selectors

package
v1.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 17, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ActionTypeInvalid      = -1
	ActionTypePost         = 0
	ActionTypeFollowFd     = 1
	ActionTypeSigKill      = 2
	ActionTypeUnfollowFd   = 3
	ActionTypeOverride     = 4
	ActionTypeCopyFd       = 5
	ActionTypeGetUrl       = 6
	ActionTypeDnsLookup    = 7
	ActionTypeNoPost       = 8
	ActionTypeSignal       = 9
	ActionTypeTrackSock    = 10
	ActionTypeUntrackSock  = 11
	ActionTypeNotifyKiller = 12
)
View Source 
const (
	SelectorOpGT  = 1
	SelectorOpLT  = 2
	SelectorOpEQ  = 3
	SelectorOpNEQ = 4
	// Pid and Namespace ops
	SelectorOpIn    = 5
	SelectorOpNotIn = 6
	// String ops
	SelectorOpPrefix  = 8
	SelectorOpPostfix = 9
	// Map ops
	SelectorInMap    = 10
	SelectorNotInMap = 11

	SelectorOpMASK = 12

	// socket ops
	SelectorOpSaddr        = 13
	SelectorOpDaddr        = 14
	SelectorOpSport        = 15
	SelectorOpDport        = 16
	SelectorOpProtocol     = 17
	SelectorOpNotSport     = 18
	SelectorOpNotDport     = 19
	SelectorOpSportPriv    = 20
	SelectorOpNotSportPriv = 21
	SelectorOpDportPriv    = 22
	SelectorOpNotDportPriv = 23
	SelectorOpNotSaddr     = 24
	SelectorOpNotDaddr     = 25
	// file ops
	SelectorOpNotPrefix  = 26
	SelectorOpNotPostfix = 27
	// more socket ops
	SelectorOpFamily = 28
	SelectorOpState  = 29
)
View Source 
const (
	StringMapsNumSubMaps   = 6
	MaxStringMapsSize      = 6*stringMapsKeyIncSize + 1
	StringPrefixMaxLength  = 256
	StringPostfixMaxLength = 128
)

Variables

View Source 
var (
	StringMapsSizes = [StringMapsNumSubMaps]int{1*stringMapsKeyIncSize + 1,
		2*stringMapsKeyIncSize + 1,
		3*stringMapsKeyIncSize + 1,
		4*stringMapsKeyIncSize + 1,
		5*stringMapsKeyIncSize + 1,
		6*stringMapsKeyIncSize + 1}
)

Functions

func ActionTypeFromString added in v0.10.0 

func ActionTypeFromString(action string) int32

func AdvanceSelectorLength 

func AdvanceSelectorLength(k *KernelSelectorState) uint32

func ArgPostfixSelectorValue added in v1.0.0 

func ArgPostfixSelectorValue(v string, removeNul bool) ([]byte, uint32)

func ArgSelectorValue 

func ArgSelectorValue(v string) ([]byte, uint32)

func ArgStringSelectorValue added in v1.0.0 

func ArgStringSelectorValue(v string, removeNul bool) ([MaxStringMapsSize]byte, int, error)

func ArgTypeToString 

func ArgTypeToString(t uint32) string

func GetCurrentOffset added in v0.10.0 

func GetCurrentOffset(k *KernelSelectorState) uint32

func HasEarlyBinaryFilter added in v0.10.0 

func HasEarlyBinaryFilter(selectors []v1alpha1.KProbeSelector) bool

func HasOverride 

func HasOverride(spec *v1alpha1.KProbeSpec) bool

func HasSigkillAction added in v1.0.0 

func HasSigkillAction(kspec *v1alpha1.KProbeSpec) bool

func InitKernelSelectors 

func InitKernelSelectors(selectors []v1alpha1.KProbeSelector, args []v1alpha1.KProbeArg, actionArgTable *idtable.Table) ([4096]byte, error)

The byte array storing the selector configuration has the following format array := [N][S1_off][S2_off]...[SN_off][S1][S2][...][SN] 

N: is the number of selectors (u32)
Sx_off: is the relative offset of  selector x (diff of Sx to Sx_off)
Sx: holds the data for the selector

Each selector x starts with its length in bytes, and then stores a number of sections for the different matchers. Each section will typically starts with its length in bytes.

Sx := [length] 

[matchPIDs]
[matchNamespaces]
[matchCapabilities]
[matchNamespaceChanges]
[matchCapabilityChanges]
[matchArgs]
[matchActions]

matchPIDs := [length][PID1][PID2]...[PIDn] matchNamespaces := [length][NSx][NSy]...[NSn] matchCapabilities := [length][CAx][CAy]...[CAn] matchNamespaceChanges := [length][NCx][NCy]...[NCn] matchCapabilityChanges := [length][CAx][CAy]...[CAn] matchArgs := [length][ARGx][ARGy]...[ARGn] PIDn := [op][flags][nValues][v1]...[vn] Argn := [index][op][valueGen] NSn := namespace[op][valueInt] NCn := [op][valueInt] CAn := [type][op][namespacecap][valueInt] valueGen := [type][len][v] valueInt := [len][v]

For some examples, see kernel_test.go

func MatchActionSigKill 

func MatchActionSigKill(spec interface{}) bool

func ParseMatchAction added in v0.9.0 

func ParseMatchAction(k *KernelSelectorState, action *v1alpha1.ActionSelector, actionArgTable *idtable.Table) error

func ParseMatchActions added in v0.9.0 

func ParseMatchActions(k *KernelSelectorState, actions []v1alpha1.ActionSelector, actionArgTable *idtable.Table) error

func ParseMatchArg added in v0.9.0 

func ParseMatchArg(k *KernelSelectorState, arg *v1alpha1.ArgSelector, sig []v1alpha1.KProbeArg) error

func ParseMatchArgs added in v0.9.0 

func ParseMatchArgs(k *KernelSelectorState, args []v1alpha1.ArgSelector, sig []v1alpha1.KProbeArg) error

func ParseMatchBinaries added in v0.9.0 

func ParseMatchBinaries(k *KernelSelectorState, binarys []v1alpha1.BinarySelector, selIdx int) error

func ParseMatchBinary added in v0.9.0 

func ParseMatchBinary(k *KernelSelectorState, b *v1alpha1.BinarySelector, selIdx int) error

func ParseMatchCapabilities added in v0.9.0 

func ParseMatchCapabilities(k *KernelSelectorState, actions []v1alpha1.CapabilitiesSelector) error

func ParseMatchCapabilityChanges added in v0.9.0 

func ParseMatchCapabilityChanges(k *KernelSelectorState, actions []v1alpha1.CapabilitiesSelector) error

func ParseMatchCaps added in v0.9.0 

func ParseMatchCaps(k *KernelSelectorState, action *v1alpha1.CapabilitiesSelector) error

func ParseMatchNamespace added in v0.9.0 

func ParseMatchNamespace(k *KernelSelectorState, action *v1alpha1.NamespaceSelector) error

func ParseMatchNamespaceChange added in v0.9.0 

func ParseMatchNamespaceChange(k *KernelSelectorState, action *v1alpha1.NamespaceChangesSelector) error

func ParseMatchNamespaceChanges added in v0.9.0 

func ParseMatchNamespaceChanges(k *KernelSelectorState, actions []v1alpha1.NamespaceChangesSelector) error

func ParseMatchNamespaces added in v0.9.0 

func ParseMatchNamespaces(k *KernelSelectorState, actions []v1alpha1.NamespaceSelector) error

func ParseMatchPid added in v0.9.0 

func ParseMatchPid(k *KernelSelectorState, pid *v1alpha1.PIDSelector) error

func ParseMatchPids added in v0.9.0 

func ParseMatchPids(k *KernelSelectorState, matchPids []v1alpha1.PIDSelector) error

func SelectorOp added in v0.9.0 

func SelectorOp(op string) (uint32, error)

func WriteSelectorByteArray 

func WriteSelectorByteArray(k *KernelSelectorState, b []byte, size uint32)

func WriteSelectorInt32 

func WriteSelectorInt32(k *KernelSelectorState, v int32)

func WriteSelectorInt64 

func WriteSelectorInt64(k *KernelSelectorState, v int64)

func WriteSelectorLength 

func WriteSelectorLength(k *KernelSelectorState, loff uint32)

func WriteSelectorOffsetUint32 added in v0.10.0 

func WriteSelectorOffsetUint32(k *KernelSelectorState, loff uint32, val uint32)

func WriteSelectorUint32 

func WriteSelectorUint32(k *KernelSelectorState, v uint32)

func WriteSelectorUint64 

func WriteSelectorUint64(k *KernelSelectorState, v uint64)

Types

type ActionArgEntry added in v0.8.4 

type ActionArgEntry struct {
	// contains filtered or unexported fields
}

Action argument table entry (for URL and FQDN arguments)

func (*ActionArgEntry) GetArg added in v0.8.4 

func (g *ActionArgEntry) GetArg() string

func (*ActionArgEntry) SetID added in v0.8.4 

func (g *ActionArgEntry) SetID(id idtable.EntryID)

type KernelLPMTrie4 added in v1.0.0 

type KernelLPMTrie4 struct {
	// contains filtered or unexported fields
}

type KernelLPMTrie6 added in v1.0.0 

type KernelLPMTrie6 struct {
	// contains filtered or unexported fields
}

type KernelLPMTrieStringPostfix added in v1.0.0 

type KernelLPMTrieStringPostfix struct {
	// contains filtered or unexported fields
}

type KernelLPMTrieStringPrefix added in v1.0.0 

type KernelLPMTrieStringPrefix struct {
	// contains filtered or unexported fields
}

type KernelSelectorMaps added in v1.0.0 

type KernelSelectorMaps struct {
	// contains filtered or unexported fields
}

type KernelSelectorState 

type KernelSelectorState struct {
	// contains filtered or unexported fields
}

func InitKernelSelectorState added in v0.8.3 

func InitKernelSelectorState(selectors []v1alpha1.KProbeSelector, args []v1alpha1.KProbeArg,
	actionArgTable *idtable.Table, listReader ValueReader, maps *KernelSelectorMaps) (*KernelSelectorState, error)

func NewKernelSelectorState added in v0.9.0 

func NewKernelSelectorState(listReader ValueReader, maps *KernelSelectorMaps) *KernelSelectorState

func (*KernelSelectorState) AddBinaryName added in v0.9.0 

func (k *KernelSelectorState) AddBinaryName(selIdx int, binary string)

func (*KernelSelectorState) Addr4Maps added in v0.11.0 

func (k *KernelSelectorState) Addr4Maps() []map[KernelLPMTrie4]struct{}

func (*KernelSelectorState) Addr4MapsMaxEntries added in v0.11.0 

func (k *KernelSelectorState) Addr4MapsMaxEntries() int

Addr4MapsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) Addr6Maps added in v0.11.0 

func (k *KernelSelectorState) Addr6Maps() []map[KernelLPMTrie6]struct{}

func (*KernelSelectorState) Addr6MapsMaxEntries added in v0.11.0 

func (k *KernelSelectorState) Addr6MapsMaxEntries() int

Addr6MapsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) Buffer added in v0.8.3 

func (k *KernelSelectorState) Buffer() [4096]byte

func (*KernelSelectorState) GetBinSelNamesMap added in v0.9.0 

func (k *KernelSelectorState) GetBinSelNamesMap() map[int]*MatchBinariesMappings

func (*KernelSelectorState) GetBinaryOp added in v0.9.0 

func (k *KernelSelectorState) GetBinaryOp(selIdx int) uint32

func (*KernelSelectorState) GetNewBinaryMappings added in v0.9.0 

func (k *KernelSelectorState) GetNewBinaryMappings() map[uint32]string

func (*KernelSelectorState) SetBinaryOp added in v0.9.0 

func (k *KernelSelectorState) SetBinaryOp(selIdx int, op uint32)

func (*KernelSelectorState) StringMaps added in v1.0.0 

func (k *KernelSelectorState) StringMaps(subMap int) []map[[MaxStringMapsSize]byte]struct{}

func (*KernelSelectorState) StringMapsMaxEntries added in v1.0.0 

func (k *KernelSelectorState) StringMapsMaxEntries(subMap int) int

StringMapsMaxEntries returns the maximum entries over all maps inside a particular map of map

func (*KernelSelectorState) StringPostfixMaps added in v1.0.0 

func (k *KernelSelectorState) StringPostfixMaps() []map[KernelLPMTrieStringPostfix]struct{}

func (*KernelSelectorState) StringPostfixMapsMaxEntries added in v1.0.0 

func (k *KernelSelectorState) StringPostfixMapsMaxEntries() int

StringPostfixMapsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) StringPrefixMaps added in v1.0.0 

func (k *KernelSelectorState) StringPrefixMaps() []map[KernelLPMTrieStringPrefix]struct{}

func (*KernelSelectorState) StringPrefixMapsMaxEntries added in v1.0.0 

func (k *KernelSelectorState) StringPrefixMapsMaxEntries() int

StringPrefixMapsMaxEntries returns the maximum entries over all maps

func (*KernelSelectorState) ValueMaps added in v0.8.3 

func (k *KernelSelectorState) ValueMaps() []ValueMap

func (*KernelSelectorState) ValueMapsMaxEntries added in v0.11.0 

func (k *KernelSelectorState) ValueMapsMaxEntries() int

ValueMapsMaxEntries returns the maximum entries over all maps

type MatchBinariesMappings added in v0.9.0 

type MatchBinariesMappings struct {
	// contains filtered or unexported fields
}

func (*MatchBinariesMappings) GetBinSelNamesMap added in v0.9.0 

func (k *MatchBinariesMappings) GetBinSelNamesMap() map[uint32]uint32

type SelectorStringMaps added in v1.0.0 

type SelectorStringMaps [StringMapsNumSubMaps]map[[MaxStringMapsSize]byte]struct{}

type StringMapLists added in v1.0.0 

type StringMapLists [StringMapsNumSubMaps][]map[[MaxStringMapsSize]byte]struct{}

type ValueMap added in v0.11.0 

type ValueMap struct {
	Data map[[8]byte]struct{}
}

type ValueReader added in v0.11.0 

type ValueReader interface {
	Read(value string) ([]uint32, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.