policy

package
v0.19.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 1, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	UIDFilterMap         = "uid_filter"
	PIDFilterMap         = "pid_filter"
	MntNSFilterMap       = "mnt_ns_filter"
	PidNSFilterMap       = "pid_ns_filter"
	UTSFilterMap         = "uts_ns_filter"
	CommFilterMap        = "comm_filter"
	ProcessTreeFilterMap = "process_tree_map"
	CgroupIdFilterMap    = "cgroup_id_filter"
	ContIdFilter         = "cont_id_filter"
	BinaryFilterMap      = "binary_filter"
	ProcInfoMap          = "proc_info_map"

	AllPoliciesOn = 0xFFFFFFFFFFFFFFFF
)
View Source 
const MaxPolicies = 64

Variables

View Source 
var AlwaysSubmit = events.EventState{
	Submit: AllPoliciesOn,
}

Functions

func PoliciesMaxExceededError 

func PoliciesMaxExceededError() error

func PoliciesOutOfRangeError 

func PoliciesOutOfRangeError(idx int) error

func PolicyAlreadyExists 

func PolicyAlreadyExists(policy *Policy, id int) error

func PolicyNilError 

func PolicyNilError() error

func PolicyNotFoundByIDError added in v0.17.2 

func PolicyNotFoundByIDError(idx int) error

func PolicyNotFoundByNameError added in v0.17.2 

func PolicyNotFoundByNameError(name string) error

Types

type Policies 

type Policies struct {
	// contains filtered or unexported fields
}

TODO: add locking mechanism as policies will change at runtime

func NewPolicies 

func NewPolicies() *Policies

func (*Policies) Add 

func (ps *Policies) Add(p *Policy) error

Add adds a policy to Policies. Its ID (index) is set to the first room found. Returns nil if policy is already inserted.

func (*Policies) Compute 

func (ps *Policies) Compute()

Compute recalculates values, updates flags, fills the reduced userland map, and sets the related bitmap that is used to prevent the iteration of the entire map.

It must be called at initialization and at every runtime policies changes.

func (*Policies) ContainerFilterEnabled 

func (ps *Policies) ContainerFilterEnabled() uint64

ContainerFilterEnabled returns a bitmap of policies that have at least one container filter type enabled.

TODO: make sure the stores are also atomic (an atomic load is only protecting the read from context switches, not from CPU cache coherency issues).

func (*Policies) Count 

func (ps *Policies) Count() int

func (*Policies) Delete 

func (ps *Policies) Delete(id int) error

Delete deletes a policy from Policies.

func (*Policies) FilterableInUserland 

func (ps *Policies) FilterableInUserland() uint64

FilterableInUserland returns a bitmap of policies that must be filtered in userland (ArgFilter, RetFilter, ContextFilter, UIDFilter and PIDFilter).

TODO: make sure the stores are also atomic (an atomic load is only protecting the read from context switches, not from CPU cache coherency issues).

func (*Policies) FilterableInUserlandMap 

func (ps *Policies) FilterableInUserlandMap() map[*Policy]int

FilterableInUserlandMap returns a reduced policies map which must be filtered in userland (ArgFilter, RetFilter, ContextFilter, UIDFilter and PIDFilter).

func (*Policies) LookupById added in v0.17.2 

func (ps *Policies) LookupById(id int) (*Policy, error)

LookupById returns a policy by ID.

func (*Policies) LookupByName added in v0.17.2 

func (ps *Policies) LookupByName(name string) (*Policy, error)

LookupByName returns a policy by name.

func (*Policies) Map 

func (ps *Policies) Map() map[*Policy]int

Map returns map with all policies.

func (*Policies) MatchedNames 

func (ps *Policies) MatchedNames(matched uint64) []string

MatchedNames returns a list of matched policies names based on the given matched bitmap.

func (*Policies) PIDFilterMax 

func (ps *Policies) PIDFilterMax() uint64

func (*Policies) PIDFilterMin 

func (ps *Policies) PIDFilterMin() uint64

func (*Policies) PIDFilterableInUserland 

func (ps *Policies) PIDFilterableInUserland() bool

func (*Policies) Set 

func (ps *Policies) Set(p *Policy) error

func (*Policies) UIDFilterMax 

func (ps *Policies) UIDFilterMax() uint64

func (*Policies) UIDFilterMin 

func (ps *Policies) UIDFilterMin() uint64

func (*Policies) UIDFilterableInUserland 

func (ps *Policies) UIDFilterableInUserland() bool

type Policy 

type Policy struct {
	ID                int
	Name              string
	EventsToTrace     map[events.ID]string
	UIDFilter         *filters.BPFUIntFilter[uint32]
	PIDFilter         *filters.BPFUIntFilter[uint32]
	NewPidFilter      *filters.BoolFilter
	MntNSFilter       *filters.BPFUIntFilter[uint64]
	PidNSFilter       *filters.BPFUIntFilter[uint64]
	UTSFilter         *filters.BPFStringFilter
	CommFilter        *filters.BPFStringFilter
	ContFilter        *filters.BoolFilter
	NewContFilter     *filters.BoolFilter
	ContIDFilter      *filters.ContainerFilter
	RetFilter         *filters.RetFilter
	ArgFilter         *filters.ArgFilter
	ContextFilter     *filters.ContextFilter
	ProcessTreeFilter *filters.ProcessTreeFilter
	BinaryFilter      *filters.BPFBinaryFilter
	Follow            bool
}

func NewPolicy 

func NewPolicy() *Policy

func (*Policy) ContainerFilterEnabled 

func (ps *Policy) ContainerFilterEnabled() bool

ContainerFilterEnabled returns true when the policy has at least one container filter type enabled

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.