ebpf

package
v0.0.0-...-fc9e8e4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 4, 2025 License: GPL-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MapMaxEntries = 1024
	KprobedFunc   = "inode_permission"
)

Variables

View Source 
var (
	RingbuffReader *ringbuf.Reader = nil
	Objs           bpfObjects      = bpfObjects{}
	Kprobe         link.Link       = nil
	Loaded         bool            = false
)

Functions

func LoadEbpf 

func LoadEbpf(ctx context.Context) error

* Loads the eBPF objects, the eBPF program and opens the ring * buffer.

func ReadAlert 

func ReadAlert(ctx context.Context, cli client.Reader) (hivev1alpha1.HiveAlert, error)

func ReadEbpfData 

func ReadEbpfData() (bpfLogData, error)

* Read the data from the Ringbuffer, hangs until data is received or * returns an error. This function can be used without a running * kubernetes cluster.

func ResetTracedInodes 

func ResetTracedInodes(index uint32) error

* Fills a map with zeroes from index to MapMaxEntries.

func UnloadEbpf 

func UnloadEbpf(ctx context.Context) error

* Unload the eBPF program, objects and ringbuffer.

func UpdateTracedInodes 

func UpdateTracedInodes(index uint32, value uint64) error

* Update element at index with value in the TracedInodes map.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.