ops

package
v1.3.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 23, 2024 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MSG_OP_UNDEF = 0
	// MSG_OP_EXECVE event indicates a process was created. The 'PID'
	// and 'Common' fields will be populated. This event is positioned
	// after exec() calls have been validated so failed syscalls will
	// not be reported. To generate events provide the '-e' option to
	// tetragon, without the option the hook only populates the data
	// store for later use by above events.
	MSG_OP_EXECVE = 5
	MSG_OP_EXIT   = 7

	MSG_OP_GENERIC_KPROBE     = 13
	MSG_OP_GENERIC_TRACEPOINT = 14
	MSG_OP_GENERIC_UPROBE     = 15
	MSG_OP_GENERIC_LSM        = 16

	// MSG_OP_CLONE notifies user-space that a clone() event has occurred.
	MSG_OP_CLONE    = 23
	MSG_OP_DATA     = 24
	MSG_OP_CGROUP   = 25
	MSG_OP_LOADER   = 26
	MSG_OP_THROTTLE = 27

	// just for testing
	MSG_OP_TEST = 254
)

OpCodes must be in sync with msg_ops enum in bpf/lib/msg_types.h and should have a human-readable representation in OpCodeStrings.

Variables

View Source 
var OpCodeStrings = map[OpCode]string{
	MSG_OP_UNDEF:              "Undef",
	MSG_OP_EXECVE:             "Execve",
	MSG_OP_EXIT:               "Exit",
	MSG_OP_GENERIC_KPROBE:     "GenericKprobe",
	MSG_OP_GENERIC_TRACEPOINT: "GenericTracepoint",
	MSG_OP_GENERIC_UPROBE:     "GenericUprobe",
	MSG_OP_GENERIC_LSM:        "GenericLSM",
	MSG_OP_CLONE:              "Clone",
	MSG_OP_DATA:               "Data",
	MSG_OP_CGROUP:             "Cgroup",
	MSG_OP_LOADER:             "Loader",
	MSG_OP_THROTTLE:           "Throttle",
	MSG_OP_TEST:               "Test",
}

Functions

This section is empty.

Types

type CgroupOpCode 

type CgroupOpCode int
const (
	MSG_OP_CGROUP_UNDEF       CgroupOpCode = iota
	MSG_OP_CGROUP_MKDIR       CgroupOpCode = 1
	MSG_OP_CGROUP_RMDIR       CgroupOpCode = 2
	MSG_OP_CGROUP_RELEASE     CgroupOpCode = 3
	MSG_OP_CGROUP_ATTACH_TASK CgroupOpCode = 10
)

Cgroup Operations that are sent from BPF side. Right now they are used only for logging and debugging, except for CGROUP_ATTACH_TASK which will be used to detect cgroup configuration.

func (CgroupOpCode) String 

func (op CgroupOpCode) String() string

type CgroupState 

type CgroupState int
const (
	CGROUP_UNTRACKED    CgroupState = iota // Cgroup was created but we did not track it
	CGROUP_NEW          CgroupState = 1    // Cgroup was just created
	CGROUP_RUNNING      CgroupState = 2    // Cgroup from new => running (fork,exec task inside)
	CGROUP_RUNNING_PROC CgroupState = 3    // Cgroups that were generated from pids of procfs

)

Different cgroup states.

func (CgroupState) String 

func (st CgroupState) String() string

type OpCode 

type OpCode int

func (OpCode) String 

func (op OpCode) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.