Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tetragon: Switch to BTF defined maps #367

Merged
merged 4 commits into from
Sep 7, 2022
Merged

tetragon: Switch to BTF defined maps #367

merged 4 commits into from
Sep 7, 2022

Conversation

olsajiri
Copy link
Contributor

@olsajiri olsajiri commented Aug 29, 2022
edited
Loading

Switching to BTF defined maps. This allows to dump map values nicely, like:

# bpftool map dump pinned execve_map | head -10
[{
        "key": 431671,
        "value": {
            "key": {
                "pid": 431671,
                "pad": [0,0,0,0
                ],
                "ktime": 171231811545404
            },
            "pkey": {
...

Signed-off-by: Jiri Olsa [email protected]

@olsajiri olsajiri force-pushed the btf_maps branch 3 times, most recently from d12f47e to 67e4d38 Compare August 29, 2022 11:53
@olsajiri olsajiri marked this pull request as ready for review August 29, 2022 12:44
@olsajiri olsajiri requested a review from a team as a code owner August 29, 2022 12:44
@olsajiri olsajiri requested a review from kevsecurity August 29, 2022 12:44
@kkourt kkourt added the needs-rebase This PR needs to be rebased because it has merge conflicts. label Aug 31, 2022
kkourt
kkourt approved these changes Sep 5, 2022
View reviewed changes
Copy link
Contributor

@kkourt kkourt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checkpatch failures seem to be in bpf_helpers.h, so not much we can do about it.

@kkourt kkourt marked this pull request as draft September 5, 2022 08:51
@kkourt kkourt removed the needs-rebase This PR needs to be rebased because it has merge conflicts. label Sep 5, 2022
@olsajiri olsajiri marked this pull request as ready for review September 5, 2022 13:33
@olsajiri
tetragon: Change base sensors to use BTF maps defitions
08030ad 
Changing base sensors to use BTF maps defitions.

Signed-off-by: Jiri Olsa <[email protected]>
@olsajiri
tetragon: Change kprobe sensor to use BTF maps defitions
0fa93d1 
Changing kprobe sensor to use BTF maps defitions.

Signed-off-by: Jiri Olsa <[email protected]>
@olsajiri
tetragon: Change tracepoint sensor to use BTF maps defitions
11fbc99 
Changing tracepoint sensor to use BTF maps defitions.

Signed-off-by: Jiri Olsa <[email protected]>
@olsajiri
tetragon: Change retkprobe sensor to use BTF maps defitions
c4520f1 
Changing retkprobe sensor to use BTF maps defitions.

Signed-off-by: Jiri Olsa <[email protected]>
@kkourt kkourt merged commit 314fc59 into cilium:main Sep 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tpapagian tpapagian tpapagian approved these changes

@kkourt kkourt kkourt approved these changes

@kevsecurity kevsecurity Awaiting requested review from kevsecurity kevsecurity is a code owner automatically assigned from cilium/tetragon

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@olsajiri @kkourt @tpapagian