go-faster/cilium/pkg/bpf.MapKey

func (*AuthKey) DeepCopy

func (in *AuthKey) DeepCopy() *AuthKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthKey.

func (*AuthKey) DeepCopyInto

func (in *AuthKey) DeepCopyInto(out *AuthKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthKey) DeepCopyMapKey

func (in *AuthKey) DeepCopyMapKey() bpf.MapKey

DeepCopyMapKey is an autogenerated deepcopy function, copying the receiver, creating a new bpf.MapKey.

func (*AuthKey) GetKeyPtr

func (r *AuthKey) GetKeyPtr() unsafe.Pointer

func (*AuthKey) NewValue

func (r *AuthKey) NewValue() bpf.MapValue

func (*AuthKey) String

func (r *AuthKey) String() string

type IterateCallback

type IterateCallback func(*AuthKey, *AuthInfo)

IterateCallback represents the signature of the callback function expected by the IterateWithCallback method, which in turn is used to iterate all the keys/values of an auth map.

type Map

type Map struct {
	*ebpf.Map
}

func AuthMap

func AuthMap() *Map

AuthMap returns the initialized auth map

func (*Map) Delete

func (m *Map) Delete(localIdentity identity.NumericIdentity, remoteIdentity identity.NumericIdentity, remoteNodeID uint16, authType policy.AuthType) error

Delete deletes the auth map object associated with the provided (local identity, remote identity, remote host id, auth type) quadruple.

func (*Map) IterateWithCallback

func (m *Map) IterateWithCallback(cb IterateCallback) error

IterateWithCallback iterates through all the keys/values of an auth map, passing each key/value pair to the cb callback.

func (*Map) Lookup

func (m *Map) Lookup(localIdentity identity.NumericIdentity, remoteIdentity identity.NumericIdentity, remoteNodeID uint16, authType policy.AuthType) (*AuthInfo, error)

Lookup returns the auth map object associated with the provided (local identity, remote identity, remote host id, auth type) quadruple.

func (*Map) Update

func (m *Map) Update(localIdentity identity.NumericIdentity, remoteIdentity identity.NumericIdentity, remoteNodeID uint16, authType policy.AuthType, expiration uint64) error

Update inserts or updates the auth map object associated with the provided (local identity, remote identity, remote host id, auth type) quadruple.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL