proc

package

v0.8.17 Latest Latest Go to latest Published: Feb 21, 2023 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/go-faster/tetragon

Links

Open Source Insights

Documentation ¶

Overview ¶

SPDX-License-Identifier: Apache-2.0 Copyright Authors of Tetragon

Index ¶

Constants
func GetLoginUid(status *Status) (uint32, error)
func GetProcPid(pid string) (uint64, error)
func GetProcStatStrings(file string) ([]string, error)
func GetStatsKtime(s []string) (uint64, error)
func GetUids(status *Status) (uint32, uint32, error)
func PrependPath(s string, b []byte) []byte
type Status
- func GetStatus(file string) (*Status, error)

Constants ¶

View Source

const (

	// Linux UIDs range from 0..4294967295, the initial mapping of user IDs is 0:0:4294967295.
	//
	// If Tetragon is not run in this initial mapping due to user namespaces or runtime
	// modifications then reading uids of pids from /proc may return the overflow UID 65534
	// if the mapping config where Tetragon is running does not have a mapping of the
	// the uid of the target pid.
	// The overflow UID is runtime config at /proc/sys/kernel/{overflowuid,overflowgid}.
	//
	// The overflow UID historically is also the "nobody" UID, so there is some confusion
	// there. Tetragon may get overflowuid from kernel but users could confuse this with
	// the "nobody" user that some distributions use.
	//
	// The UID 4294967295 (-1 as an unsigned integer) is an invalid UID, the kernel
	// ignores and return it in some cases where there is no mapping or to indicate an
	// an invalid UID. So we use it to initialize our UIDs and return it on errors.
	InvalidUid = ^uint32(0) // 4294967295 (2^32 - 1)
)

Variables ¶

This section is empty.

Functions ¶

func GetLoginUid ¶

func GetLoginUid(status *Status) (uint32, error)

Returns the task loginuid on success, if we fail we return the invalid uid 4294967295 that is same value of tasks without loginuid.

func GetProcPid ¶

func GetProcPid(pid string) (uint64, error)

func GetProcStatStrings ¶

func GetProcStatStrings(file string) ([]string, error)

func GetStatsKtime ¶

func GetStatsKtime(s []string) (uint64, error)

func GetUids ¶

func GetUids(status *Status) (uint32, uint32, error)

Returns real uid and effective uid on success. If we fail we do not return the overflow ID, we return the invalid UID 4294967295 (-1 as an unsigned integer). The overflow ID is returned when the kernel decides and pass it back, as it can be a valid indication of UID mapping error.

func PrependPath ¶

func PrependPath(s string, b []byte) []byte

Types ¶

type Status ¶

type Status struct {
	// Real, effective, saved, and filesystem.
	Uids []string

	// /proc/[pid]/loginuid
	LoginUid string
}

Status reflects fields of `/proc/[pid]/status` and other fields that we want

func GetStatus ¶

func GetStatus(file string) (*Status, error)

Source Files ¶

View all Source files

proc.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL