bpf

package

v0.0.0-...-5c79d48 Latest Latest Go to latest Published: Feb 15, 2024 License: AGPL-3.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/juser0719/teleport

Documentation ¶

Index ¶

func IsHostCompatible() error
func SystemHasBPF() bool
type BPF
- func New(_ *servicecfg.BPFConfig) (BPF, error)
type NOP
type Service
type SessionContext

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func IsHostCompatible ¶

func IsHostCompatible() error

IsHostCompatible checks that BPF programs can run on this host.

func SystemHasBPF ¶

func SystemHasBPF() bool

SystemHasBPF returns true if the binary was build with support for BPF compiled in.

Types ¶

type BPF ¶

type BPF interface {
	// OpenSession will start monitoring all events within a session and
	// emitting them to the Audit Log.
	OpenSession(ctx *SessionContext) (uint64, error)

	// CloseSession will stop monitoring events for a particular session.
	CloseSession(ctx *SessionContext) error

	// Close will stop any running BPF programs.
	Close(restarting bool) error
}

BPF implements an interface to open and close a recording session.

func New ¶

func New(_ *servicecfg.BPFConfig) (BPF, error)

New returns a new NOP service. Note this function does nothing.

type NOP ¶

type NOP struct {
}

NOP is used on either non-Linux systems or when BPF support is not enabled.

func (*NOP) Close ¶

func (s *NOP) Close(bool) error

Close closes the NOP service. Note this function does nothing.

func (*NOP) CloseSession ¶

func (s *NOP) CloseSession(_ *SessionContext) error

CloseSession closes a NOP session. Note this function does nothing.

func (*NOP) OpenSession ¶

func (s *NOP) OpenSession(_ *SessionContext) (uint64, error)

OpenSession opens a NOP session. Note this function does nothing.

type Service ¶

type Service struct {
}

Service is used on non-Linux systems as a NOP service that allows the caller to open and close sessions that do nothing on systems that don't support eBPF.

type SessionContext ¶

type SessionContext struct {
	// Context is a cancel context, scoped to a server, and not a session.
	Context context.Context

	// Namespace is the namespace within which this session occurs.
	Namespace string

	// SessionID is the UUID of the given session.
	SessionID string

	// ServerID is the UUID of the server this session is executing on.
	ServerID string

	// ServerHostname is the hostname of the server this session is executing on.
	ServerHostname string

	// Login is the Unix login for this session.
	Login string

	// User is the Teleport user.
	User string

	// PID is the process ID of Teleport when it re-executes itself. This is
	// used by Teleport to find itself by cgroup.
	PID int

	// Emitter is used to record events for a particular session
	Emitter apievents.Emitter

	// Events is the set of events (command, disk, or network) to record for
	// this session.
	Events map[string]bool
}

SessionContext contains all the information needed to track and emit events for a particular session. Most of this information is already within srv.ServerContext, unfortunately due to circular imports with lib/srv and lib/bpf, part of that structure is reproduced in SessionContext.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL