Skip to content

Commit

Permalink
probes: split from events and add required field
Browse files Browse the repository at this point in the history
This is done through the following steps:
1. Split the probes into a separate module
2. Probes are handled implicitly through handles
3. Events have probe dependencies which includes
a handle and a required field
4. Attaching failure is handled according to the required field
  • Loading branch information
NDStrahilevitz committed Jun 7, 2022
1 parent 6b0cad4 commit 5bb22be
Show file tree
Hide file tree
Showing 5 changed files with 411 additions and 217 deletions.
5 changes: 3 additions & 2 deletions cmd/tracee-ebpf/capabilities.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package main

import (
"fmt"

"github.com/aquasecurity/tracee/pkg/capabilities"
tracee "github.com/aquasecurity/tracee/pkg/ebpf"
"github.com/syndtr/gocapability/capability"
Expand Down Expand Up @@ -54,10 +55,10 @@ func generateTraceeEbpfRequiredCapabilities(OSInfo IKernelVersionInfo, cfg *trac

func getCapabilitiesRequiredByTraceeEvents(cfg *tracee.Config) []capability.Cap {
usedEvents := cfg.Filter.EventsToTrace
for eventID := range tracee.CreateEssentialEventsList(cfg) {
for eventID := range tracee.GetEssentialEventsList(cfg) {
usedEvents = append(usedEvents, eventID)
}
for eventID := range tracee.GetCaptureEventsConfig(cfg) {
for eventID := range tracee.GetCaptureEventsList(cfg) {
usedEvents = append(usedEvents, eventID)
}
caps := tracee.GetCapabilitiesRequiredByEvents(usedEvents)
Expand Down
3 changes: 2 additions & 1 deletion cmd/tracee-ebpf/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -191,7 +191,8 @@ func main() {
}

cfg.ChanEvents = make(chan trace.Event)
cfg.ChanErrors = make(chan error)
// We buffer the error channel because we may want to publish errors before we start flusing this channel
cfg.ChanErrors = make(chan error, 10)

t, err := tracee.New(cfg)
if err != nil {
Expand Down
Loading

0 comments on commit 5bb22be

Please sign in to comment.