diff --git a/api/v1/README.md b/api/v1/README.md index 12c8d973bf3..6bf3990c6a4 100644 --- a/api/v1/README.md +++ b/api/v1/README.md @@ -45,6 +45,7 @@ - [ProcessExit](#tetragon-ProcessExit) - [ProcessKprobe](#tetragon-ProcessKprobe) - [ProcessLoader](#tetragon-ProcessLoader) + - [ProcessLsm](#tetragon-ProcessLsm) - [ProcessTracepoint](#tetragon-ProcessTracepoint) - [ProcessUprobe](#tetragon-ProcessUprobe) - [RuntimeHookRequest](#tetragon-RuntimeHookRequest) @@ -924,6 +925,28 @@ loader sensor event triggered for loaded binary/library + + +### ProcessLsm + + + +| Field | Type | Label | Description | +| ----- | ---- | ----- | ----------- | +| process | [Process](#tetragon-Process) | | | +| parent | [Process](#tetragon-Process) | | | +| function_name | [string](#string) | | LSM hook name. | +| policy_name | [string](#string) | | Name of the policy that created that LSM hook. | +| message | [string](#string) | | Short message of the Tracing Policy to inform users what is going on. | +| args | [KprobeArgument](#tetragon-KprobeArgument) | repeated | Arguments definition of the observed LSM hook. | +| action | [KprobeAction](#tetragon-KprobeAction) | | Action performed when the LSM hook matched. | +| tags | [string](#string) | repeated | Tags of the Tracing Policy to categorize the event. | + + + + + + ### ProcessTracepoint @@ -1292,6 +1315,7 @@ Capability set to filter over. NOTE: you may specify only ONE set here. | process_tracepoint | [ProcessTracepoint](#tetragon-ProcessTracepoint) | | ProcessTracepoint contains information about the pre-defined tracepoint and the process that invoked them. | | process_loader | [ProcessLoader](#tetragon-ProcessLoader) | | | | process_uprobe | [ProcessUprobe](#tetragon-ProcessUprobe) | | | +| process_lsm | [ProcessLsm](#tetragon-ProcessLsm) | | | | process_throttle | [ProcessThrottle](#tetragon-ProcessThrottle) | | | | test | [Test](#tetragon-Test) | | | | rate_limit_info | [RateLimitInfo](#tetragon-RateLimitInfo) | | | @@ -1371,6 +1395,7 @@ GetEventsResponse event oneof. | PROCESS_TRACEPOINT | 10 | | | PROCESS_LOADER | 11 | | | PROCESS_UPROBE | 12 | | +| PROCESS_LSM | 13 | | | PROCESS_THROTTLE | 27 | | | TEST | 40000 | | | RATE_LIMIT_INFO | 40001 | | diff --git a/api/v1/tetragon/codegen/eventchecker/eventchecker.pb.go b/api/v1/tetragon/codegen/eventchecker/eventchecker.pb.go index 7d5f8e8c5ca..b2fb69ede6e 100644 --- a/api/v1/tetragon/codegen/eventchecker/eventchecker.pb.go +++ b/api/v1/tetragon/codegen/eventchecker/eventchecker.pb.go @@ -274,6 +274,8 @@ func CheckerFromEvent(event Event) (EventChecker, error) { return NewProcessTracepointChecker("").FromProcessTracepoint(ev), nil case *tetragon.ProcessUprobe: return NewProcessUprobeChecker("").FromProcessUprobe(ev), nil + case *tetragon.ProcessLsm: + return NewProcessLsmChecker("").FromProcessLsm(ev), nil case *tetragon.Test: return NewTestChecker("").FromTest(ev), nil case *tetragon.ProcessLoader: @@ -336,6 +338,8 @@ func EventFromResponse(response *tetragon.GetEventsResponse) (Event, error) { return ev.ProcessTracepoint, nil case *tetragon.GetEventsResponse_ProcessUprobe: return ev.ProcessUprobe, nil + case *tetragon.GetEventsResponse_ProcessLsm: + return ev.ProcessLsm, nil case *tetragon.GetEventsResponse_Test: return ev.Test, nil case *tetragon.GetEventsResponse_ProcessLoader: @@ -1662,6 +1666,197 @@ func (checker *ProcessUprobeChecker) FromProcessUprobe(event *tetragon.ProcessUp return checker } +// ProcessLsmChecker implements a checker struct to check a ProcessLsm event +type ProcessLsmChecker struct { + CheckerName string `json:"checkerName"` + Process *ProcessChecker `json:"process,omitempty"` + Parent *ProcessChecker `json:"parent,omitempty"` + FunctionName *stringmatcher.StringMatcher `json:"functionName,omitempty"` + PolicyName *stringmatcher.StringMatcher `json:"policyName,omitempty"` + Message *stringmatcher.StringMatcher `json:"message,omitempty"` + Args *KprobeArgumentListMatcher `json:"args,omitempty"` + Action *KprobeActionChecker `json:"action,omitempty"` + Tags *StringListMatcher `json:"tags,omitempty"` +} + +// CheckEvent checks a single event and implements the EventChecker interface +func (checker *ProcessLsmChecker) CheckEvent(event Event) error { + if ev, ok := event.(*tetragon.ProcessLsm); ok { + return checker.Check(ev) + } + return fmt.Errorf("%s: %T is not a ProcessLsm event", CheckerLogPrefix(checker), event) +} + +// CheckResponse checks a single gRPC response and implements the EventChecker interface +func (checker *ProcessLsmChecker) CheckResponse(response *tetragon.GetEventsResponse) error { + event, err := EventFromResponse(response) + if err != nil { + return err + } + return checker.CheckEvent(event) +} + +// NewProcessLsmChecker creates a new ProcessLsmChecker +func NewProcessLsmChecker(name string) *ProcessLsmChecker { + return &ProcessLsmChecker{CheckerName: name} +} + +// Get the name associated with the checker +func (checker *ProcessLsmChecker) GetCheckerName() string { + return checker.CheckerName +} + +// Get the type of the checker as a string +func (checker *ProcessLsmChecker) GetCheckerType() string { + return "ProcessLsmChecker" +} + +// Check checks a ProcessLsm event +func (checker *ProcessLsmChecker) Check(event *tetragon.ProcessLsm) error { + if event == nil { + return fmt.Errorf("%s: ProcessLsm event is nil", CheckerLogPrefix(checker)) + } + + fieldChecks := func() error { + if checker.Process != nil { + if err := checker.Process.Check(event.Process); err != nil { + return fmt.Errorf("Process check failed: %w", err) + } + } + if checker.Parent != nil { + if err := checker.Parent.Check(event.Parent); err != nil { + return fmt.Errorf("Parent check failed: %w", err) + } + } + if checker.FunctionName != nil { + if err := checker.FunctionName.Match(event.FunctionName); err != nil { + return fmt.Errorf("FunctionName check failed: %w", err) + } + } + if checker.PolicyName != nil { + if err := checker.PolicyName.Match(event.PolicyName); err != nil { + return fmt.Errorf("PolicyName check failed: %w", err) + } + } + if checker.Message != nil { + if err := checker.Message.Match(event.Message); err != nil { + return fmt.Errorf("Message check failed: %w", err) + } + } + if checker.Args != nil { + if err := checker.Args.Check(event.Args); err != nil { + return fmt.Errorf("Args check failed: %w", err) + } + } + if checker.Action != nil { + if err := checker.Action.Check(&event.Action); err != nil { + return fmt.Errorf("Action check failed: %w", err) + } + } + if checker.Tags != nil { + if err := checker.Tags.Check(event.Tags); err != nil { + return fmt.Errorf("Tags check failed: %w", err) + } + } + return nil + } + if err := fieldChecks(); err != nil { + return fmt.Errorf("%s: %w", CheckerLogPrefix(checker), err) + } + return nil +} + +// WithProcess adds a Process check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithProcess(check *ProcessChecker) *ProcessLsmChecker { + checker.Process = check + return checker +} + +// WithParent adds a Parent check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithParent(check *ProcessChecker) *ProcessLsmChecker { + checker.Parent = check + return checker +} + +// WithFunctionName adds a FunctionName check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithFunctionName(check *stringmatcher.StringMatcher) *ProcessLsmChecker { + checker.FunctionName = check + return checker +} + +// WithPolicyName adds a PolicyName check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithPolicyName(check *stringmatcher.StringMatcher) *ProcessLsmChecker { + checker.PolicyName = check + return checker +} + +// WithMessage adds a Message check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithMessage(check *stringmatcher.StringMatcher) *ProcessLsmChecker { + checker.Message = check + return checker +} + +// WithArgs adds a Args check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithArgs(check *KprobeArgumentListMatcher) *ProcessLsmChecker { + checker.Args = check + return checker +} + +// WithAction adds a Action check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithAction(check tetragon.KprobeAction) *ProcessLsmChecker { + wrappedCheck := KprobeActionChecker(check) + checker.Action = &wrappedCheck + return checker +} + +// WithTags adds a Tags check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithTags(check *StringListMatcher) *ProcessLsmChecker { + checker.Tags = check + return checker +} + +//FromProcessLsm populates the ProcessLsmChecker using data from a ProcessLsm event +func (checker *ProcessLsmChecker) FromProcessLsm(event *tetragon.ProcessLsm) *ProcessLsmChecker { + if event == nil { + return checker + } + if event.Process != nil { + checker.Process = NewProcessChecker().FromProcess(event.Process) + } + if event.Parent != nil { + checker.Parent = NewProcessChecker().FromProcess(event.Parent) + } + checker.FunctionName = stringmatcher.Full(event.FunctionName) + checker.PolicyName = stringmatcher.Full(event.PolicyName) + checker.Message = stringmatcher.Full(event.Message) + { + var checks []*KprobeArgumentChecker + for _, check := range event.Args { + var convertedCheck *KprobeArgumentChecker + if check != nil { + convertedCheck = NewKprobeArgumentChecker().FromKprobeArgument(check) + } + checks = append(checks, convertedCheck) + } + lm := NewKprobeArgumentListMatcher().WithOperator(listmatcher.Ordered). + WithValues(checks...) + checker.Args = lm + } + checker.Action = NewKprobeActionChecker(event.Action) + { + var checks []*stringmatcher.StringMatcher + for _, check := range event.Tags { + var convertedCheck *stringmatcher.StringMatcher + convertedCheck = stringmatcher.Full(check) + checks = append(checks, convertedCheck) + } + lm := NewStringListMatcher().WithOperator(listmatcher.Ordered). + WithValues(checks...) + checker.Tags = lm + } + return checker +} + // TestChecker implements a checker struct to check a Test event type TestChecker struct { CheckerName string `json:"checkerName"` diff --git a/api/v1/tetragon/codegen/eventchecker/yaml/yaml.pb.go b/api/v1/tetragon/codegen/eventchecker/yaml/yaml.pb.go index f3ff5347a95..61eb2b0452a 100644 --- a/api/v1/tetragon/codegen/eventchecker/yaml/yaml.pb.go +++ b/api/v1/tetragon/codegen/eventchecker/yaml/yaml.pb.go @@ -145,6 +145,7 @@ type eventCheckerHelper struct { ProcessKprobe *eventchecker.ProcessKprobeChecker `json:"kprobe,omitempty"` ProcessTracepoint *eventchecker.ProcessTracepointChecker `json:"tracepoint,omitempty"` ProcessUprobe *eventchecker.ProcessUprobeChecker `json:"uprobe,omitempty"` + ProcessLsm *eventchecker.ProcessLsmChecker `json:"lsm,omitempty"` Test *eventchecker.TestChecker `json:"test,omitempty"` ProcessLoader *eventchecker.ProcessLoaderChecker `json:"loader,omitempty"` RateLimitInfo *eventchecker.RateLimitInfoChecker `json:"rateLimitInfo,omitempty"` @@ -193,6 +194,12 @@ func (checker *EventChecker) UnmarshalJSON(b []byte) error { } eventChecker = helper.ProcessUprobe } + if helper.ProcessLsm != nil { + if eventChecker != nil { + return fmt.Errorf("EventChecker: cannot define more than one checker, got %T but already had %T", helper.ProcessLsm, eventChecker) + } + eventChecker = helper.ProcessLsm + } if helper.Test != nil { if eventChecker != nil { return fmt.Errorf("EventChecker: cannot define more than one checker, got %T but already had %T", helper.Test, eventChecker) @@ -235,6 +242,8 @@ func (checker EventChecker) MarshalJSON() ([]byte, error) { helper.ProcessTracepoint = c case *eventchecker.ProcessUprobeChecker: helper.ProcessUprobe = c + case *eventchecker.ProcessLsmChecker: + helper.ProcessLsm = c case *eventchecker.TestChecker: helper.Test = c case *eventchecker.ProcessLoaderChecker: diff --git a/api/v1/tetragon/codegen/helpers/helpers.pb.go b/api/v1/tetragon/codegen/helpers/helpers.pb.go index 55f80b413ef..f4a241432a0 100644 --- a/api/v1/tetragon/codegen/helpers/helpers.pb.go +++ b/api/v1/tetragon/codegen/helpers/helpers.pb.go @@ -34,6 +34,8 @@ func ResponseTypeString(response *tetragon.GetEventsResponse) (string, error) { return tetragon.EventType_PROCESS_LOADER.String(), nil case *tetragon.GetEventsResponse_ProcessUprobe: return tetragon.EventType_PROCESS_UPROBE.String(), nil + case *tetragon.GetEventsResponse_ProcessLsm: + return tetragon.EventType_PROCESS_LSM.String(), nil case *tetragon.GetEventsResponse_ProcessThrottle: return tetragon.EventType_PROCESS_THROTTLE.String(), nil case *tetragon.GetEventsResponse_Test: @@ -72,6 +74,8 @@ func ResponseInnerGetProcess(event tetragon.IsGetEventsResponse_Event) *tetragon return ev.ProcessTracepoint.Process case *tetragon.GetEventsResponse_ProcessUprobe: return ev.ProcessUprobe.Process + case *tetragon.GetEventsResponse_ProcessLsm: + return ev.ProcessLsm.Process case *tetragon.GetEventsResponse_ProcessLoader: return ev.ProcessLoader.Process @@ -115,6 +119,8 @@ func ResponseInnerGetParent(event tetragon.IsGetEventsResponse_Event) *tetragon. return ev.ProcessTracepoint.Parent case *tetragon.GetEventsResponse_ProcessUprobe: return ev.ProcessUprobe.Parent + case *tetragon.GetEventsResponse_ProcessLsm: + return ev.ProcessLsm.Parent } return nil diff --git a/api/v1/tetragon/events.pb.go b/api/v1/tetragon/events.pb.go index f11dc36ba6c..b903f651925 100644 --- a/api/v1/tetragon/events.pb.go +++ b/api/v1/tetragon/events.pb.go @@ -41,6 +41,7 @@ const ( EventType_PROCESS_TRACEPOINT EventType = 10 EventType_PROCESS_LOADER EventType = 11 EventType_PROCESS_UPROBE EventType = 12 + EventType_PROCESS_LSM EventType = 13 EventType_PROCESS_THROTTLE EventType = 27 EventType_TEST EventType = 40000 EventType_RATE_LIMIT_INFO EventType = 40001 @@ -56,6 +57,7 @@ var ( 10: "PROCESS_TRACEPOINT", 11: "PROCESS_LOADER", 12: "PROCESS_UPROBE", + 13: "PROCESS_LSM", 27: "PROCESS_THROTTLE", 40000: "TEST", 40001: "RATE_LIMIT_INFO", @@ -68,6 +70,7 @@ var ( "PROCESS_TRACEPOINT": 10, "PROCESS_LOADER": 11, "PROCESS_UPROBE": 12, + "PROCESS_LSM": 13, "PROCESS_THROTTLE": 27, "TEST": 40000, "RATE_LIMIT_INFO": 40001, @@ -944,6 +947,7 @@ type GetEventsResponse struct { // *GetEventsResponse_ProcessTracepoint // *GetEventsResponse_ProcessLoader // *GetEventsResponse_ProcessUprobe + // *GetEventsResponse_ProcessLsm // *GetEventsResponse_ProcessThrottle // *GetEventsResponse_Test // *GetEventsResponse_RateLimitInfo @@ -1040,6 +1044,13 @@ func (x *GetEventsResponse) GetProcessUprobe() *ProcessUprobe { return nil } +func (x *GetEventsResponse) GetProcessLsm() *ProcessLsm { + if x, ok := x.GetEvent().(*GetEventsResponse_ProcessLsm); ok { + return x.ProcessLsm + } + return nil +} + func (x *GetEventsResponse) GetProcessThrottle() *ProcessThrottle { if x, ok := x.GetEvent().(*GetEventsResponse_ProcessThrottle); ok { return x.ProcessThrottle @@ -1117,6 +1128,10 @@ type GetEventsResponse_ProcessUprobe struct { ProcessUprobe *ProcessUprobe `protobuf:"bytes,12,opt,name=process_uprobe,json=processUprobe,proto3,oneof"` } +type GetEventsResponse_ProcessLsm struct { + ProcessLsm *ProcessLsm `protobuf:"bytes,13,opt,name=process_lsm,json=processLsm,proto3,oneof"` +} + type GetEventsResponse_ProcessThrottle struct { ProcessThrottle *ProcessThrottle `protobuf:"bytes,27,opt,name=process_throttle,json=processThrottle,proto3,oneof"` } @@ -1141,6 +1156,8 @@ func (*GetEventsResponse_ProcessLoader) isGetEventsResponse_Event() {} func (*GetEventsResponse_ProcessUprobe) isGetEventsResponse_Event() {} +func (*GetEventsResponse_ProcessLsm) isGetEventsResponse_Event() {} + func (*GetEventsResponse_ProcessThrottle) isGetEventsResponse_Event() {} func (*GetEventsResponse_Test) isGetEventsResponse_Event() {} @@ -1274,7 +1291,7 @@ var file_tetragon_events_proto_rawDesc = []byte{ 0x20, 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x06, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x22, 0xf3, 0x05, 0x0a, 0x11, 0x47, + 0x28, 0x09, 0x52, 0x06, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x22, 0xac, 0x06, 0x0a, 0x11, 0x47, 0x65, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3a, 0x0a, 0x0c, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x65, 0x78, 0x65, 0x63, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, @@ -1300,49 +1317,54 @@ var file_tetragon_events_proto_rawDesc = []byte{ 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x75, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x55, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x48, 0x00, 0x52, 0x0d, 0x70, - 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x55, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x12, 0x46, 0x0a, 0x10, - 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, - 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, - 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, - 0x65, 0x48, 0x00, 0x52, 0x0f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, - 0x74, 0x74, 0x6c, 0x65, 0x12, 0x26, 0x0a, 0x04, 0x74, 0x65, 0x73, 0x74, 0x18, 0xc0, 0xb8, 0x02, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, - 0x54, 0x65, 0x73, 0x74, 0x48, 0x00, 0x52, 0x04, 0x74, 0x65, 0x73, 0x74, 0x12, 0x43, 0x0a, 0x0f, - 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, - 0xc1, 0xb8, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, - 0x6f, 0x6e, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, 0x6f, - 0x48, 0x00, 0x52, 0x0d, 0x72, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, - 0x6f, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0xe8, - 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, - 0x2f, 0x0a, 0x04, 0x74, 0x69, 0x6d, 0x65, 0x18, 0xe9, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, - 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x04, 0x74, 0x69, 0x6d, 0x65, - 0x12, 0x45, 0x0a, 0x10, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, - 0x69, 0x6e, 0x66, 0x6f, 0x18, 0xea, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, - 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x42, 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, - 0x2a, 0xc7, 0x01, 0x0a, 0x09, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, - 0x0a, 0x05, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, - 0x43, 0x45, 0x53, 0x53, 0x5f, 0x45, 0x58, 0x45, 0x43, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x50, - 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x45, 0x58, 0x49, 0x54, 0x10, 0x05, 0x12, 0x12, 0x0a, - 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, - 0x09, 0x12, 0x16, 0x0a, 0x12, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x52, 0x41, - 0x43, 0x45, 0x50, 0x4f, 0x49, 0x4e, 0x54, 0x10, 0x0a, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, - 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x4f, 0x41, 0x44, 0x45, 0x52, 0x10, 0x0b, 0x12, 0x12, 0x0a, - 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x55, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, - 0x0c, 0x12, 0x14, 0x0a, 0x10, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x48, 0x52, - 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x10, 0x1b, 0x12, 0x0a, 0x0a, 0x04, 0x54, 0x45, 0x53, 0x54, 0x10, - 0xc0, 0xb8, 0x02, 0x12, 0x15, 0x0a, 0x0f, 0x52, 0x41, 0x54, 0x45, 0x5f, 0x4c, 0x49, 0x4d, 0x49, - 0x54, 0x5f, 0x49, 0x4e, 0x46, 0x4f, 0x10, 0xc1, 0xb8, 0x02, 0x2a, 0x2d, 0x0a, 0x11, 0x46, 0x69, - 0x65, 0x6c, 0x64, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, - 0x0b, 0x0a, 0x07, 0x49, 0x4e, 0x43, 0x4c, 0x55, 0x44, 0x45, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, - 0x45, 0x58, 0x43, 0x4c, 0x55, 0x44, 0x45, 0x10, 0x01, 0x2a, 0x4b, 0x0a, 0x0c, 0x54, 0x68, 0x72, - 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x48, 0x52, - 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, - 0x12, 0x0a, 0x0e, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x52, - 0x54, 0x10, 0x01, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, - 0x53, 0x54, 0x4f, 0x50, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x55, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x12, 0x37, 0x0a, 0x0b, + 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x73, 0x6d, 0x18, 0x0d, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x14, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, + 0x63, 0x65, 0x73, 0x73, 0x4c, 0x73, 0x6d, 0x48, 0x00, 0x52, 0x0a, 0x70, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x4c, 0x73, 0x6d, 0x12, 0x46, 0x0a, 0x10, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, + 0x5f, 0x74, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x48, 0x00, 0x52, 0x0f, 0x70, 0x72, + 0x6f, 0x63, 0x65, 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x12, 0x26, 0x0a, + 0x04, 0x74, 0x65, 0x73, 0x74, 0x18, 0xc0, 0xb8, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, + 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, 0x65, 0x73, 0x74, 0x48, 0x00, 0x52, + 0x04, 0x74, 0x65, 0x73, 0x74, 0x12, 0x43, 0x0a, 0x0f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, + 0x6d, 0x69, 0x74, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0xc1, 0xb8, 0x02, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x17, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x52, 0x61, 0x74, 0x65, + 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, 0x6f, 0x48, 0x00, 0x52, 0x0d, 0x72, 0x61, 0x74, + 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, + 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0xe8, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, + 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2f, 0x0a, 0x04, 0x74, 0x69, 0x6d, 0x65, + 0x18, 0xe9, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, + 0x61, 0x6d, 0x70, 0x52, 0x04, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x45, 0x0a, 0x10, 0x61, 0x67, 0x67, + 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0xea, 0x07, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, + 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x52, + 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, + 0x42, 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x2a, 0xd8, 0x01, 0x0a, 0x09, 0x45, 0x76, + 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x55, 0x4e, 0x44, 0x45, 0x46, + 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x45, 0x58, + 0x45, 0x43, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, + 0x45, 0x58, 0x49, 0x54, 0x10, 0x05, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, + 0x53, 0x5f, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, 0x09, 0x12, 0x16, 0x0a, 0x12, 0x50, 0x52, + 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x45, 0x50, 0x4f, 0x49, 0x4e, 0x54, + 0x10, 0x0a, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x4f, + 0x41, 0x44, 0x45, 0x52, 0x10, 0x0b, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, + 0x53, 0x5f, 0x55, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, 0x0c, 0x12, 0x0f, 0x0a, 0x0b, 0x50, 0x52, + 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x53, 0x4d, 0x10, 0x0d, 0x12, 0x14, 0x0a, 0x10, 0x50, + 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x10, + 0x1b, 0x12, 0x0a, 0x0a, 0x04, 0x54, 0x45, 0x53, 0x54, 0x10, 0xc0, 0xb8, 0x02, 0x12, 0x15, 0x0a, + 0x0f, 0x52, 0x41, 0x54, 0x45, 0x5f, 0x4c, 0x49, 0x4d, 0x49, 0x54, 0x5f, 0x49, 0x4e, 0x46, 0x4f, + 0x10, 0xc1, 0xb8, 0x02, 0x2a, 0x2d, 0x0a, 0x11, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x46, 0x69, 0x6c, + 0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0b, 0x0a, 0x07, 0x49, 0x4e, 0x43, + 0x4c, 0x55, 0x44, 0x45, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x45, 0x58, 0x43, 0x4c, 0x55, 0x44, + 0x45, 0x10, 0x01, 0x2a, 0x4b, 0x0a, 0x0c, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x54, + 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, + 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x12, 0x0a, 0x0e, 0x54, 0x48, 0x52, + 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x52, 0x54, 0x10, 0x01, 0x12, 0x11, 0x0a, + 0x0d, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x10, 0x02, + 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -1384,8 +1406,9 @@ var file_tetragon_events_proto_goTypes = []interface{}{ (*ProcessTracepoint)(nil), // 21: tetragon.ProcessTracepoint (*ProcessLoader)(nil), // 22: tetragon.ProcessLoader (*ProcessUprobe)(nil), // 23: tetragon.ProcessUprobe - (*Test)(nil), // 24: tetragon.Test - (*timestamppb.Timestamp)(nil), // 25: google.protobuf.Timestamp + (*ProcessLsm)(nil), // 24: tetragon.ProcessLsm + (*Test)(nil), // 25: tetragon.Test + (*timestamppb.Timestamp)(nil), // 26: google.protobuf.Timestamp } var file_tetragon_events_proto_depIdxs = []int32{ 14, // 0: tetragon.Filter.health_check:type_name -> google.protobuf.BoolValue @@ -1415,16 +1438,17 @@ var file_tetragon_events_proto_depIdxs = []int32{ 21, // 24: tetragon.GetEventsResponse.process_tracepoint:type_name -> tetragon.ProcessTracepoint 22, // 25: tetragon.GetEventsResponse.process_loader:type_name -> tetragon.ProcessLoader 23, // 26: tetragon.GetEventsResponse.process_uprobe:type_name -> tetragon.ProcessUprobe - 12, // 27: tetragon.GetEventsResponse.process_throttle:type_name -> tetragon.ProcessThrottle - 24, // 28: tetragon.GetEventsResponse.test:type_name -> tetragon.Test - 11, // 29: tetragon.GetEventsResponse.rate_limit_info:type_name -> tetragon.RateLimitInfo - 25, // 30: tetragon.GetEventsResponse.time:type_name -> google.protobuf.Timestamp - 10, // 31: tetragon.GetEventsResponse.aggregation_info:type_name -> tetragon.AggregationInfo - 32, // [32:32] is the sub-list for method output_type - 32, // [32:32] is the sub-list for method input_type - 32, // [32:32] is the sub-list for extension type_name - 32, // [32:32] is the sub-list for extension extendee - 0, // [0:32] is the sub-list for field type_name + 24, // 27: tetragon.GetEventsResponse.process_lsm:type_name -> tetragon.ProcessLsm + 12, // 28: tetragon.GetEventsResponse.process_throttle:type_name -> tetragon.ProcessThrottle + 25, // 29: tetragon.GetEventsResponse.test:type_name -> tetragon.Test + 11, // 30: tetragon.GetEventsResponse.rate_limit_info:type_name -> tetragon.RateLimitInfo + 26, // 31: tetragon.GetEventsResponse.time:type_name -> google.protobuf.Timestamp + 10, // 32: tetragon.GetEventsResponse.aggregation_info:type_name -> tetragon.AggregationInfo + 33, // [33:33] is the sub-list for method output_type + 33, // [33:33] is the sub-list for method input_type + 33, // [33:33] is the sub-list for extension type_name + 33, // [33:33] is the sub-list for extension extendee + 0, // [0:33] is the sub-list for field type_name } func init() { file_tetragon_events_proto_init() } @@ -1575,6 +1599,7 @@ func file_tetragon_events_proto_init() { (*GetEventsResponse_ProcessTracepoint)(nil), (*GetEventsResponse_ProcessLoader)(nil), (*GetEventsResponse_ProcessUprobe)(nil), + (*GetEventsResponse_ProcessLsm)(nil), (*GetEventsResponse_ProcessThrottle)(nil), (*GetEventsResponse_Test)(nil), (*GetEventsResponse_RateLimitInfo)(nil), diff --git a/api/v1/tetragon/events.proto b/api/v1/tetragon/events.proto index f2bd554645f..155bd489665 100644 --- a/api/v1/tetragon/events.proto +++ b/api/v1/tetragon/events.proto @@ -25,6 +25,7 @@ enum EventType { PROCESS_TRACEPOINT = 10; PROCESS_LOADER = 11; PROCESS_UPROBE = 12; + PROCESS_LSM = 13; PROCESS_THROTTLE = 27; TEST = 40000; @@ -183,6 +184,7 @@ message GetEventsResponse { ProcessTracepoint process_tracepoint = 10; ProcessLoader process_loader = 11; ProcessUprobe process_uprobe = 12; + ProcessLsm process_lsm = 13; ProcessThrottle process_throttle = 27; Test test = 40000; diff --git a/api/v1/tetragon/tetragon.pb.go b/api/v1/tetragon/tetragon.pb.go index ace6dfcfc1c..8a5d6be212e 100644 --- a/api/v1/tetragon/tetragon.pb.go +++ b/api/v1/tetragon/tetragon.pb.go @@ -3475,6 +3475,115 @@ func (x *ProcessUprobe) GetTags() []string { return nil } +type ProcessLsm struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Process *Process `protobuf:"bytes,1,opt,name=process,proto3" json:"process,omitempty"` + Parent *Process `protobuf:"bytes,2,opt,name=parent,proto3" json:"parent,omitempty"` + // LSM hook name. + FunctionName string `protobuf:"bytes,3,opt,name=function_name,json=functionName,proto3" json:"function_name,omitempty"` + // Name of the policy that created that LSM hook. + PolicyName string `protobuf:"bytes,5,opt,name=policy_name,json=policyName,proto3" json:"policy_name,omitempty"` + // Short message of the Tracing Policy to inform users what is going on. + Message string `protobuf:"bytes,6,opt,name=message,proto3" json:"message,omitempty"` + // Arguments definition of the observed LSM hook. + Args []*KprobeArgument `protobuf:"bytes,7,rep,name=args,proto3" json:"args,omitempty"` + // Action performed when the LSM hook matched. + Action KprobeAction `protobuf:"varint,8,opt,name=action,proto3,enum=tetragon.KprobeAction" json:"action,omitempty"` + // Tags of the Tracing Policy to categorize the event. + Tags []string `protobuf:"bytes,9,rep,name=tags,proto3" json:"tags,omitempty"` +} + +func (x *ProcessLsm) Reset() { + *x = ProcessLsm{} + if protoimpl.UnsafeEnabled { + mi := &file_tetragon_tetragon_proto_msgTypes[32] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ProcessLsm) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ProcessLsm) ProtoMessage() {} + +func (x *ProcessLsm) ProtoReflect() protoreflect.Message { + mi := &file_tetragon_tetragon_proto_msgTypes[32] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ProcessLsm.ProtoReflect.Descriptor instead. +func (*ProcessLsm) Descriptor() ([]byte, []int) { + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{32} +} + +func (x *ProcessLsm) GetProcess() *Process { + if x != nil { + return x.Process + } + return nil +} + +func (x *ProcessLsm) GetParent() *Process { + if x != nil { + return x.Parent + } + return nil +} + +func (x *ProcessLsm) GetFunctionName() string { + if x != nil { + return x.FunctionName + } + return "" +} + +func (x *ProcessLsm) GetPolicyName() string { + if x != nil { + return x.PolicyName + } + return "" +} + +func (x *ProcessLsm) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +func (x *ProcessLsm) GetArgs() []*KprobeArgument { + if x != nil { + return x.Args + } + return nil +} + +func (x *ProcessLsm) GetAction() KprobeAction { + if x != nil { + return x.Action + } + return KprobeAction_KPROBE_ACTION_UNKNOWN +} + +func (x *ProcessLsm) GetTags() []string { + if x != nil { + return x.Tags + } + return nil +} + type KernelModule struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -3492,7 +3601,7 @@ type KernelModule struct { func (x *KernelModule) Reset() { *x = KernelModule{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[32] + mi := &file_tetragon_tetragon_proto_msgTypes[33] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3505,7 +3614,7 @@ func (x *KernelModule) String() string { func (*KernelModule) ProtoMessage() {} func (x *KernelModule) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[32] + mi := &file_tetragon_tetragon_proto_msgTypes[33] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3518,7 +3627,7 @@ func (x *KernelModule) ProtoReflect() protoreflect.Message { // Deprecated: Use KernelModule.ProtoReflect.Descriptor instead. func (*KernelModule) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{32} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{33} } func (x *KernelModule) GetName() string { @@ -3556,7 +3665,7 @@ type Test struct { func (x *Test) Reset() { *x = Test{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[33] + mi := &file_tetragon_tetragon_proto_msgTypes[34] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3569,7 +3678,7 @@ func (x *Test) String() string { func (*Test) ProtoMessage() {} func (x *Test) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[33] + mi := &file_tetragon_tetragon_proto_msgTypes[34] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3582,7 +3691,7 @@ func (x *Test) ProtoReflect() protoreflect.Message { // Deprecated: Use Test.ProtoReflect.Descriptor instead. func (*Test) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{33} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{34} } func (x *Test) GetArg0() uint64 { @@ -3624,7 +3733,7 @@ type GetHealthStatusRequest struct { func (x *GetHealthStatusRequest) Reset() { *x = GetHealthStatusRequest{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[34] + mi := &file_tetragon_tetragon_proto_msgTypes[35] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3637,7 +3746,7 @@ func (x *GetHealthStatusRequest) String() string { func (*GetHealthStatusRequest) ProtoMessage() {} func (x *GetHealthStatusRequest) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[34] + mi := &file_tetragon_tetragon_proto_msgTypes[35] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3650,7 +3759,7 @@ func (x *GetHealthStatusRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use GetHealthStatusRequest.ProtoReflect.Descriptor instead. func (*GetHealthStatusRequest) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{34} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{35} } func (x *GetHealthStatusRequest) GetEventSet() []HealthStatusType { @@ -3673,7 +3782,7 @@ type HealthStatus struct { func (x *HealthStatus) Reset() { *x = HealthStatus{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[35] + mi := &file_tetragon_tetragon_proto_msgTypes[36] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3686,7 +3795,7 @@ func (x *HealthStatus) String() string { func (*HealthStatus) ProtoMessage() {} func (x *HealthStatus) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[35] + mi := &file_tetragon_tetragon_proto_msgTypes[36] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3699,7 +3808,7 @@ func (x *HealthStatus) ProtoReflect() protoreflect.Message { // Deprecated: Use HealthStatus.ProtoReflect.Descriptor instead. func (*HealthStatus) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{35} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{36} } func (x *HealthStatus) GetEvent() HealthStatusType { @@ -3734,7 +3843,7 @@ type GetHealthStatusResponse struct { func (x *GetHealthStatusResponse) Reset() { *x = GetHealthStatusResponse{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[36] + mi := &file_tetragon_tetragon_proto_msgTypes[37] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3747,7 +3856,7 @@ func (x *GetHealthStatusResponse) String() string { func (*GetHealthStatusResponse) ProtoMessage() {} func (x *GetHealthStatusResponse) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[36] + mi := &file_tetragon_tetragon_proto_msgTypes[37] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3760,7 +3869,7 @@ func (x *GetHealthStatusResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use GetHealthStatusResponse.ProtoReflect.Descriptor instead. func (*GetHealthStatusResponse) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{36} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{37} } func (x *GetHealthStatusResponse) GetHealthStatus() []*HealthStatus { @@ -3784,7 +3893,7 @@ type ProcessLoader struct { func (x *ProcessLoader) Reset() { *x = ProcessLoader{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[37] + mi := &file_tetragon_tetragon_proto_msgTypes[38] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3797,7 +3906,7 @@ func (x *ProcessLoader) String() string { func (*ProcessLoader) ProtoMessage() {} func (x *ProcessLoader) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[37] + mi := &file_tetragon_tetragon_proto_msgTypes[38] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3810,7 +3919,7 @@ func (x *ProcessLoader) ProtoReflect() protoreflect.Message { // Deprecated: Use ProcessLoader.ProtoReflect.Descriptor instead. func (*ProcessLoader) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{37} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{38} } func (x *ProcessLoader) GetProcess() *Process { @@ -3849,7 +3958,7 @@ type RuntimeHookRequest struct { func (x *RuntimeHookRequest) Reset() { *x = RuntimeHookRequest{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[38] + mi := &file_tetragon_tetragon_proto_msgTypes[39] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3862,7 +3971,7 @@ func (x *RuntimeHookRequest) String() string { func (*RuntimeHookRequest) ProtoMessage() {} func (x *RuntimeHookRequest) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[38] + mi := &file_tetragon_tetragon_proto_msgTypes[39] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3875,7 +3984,7 @@ func (x *RuntimeHookRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use RuntimeHookRequest.ProtoReflect.Descriptor instead. func (*RuntimeHookRequest) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{38} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{39} } func (m *RuntimeHookRequest) GetEvent() isRuntimeHookRequest_Event { @@ -3911,7 +4020,7 @@ type RuntimeHookResponse struct { func (x *RuntimeHookResponse) Reset() { *x = RuntimeHookResponse{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[39] + mi := &file_tetragon_tetragon_proto_msgTypes[40] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3924,7 +4033,7 @@ func (x *RuntimeHookResponse) String() string { func (*RuntimeHookResponse) ProtoMessage() {} func (x *RuntimeHookResponse) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[39] + mi := &file_tetragon_tetragon_proto_msgTypes[40] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3937,7 +4046,7 @@ func (x *RuntimeHookResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RuntimeHookResponse.ProtoReflect.Descriptor instead. func (*RuntimeHookResponse) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{39} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{40} } // CreateContainer informs the agent that a container was created @@ -3965,7 +4074,7 @@ type CreateContainer struct { func (x *CreateContainer) Reset() { *x = CreateContainer{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[40] + mi := &file_tetragon_tetragon_proto_msgTypes[41] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3978,7 +4087,7 @@ func (x *CreateContainer) String() string { func (*CreateContainer) ProtoMessage() {} func (x *CreateContainer) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[40] + mi := &file_tetragon_tetragon_proto_msgTypes[41] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3991,7 +4100,7 @@ func (x *CreateContainer) ProtoReflect() protoreflect.Message { // Deprecated: Use CreateContainer.ProtoReflect.Descriptor instead. func (*CreateContainer) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{40} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{41} } func (x *CreateContainer) GetCgroupsPath() string { @@ -4040,7 +4149,7 @@ type StackTraceEntry struct { func (x *StackTraceEntry) Reset() { *x = StackTraceEntry{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[41] + mi := &file_tetragon_tetragon_proto_msgTypes[42] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -4053,7 +4162,7 @@ func (x *StackTraceEntry) String() string { func (*StackTraceEntry) ProtoMessage() {} func (x *StackTraceEntry) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[41] + mi := &file_tetragon_tetragon_proto_msgTypes[42] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -4066,7 +4175,7 @@ func (x *StackTraceEntry) ProtoReflect() protoreflect.Message { // Deprecated: Use StackTraceEntry.ProtoReflect.Descriptor instead. func (*StackTraceEntry) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{41} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{42} } func (x *StackTraceEntry) GetAddress() uint64 { @@ -4619,136 +4728,156 @@ var file_tetragon_tetragon_proto_rawDesc = []byte{ 0x61, 0x72, 0x67, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x4b, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x72, 0x67, 0x75, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x04, 0x61, 0x72, 0x67, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x61, - 0x67, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x22, 0x96, - 0x01, 0x0a, 0x0c, 0x4b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x12, - 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, - 0x61, 0x6d, 0x65, 0x12, 0x3d, 0x0a, 0x0c, 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, - 0x5f, 0x6f, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, - 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, - 0x4f, 0x6b, 0x12, 0x33, 0x0a, 0x07, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, - 0x03, 0x28, 0x0e, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, - 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x42, 0x69, 0x74, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x07, - 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x22, 0x56, 0x0a, 0x04, 0x54, 0x65, 0x73, 0x74, 0x12, - 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x30, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, - 0x72, 0x67, 0x30, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x31, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x31, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x32, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x32, 0x12, 0x12, 0x0a, 0x04, 0x61, - 0x72, 0x67, 0x33, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x33, 0x22, - 0x51, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, - 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x65, 0x76, 0x65, - 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, - 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x08, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x53, - 0x65, 0x74, 0x22, 0x90, 0x01, 0x0a, 0x0c, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x12, 0x30, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, - 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x05, - 0x65, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x34, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, - 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, - 0x75, 0x6c, 0x74, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x64, - 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x64, 0x65, - 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, 0x56, 0x0a, 0x17, 0x47, 0x65, 0x74, 0x48, 0x65, 0x61, 0x6c, - 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x12, 0x3b, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, - 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, - 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, - 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x6a, 0x0a, - 0x0d, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x12, 0x2b, - 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, - 0x11, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, - 0x73, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, - 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, - 0x18, 0x0a, 0x07, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, - 0x52, 0x07, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x69, 0x64, 0x22, 0x64, 0x0a, 0x12, 0x52, 0x75, 0x6e, - 0x74, 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, - 0x45, 0x0a, 0x0f, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, - 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, - 0x67, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, - 0x6e, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0f, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x42, 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x22, - 0x15, 0x0a, 0x13, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, 0x6b, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x81, 0x02, 0x0a, 0x0f, 0x43, 0x72, 0x65, 0x61, 0x74, - 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x67, - 0x72, 0x6f, 0x75, 0x70, 0x73, 0x50, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0b, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x50, 0x61, 0x74, 0x68, 0x12, 0x18, 0x0a, 0x07, - 0x72, 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, - 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, 0x12, 0x4c, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x74, 0x65, - 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x2e, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, - 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0x3e, 0x0a, 0x10, 0x41, 0x6e, - 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, - 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, - 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x73, 0x0a, 0x0f, 0x53, 0x74, - 0x61, 0x63, 0x6b, 0x54, 0x72, 0x61, 0x63, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x18, 0x0a, - 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x07, - 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, - 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, - 0x16, 0x0a, 0x06, 0x73, 0x79, 0x6d, 0x62, 0x6f, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x06, 0x73, 0x79, 0x6d, 0x62, 0x6f, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, - 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x2a, - 0x95, 0x03, 0x0a, 0x0c, 0x4b, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, - 0x12, 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, - 0x4e, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x16, 0x0a, 0x12, 0x4b, - 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x50, 0x4f, 0x53, - 0x54, 0x10, 0x01, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, - 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x46, 0x4f, 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, 0x02, 0x12, - 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, - 0x5f, 0x53, 0x49, 0x47, 0x4b, 0x49, 0x4c, 0x4c, 0x10, 0x03, 0x12, 0x1c, 0x0a, 0x18, 0x4b, 0x50, - 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x46, 0x4f, - 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, 0x04, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x50, 0x52, 0x4f, - 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4f, 0x56, 0x45, 0x52, 0x52, 0x49, - 0x44, 0x45, 0x10, 0x05, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, - 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x43, 0x4f, 0x50, 0x59, 0x46, 0x44, 0x10, 0x06, 0x12, 0x18, + 0x67, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x22, 0xb6, + 0x02, 0x0a, 0x0a, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x73, 0x6d, 0x12, 0x2b, 0x0a, + 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, + 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, + 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x12, 0x29, 0x0a, 0x06, 0x70, 0x61, + 0x72, 0x65, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x74, 0x65, 0x74, + 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x52, 0x06, 0x70, + 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x66, 0x75, 0x6e, 0x63, 0x74, 0x69, 0x6f, + 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x66, 0x75, + 0x6e, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x70, 0x6f, + 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0a, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, + 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x2c, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x73, 0x18, 0x07, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x4b, + 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x72, 0x67, 0x75, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x04, 0x61, + 0x72, 0x67, 0x73, 0x12, 0x2e, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x08, 0x20, + 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x4b, + 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x06, 0x61, 0x63, 0x74, + 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x61, 0x67, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, + 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x22, 0x96, 0x01, 0x0a, 0x0c, 0x4b, 0x65, 0x72, 0x6e, + 0x65, 0x6c, 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3d, 0x0a, 0x0c, + 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x5f, 0x6f, 0x6b, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, + 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x4f, 0x6b, 0x12, 0x33, 0x0a, 0x07, 0x74, + 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x19, 0x2e, 0x74, + 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x42, + 0x69, 0x74, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x07, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, + 0x22, 0x56, 0x0a, 0x04, 0x54, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x30, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x30, 0x12, 0x12, 0x0a, 0x04, + 0x61, 0x72, 0x67, 0x31, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x31, + 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x32, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, + 0x61, 0x72, 0x67, 0x32, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x33, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x33, 0x22, 0x51, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x48, + 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x18, + 0x01, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, + 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, + 0x65, 0x52, 0x08, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x74, 0x22, 0x90, 0x01, 0x0a, 0x0c, + 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x30, 0x0a, 0x05, + 0x65, 0x76, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, 0x65, + 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, + 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x34, + 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, + 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x06, 0x73, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, 0x56, + 0x0a, 0x17, 0x47, 0x65, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3b, 0x0a, 0x0d, 0x68, 0x65, 0x61, + 0x6c, 0x74, 0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, + 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x6a, 0x0a, 0x0d, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, + 0x73, 0x4c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x12, 0x2b, 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, + 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, + 0x63, 0x65, 0x73, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x18, 0x0a, 0x07, 0x62, 0x75, 0x69, 0x6c, + 0x64, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x62, 0x75, 0x69, 0x6c, 0x64, + 0x69, 0x64, 0x22, 0x64, 0x0a, 0x12, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, + 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x45, 0x0a, 0x0f, 0x63, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0f, + 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x42, + 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x22, 0x15, 0x0a, 0x13, 0x52, 0x75, 0x6e, 0x74, + 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x81, 0x02, 0x0a, 0x0f, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, + 0x6e, 0x65, 0x72, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x50, 0x61, + 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, + 0x73, 0x50, 0x61, 0x74, 0x68, 0x12, 0x18, 0x0a, 0x07, 0x72, 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, 0x12, + 0x4c, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, + 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, + 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x2e, + 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, + 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, + 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x4e, + 0x61, 0x6d, 0x65, 0x1a, 0x3e, 0x0a, 0x10, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, + 0x02, 0x38, 0x01, 0x22, 0x73, 0x0a, 0x0f, 0x53, 0x74, 0x61, 0x63, 0x6b, 0x54, 0x72, 0x61, 0x63, + 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, + 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, + 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, + 0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x79, 0x6d, 0x62, + 0x6f, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x79, 0x6d, 0x62, 0x6f, 0x6c, + 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x2a, 0x95, 0x03, 0x0a, 0x0c, 0x4b, 0x70, 0x72, + 0x6f, 0x62, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, + 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, + 0x57, 0x4e, 0x10, 0x00, 0x12, 0x16, 0x0a, 0x12, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, + 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x50, 0x4f, 0x53, 0x54, 0x10, 0x01, 0x12, 0x1a, 0x0a, 0x16, + 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x46, 0x4f, + 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, 0x02, 0x12, 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, 0x4f, + 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x49, 0x47, 0x4b, 0x49, 0x4c, + 0x4c, 0x10, 0x03, 0x12, 0x1c, 0x0a, 0x18, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, + 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x46, 0x4f, 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, + 0x04, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, + 0x4f, 0x4e, 0x5f, 0x4f, 0x56, 0x45, 0x52, 0x52, 0x49, 0x44, 0x45, 0x10, 0x05, 0x12, 0x18, 0x0a, + 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x43, + 0x4f, 0x50, 0x59, 0x46, 0x44, 0x10, 0x06, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, + 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x47, 0x45, 0x54, 0x55, 0x52, 0x4c, 0x10, + 0x07, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, + 0x4f, 0x4e, 0x5f, 0x44, 0x4e, 0x53, 0x4c, 0x4f, 0x4f, 0x4b, 0x55, 0x50, 0x10, 0x08, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, - 0x47, 0x45, 0x54, 0x55, 0x52, 0x4c, 0x10, 0x07, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, 0x4f, - 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x44, 0x4e, 0x53, 0x4c, 0x4f, 0x4f, - 0x4b, 0x55, 0x50, 0x10, 0x08, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, - 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4e, 0x4f, 0x50, 0x4f, 0x53, 0x54, 0x10, 0x09, 0x12, - 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, - 0x5f, 0x53, 0x49, 0x47, 0x4e, 0x41, 0x4c, 0x10, 0x0a, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, - 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x4b, - 0x53, 0x4f, 0x43, 0x4b, 0x10, 0x0b, 0x12, 0x1d, 0x0a, 0x19, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, - 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x54, 0x52, 0x41, 0x43, 0x4b, 0x53, - 0x4f, 0x43, 0x4b, 0x10, 0x0c, 0x12, 0x20, 0x0a, 0x1c, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, - 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4e, 0x4f, 0x54, 0x49, 0x46, 0x59, 0x45, 0x4e, 0x46, - 0x4f, 0x52, 0x43, 0x45, 0x52, 0x10, 0x0d, 0x2a, 0x4f, 0x0a, 0x10, 0x48, 0x65, 0x61, 0x6c, 0x74, - 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1c, 0x0a, 0x18, 0x48, - 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, - 0x45, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, 0x12, 0x1d, 0x0a, 0x19, 0x48, 0x45, 0x41, - 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, - 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x10, 0x01, 0x2a, 0x7c, 0x0a, 0x12, 0x48, 0x65, 0x61, 0x6c, - 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x17, - 0x0a, 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, - 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, 0x12, 0x19, 0x0a, 0x15, 0x48, 0x45, 0x41, 0x4c, 0x54, - 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x52, 0x55, 0x4e, 0x4e, 0x49, 0x4e, 0x47, - 0x10, 0x01, 0x12, 0x19, 0x0a, 0x15, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, - 0x54, 0x55, 0x53, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x50, 0x45, 0x44, 0x10, 0x02, 0x12, 0x17, 0x0a, - 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x45, - 0x52, 0x52, 0x4f, 0x52, 0x10, 0x03, 0x2a, 0x8d, 0x02, 0x0a, 0x0f, 0x54, 0x61, 0x69, 0x6e, 0x74, - 0x65, 0x64, 0x42, 0x69, 0x74, 0x73, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x41, - 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x53, 0x45, 0x54, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, 0x54, - 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x50, 0x52, 0x4f, 0x50, 0x52, 0x49, 0x45, 0x54, 0x41, 0x52, 0x59, - 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x01, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x49, - 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, - 0x10, 0x02, 0x12, 0x1e, 0x0a, 0x1a, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, - 0x45, 0x44, 0x5f, 0x55, 0x4e, 0x4c, 0x4f, 0x41, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, - 0x10, 0x04, 0x12, 0x18, 0x0a, 0x13, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x53, 0x54, 0x41, 0x47, - 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x08, 0x12, 0x1d, 0x0a, 0x18, - 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x4f, 0x55, 0x54, 0x5f, 0x4f, 0x46, 0x5f, 0x54, 0x52, 0x45, - 0x45, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x20, 0x12, 0x1a, 0x0a, 0x15, 0x54, - 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x53, 0x49, 0x47, 0x4e, 0x45, 0x44, 0x5f, 0x4d, 0x4f, - 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x40, 0x12, 0x24, 0x0a, 0x1e, 0x54, 0x41, 0x49, 0x4e, 0x54, - 0x5f, 0x4b, 0x45, 0x52, 0x4e, 0x45, 0x4c, 0x5f, 0x4c, 0x49, 0x56, 0x45, 0x5f, 0x50, 0x41, 0x54, - 0x43, 0x48, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x80, 0x02, 0x12, 0x17, 0x0a, - 0x11, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x54, 0x45, 0x53, 0x54, 0x5f, 0x4d, 0x4f, 0x44, 0x55, - 0x4c, 0x45, 0x10, 0x80, 0x80, 0x10, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x4e, 0x4f, 0x50, 0x4f, 0x53, 0x54, 0x10, 0x09, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, + 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x49, 0x47, 0x4e, 0x41, 0x4c, + 0x10, 0x0a, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, + 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x4b, 0x53, 0x4f, 0x43, 0x4b, 0x10, 0x0b, 0x12, + 0x1d, 0x0a, 0x19, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, + 0x5f, 0x55, 0x4e, 0x54, 0x52, 0x41, 0x43, 0x4b, 0x53, 0x4f, 0x43, 0x4b, 0x10, 0x0c, 0x12, 0x20, + 0x0a, 0x1c, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, + 0x4e, 0x4f, 0x54, 0x49, 0x46, 0x59, 0x45, 0x4e, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x52, 0x10, 0x0d, + 0x2a, 0x4f, 0x0a, 0x10, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, + 0x54, 0x79, 0x70, 0x65, 0x12, 0x1c, 0x0a, 0x18, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, + 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, + 0x10, 0x00, 0x12, 0x1d, 0x0a, 0x19, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, + 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x10, + 0x01, 0x2a, 0x7c, 0x0a, 0x12, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x17, 0x0a, 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, + 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, + 0x12, 0x19, 0x0a, 0x15, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, + 0x53, 0x5f, 0x52, 0x55, 0x4e, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x19, 0x0a, 0x15, 0x48, + 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x53, 0x54, 0x4f, + 0x50, 0x50, 0x45, 0x44, 0x10, 0x02, 0x12, 0x17, 0x0a, 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, + 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x10, 0x03, 0x2a, + 0x8d, 0x02, 0x0a, 0x0f, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x42, 0x69, 0x74, 0x73, 0x54, + 0x79, 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x53, + 0x45, 0x54, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x50, 0x52, + 0x4f, 0x50, 0x52, 0x49, 0x45, 0x54, 0x41, 0x52, 0x59, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, + 0x10, 0x01, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, + 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x02, 0x12, 0x1e, 0x0a, 0x1a, 0x54, + 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x44, 0x5f, 0x55, 0x4e, 0x4c, 0x4f, + 0x41, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x04, 0x12, 0x18, 0x0a, 0x13, 0x54, + 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x53, 0x54, 0x41, 0x47, 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, + 0x4c, 0x45, 0x10, 0x80, 0x08, 0x12, 0x1d, 0x0a, 0x18, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x4f, + 0x55, 0x54, 0x5f, 0x4f, 0x46, 0x5f, 0x54, 0x52, 0x45, 0x45, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, + 0x45, 0x10, 0x80, 0x20, 0x12, 0x1a, 0x0a, 0x15, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, + 0x53, 0x49, 0x47, 0x4e, 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x40, + 0x12, 0x24, 0x0a, 0x1e, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x4b, 0x45, 0x52, 0x4e, 0x45, 0x4c, + 0x5f, 0x4c, 0x49, 0x56, 0x45, 0x5f, 0x50, 0x41, 0x54, 0x43, 0x48, 0x5f, 0x4d, 0x4f, 0x44, 0x55, + 0x4c, 0x45, 0x10, 0x80, 0x80, 0x02, 0x12, 0x17, 0x0a, 0x11, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, + 0x54, 0x45, 0x53, 0x54, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x80, 0x10, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -4764,7 +4893,7 @@ func file_tetragon_tetragon_proto_rawDescGZIP() []byte { } var file_tetragon_tetragon_proto_enumTypes = make([]protoimpl.EnumInfo, 4) -var file_tetragon_tetragon_proto_msgTypes = make([]protoimpl.MessageInfo, 44) +var file_tetragon_tetragon_proto_msgTypes = make([]protoimpl.MessageInfo, 45) var file_tetragon_tetragon_proto_goTypes = []interface{}{ (KprobeAction)(0), // 0: tetragon.KprobeAction (HealthStatusType)(0), // 1: tetragon.HealthStatusType @@ -4802,35 +4931,36 @@ var file_tetragon_tetragon_proto_goTypes = []interface{}{ (*ProcessKprobe)(nil), // 33: tetragon.ProcessKprobe (*ProcessTracepoint)(nil), // 34: tetragon.ProcessTracepoint (*ProcessUprobe)(nil), // 35: tetragon.ProcessUprobe - (*KernelModule)(nil), // 36: tetragon.KernelModule - (*Test)(nil), // 37: tetragon.Test - (*GetHealthStatusRequest)(nil), // 38: tetragon.GetHealthStatusRequest - (*HealthStatus)(nil), // 39: tetragon.HealthStatus - (*GetHealthStatusResponse)(nil), // 40: tetragon.GetHealthStatusResponse - (*ProcessLoader)(nil), // 41: tetragon.ProcessLoader - (*RuntimeHookRequest)(nil), // 42: tetragon.RuntimeHookRequest - (*RuntimeHookResponse)(nil), // 43: tetragon.RuntimeHookResponse - (*CreateContainer)(nil), // 44: tetragon.CreateContainer - (*StackTraceEntry)(nil), // 45: tetragon.StackTraceEntry - nil, // 46: tetragon.Pod.PodLabelsEntry - nil, // 47: tetragon.CreateContainer.AnnotationsEntry - (*timestamppb.Timestamp)(nil), // 48: google.protobuf.Timestamp - (*wrapperspb.UInt32Value)(nil), // 49: google.protobuf.UInt32Value - (CapabilitiesType)(0), // 50: tetragon.CapabilitiesType - (*wrapperspb.Int32Value)(nil), // 51: google.protobuf.Int32Value - (SecureBitsType)(0), // 52: tetragon.SecureBitsType - (ProcessPrivilegesChanged)(0), // 53: tetragon.ProcessPrivilegesChanged - (*wrapperspb.BoolValue)(nil), // 54: google.protobuf.BoolValue + (*ProcessLsm)(nil), // 36: tetragon.ProcessLsm + (*KernelModule)(nil), // 37: tetragon.KernelModule + (*Test)(nil), // 38: tetragon.Test + (*GetHealthStatusRequest)(nil), // 39: tetragon.GetHealthStatusRequest + (*HealthStatus)(nil), // 40: tetragon.HealthStatus + (*GetHealthStatusResponse)(nil), // 41: tetragon.GetHealthStatusResponse + (*ProcessLoader)(nil), // 42: tetragon.ProcessLoader + (*RuntimeHookRequest)(nil), // 43: tetragon.RuntimeHookRequest + (*RuntimeHookResponse)(nil), // 44: tetragon.RuntimeHookResponse + (*CreateContainer)(nil), // 45: tetragon.CreateContainer + (*StackTraceEntry)(nil), // 46: tetragon.StackTraceEntry + nil, // 47: tetragon.Pod.PodLabelsEntry + nil, // 48: tetragon.CreateContainer.AnnotationsEntry + (*timestamppb.Timestamp)(nil), // 49: google.protobuf.Timestamp + (*wrapperspb.UInt32Value)(nil), // 50: google.protobuf.UInt32Value + (CapabilitiesType)(0), // 51: tetragon.CapabilitiesType + (*wrapperspb.Int32Value)(nil), // 52: google.protobuf.Int32Value + (SecureBitsType)(0), // 53: tetragon.SecureBitsType + (ProcessPrivilegesChanged)(0), // 54: tetragon.ProcessPrivilegesChanged + (*wrapperspb.BoolValue)(nil), // 55: google.protobuf.BoolValue } var file_tetragon_tetragon_proto_depIdxs = []int32{ 4, // 0: tetragon.Container.image:type_name -> tetragon.Image - 48, // 1: tetragon.Container.start_time:type_name -> google.protobuf.Timestamp - 49, // 2: tetragon.Container.pid:type_name -> google.protobuf.UInt32Value + 49, // 1: tetragon.Container.start_time:type_name -> google.protobuf.Timestamp + 50, // 2: tetragon.Container.pid:type_name -> google.protobuf.UInt32Value 5, // 3: tetragon.Pod.container:type_name -> tetragon.Container - 46, // 4: tetragon.Pod.pod_labels:type_name -> tetragon.Pod.PodLabelsEntry - 50, // 5: tetragon.Capabilities.permitted:type_name -> tetragon.CapabilitiesType - 50, // 6: tetragon.Capabilities.effective:type_name -> tetragon.CapabilitiesType - 50, // 7: tetragon.Capabilities.inheritable:type_name -> tetragon.CapabilitiesType + 47, // 4: tetragon.Pod.pod_labels:type_name -> tetragon.Pod.PodLabelsEntry + 51, // 5: tetragon.Capabilities.permitted:type_name -> tetragon.CapabilitiesType + 51, // 6: tetragon.Capabilities.effective:type_name -> tetragon.CapabilitiesType + 51, // 7: tetragon.Capabilities.inheritable:type_name -> tetragon.CapabilitiesType 8, // 8: tetragon.Namespaces.uts:type_name -> tetragon.Namespace 8, // 9: tetragon.Namespaces.ipc:type_name -> tetragon.Namespace 8, // 10: tetragon.Namespaces.mnt:type_name -> tetragon.Namespace @@ -4841,35 +4971,35 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 8, // 15: tetragon.Namespaces.time_for_children:type_name -> tetragon.Namespace 8, // 16: tetragon.Namespaces.cgroup:type_name -> tetragon.Namespace 8, // 17: tetragon.Namespaces.user:type_name -> tetragon.Namespace - 51, // 18: tetragon.UserNamespace.level:type_name -> google.protobuf.Int32Value - 49, // 19: tetragon.UserNamespace.uid:type_name -> google.protobuf.UInt32Value - 49, // 20: tetragon.UserNamespace.gid:type_name -> google.protobuf.UInt32Value + 52, // 18: tetragon.UserNamespace.level:type_name -> google.protobuf.Int32Value + 50, // 19: tetragon.UserNamespace.uid:type_name -> google.protobuf.UInt32Value + 50, // 20: tetragon.UserNamespace.gid:type_name -> google.protobuf.UInt32Value 8, // 21: tetragon.UserNamespace.ns:type_name -> tetragon.Namespace - 49, // 22: tetragon.ProcessCredentials.uid:type_name -> google.protobuf.UInt32Value - 49, // 23: tetragon.ProcessCredentials.gid:type_name -> google.protobuf.UInt32Value - 49, // 24: tetragon.ProcessCredentials.euid:type_name -> google.protobuf.UInt32Value - 49, // 25: tetragon.ProcessCredentials.egid:type_name -> google.protobuf.UInt32Value - 49, // 26: tetragon.ProcessCredentials.suid:type_name -> google.protobuf.UInt32Value - 49, // 27: tetragon.ProcessCredentials.sgid:type_name -> google.protobuf.UInt32Value - 49, // 28: tetragon.ProcessCredentials.fsuid:type_name -> google.protobuf.UInt32Value - 49, // 29: tetragon.ProcessCredentials.fsgid:type_name -> google.protobuf.UInt32Value - 52, // 30: tetragon.ProcessCredentials.securebits:type_name -> tetragon.SecureBitsType + 50, // 22: tetragon.ProcessCredentials.uid:type_name -> google.protobuf.UInt32Value + 50, // 23: tetragon.ProcessCredentials.gid:type_name -> google.protobuf.UInt32Value + 50, // 24: tetragon.ProcessCredentials.euid:type_name -> google.protobuf.UInt32Value + 50, // 25: tetragon.ProcessCredentials.egid:type_name -> google.protobuf.UInt32Value + 50, // 26: tetragon.ProcessCredentials.suid:type_name -> google.protobuf.UInt32Value + 50, // 27: tetragon.ProcessCredentials.sgid:type_name -> google.protobuf.UInt32Value + 50, // 28: tetragon.ProcessCredentials.fsuid:type_name -> google.protobuf.UInt32Value + 50, // 29: tetragon.ProcessCredentials.fsgid:type_name -> google.protobuf.UInt32Value + 53, // 30: tetragon.ProcessCredentials.securebits:type_name -> tetragon.SecureBitsType 7, // 31: tetragon.ProcessCredentials.caps:type_name -> tetragon.Capabilities 10, // 32: tetragon.ProcessCredentials.user_ns:type_name -> tetragon.UserNamespace - 49, // 33: tetragon.InodeProperties.links:type_name -> google.protobuf.UInt32Value + 50, // 33: tetragon.InodeProperties.links:type_name -> google.protobuf.UInt32Value 12, // 34: tetragon.FileProperties.inode:type_name -> tetragon.InodeProperties - 49, // 35: tetragon.BinaryProperties.setuid:type_name -> google.protobuf.UInt32Value - 49, // 36: tetragon.BinaryProperties.setgid:type_name -> google.protobuf.UInt32Value - 53, // 37: tetragon.BinaryProperties.privileges_changed:type_name -> tetragon.ProcessPrivilegesChanged + 50, // 35: tetragon.BinaryProperties.setuid:type_name -> google.protobuf.UInt32Value + 50, // 36: tetragon.BinaryProperties.setgid:type_name -> google.protobuf.UInt32Value + 54, // 37: tetragon.BinaryProperties.privileges_changed:type_name -> tetragon.ProcessPrivilegesChanged 13, // 38: tetragon.BinaryProperties.file:type_name -> tetragon.FileProperties - 49, // 39: tetragon.Process.pid:type_name -> google.protobuf.UInt32Value - 49, // 40: tetragon.Process.uid:type_name -> google.protobuf.UInt32Value - 48, // 41: tetragon.Process.start_time:type_name -> google.protobuf.Timestamp - 49, // 42: tetragon.Process.auid:type_name -> google.protobuf.UInt32Value + 50, // 39: tetragon.Process.pid:type_name -> google.protobuf.UInt32Value + 50, // 40: tetragon.Process.uid:type_name -> google.protobuf.UInt32Value + 49, // 41: tetragon.Process.start_time:type_name -> google.protobuf.Timestamp + 50, // 42: tetragon.Process.auid:type_name -> google.protobuf.UInt32Value 6, // 43: tetragon.Process.pod:type_name -> tetragon.Pod 7, // 44: tetragon.Process.cap:type_name -> tetragon.Capabilities 9, // 45: tetragon.Process.ns:type_name -> tetragon.Namespaces - 49, // 46: tetragon.Process.tid:type_name -> google.protobuf.UInt32Value + 50, // 46: tetragon.Process.tid:type_name -> google.protobuf.UInt32Value 11, // 47: tetragon.Process.process_credentials:type_name -> tetragon.ProcessCredentials 14, // 48: tetragon.Process.binary_properties:type_name -> tetragon.BinaryProperties 15, // 49: tetragon.Process.user:type_name -> tetragon.UserRecord @@ -4878,14 +5008,14 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 16, // 52: tetragon.ProcessExec.ancestors:type_name -> tetragon.Process 16, // 53: tetragon.ProcessExit.process:type_name -> tetragon.Process 16, // 54: tetragon.ProcessExit.parent:type_name -> tetragon.Process - 48, // 55: tetragon.ProcessExit.time:type_name -> google.protobuf.Timestamp - 50, // 56: tetragon.KprobeCred.permitted:type_name -> tetragon.CapabilitiesType - 50, // 57: tetragon.KprobeCred.effective:type_name -> tetragon.CapabilitiesType - 50, // 58: tetragon.KprobeCred.inheritable:type_name -> tetragon.CapabilitiesType - 51, // 59: tetragon.KprobeCapability.value:type_name -> google.protobuf.Int32Value - 51, // 60: tetragon.KprobeUserNamespace.level:type_name -> google.protobuf.Int32Value - 49, // 61: tetragon.KprobeUserNamespace.owner:type_name -> google.protobuf.UInt32Value - 49, // 62: tetragon.KprobeUserNamespace.group:type_name -> google.protobuf.UInt32Value + 49, // 55: tetragon.ProcessExit.time:type_name -> google.protobuf.Timestamp + 51, // 56: tetragon.KprobeCred.permitted:type_name -> tetragon.CapabilitiesType + 51, // 57: tetragon.KprobeCred.effective:type_name -> tetragon.CapabilitiesType + 51, // 58: tetragon.KprobeCred.inheritable:type_name -> tetragon.CapabilitiesType + 52, // 59: tetragon.KprobeCapability.value:type_name -> google.protobuf.Int32Value + 52, // 60: tetragon.KprobeUserNamespace.level:type_name -> google.protobuf.Int32Value + 50, // 61: tetragon.KprobeUserNamespace.owner:type_name -> google.protobuf.UInt32Value + 50, // 62: tetragon.KprobeUserNamespace.group:type_name -> google.protobuf.UInt32Value 8, // 63: tetragon.KprobeUserNamespace.ns:type_name -> tetragon.Namespace 20, // 64: tetragon.KprobeArgument.skb_arg:type_name -> tetragon.KprobeSkb 22, // 65: tetragon.KprobeArgument.path_arg:type_name -> tetragon.KprobePath @@ -4900,7 +5030,7 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 27, // 74: tetragon.KprobeArgument.capability_arg:type_name -> tetragon.KprobeCapability 11, // 75: tetragon.KprobeArgument.process_credentials_arg:type_name -> tetragon.ProcessCredentials 10, // 76: tetragon.KprobeArgument.user_ns_arg:type_name -> tetragon.UserNamespace - 36, // 77: tetragon.KprobeArgument.module_arg:type_name -> tetragon.KernelModule + 37, // 77: tetragon.KprobeArgument.module_arg:type_name -> tetragon.KernelModule 26, // 78: tetragon.KprobeArgument.linux_binprm_arg:type_name -> tetragon.KprobeLinuxBinprm 21, // 79: tetragon.KprobeArgument.net_dev_arg:type_name -> tetragon.KprobeNetDev 16, // 80: tetragon.ProcessKprobe.process:type_name -> tetragon.Process @@ -4908,9 +5038,9 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 32, // 82: tetragon.ProcessKprobe.args:type_name -> tetragon.KprobeArgument 32, // 83: tetragon.ProcessKprobe.return:type_name -> tetragon.KprobeArgument 0, // 84: tetragon.ProcessKprobe.action:type_name -> tetragon.KprobeAction - 45, // 85: tetragon.ProcessKprobe.kernel_stack_trace:type_name -> tetragon.StackTraceEntry + 46, // 85: tetragon.ProcessKprobe.kernel_stack_trace:type_name -> tetragon.StackTraceEntry 0, // 86: tetragon.ProcessKprobe.return_action:type_name -> tetragon.KprobeAction - 45, // 87: tetragon.ProcessKprobe.user_stack_trace:type_name -> tetragon.StackTraceEntry + 46, // 87: tetragon.ProcessKprobe.user_stack_trace:type_name -> tetragon.StackTraceEntry 16, // 88: tetragon.ProcessTracepoint.process:type_name -> tetragon.Process 16, // 89: tetragon.ProcessTracepoint.parent:type_name -> tetragon.Process 32, // 90: tetragon.ProcessTracepoint.args:type_name -> tetragon.KprobeArgument @@ -4918,20 +5048,24 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 16, // 92: tetragon.ProcessUprobe.process:type_name -> tetragon.Process 16, // 93: tetragon.ProcessUprobe.parent:type_name -> tetragon.Process 32, // 94: tetragon.ProcessUprobe.args:type_name -> tetragon.KprobeArgument - 54, // 95: tetragon.KernelModule.signature_ok:type_name -> google.protobuf.BoolValue - 3, // 96: tetragon.KernelModule.tainted:type_name -> tetragon.TaintedBitsType - 1, // 97: tetragon.GetHealthStatusRequest.event_set:type_name -> tetragon.HealthStatusType - 1, // 98: tetragon.HealthStatus.event:type_name -> tetragon.HealthStatusType - 2, // 99: tetragon.HealthStatus.status:type_name -> tetragon.HealthStatusResult - 39, // 100: tetragon.GetHealthStatusResponse.health_status:type_name -> tetragon.HealthStatus - 16, // 101: tetragon.ProcessLoader.process:type_name -> tetragon.Process - 44, // 102: tetragon.RuntimeHookRequest.createContainer:type_name -> tetragon.CreateContainer - 47, // 103: tetragon.CreateContainer.annotations:type_name -> tetragon.CreateContainer.AnnotationsEntry - 104, // [104:104] is the sub-list for method output_type - 104, // [104:104] is the sub-list for method input_type - 104, // [104:104] is the sub-list for extension type_name - 104, // [104:104] is the sub-list for extension extendee - 0, // [0:104] is the sub-list for field type_name + 16, // 95: tetragon.ProcessLsm.process:type_name -> tetragon.Process + 16, // 96: tetragon.ProcessLsm.parent:type_name -> tetragon.Process + 32, // 97: tetragon.ProcessLsm.args:type_name -> tetragon.KprobeArgument + 0, // 98: tetragon.ProcessLsm.action:type_name -> tetragon.KprobeAction + 55, // 99: tetragon.KernelModule.signature_ok:type_name -> google.protobuf.BoolValue + 3, // 100: tetragon.KernelModule.tainted:type_name -> tetragon.TaintedBitsType + 1, // 101: tetragon.GetHealthStatusRequest.event_set:type_name -> tetragon.HealthStatusType + 1, // 102: tetragon.HealthStatus.event:type_name -> tetragon.HealthStatusType + 2, // 103: tetragon.HealthStatus.status:type_name -> tetragon.HealthStatusResult + 40, // 104: tetragon.GetHealthStatusResponse.health_status:type_name -> tetragon.HealthStatus + 16, // 105: tetragon.ProcessLoader.process:type_name -> tetragon.Process + 45, // 106: tetragon.RuntimeHookRequest.createContainer:type_name -> tetragon.CreateContainer + 48, // 107: tetragon.CreateContainer.annotations:type_name -> tetragon.CreateContainer.AnnotationsEntry + 108, // [108:108] is the sub-list for method output_type + 108, // [108:108] is the sub-list for method input_type + 108, // [108:108] is the sub-list for extension type_name + 108, // [108:108] is the sub-list for extension extendee + 0, // [0:108] is the sub-list for field type_name } func init() { file_tetragon_tetragon_proto_init() } @@ -5326,7 +5460,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[32].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*KernelModule); i { + switch v := v.(*ProcessLsm); i { case 0: return &v.state case 1: @@ -5338,7 +5472,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[33].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Test); i { + switch v := v.(*KernelModule); i { case 0: return &v.state case 1: @@ -5350,7 +5484,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[34].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetHealthStatusRequest); i { + switch v := v.(*Test); i { case 0: return &v.state case 1: @@ -5362,7 +5496,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[35].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*HealthStatus); i { + switch v := v.(*GetHealthStatusRequest); i { case 0: return &v.state case 1: @@ -5374,7 +5508,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[36].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetHealthStatusResponse); i { + switch v := v.(*HealthStatus); i { case 0: return &v.state case 1: @@ -5386,7 +5520,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[37].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ProcessLoader); i { + switch v := v.(*GetHealthStatusResponse); i { case 0: return &v.state case 1: @@ -5398,7 +5532,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[38].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RuntimeHookRequest); i { + switch v := v.(*ProcessLoader); i { case 0: return &v.state case 1: @@ -5410,7 +5544,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[39].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RuntimeHookResponse); i { + switch v := v.(*RuntimeHookRequest); i { case 0: return &v.state case 1: @@ -5422,7 +5556,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[40].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CreateContainer); i { + switch v := v.(*RuntimeHookResponse); i { case 0: return &v.state case 1: @@ -5434,6 +5568,18 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[41].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateContainer); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_tetragon_tetragon_proto_msgTypes[42].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*StackTraceEntry); i { case 0: return &v.state @@ -5474,7 +5620,7 @@ func file_tetragon_tetragon_proto_init() { (*KprobeArgument_LinuxBinprmArg)(nil), (*KprobeArgument_NetDevArg)(nil), } - file_tetragon_tetragon_proto_msgTypes[38].OneofWrappers = []interface{}{ + file_tetragon_tetragon_proto_msgTypes[39].OneofWrappers = []interface{}{ (*RuntimeHookRequest_CreateContainer)(nil), } type x struct{} @@ -5483,7 +5629,7 @@ func file_tetragon_tetragon_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_tetragon_tetragon_proto_rawDesc, NumEnums: 4, - NumMessages: 44, + NumMessages: 45, NumExtensions: 0, NumServices: 0, }, diff --git a/api/v1/tetragon/tetragon.pb.json.go b/api/v1/tetragon/tetragon.pb.json.go index caedb88f5ec..fece138cc0d 100644 --- a/api/v1/tetragon/tetragon.pb.json.go +++ b/api/v1/tetragon/tetragon.pb.json.go @@ -519,6 +519,22 @@ func (msg *ProcessUprobe) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *ProcessLsm) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: false, + UseProtoNames: true, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *ProcessLsm) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *KernelModule) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ diff --git a/api/v1/tetragon/tetragon.proto b/api/v1/tetragon/tetragon.proto index 801f46c0b3f..34a6df09557 100644 --- a/api/v1/tetragon/tetragon.proto +++ b/api/v1/tetragon/tetragon.proto @@ -532,6 +532,23 @@ message ProcessUprobe { repeated string tags = 8; } +message ProcessLsm { + Process process = 1; + Process parent = 2; + // LSM hook name. + string function_name = 3; + // Name of the policy that created that LSM hook. + string policy_name = 5; + // Short message of the Tracing Policy to inform users what is going on. + string message = 6; + // Arguments definition of the observed LSM hook. + repeated KprobeArgument args = 7; + // Action performed when the LSM hook matched. + KprobeAction action = 8; + // Tags of the Tracing Policy to categorize the event. + repeated string tags = 9; +} + message KernelModule { // Kernel module name string name = 1; diff --git a/api/v1/tetragon/types.pb.go b/api/v1/tetragon/types.pb.go index f418b3eaca8..81f84cc6a27 100644 --- a/api/v1/tetragon/types.pb.go +++ b/api/v1/tetragon/types.pb.go @@ -129,6 +129,26 @@ func (event *ProcessUprobe) SetParent(p *Process) { event.Parent = p } +// Encapsulate implements the Event interface. +// Returns the event wrapped by its GetEventsResponse_* type. +func (event *ProcessLsm) Encapsulate() IsGetEventsResponse_Event { + return &GetEventsResponse_ProcessLsm{ + ProcessLsm: event, + } +} + +// SetProcess implements the ProcessEvent interface. +// Sets the Process field of an event. +func (event *ProcessLsm) SetProcess(p *Process) { + event.Process = p +} + +// SetParent implements the ParentEvent interface. +// Sets the Parent field of an event. +func (event *ProcessLsm) SetParent(p *Process) { + event.Parent = p +} + // Encapsulate implements the Event interface. // Returns the event wrapped by its GetEventsResponse_* type. func (event *Test) Encapsulate() IsGetEventsResponse_Event { @@ -184,6 +204,8 @@ func UnwrapGetEventsResponse(response *GetEventsResponse) interface{} { return ev.ProcessTracepoint case *GetEventsResponse_ProcessUprobe: return ev.ProcessUprobe + case *GetEventsResponse_ProcessLsm: + return ev.ProcessLsm case *GetEventsResponse_Test: return ev.Test case *GetEventsResponse_ProcessLoader: diff --git a/bpf/Makefile b/bpf/Makefile index ff53d8866e5..68b6360ee29 100644 --- a/bpf/Makefile +++ b/bpf/Makefile @@ -15,6 +15,7 @@ PROCESS = bpf_execve_event.o bpf_execve_event_v53.o bpf_fork.o bpf_exit.o bpf_ge bpf_multi_kprobe_v53.o bpf_multi_retkprobe_v53.o \ bpf_generic_tracepoint.o bpf_generic_tracepoint_v53.o \ bpf_generic_uprobe.o bpf_generic_uprobe_v53.o \ + bpf_generic_lsm.o bpf_generic_lsm_v511.o \ bpf_execve_event_v61.o \ bpf_generic_kprobe_v61.o bpf_generic_retkprobe_v61.o \ bpf_generic_tracepoint_v61.o \ @@ -26,6 +27,7 @@ PROCESS = bpf_execve_event.o bpf_execve_event_v53.o bpf_fork.o bpf_exit.o bpf_ge bpf_generic_tracepoint_v511.o \ bpf_multi_kprobe_v511.o bpf_multi_retkprobe_v511.o \ bpf_generic_uprobe_v511.o \ + bpf_generic_lsm_v61.o \ bpf_loader.o \ bpf_cgroup.o \ bpf_enforcer.o bpf_multi_enforcer.o bpf_fmodret_enforcer.o @@ -69,6 +71,7 @@ deps/bpf_multi_retkprobe_$$(VAR).d: process/bpf_generic_retkprobe.c deps/bpf_generic_tracepoint_$$(VAR).d: process/bpf_generic_tracepoint.c deps/bpf_generic_uprobe_$$(VAR).d: process/bpf_generic_uprobe.c deps/bpf_multi_uprobe_$$(VAR).d: process/bpf_generic_uprobe.c +deps/bpf_generic_lsm_$$(VAR).d: process/bpf_generic_lsm.c endef # Generic build targets for each sub-dir diff --git a/bpf/lib/msg_types.h b/bpf/lib/msg_types.h index 4dd54b39440..962c213c747 100644 --- a/bpf/lib/msg_types.h +++ b/bpf/lib/msg_types.h @@ -12,6 +12,7 @@ enum msg_ops { MSG_OP_GENERIC_KPROBE = 13, MSG_OP_GENERIC_TRACEPOINT = 14, MSG_OP_GENERIC_UPROBE = 15, + MSG_OP_GENERIC_LSM = 16, MSG_OP_TEST = 254, diff --git a/bpf/process/bpf_generic_lsm.c b/bpf/process/bpf_generic_lsm.c new file mode 100644 index 00000000000..313e0638a8a --- /dev/null +++ b/bpf/process/bpf_generic_lsm.c @@ -0,0 +1,162 @@ +// SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) +/* Copyright Authors of Cilium */ + +#include "vmlinux.h" +#include "api.h" + +#define GENERIC_LSM + +#include "compiler.h" +#include "bpf_event.h" +#include "bpf_task.h" +#include "retprobe_map.h" +#include "types/operations.h" +#include "types/basic.h" +#include "generic_calls.h" +#include "pfilter.h" + +char _license[] __attribute__((section("license"), used)) = "Dual BSD/GPL"; + +struct { + __uint(type, BPF_MAP_TYPE_PERCPU_ARRAY); + __uint(max_entries, 1); + __type(key, __u32); + __type(value, struct msg_generic_kprobe); +} process_call_heap SEC(".maps"); + +struct { + __uint(type, BPF_MAP_TYPE_PROG_ARRAY); + __uint(max_entries, 13); + __uint(key_size, sizeof(__u32)); + __uint(value_size, sizeof(__u32)); +} lsm_calls SEC(".maps"); + +struct filter_map_value { + unsigned char buf[FILTER_SIZE]; +}; + +/* Arrays of size 1 will be rewritten to direct loads in verifier */ +struct { + __uint(type, BPF_MAP_TYPE_ARRAY); + __uint(max_entries, 1); + __type(key, int); + __type(value, struct filter_map_value); +} filter_map SEC(".maps"); + +struct { + __uint(type, BPF_MAP_TYPE_ARRAY); + __uint(max_entries, 1); + __type(key, __u32); + __type(value, struct event_config); +} config_map SEC(".maps"); + +static struct generic_maps maps = { + .heap = (struct bpf_map_def *)&process_call_heap, + .calls = (struct bpf_map_def *)&lsm_calls, + .filter = (struct bpf_map_def *)&filter_map, +}; + +FUNC_INLINE int +generic_lsm_start_process_filter(void *ctx) +{ + struct msg_generic_kprobe *msg; + struct event_config *config; + struct task_struct *task; + int i, zero = 0; + + msg = map_lookup_elem(&process_call_heap, &zero); + if (!msg) + return 0; + /* Initialize selector index to 0 */ + msg->sel.curr = 0; +#pragma unroll + for (i = 0; i < MAX_CONFIGURED_SELECTORS; i++) + msg->sel.active[i] = 0; + /* Initialize accept field to reject */ + msg->sel.pass = false; + msg->tailcall_index_process = 0; + msg->tailcall_index_selector = 0; + task = (struct task_struct *)get_current_task(); + /* Initialize namespaces to apply filters on them */ + get_namespaces(&msg->ns, task); + /* Initialize capabilities to apply filters on them */ + get_current_subj_caps(&msg->caps, task); +#ifdef __NS_CHANGES_FILTER + msg->sel.match_ns = 0; +#endif +#ifdef __CAP_CHANGES_FILTER + msg->sel.match_cap = 0; +#endif + msg->idx = get_index(ctx); + // setup index and function id + config = map_lookup_elem(&config_map, &msg->idx); + if (!config) + return 0; + msg->func_id = config->func_id; + msg->retprobe_id = 0; + /* Tail call into filters. */ + tail_call(ctx, &lsm_calls, TAIL_CALL_FILTER); + return 0; +} + +#define MAIN "lsm/generic_lsm" + +__attribute__((section((MAIN)), used)) int +generic_lsm_event(struct pt_regs *ctx) +{ + return generic_lsm_start_process_filter(ctx); +} + +__attribute__((section("lsm/0"), used)) int +generic_lsm_setup_event(void *ctx) +{ + return generic_process_event_and_setup( + ctx, (struct bpf_map_def *)&process_call_heap, + (struct bpf_map_def *)&lsm_calls, + (struct bpf_map_def *)&config_map, 0); +} + +__attribute__((section("lsm/1"), used)) int +generic_lsm_process_event(void *ctx) +{ + return generic_process_event(ctx, + (struct bpf_map_def *)&process_call_heap, + (struct bpf_map_def *)&lsm_calls, + (struct bpf_map_def *)&config_map, 0); +} + +__attribute__((section("lsm/2"), used)) int +generic_lsm_process_filter(void *ctx) +{ + int ret; + + ret = generic_process_filter((struct bpf_map_def *)&process_call_heap, + (struct bpf_map_def *)&filter_map); + if (ret == PFILTER_CONTINUE) + tail_call(ctx, &lsm_calls, TAIL_CALL_FILTER); + else if (ret == PFILTER_ACCEPT) + tail_call(ctx, &lsm_calls, 0); + return PFILTER_REJECT; +} + +__attribute__((section("lsm/3"), used)) int +generic_lsm_filter_arg(void *ctx) +{ + return filter_read_arg(ctx, (struct bpf_map_def *)&process_call_heap, + (struct bpf_map_def *)&filter_map, + (struct bpf_map_def *)&lsm_calls, + (struct bpf_map_def *)&config_map, + true); +} + +__attribute__((section("lsm/4"), used)) int +generic_lsm_actions(void *ctx) +{ + return generic_actions(ctx, &maps); +} + +__attribute__((section("lsm/5"), used)) int +generic_lsm_output(void *ctx) +{ + return generic_output(ctx, (struct bpf_map_def *)&process_call_heap, MSG_OP_GENERIC_LSM); +} diff --git a/bpf/process/generic_calls.h b/bpf/process/generic_calls.h index 505d8b2c3d3..7d378f54c56 100644 --- a/bpf/process/generic_calls.h +++ b/bpf/process/generic_calls.h @@ -172,6 +172,16 @@ generic_process_event_and_setup(struct pt_regs *ctx, retprobe_map_set(e->func_id, e->retprobe_id, e->common.ktime, 1); #endif +#ifdef GENERIC_LSM + /* no arguments for uprobes for now */ + e->a0 = PT_REGS_PARM1_CORE(ctx); + e->a1 = PT_REGS_PARM2_CORE(ctx); + e->a2 = PT_REGS_PARM3_CORE(ctx); + e->a3 = PT_REGS_PARM4_CORE(ctx); + e->a4 = PT_REGS_PARM5_CORE(ctx); + generic_process_init(e, MSG_OP_GENERIC_LSM, config); +#endif + #ifdef GENERIC_UPROBE /* no arguments for uprobes for now */ e->a0 = PT_REGS_PARM1_CORE(ctx); diff --git a/bpf/process/types/basic.h b/bpf/process/types/basic.h index acb78562a2f..af9ae76a8df 100644 --- a/bpf/process/types/basic.h +++ b/bpf/process/types/basic.h @@ -2108,7 +2108,7 @@ struct { __uint(value_size, sizeof(__u64) * PERF_MAX_STACK_DEPTH); } stack_trace_map SEC(".maps"); -#if defined GENERIC_TRACEPOINT || defined GENERIC_KPROBE +#if defined GENERIC_TRACEPOINT || defined GENERIC_KPROBE || defined GENERIC_LSM FUNC_INLINE void do_action_notify_enforcer(int error, int signal) { do_enforcer_action(error, signal); diff --git a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.pb.go b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.pb.go index f11dc36ba6c..b903f651925 100644 --- a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.pb.go +++ b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.pb.go @@ -41,6 +41,7 @@ const ( EventType_PROCESS_TRACEPOINT EventType = 10 EventType_PROCESS_LOADER EventType = 11 EventType_PROCESS_UPROBE EventType = 12 + EventType_PROCESS_LSM EventType = 13 EventType_PROCESS_THROTTLE EventType = 27 EventType_TEST EventType = 40000 EventType_RATE_LIMIT_INFO EventType = 40001 @@ -56,6 +57,7 @@ var ( 10: "PROCESS_TRACEPOINT", 11: "PROCESS_LOADER", 12: "PROCESS_UPROBE", + 13: "PROCESS_LSM", 27: "PROCESS_THROTTLE", 40000: "TEST", 40001: "RATE_LIMIT_INFO", @@ -68,6 +70,7 @@ var ( "PROCESS_TRACEPOINT": 10, "PROCESS_LOADER": 11, "PROCESS_UPROBE": 12, + "PROCESS_LSM": 13, "PROCESS_THROTTLE": 27, "TEST": 40000, "RATE_LIMIT_INFO": 40001, @@ -944,6 +947,7 @@ type GetEventsResponse struct { // *GetEventsResponse_ProcessTracepoint // *GetEventsResponse_ProcessLoader // *GetEventsResponse_ProcessUprobe + // *GetEventsResponse_ProcessLsm // *GetEventsResponse_ProcessThrottle // *GetEventsResponse_Test // *GetEventsResponse_RateLimitInfo @@ -1040,6 +1044,13 @@ func (x *GetEventsResponse) GetProcessUprobe() *ProcessUprobe { return nil } +func (x *GetEventsResponse) GetProcessLsm() *ProcessLsm { + if x, ok := x.GetEvent().(*GetEventsResponse_ProcessLsm); ok { + return x.ProcessLsm + } + return nil +} + func (x *GetEventsResponse) GetProcessThrottle() *ProcessThrottle { if x, ok := x.GetEvent().(*GetEventsResponse_ProcessThrottle); ok { return x.ProcessThrottle @@ -1117,6 +1128,10 @@ type GetEventsResponse_ProcessUprobe struct { ProcessUprobe *ProcessUprobe `protobuf:"bytes,12,opt,name=process_uprobe,json=processUprobe,proto3,oneof"` } +type GetEventsResponse_ProcessLsm struct { + ProcessLsm *ProcessLsm `protobuf:"bytes,13,opt,name=process_lsm,json=processLsm,proto3,oneof"` +} + type GetEventsResponse_ProcessThrottle struct { ProcessThrottle *ProcessThrottle `protobuf:"bytes,27,opt,name=process_throttle,json=processThrottle,proto3,oneof"` } @@ -1141,6 +1156,8 @@ func (*GetEventsResponse_ProcessLoader) isGetEventsResponse_Event() {} func (*GetEventsResponse_ProcessUprobe) isGetEventsResponse_Event() {} +func (*GetEventsResponse_ProcessLsm) isGetEventsResponse_Event() {} + func (*GetEventsResponse_ProcessThrottle) isGetEventsResponse_Event() {} func (*GetEventsResponse_Test) isGetEventsResponse_Event() {} @@ -1274,7 +1291,7 @@ var file_tetragon_events_proto_rawDesc = []byte{ 0x20, 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x06, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x22, 0xf3, 0x05, 0x0a, 0x11, 0x47, + 0x28, 0x09, 0x52, 0x06, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x22, 0xac, 0x06, 0x0a, 0x11, 0x47, 0x65, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3a, 0x0a, 0x0c, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x65, 0x78, 0x65, 0x63, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, @@ -1300,49 +1317,54 @@ var file_tetragon_events_proto_rawDesc = []byte{ 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x75, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x55, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x48, 0x00, 0x52, 0x0d, 0x70, - 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x55, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x12, 0x46, 0x0a, 0x10, - 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, - 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, - 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, - 0x65, 0x48, 0x00, 0x52, 0x0f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, - 0x74, 0x74, 0x6c, 0x65, 0x12, 0x26, 0x0a, 0x04, 0x74, 0x65, 0x73, 0x74, 0x18, 0xc0, 0xb8, 0x02, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, - 0x54, 0x65, 0x73, 0x74, 0x48, 0x00, 0x52, 0x04, 0x74, 0x65, 0x73, 0x74, 0x12, 0x43, 0x0a, 0x0f, - 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, - 0xc1, 0xb8, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, - 0x6f, 0x6e, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, 0x6f, - 0x48, 0x00, 0x52, 0x0d, 0x72, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, - 0x6f, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0xe8, - 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, - 0x2f, 0x0a, 0x04, 0x74, 0x69, 0x6d, 0x65, 0x18, 0xe9, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, - 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x04, 0x74, 0x69, 0x6d, 0x65, - 0x12, 0x45, 0x0a, 0x10, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, - 0x69, 0x6e, 0x66, 0x6f, 0x18, 0xea, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, - 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x42, 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, - 0x2a, 0xc7, 0x01, 0x0a, 0x09, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, - 0x0a, 0x05, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, - 0x43, 0x45, 0x53, 0x53, 0x5f, 0x45, 0x58, 0x45, 0x43, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x50, - 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x45, 0x58, 0x49, 0x54, 0x10, 0x05, 0x12, 0x12, 0x0a, - 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, - 0x09, 0x12, 0x16, 0x0a, 0x12, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x52, 0x41, - 0x43, 0x45, 0x50, 0x4f, 0x49, 0x4e, 0x54, 0x10, 0x0a, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, - 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x4f, 0x41, 0x44, 0x45, 0x52, 0x10, 0x0b, 0x12, 0x12, 0x0a, - 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x55, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, - 0x0c, 0x12, 0x14, 0x0a, 0x10, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x48, 0x52, - 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x10, 0x1b, 0x12, 0x0a, 0x0a, 0x04, 0x54, 0x45, 0x53, 0x54, 0x10, - 0xc0, 0xb8, 0x02, 0x12, 0x15, 0x0a, 0x0f, 0x52, 0x41, 0x54, 0x45, 0x5f, 0x4c, 0x49, 0x4d, 0x49, - 0x54, 0x5f, 0x49, 0x4e, 0x46, 0x4f, 0x10, 0xc1, 0xb8, 0x02, 0x2a, 0x2d, 0x0a, 0x11, 0x46, 0x69, - 0x65, 0x6c, 0x64, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, - 0x0b, 0x0a, 0x07, 0x49, 0x4e, 0x43, 0x4c, 0x55, 0x44, 0x45, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, - 0x45, 0x58, 0x43, 0x4c, 0x55, 0x44, 0x45, 0x10, 0x01, 0x2a, 0x4b, 0x0a, 0x0c, 0x54, 0x68, 0x72, - 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x48, 0x52, - 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, - 0x12, 0x0a, 0x0e, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x52, - 0x54, 0x10, 0x01, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, - 0x53, 0x54, 0x4f, 0x50, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x55, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x12, 0x37, 0x0a, 0x0b, + 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x73, 0x6d, 0x18, 0x0d, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x14, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, + 0x63, 0x65, 0x73, 0x73, 0x4c, 0x73, 0x6d, 0x48, 0x00, 0x52, 0x0a, 0x70, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x4c, 0x73, 0x6d, 0x12, 0x46, 0x0a, 0x10, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, + 0x5f, 0x74, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x48, 0x00, 0x52, 0x0f, 0x70, 0x72, + 0x6f, 0x63, 0x65, 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x12, 0x26, 0x0a, + 0x04, 0x74, 0x65, 0x73, 0x74, 0x18, 0xc0, 0xb8, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, + 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, 0x65, 0x73, 0x74, 0x48, 0x00, 0x52, + 0x04, 0x74, 0x65, 0x73, 0x74, 0x12, 0x43, 0x0a, 0x0f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, + 0x6d, 0x69, 0x74, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0xc1, 0xb8, 0x02, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x17, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x52, 0x61, 0x74, 0x65, + 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, 0x6f, 0x48, 0x00, 0x52, 0x0d, 0x72, 0x61, 0x74, + 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, + 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0xe8, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, + 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2f, 0x0a, 0x04, 0x74, 0x69, 0x6d, 0x65, + 0x18, 0xe9, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, + 0x61, 0x6d, 0x70, 0x52, 0x04, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x45, 0x0a, 0x10, 0x61, 0x67, 0x67, + 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0xea, 0x07, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, + 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x52, + 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, + 0x42, 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x2a, 0xd8, 0x01, 0x0a, 0x09, 0x45, 0x76, + 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x55, 0x4e, 0x44, 0x45, 0x46, + 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x45, 0x58, + 0x45, 0x43, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, + 0x45, 0x58, 0x49, 0x54, 0x10, 0x05, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, + 0x53, 0x5f, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, 0x09, 0x12, 0x16, 0x0a, 0x12, 0x50, 0x52, + 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x45, 0x50, 0x4f, 0x49, 0x4e, 0x54, + 0x10, 0x0a, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x4f, + 0x41, 0x44, 0x45, 0x52, 0x10, 0x0b, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, + 0x53, 0x5f, 0x55, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, 0x0c, 0x12, 0x0f, 0x0a, 0x0b, 0x50, 0x52, + 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x53, 0x4d, 0x10, 0x0d, 0x12, 0x14, 0x0a, 0x10, 0x50, + 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x10, + 0x1b, 0x12, 0x0a, 0x0a, 0x04, 0x54, 0x45, 0x53, 0x54, 0x10, 0xc0, 0xb8, 0x02, 0x12, 0x15, 0x0a, + 0x0f, 0x52, 0x41, 0x54, 0x45, 0x5f, 0x4c, 0x49, 0x4d, 0x49, 0x54, 0x5f, 0x49, 0x4e, 0x46, 0x4f, + 0x10, 0xc1, 0xb8, 0x02, 0x2a, 0x2d, 0x0a, 0x11, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x46, 0x69, 0x6c, + 0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0b, 0x0a, 0x07, 0x49, 0x4e, 0x43, + 0x4c, 0x55, 0x44, 0x45, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x45, 0x58, 0x43, 0x4c, 0x55, 0x44, + 0x45, 0x10, 0x01, 0x2a, 0x4b, 0x0a, 0x0c, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x54, + 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, + 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x12, 0x0a, 0x0e, 0x54, 0x48, 0x52, + 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x52, 0x54, 0x10, 0x01, 0x12, 0x11, 0x0a, + 0x0d, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x10, 0x02, + 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -1384,8 +1406,9 @@ var file_tetragon_events_proto_goTypes = []interface{}{ (*ProcessTracepoint)(nil), // 21: tetragon.ProcessTracepoint (*ProcessLoader)(nil), // 22: tetragon.ProcessLoader (*ProcessUprobe)(nil), // 23: tetragon.ProcessUprobe - (*Test)(nil), // 24: tetragon.Test - (*timestamppb.Timestamp)(nil), // 25: google.protobuf.Timestamp + (*ProcessLsm)(nil), // 24: tetragon.ProcessLsm + (*Test)(nil), // 25: tetragon.Test + (*timestamppb.Timestamp)(nil), // 26: google.protobuf.Timestamp } var file_tetragon_events_proto_depIdxs = []int32{ 14, // 0: tetragon.Filter.health_check:type_name -> google.protobuf.BoolValue @@ -1415,16 +1438,17 @@ var file_tetragon_events_proto_depIdxs = []int32{ 21, // 24: tetragon.GetEventsResponse.process_tracepoint:type_name -> tetragon.ProcessTracepoint 22, // 25: tetragon.GetEventsResponse.process_loader:type_name -> tetragon.ProcessLoader 23, // 26: tetragon.GetEventsResponse.process_uprobe:type_name -> tetragon.ProcessUprobe - 12, // 27: tetragon.GetEventsResponse.process_throttle:type_name -> tetragon.ProcessThrottle - 24, // 28: tetragon.GetEventsResponse.test:type_name -> tetragon.Test - 11, // 29: tetragon.GetEventsResponse.rate_limit_info:type_name -> tetragon.RateLimitInfo - 25, // 30: tetragon.GetEventsResponse.time:type_name -> google.protobuf.Timestamp - 10, // 31: tetragon.GetEventsResponse.aggregation_info:type_name -> tetragon.AggregationInfo - 32, // [32:32] is the sub-list for method output_type - 32, // [32:32] is the sub-list for method input_type - 32, // [32:32] is the sub-list for extension type_name - 32, // [32:32] is the sub-list for extension extendee - 0, // [0:32] is the sub-list for field type_name + 24, // 27: tetragon.GetEventsResponse.process_lsm:type_name -> tetragon.ProcessLsm + 12, // 28: tetragon.GetEventsResponse.process_throttle:type_name -> tetragon.ProcessThrottle + 25, // 29: tetragon.GetEventsResponse.test:type_name -> tetragon.Test + 11, // 30: tetragon.GetEventsResponse.rate_limit_info:type_name -> tetragon.RateLimitInfo + 26, // 31: tetragon.GetEventsResponse.time:type_name -> google.protobuf.Timestamp + 10, // 32: tetragon.GetEventsResponse.aggregation_info:type_name -> tetragon.AggregationInfo + 33, // [33:33] is the sub-list for method output_type + 33, // [33:33] is the sub-list for method input_type + 33, // [33:33] is the sub-list for extension type_name + 33, // [33:33] is the sub-list for extension extendee + 0, // [0:33] is the sub-list for field type_name } func init() { file_tetragon_events_proto_init() } @@ -1575,6 +1599,7 @@ func file_tetragon_events_proto_init() { (*GetEventsResponse_ProcessTracepoint)(nil), (*GetEventsResponse_ProcessLoader)(nil), (*GetEventsResponse_ProcessUprobe)(nil), + (*GetEventsResponse_ProcessLsm)(nil), (*GetEventsResponse_ProcessThrottle)(nil), (*GetEventsResponse_Test)(nil), (*GetEventsResponse_RateLimitInfo)(nil), diff --git a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.proto b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.proto index f2bd554645f..155bd489665 100644 --- a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.proto +++ b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.proto @@ -25,6 +25,7 @@ enum EventType { PROCESS_TRACEPOINT = 10; PROCESS_LOADER = 11; PROCESS_UPROBE = 12; + PROCESS_LSM = 13; PROCESS_THROTTLE = 27; TEST = 40000; @@ -183,6 +184,7 @@ message GetEventsResponse { ProcessTracepoint process_tracepoint = 10; ProcessLoader process_loader = 11; ProcessUprobe process_uprobe = 12; + ProcessLsm process_lsm = 13; ProcessThrottle process_throttle = 27; Test test = 40000; diff --git a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.go b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.go index ace6dfcfc1c..8a5d6be212e 100644 --- a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.go +++ b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.go @@ -3475,6 +3475,115 @@ func (x *ProcessUprobe) GetTags() []string { return nil } +type ProcessLsm struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Process *Process `protobuf:"bytes,1,opt,name=process,proto3" json:"process,omitempty"` + Parent *Process `protobuf:"bytes,2,opt,name=parent,proto3" json:"parent,omitempty"` + // LSM hook name. + FunctionName string `protobuf:"bytes,3,opt,name=function_name,json=functionName,proto3" json:"function_name,omitempty"` + // Name of the policy that created that LSM hook. + PolicyName string `protobuf:"bytes,5,opt,name=policy_name,json=policyName,proto3" json:"policy_name,omitempty"` + // Short message of the Tracing Policy to inform users what is going on. + Message string `protobuf:"bytes,6,opt,name=message,proto3" json:"message,omitempty"` + // Arguments definition of the observed LSM hook. + Args []*KprobeArgument `protobuf:"bytes,7,rep,name=args,proto3" json:"args,omitempty"` + // Action performed when the LSM hook matched. + Action KprobeAction `protobuf:"varint,8,opt,name=action,proto3,enum=tetragon.KprobeAction" json:"action,omitempty"` + // Tags of the Tracing Policy to categorize the event. + Tags []string `protobuf:"bytes,9,rep,name=tags,proto3" json:"tags,omitempty"` +} + +func (x *ProcessLsm) Reset() { + *x = ProcessLsm{} + if protoimpl.UnsafeEnabled { + mi := &file_tetragon_tetragon_proto_msgTypes[32] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ProcessLsm) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ProcessLsm) ProtoMessage() {} + +func (x *ProcessLsm) ProtoReflect() protoreflect.Message { + mi := &file_tetragon_tetragon_proto_msgTypes[32] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ProcessLsm.ProtoReflect.Descriptor instead. +func (*ProcessLsm) Descriptor() ([]byte, []int) { + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{32} +} + +func (x *ProcessLsm) GetProcess() *Process { + if x != nil { + return x.Process + } + return nil +} + +func (x *ProcessLsm) GetParent() *Process { + if x != nil { + return x.Parent + } + return nil +} + +func (x *ProcessLsm) GetFunctionName() string { + if x != nil { + return x.FunctionName + } + return "" +} + +func (x *ProcessLsm) GetPolicyName() string { + if x != nil { + return x.PolicyName + } + return "" +} + +func (x *ProcessLsm) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +func (x *ProcessLsm) GetArgs() []*KprobeArgument { + if x != nil { + return x.Args + } + return nil +} + +func (x *ProcessLsm) GetAction() KprobeAction { + if x != nil { + return x.Action + } + return KprobeAction_KPROBE_ACTION_UNKNOWN +} + +func (x *ProcessLsm) GetTags() []string { + if x != nil { + return x.Tags + } + return nil +} + type KernelModule struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -3492,7 +3601,7 @@ type KernelModule struct { func (x *KernelModule) Reset() { *x = KernelModule{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[32] + mi := &file_tetragon_tetragon_proto_msgTypes[33] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3505,7 +3614,7 @@ func (x *KernelModule) String() string { func (*KernelModule) ProtoMessage() {} func (x *KernelModule) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[32] + mi := &file_tetragon_tetragon_proto_msgTypes[33] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3518,7 +3627,7 @@ func (x *KernelModule) ProtoReflect() protoreflect.Message { // Deprecated: Use KernelModule.ProtoReflect.Descriptor instead. func (*KernelModule) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{32} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{33} } func (x *KernelModule) GetName() string { @@ -3556,7 +3665,7 @@ type Test struct { func (x *Test) Reset() { *x = Test{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[33] + mi := &file_tetragon_tetragon_proto_msgTypes[34] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3569,7 +3678,7 @@ func (x *Test) String() string { func (*Test) ProtoMessage() {} func (x *Test) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[33] + mi := &file_tetragon_tetragon_proto_msgTypes[34] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3582,7 +3691,7 @@ func (x *Test) ProtoReflect() protoreflect.Message { // Deprecated: Use Test.ProtoReflect.Descriptor instead. func (*Test) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{33} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{34} } func (x *Test) GetArg0() uint64 { @@ -3624,7 +3733,7 @@ type GetHealthStatusRequest struct { func (x *GetHealthStatusRequest) Reset() { *x = GetHealthStatusRequest{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[34] + mi := &file_tetragon_tetragon_proto_msgTypes[35] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3637,7 +3746,7 @@ func (x *GetHealthStatusRequest) String() string { func (*GetHealthStatusRequest) ProtoMessage() {} func (x *GetHealthStatusRequest) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[34] + mi := &file_tetragon_tetragon_proto_msgTypes[35] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3650,7 +3759,7 @@ func (x *GetHealthStatusRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use GetHealthStatusRequest.ProtoReflect.Descriptor instead. func (*GetHealthStatusRequest) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{34} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{35} } func (x *GetHealthStatusRequest) GetEventSet() []HealthStatusType { @@ -3673,7 +3782,7 @@ type HealthStatus struct { func (x *HealthStatus) Reset() { *x = HealthStatus{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[35] + mi := &file_tetragon_tetragon_proto_msgTypes[36] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3686,7 +3795,7 @@ func (x *HealthStatus) String() string { func (*HealthStatus) ProtoMessage() {} func (x *HealthStatus) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[35] + mi := &file_tetragon_tetragon_proto_msgTypes[36] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3699,7 +3808,7 @@ func (x *HealthStatus) ProtoReflect() protoreflect.Message { // Deprecated: Use HealthStatus.ProtoReflect.Descriptor instead. func (*HealthStatus) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{35} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{36} } func (x *HealthStatus) GetEvent() HealthStatusType { @@ -3734,7 +3843,7 @@ type GetHealthStatusResponse struct { func (x *GetHealthStatusResponse) Reset() { *x = GetHealthStatusResponse{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[36] + mi := &file_tetragon_tetragon_proto_msgTypes[37] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3747,7 +3856,7 @@ func (x *GetHealthStatusResponse) String() string { func (*GetHealthStatusResponse) ProtoMessage() {} func (x *GetHealthStatusResponse) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[36] + mi := &file_tetragon_tetragon_proto_msgTypes[37] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3760,7 +3869,7 @@ func (x *GetHealthStatusResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use GetHealthStatusResponse.ProtoReflect.Descriptor instead. func (*GetHealthStatusResponse) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{36} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{37} } func (x *GetHealthStatusResponse) GetHealthStatus() []*HealthStatus { @@ -3784,7 +3893,7 @@ type ProcessLoader struct { func (x *ProcessLoader) Reset() { *x = ProcessLoader{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[37] + mi := &file_tetragon_tetragon_proto_msgTypes[38] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3797,7 +3906,7 @@ func (x *ProcessLoader) String() string { func (*ProcessLoader) ProtoMessage() {} func (x *ProcessLoader) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[37] + mi := &file_tetragon_tetragon_proto_msgTypes[38] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3810,7 +3919,7 @@ func (x *ProcessLoader) ProtoReflect() protoreflect.Message { // Deprecated: Use ProcessLoader.ProtoReflect.Descriptor instead. func (*ProcessLoader) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{37} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{38} } func (x *ProcessLoader) GetProcess() *Process { @@ -3849,7 +3958,7 @@ type RuntimeHookRequest struct { func (x *RuntimeHookRequest) Reset() { *x = RuntimeHookRequest{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[38] + mi := &file_tetragon_tetragon_proto_msgTypes[39] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3862,7 +3971,7 @@ func (x *RuntimeHookRequest) String() string { func (*RuntimeHookRequest) ProtoMessage() {} func (x *RuntimeHookRequest) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[38] + mi := &file_tetragon_tetragon_proto_msgTypes[39] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3875,7 +3984,7 @@ func (x *RuntimeHookRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use RuntimeHookRequest.ProtoReflect.Descriptor instead. func (*RuntimeHookRequest) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{38} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{39} } func (m *RuntimeHookRequest) GetEvent() isRuntimeHookRequest_Event { @@ -3911,7 +4020,7 @@ type RuntimeHookResponse struct { func (x *RuntimeHookResponse) Reset() { *x = RuntimeHookResponse{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[39] + mi := &file_tetragon_tetragon_proto_msgTypes[40] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3924,7 +4033,7 @@ func (x *RuntimeHookResponse) String() string { func (*RuntimeHookResponse) ProtoMessage() {} func (x *RuntimeHookResponse) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[39] + mi := &file_tetragon_tetragon_proto_msgTypes[40] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3937,7 +4046,7 @@ func (x *RuntimeHookResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RuntimeHookResponse.ProtoReflect.Descriptor instead. func (*RuntimeHookResponse) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{39} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{40} } // CreateContainer informs the agent that a container was created @@ -3965,7 +4074,7 @@ type CreateContainer struct { func (x *CreateContainer) Reset() { *x = CreateContainer{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[40] + mi := &file_tetragon_tetragon_proto_msgTypes[41] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3978,7 +4087,7 @@ func (x *CreateContainer) String() string { func (*CreateContainer) ProtoMessage() {} func (x *CreateContainer) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[40] + mi := &file_tetragon_tetragon_proto_msgTypes[41] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3991,7 +4100,7 @@ func (x *CreateContainer) ProtoReflect() protoreflect.Message { // Deprecated: Use CreateContainer.ProtoReflect.Descriptor instead. func (*CreateContainer) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{40} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{41} } func (x *CreateContainer) GetCgroupsPath() string { @@ -4040,7 +4149,7 @@ type StackTraceEntry struct { func (x *StackTraceEntry) Reset() { *x = StackTraceEntry{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[41] + mi := &file_tetragon_tetragon_proto_msgTypes[42] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -4053,7 +4162,7 @@ func (x *StackTraceEntry) String() string { func (*StackTraceEntry) ProtoMessage() {} func (x *StackTraceEntry) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[41] + mi := &file_tetragon_tetragon_proto_msgTypes[42] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -4066,7 +4175,7 @@ func (x *StackTraceEntry) ProtoReflect() protoreflect.Message { // Deprecated: Use StackTraceEntry.ProtoReflect.Descriptor instead. func (*StackTraceEntry) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{41} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{42} } func (x *StackTraceEntry) GetAddress() uint64 { @@ -4619,136 +4728,156 @@ var file_tetragon_tetragon_proto_rawDesc = []byte{ 0x61, 0x72, 0x67, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x4b, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x72, 0x67, 0x75, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x04, 0x61, 0x72, 0x67, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x61, - 0x67, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x22, 0x96, - 0x01, 0x0a, 0x0c, 0x4b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x12, - 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, - 0x61, 0x6d, 0x65, 0x12, 0x3d, 0x0a, 0x0c, 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, - 0x5f, 0x6f, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, - 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, - 0x4f, 0x6b, 0x12, 0x33, 0x0a, 0x07, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, - 0x03, 0x28, 0x0e, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, - 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x42, 0x69, 0x74, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x07, - 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x22, 0x56, 0x0a, 0x04, 0x54, 0x65, 0x73, 0x74, 0x12, - 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x30, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, - 0x72, 0x67, 0x30, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x31, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x31, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x32, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x32, 0x12, 0x12, 0x0a, 0x04, 0x61, - 0x72, 0x67, 0x33, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x33, 0x22, - 0x51, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, - 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x65, 0x76, 0x65, - 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, - 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x08, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x53, - 0x65, 0x74, 0x22, 0x90, 0x01, 0x0a, 0x0c, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x12, 0x30, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, - 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x05, - 0x65, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x34, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, - 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, - 0x75, 0x6c, 0x74, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x64, - 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x64, 0x65, - 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, 0x56, 0x0a, 0x17, 0x47, 0x65, 0x74, 0x48, 0x65, 0x61, 0x6c, - 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x12, 0x3b, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, - 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, - 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, - 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x6a, 0x0a, - 0x0d, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x12, 0x2b, - 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, - 0x11, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, - 0x73, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, - 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, - 0x18, 0x0a, 0x07, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, - 0x52, 0x07, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x69, 0x64, 0x22, 0x64, 0x0a, 0x12, 0x52, 0x75, 0x6e, - 0x74, 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, - 0x45, 0x0a, 0x0f, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, - 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, - 0x67, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, - 0x6e, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0f, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x42, 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x22, - 0x15, 0x0a, 0x13, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, 0x6b, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x81, 0x02, 0x0a, 0x0f, 0x43, 0x72, 0x65, 0x61, 0x74, - 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x67, - 0x72, 0x6f, 0x75, 0x70, 0x73, 0x50, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0b, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x50, 0x61, 0x74, 0x68, 0x12, 0x18, 0x0a, 0x07, - 0x72, 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, - 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, 0x12, 0x4c, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x74, 0x65, - 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x2e, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, - 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0x3e, 0x0a, 0x10, 0x41, 0x6e, - 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, - 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, - 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x73, 0x0a, 0x0f, 0x53, 0x74, - 0x61, 0x63, 0x6b, 0x54, 0x72, 0x61, 0x63, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x18, 0x0a, - 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x07, - 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, - 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, - 0x16, 0x0a, 0x06, 0x73, 0x79, 0x6d, 0x62, 0x6f, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x06, 0x73, 0x79, 0x6d, 0x62, 0x6f, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, - 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x2a, - 0x95, 0x03, 0x0a, 0x0c, 0x4b, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, - 0x12, 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, - 0x4e, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x16, 0x0a, 0x12, 0x4b, - 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x50, 0x4f, 0x53, - 0x54, 0x10, 0x01, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, - 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x46, 0x4f, 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, 0x02, 0x12, - 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, - 0x5f, 0x53, 0x49, 0x47, 0x4b, 0x49, 0x4c, 0x4c, 0x10, 0x03, 0x12, 0x1c, 0x0a, 0x18, 0x4b, 0x50, - 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x46, 0x4f, - 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, 0x04, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x50, 0x52, 0x4f, - 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4f, 0x56, 0x45, 0x52, 0x52, 0x49, - 0x44, 0x45, 0x10, 0x05, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, - 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x43, 0x4f, 0x50, 0x59, 0x46, 0x44, 0x10, 0x06, 0x12, 0x18, + 0x67, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x22, 0xb6, + 0x02, 0x0a, 0x0a, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x73, 0x6d, 0x12, 0x2b, 0x0a, + 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, + 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, + 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x12, 0x29, 0x0a, 0x06, 0x70, 0x61, + 0x72, 0x65, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x74, 0x65, 0x74, + 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x52, 0x06, 0x70, + 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x66, 0x75, 0x6e, 0x63, 0x74, 0x69, 0x6f, + 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x66, 0x75, + 0x6e, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x70, 0x6f, + 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0a, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, + 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x2c, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x73, 0x18, 0x07, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x4b, + 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x72, 0x67, 0x75, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x04, 0x61, + 0x72, 0x67, 0x73, 0x12, 0x2e, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x08, 0x20, + 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x4b, + 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x06, 0x61, 0x63, 0x74, + 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x61, 0x67, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, + 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x22, 0x96, 0x01, 0x0a, 0x0c, 0x4b, 0x65, 0x72, 0x6e, + 0x65, 0x6c, 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3d, 0x0a, 0x0c, + 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x5f, 0x6f, 0x6b, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, + 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x4f, 0x6b, 0x12, 0x33, 0x0a, 0x07, 0x74, + 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x19, 0x2e, 0x74, + 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x42, + 0x69, 0x74, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x07, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, + 0x22, 0x56, 0x0a, 0x04, 0x54, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x30, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x30, 0x12, 0x12, 0x0a, 0x04, + 0x61, 0x72, 0x67, 0x31, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x31, + 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x32, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, + 0x61, 0x72, 0x67, 0x32, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x33, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x33, 0x22, 0x51, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x48, + 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x18, + 0x01, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, + 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, + 0x65, 0x52, 0x08, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x74, 0x22, 0x90, 0x01, 0x0a, 0x0c, + 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x30, 0x0a, 0x05, + 0x65, 0x76, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, 0x65, + 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, + 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x34, + 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, + 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x06, 0x73, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, 0x56, + 0x0a, 0x17, 0x47, 0x65, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3b, 0x0a, 0x0d, 0x68, 0x65, 0x61, + 0x6c, 0x74, 0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, + 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x6a, 0x0a, 0x0d, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, + 0x73, 0x4c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x12, 0x2b, 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, + 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, + 0x63, 0x65, 0x73, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x18, 0x0a, 0x07, 0x62, 0x75, 0x69, 0x6c, + 0x64, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x62, 0x75, 0x69, 0x6c, 0x64, + 0x69, 0x64, 0x22, 0x64, 0x0a, 0x12, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, + 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x45, 0x0a, 0x0f, 0x63, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0f, + 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x42, + 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x22, 0x15, 0x0a, 0x13, 0x52, 0x75, 0x6e, 0x74, + 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x81, 0x02, 0x0a, 0x0f, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, + 0x6e, 0x65, 0x72, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x50, 0x61, + 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, + 0x73, 0x50, 0x61, 0x74, 0x68, 0x12, 0x18, 0x0a, 0x07, 0x72, 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, 0x12, + 0x4c, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, + 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, + 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x2e, + 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, + 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, + 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x4e, + 0x61, 0x6d, 0x65, 0x1a, 0x3e, 0x0a, 0x10, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, + 0x02, 0x38, 0x01, 0x22, 0x73, 0x0a, 0x0f, 0x53, 0x74, 0x61, 0x63, 0x6b, 0x54, 0x72, 0x61, 0x63, + 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, + 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, + 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, + 0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x79, 0x6d, 0x62, + 0x6f, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x79, 0x6d, 0x62, 0x6f, 0x6c, + 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x2a, 0x95, 0x03, 0x0a, 0x0c, 0x4b, 0x70, 0x72, + 0x6f, 0x62, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, + 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, + 0x57, 0x4e, 0x10, 0x00, 0x12, 0x16, 0x0a, 0x12, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, + 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x50, 0x4f, 0x53, 0x54, 0x10, 0x01, 0x12, 0x1a, 0x0a, 0x16, + 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x46, 0x4f, + 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, 0x02, 0x12, 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, 0x4f, + 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x49, 0x47, 0x4b, 0x49, 0x4c, + 0x4c, 0x10, 0x03, 0x12, 0x1c, 0x0a, 0x18, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, + 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x46, 0x4f, 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, + 0x04, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, + 0x4f, 0x4e, 0x5f, 0x4f, 0x56, 0x45, 0x52, 0x52, 0x49, 0x44, 0x45, 0x10, 0x05, 0x12, 0x18, 0x0a, + 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x43, + 0x4f, 0x50, 0x59, 0x46, 0x44, 0x10, 0x06, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, + 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x47, 0x45, 0x54, 0x55, 0x52, 0x4c, 0x10, + 0x07, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, + 0x4f, 0x4e, 0x5f, 0x44, 0x4e, 0x53, 0x4c, 0x4f, 0x4f, 0x4b, 0x55, 0x50, 0x10, 0x08, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, - 0x47, 0x45, 0x54, 0x55, 0x52, 0x4c, 0x10, 0x07, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, 0x4f, - 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x44, 0x4e, 0x53, 0x4c, 0x4f, 0x4f, - 0x4b, 0x55, 0x50, 0x10, 0x08, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, - 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4e, 0x4f, 0x50, 0x4f, 0x53, 0x54, 0x10, 0x09, 0x12, - 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, - 0x5f, 0x53, 0x49, 0x47, 0x4e, 0x41, 0x4c, 0x10, 0x0a, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, - 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x4b, - 0x53, 0x4f, 0x43, 0x4b, 0x10, 0x0b, 0x12, 0x1d, 0x0a, 0x19, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, - 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x54, 0x52, 0x41, 0x43, 0x4b, 0x53, - 0x4f, 0x43, 0x4b, 0x10, 0x0c, 0x12, 0x20, 0x0a, 0x1c, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, - 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4e, 0x4f, 0x54, 0x49, 0x46, 0x59, 0x45, 0x4e, 0x46, - 0x4f, 0x52, 0x43, 0x45, 0x52, 0x10, 0x0d, 0x2a, 0x4f, 0x0a, 0x10, 0x48, 0x65, 0x61, 0x6c, 0x74, - 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1c, 0x0a, 0x18, 0x48, - 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, - 0x45, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, 0x12, 0x1d, 0x0a, 0x19, 0x48, 0x45, 0x41, - 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, - 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x10, 0x01, 0x2a, 0x7c, 0x0a, 0x12, 0x48, 0x65, 0x61, 0x6c, - 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x17, - 0x0a, 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, - 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, 0x12, 0x19, 0x0a, 0x15, 0x48, 0x45, 0x41, 0x4c, 0x54, - 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x52, 0x55, 0x4e, 0x4e, 0x49, 0x4e, 0x47, - 0x10, 0x01, 0x12, 0x19, 0x0a, 0x15, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, - 0x54, 0x55, 0x53, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x50, 0x45, 0x44, 0x10, 0x02, 0x12, 0x17, 0x0a, - 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x45, - 0x52, 0x52, 0x4f, 0x52, 0x10, 0x03, 0x2a, 0x8d, 0x02, 0x0a, 0x0f, 0x54, 0x61, 0x69, 0x6e, 0x74, - 0x65, 0x64, 0x42, 0x69, 0x74, 0x73, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x41, - 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x53, 0x45, 0x54, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, 0x54, - 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x50, 0x52, 0x4f, 0x50, 0x52, 0x49, 0x45, 0x54, 0x41, 0x52, 0x59, - 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x01, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x49, - 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, - 0x10, 0x02, 0x12, 0x1e, 0x0a, 0x1a, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, - 0x45, 0x44, 0x5f, 0x55, 0x4e, 0x4c, 0x4f, 0x41, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, - 0x10, 0x04, 0x12, 0x18, 0x0a, 0x13, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x53, 0x54, 0x41, 0x47, - 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x08, 0x12, 0x1d, 0x0a, 0x18, - 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x4f, 0x55, 0x54, 0x5f, 0x4f, 0x46, 0x5f, 0x54, 0x52, 0x45, - 0x45, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x20, 0x12, 0x1a, 0x0a, 0x15, 0x54, - 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x53, 0x49, 0x47, 0x4e, 0x45, 0x44, 0x5f, 0x4d, 0x4f, - 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x40, 0x12, 0x24, 0x0a, 0x1e, 0x54, 0x41, 0x49, 0x4e, 0x54, - 0x5f, 0x4b, 0x45, 0x52, 0x4e, 0x45, 0x4c, 0x5f, 0x4c, 0x49, 0x56, 0x45, 0x5f, 0x50, 0x41, 0x54, - 0x43, 0x48, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x80, 0x02, 0x12, 0x17, 0x0a, - 0x11, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x54, 0x45, 0x53, 0x54, 0x5f, 0x4d, 0x4f, 0x44, 0x55, - 0x4c, 0x45, 0x10, 0x80, 0x80, 0x10, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x4e, 0x4f, 0x50, 0x4f, 0x53, 0x54, 0x10, 0x09, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, + 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x49, 0x47, 0x4e, 0x41, 0x4c, + 0x10, 0x0a, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, + 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x4b, 0x53, 0x4f, 0x43, 0x4b, 0x10, 0x0b, 0x12, + 0x1d, 0x0a, 0x19, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, + 0x5f, 0x55, 0x4e, 0x54, 0x52, 0x41, 0x43, 0x4b, 0x53, 0x4f, 0x43, 0x4b, 0x10, 0x0c, 0x12, 0x20, + 0x0a, 0x1c, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, + 0x4e, 0x4f, 0x54, 0x49, 0x46, 0x59, 0x45, 0x4e, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x52, 0x10, 0x0d, + 0x2a, 0x4f, 0x0a, 0x10, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, + 0x54, 0x79, 0x70, 0x65, 0x12, 0x1c, 0x0a, 0x18, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, + 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, + 0x10, 0x00, 0x12, 0x1d, 0x0a, 0x19, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, + 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x10, + 0x01, 0x2a, 0x7c, 0x0a, 0x12, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x17, 0x0a, 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, + 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, + 0x12, 0x19, 0x0a, 0x15, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, + 0x53, 0x5f, 0x52, 0x55, 0x4e, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x19, 0x0a, 0x15, 0x48, + 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x53, 0x54, 0x4f, + 0x50, 0x50, 0x45, 0x44, 0x10, 0x02, 0x12, 0x17, 0x0a, 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, + 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x10, 0x03, 0x2a, + 0x8d, 0x02, 0x0a, 0x0f, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x42, 0x69, 0x74, 0x73, 0x54, + 0x79, 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x53, + 0x45, 0x54, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x50, 0x52, + 0x4f, 0x50, 0x52, 0x49, 0x45, 0x54, 0x41, 0x52, 0x59, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, + 0x10, 0x01, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, + 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x02, 0x12, 0x1e, 0x0a, 0x1a, 0x54, + 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x44, 0x5f, 0x55, 0x4e, 0x4c, 0x4f, + 0x41, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x04, 0x12, 0x18, 0x0a, 0x13, 0x54, + 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x53, 0x54, 0x41, 0x47, 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, + 0x4c, 0x45, 0x10, 0x80, 0x08, 0x12, 0x1d, 0x0a, 0x18, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x4f, + 0x55, 0x54, 0x5f, 0x4f, 0x46, 0x5f, 0x54, 0x52, 0x45, 0x45, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, + 0x45, 0x10, 0x80, 0x20, 0x12, 0x1a, 0x0a, 0x15, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, + 0x53, 0x49, 0x47, 0x4e, 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x40, + 0x12, 0x24, 0x0a, 0x1e, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x4b, 0x45, 0x52, 0x4e, 0x45, 0x4c, + 0x5f, 0x4c, 0x49, 0x56, 0x45, 0x5f, 0x50, 0x41, 0x54, 0x43, 0x48, 0x5f, 0x4d, 0x4f, 0x44, 0x55, + 0x4c, 0x45, 0x10, 0x80, 0x80, 0x02, 0x12, 0x17, 0x0a, 0x11, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, + 0x54, 0x45, 0x53, 0x54, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x80, 0x10, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -4764,7 +4893,7 @@ func file_tetragon_tetragon_proto_rawDescGZIP() []byte { } var file_tetragon_tetragon_proto_enumTypes = make([]protoimpl.EnumInfo, 4) -var file_tetragon_tetragon_proto_msgTypes = make([]protoimpl.MessageInfo, 44) +var file_tetragon_tetragon_proto_msgTypes = make([]protoimpl.MessageInfo, 45) var file_tetragon_tetragon_proto_goTypes = []interface{}{ (KprobeAction)(0), // 0: tetragon.KprobeAction (HealthStatusType)(0), // 1: tetragon.HealthStatusType @@ -4802,35 +4931,36 @@ var file_tetragon_tetragon_proto_goTypes = []interface{}{ (*ProcessKprobe)(nil), // 33: tetragon.ProcessKprobe (*ProcessTracepoint)(nil), // 34: tetragon.ProcessTracepoint (*ProcessUprobe)(nil), // 35: tetragon.ProcessUprobe - (*KernelModule)(nil), // 36: tetragon.KernelModule - (*Test)(nil), // 37: tetragon.Test - (*GetHealthStatusRequest)(nil), // 38: tetragon.GetHealthStatusRequest - (*HealthStatus)(nil), // 39: tetragon.HealthStatus - (*GetHealthStatusResponse)(nil), // 40: tetragon.GetHealthStatusResponse - (*ProcessLoader)(nil), // 41: tetragon.ProcessLoader - (*RuntimeHookRequest)(nil), // 42: tetragon.RuntimeHookRequest - (*RuntimeHookResponse)(nil), // 43: tetragon.RuntimeHookResponse - (*CreateContainer)(nil), // 44: tetragon.CreateContainer - (*StackTraceEntry)(nil), // 45: tetragon.StackTraceEntry - nil, // 46: tetragon.Pod.PodLabelsEntry - nil, // 47: tetragon.CreateContainer.AnnotationsEntry - (*timestamppb.Timestamp)(nil), // 48: google.protobuf.Timestamp - (*wrapperspb.UInt32Value)(nil), // 49: google.protobuf.UInt32Value - (CapabilitiesType)(0), // 50: tetragon.CapabilitiesType - (*wrapperspb.Int32Value)(nil), // 51: google.protobuf.Int32Value - (SecureBitsType)(0), // 52: tetragon.SecureBitsType - (ProcessPrivilegesChanged)(0), // 53: tetragon.ProcessPrivilegesChanged - (*wrapperspb.BoolValue)(nil), // 54: google.protobuf.BoolValue + (*ProcessLsm)(nil), // 36: tetragon.ProcessLsm + (*KernelModule)(nil), // 37: tetragon.KernelModule + (*Test)(nil), // 38: tetragon.Test + (*GetHealthStatusRequest)(nil), // 39: tetragon.GetHealthStatusRequest + (*HealthStatus)(nil), // 40: tetragon.HealthStatus + (*GetHealthStatusResponse)(nil), // 41: tetragon.GetHealthStatusResponse + (*ProcessLoader)(nil), // 42: tetragon.ProcessLoader + (*RuntimeHookRequest)(nil), // 43: tetragon.RuntimeHookRequest + (*RuntimeHookResponse)(nil), // 44: tetragon.RuntimeHookResponse + (*CreateContainer)(nil), // 45: tetragon.CreateContainer + (*StackTraceEntry)(nil), // 46: tetragon.StackTraceEntry + nil, // 47: tetragon.Pod.PodLabelsEntry + nil, // 48: tetragon.CreateContainer.AnnotationsEntry + (*timestamppb.Timestamp)(nil), // 49: google.protobuf.Timestamp + (*wrapperspb.UInt32Value)(nil), // 50: google.protobuf.UInt32Value + (CapabilitiesType)(0), // 51: tetragon.CapabilitiesType + (*wrapperspb.Int32Value)(nil), // 52: google.protobuf.Int32Value + (SecureBitsType)(0), // 53: tetragon.SecureBitsType + (ProcessPrivilegesChanged)(0), // 54: tetragon.ProcessPrivilegesChanged + (*wrapperspb.BoolValue)(nil), // 55: google.protobuf.BoolValue } var file_tetragon_tetragon_proto_depIdxs = []int32{ 4, // 0: tetragon.Container.image:type_name -> tetragon.Image - 48, // 1: tetragon.Container.start_time:type_name -> google.protobuf.Timestamp - 49, // 2: tetragon.Container.pid:type_name -> google.protobuf.UInt32Value + 49, // 1: tetragon.Container.start_time:type_name -> google.protobuf.Timestamp + 50, // 2: tetragon.Container.pid:type_name -> google.protobuf.UInt32Value 5, // 3: tetragon.Pod.container:type_name -> tetragon.Container - 46, // 4: tetragon.Pod.pod_labels:type_name -> tetragon.Pod.PodLabelsEntry - 50, // 5: tetragon.Capabilities.permitted:type_name -> tetragon.CapabilitiesType - 50, // 6: tetragon.Capabilities.effective:type_name -> tetragon.CapabilitiesType - 50, // 7: tetragon.Capabilities.inheritable:type_name -> tetragon.CapabilitiesType + 47, // 4: tetragon.Pod.pod_labels:type_name -> tetragon.Pod.PodLabelsEntry + 51, // 5: tetragon.Capabilities.permitted:type_name -> tetragon.CapabilitiesType + 51, // 6: tetragon.Capabilities.effective:type_name -> tetragon.CapabilitiesType + 51, // 7: tetragon.Capabilities.inheritable:type_name -> tetragon.CapabilitiesType 8, // 8: tetragon.Namespaces.uts:type_name -> tetragon.Namespace 8, // 9: tetragon.Namespaces.ipc:type_name -> tetragon.Namespace 8, // 10: tetragon.Namespaces.mnt:type_name -> tetragon.Namespace @@ -4841,35 +4971,35 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 8, // 15: tetragon.Namespaces.time_for_children:type_name -> tetragon.Namespace 8, // 16: tetragon.Namespaces.cgroup:type_name -> tetragon.Namespace 8, // 17: tetragon.Namespaces.user:type_name -> tetragon.Namespace - 51, // 18: tetragon.UserNamespace.level:type_name -> google.protobuf.Int32Value - 49, // 19: tetragon.UserNamespace.uid:type_name -> google.protobuf.UInt32Value - 49, // 20: tetragon.UserNamespace.gid:type_name -> google.protobuf.UInt32Value + 52, // 18: tetragon.UserNamespace.level:type_name -> google.protobuf.Int32Value + 50, // 19: tetragon.UserNamespace.uid:type_name -> google.protobuf.UInt32Value + 50, // 20: tetragon.UserNamespace.gid:type_name -> google.protobuf.UInt32Value 8, // 21: tetragon.UserNamespace.ns:type_name -> tetragon.Namespace - 49, // 22: tetragon.ProcessCredentials.uid:type_name -> google.protobuf.UInt32Value - 49, // 23: tetragon.ProcessCredentials.gid:type_name -> google.protobuf.UInt32Value - 49, // 24: tetragon.ProcessCredentials.euid:type_name -> google.protobuf.UInt32Value - 49, // 25: tetragon.ProcessCredentials.egid:type_name -> google.protobuf.UInt32Value - 49, // 26: tetragon.ProcessCredentials.suid:type_name -> google.protobuf.UInt32Value - 49, // 27: tetragon.ProcessCredentials.sgid:type_name -> google.protobuf.UInt32Value - 49, // 28: tetragon.ProcessCredentials.fsuid:type_name -> google.protobuf.UInt32Value - 49, // 29: tetragon.ProcessCredentials.fsgid:type_name -> google.protobuf.UInt32Value - 52, // 30: tetragon.ProcessCredentials.securebits:type_name -> tetragon.SecureBitsType + 50, // 22: tetragon.ProcessCredentials.uid:type_name -> google.protobuf.UInt32Value + 50, // 23: tetragon.ProcessCredentials.gid:type_name -> google.protobuf.UInt32Value + 50, // 24: tetragon.ProcessCredentials.euid:type_name -> google.protobuf.UInt32Value + 50, // 25: tetragon.ProcessCredentials.egid:type_name -> google.protobuf.UInt32Value + 50, // 26: tetragon.ProcessCredentials.suid:type_name -> google.protobuf.UInt32Value + 50, // 27: tetragon.ProcessCredentials.sgid:type_name -> google.protobuf.UInt32Value + 50, // 28: tetragon.ProcessCredentials.fsuid:type_name -> google.protobuf.UInt32Value + 50, // 29: tetragon.ProcessCredentials.fsgid:type_name -> google.protobuf.UInt32Value + 53, // 30: tetragon.ProcessCredentials.securebits:type_name -> tetragon.SecureBitsType 7, // 31: tetragon.ProcessCredentials.caps:type_name -> tetragon.Capabilities 10, // 32: tetragon.ProcessCredentials.user_ns:type_name -> tetragon.UserNamespace - 49, // 33: tetragon.InodeProperties.links:type_name -> google.protobuf.UInt32Value + 50, // 33: tetragon.InodeProperties.links:type_name -> google.protobuf.UInt32Value 12, // 34: tetragon.FileProperties.inode:type_name -> tetragon.InodeProperties - 49, // 35: tetragon.BinaryProperties.setuid:type_name -> google.protobuf.UInt32Value - 49, // 36: tetragon.BinaryProperties.setgid:type_name -> google.protobuf.UInt32Value - 53, // 37: tetragon.BinaryProperties.privileges_changed:type_name -> tetragon.ProcessPrivilegesChanged + 50, // 35: tetragon.BinaryProperties.setuid:type_name -> google.protobuf.UInt32Value + 50, // 36: tetragon.BinaryProperties.setgid:type_name -> google.protobuf.UInt32Value + 54, // 37: tetragon.BinaryProperties.privileges_changed:type_name -> tetragon.ProcessPrivilegesChanged 13, // 38: tetragon.BinaryProperties.file:type_name -> tetragon.FileProperties - 49, // 39: tetragon.Process.pid:type_name -> google.protobuf.UInt32Value - 49, // 40: tetragon.Process.uid:type_name -> google.protobuf.UInt32Value - 48, // 41: tetragon.Process.start_time:type_name -> google.protobuf.Timestamp - 49, // 42: tetragon.Process.auid:type_name -> google.protobuf.UInt32Value + 50, // 39: tetragon.Process.pid:type_name -> google.protobuf.UInt32Value + 50, // 40: tetragon.Process.uid:type_name -> google.protobuf.UInt32Value + 49, // 41: tetragon.Process.start_time:type_name -> google.protobuf.Timestamp + 50, // 42: tetragon.Process.auid:type_name -> google.protobuf.UInt32Value 6, // 43: tetragon.Process.pod:type_name -> tetragon.Pod 7, // 44: tetragon.Process.cap:type_name -> tetragon.Capabilities 9, // 45: tetragon.Process.ns:type_name -> tetragon.Namespaces - 49, // 46: tetragon.Process.tid:type_name -> google.protobuf.UInt32Value + 50, // 46: tetragon.Process.tid:type_name -> google.protobuf.UInt32Value 11, // 47: tetragon.Process.process_credentials:type_name -> tetragon.ProcessCredentials 14, // 48: tetragon.Process.binary_properties:type_name -> tetragon.BinaryProperties 15, // 49: tetragon.Process.user:type_name -> tetragon.UserRecord @@ -4878,14 +5008,14 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 16, // 52: tetragon.ProcessExec.ancestors:type_name -> tetragon.Process 16, // 53: tetragon.ProcessExit.process:type_name -> tetragon.Process 16, // 54: tetragon.ProcessExit.parent:type_name -> tetragon.Process - 48, // 55: tetragon.ProcessExit.time:type_name -> google.protobuf.Timestamp - 50, // 56: tetragon.KprobeCred.permitted:type_name -> tetragon.CapabilitiesType - 50, // 57: tetragon.KprobeCred.effective:type_name -> tetragon.CapabilitiesType - 50, // 58: tetragon.KprobeCred.inheritable:type_name -> tetragon.CapabilitiesType - 51, // 59: tetragon.KprobeCapability.value:type_name -> google.protobuf.Int32Value - 51, // 60: tetragon.KprobeUserNamespace.level:type_name -> google.protobuf.Int32Value - 49, // 61: tetragon.KprobeUserNamespace.owner:type_name -> google.protobuf.UInt32Value - 49, // 62: tetragon.KprobeUserNamespace.group:type_name -> google.protobuf.UInt32Value + 49, // 55: tetragon.ProcessExit.time:type_name -> google.protobuf.Timestamp + 51, // 56: tetragon.KprobeCred.permitted:type_name -> tetragon.CapabilitiesType + 51, // 57: tetragon.KprobeCred.effective:type_name -> tetragon.CapabilitiesType + 51, // 58: tetragon.KprobeCred.inheritable:type_name -> tetragon.CapabilitiesType + 52, // 59: tetragon.KprobeCapability.value:type_name -> google.protobuf.Int32Value + 52, // 60: tetragon.KprobeUserNamespace.level:type_name -> google.protobuf.Int32Value + 50, // 61: tetragon.KprobeUserNamespace.owner:type_name -> google.protobuf.UInt32Value + 50, // 62: tetragon.KprobeUserNamespace.group:type_name -> google.protobuf.UInt32Value 8, // 63: tetragon.KprobeUserNamespace.ns:type_name -> tetragon.Namespace 20, // 64: tetragon.KprobeArgument.skb_arg:type_name -> tetragon.KprobeSkb 22, // 65: tetragon.KprobeArgument.path_arg:type_name -> tetragon.KprobePath @@ -4900,7 +5030,7 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 27, // 74: tetragon.KprobeArgument.capability_arg:type_name -> tetragon.KprobeCapability 11, // 75: tetragon.KprobeArgument.process_credentials_arg:type_name -> tetragon.ProcessCredentials 10, // 76: tetragon.KprobeArgument.user_ns_arg:type_name -> tetragon.UserNamespace - 36, // 77: tetragon.KprobeArgument.module_arg:type_name -> tetragon.KernelModule + 37, // 77: tetragon.KprobeArgument.module_arg:type_name -> tetragon.KernelModule 26, // 78: tetragon.KprobeArgument.linux_binprm_arg:type_name -> tetragon.KprobeLinuxBinprm 21, // 79: tetragon.KprobeArgument.net_dev_arg:type_name -> tetragon.KprobeNetDev 16, // 80: tetragon.ProcessKprobe.process:type_name -> tetragon.Process @@ -4908,9 +5038,9 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 32, // 82: tetragon.ProcessKprobe.args:type_name -> tetragon.KprobeArgument 32, // 83: tetragon.ProcessKprobe.return:type_name -> tetragon.KprobeArgument 0, // 84: tetragon.ProcessKprobe.action:type_name -> tetragon.KprobeAction - 45, // 85: tetragon.ProcessKprobe.kernel_stack_trace:type_name -> tetragon.StackTraceEntry + 46, // 85: tetragon.ProcessKprobe.kernel_stack_trace:type_name -> tetragon.StackTraceEntry 0, // 86: tetragon.ProcessKprobe.return_action:type_name -> tetragon.KprobeAction - 45, // 87: tetragon.ProcessKprobe.user_stack_trace:type_name -> tetragon.StackTraceEntry + 46, // 87: tetragon.ProcessKprobe.user_stack_trace:type_name -> tetragon.StackTraceEntry 16, // 88: tetragon.ProcessTracepoint.process:type_name -> tetragon.Process 16, // 89: tetragon.ProcessTracepoint.parent:type_name -> tetragon.Process 32, // 90: tetragon.ProcessTracepoint.args:type_name -> tetragon.KprobeArgument @@ -4918,20 +5048,24 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 16, // 92: tetragon.ProcessUprobe.process:type_name -> tetragon.Process 16, // 93: tetragon.ProcessUprobe.parent:type_name -> tetragon.Process 32, // 94: tetragon.ProcessUprobe.args:type_name -> tetragon.KprobeArgument - 54, // 95: tetragon.KernelModule.signature_ok:type_name -> google.protobuf.BoolValue - 3, // 96: tetragon.KernelModule.tainted:type_name -> tetragon.TaintedBitsType - 1, // 97: tetragon.GetHealthStatusRequest.event_set:type_name -> tetragon.HealthStatusType - 1, // 98: tetragon.HealthStatus.event:type_name -> tetragon.HealthStatusType - 2, // 99: tetragon.HealthStatus.status:type_name -> tetragon.HealthStatusResult - 39, // 100: tetragon.GetHealthStatusResponse.health_status:type_name -> tetragon.HealthStatus - 16, // 101: tetragon.ProcessLoader.process:type_name -> tetragon.Process - 44, // 102: tetragon.RuntimeHookRequest.createContainer:type_name -> tetragon.CreateContainer - 47, // 103: tetragon.CreateContainer.annotations:type_name -> tetragon.CreateContainer.AnnotationsEntry - 104, // [104:104] is the sub-list for method output_type - 104, // [104:104] is the sub-list for method input_type - 104, // [104:104] is the sub-list for extension type_name - 104, // [104:104] is the sub-list for extension extendee - 0, // [0:104] is the sub-list for field type_name + 16, // 95: tetragon.ProcessLsm.process:type_name -> tetragon.Process + 16, // 96: tetragon.ProcessLsm.parent:type_name -> tetragon.Process + 32, // 97: tetragon.ProcessLsm.args:type_name -> tetragon.KprobeArgument + 0, // 98: tetragon.ProcessLsm.action:type_name -> tetragon.KprobeAction + 55, // 99: tetragon.KernelModule.signature_ok:type_name -> google.protobuf.BoolValue + 3, // 100: tetragon.KernelModule.tainted:type_name -> tetragon.TaintedBitsType + 1, // 101: tetragon.GetHealthStatusRequest.event_set:type_name -> tetragon.HealthStatusType + 1, // 102: tetragon.HealthStatus.event:type_name -> tetragon.HealthStatusType + 2, // 103: tetragon.HealthStatus.status:type_name -> tetragon.HealthStatusResult + 40, // 104: tetragon.GetHealthStatusResponse.health_status:type_name -> tetragon.HealthStatus + 16, // 105: tetragon.ProcessLoader.process:type_name -> tetragon.Process + 45, // 106: tetragon.RuntimeHookRequest.createContainer:type_name -> tetragon.CreateContainer + 48, // 107: tetragon.CreateContainer.annotations:type_name -> tetragon.CreateContainer.AnnotationsEntry + 108, // [108:108] is the sub-list for method output_type + 108, // [108:108] is the sub-list for method input_type + 108, // [108:108] is the sub-list for extension type_name + 108, // [108:108] is the sub-list for extension extendee + 0, // [0:108] is the sub-list for field type_name } func init() { file_tetragon_tetragon_proto_init() } @@ -5326,7 +5460,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[32].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*KernelModule); i { + switch v := v.(*ProcessLsm); i { case 0: return &v.state case 1: @@ -5338,7 +5472,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[33].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Test); i { + switch v := v.(*KernelModule); i { case 0: return &v.state case 1: @@ -5350,7 +5484,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[34].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetHealthStatusRequest); i { + switch v := v.(*Test); i { case 0: return &v.state case 1: @@ -5362,7 +5496,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[35].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*HealthStatus); i { + switch v := v.(*GetHealthStatusRequest); i { case 0: return &v.state case 1: @@ -5374,7 +5508,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[36].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetHealthStatusResponse); i { + switch v := v.(*HealthStatus); i { case 0: return &v.state case 1: @@ -5386,7 +5520,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[37].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ProcessLoader); i { + switch v := v.(*GetHealthStatusResponse); i { case 0: return &v.state case 1: @@ -5398,7 +5532,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[38].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RuntimeHookRequest); i { + switch v := v.(*ProcessLoader); i { case 0: return &v.state case 1: @@ -5410,7 +5544,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[39].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RuntimeHookResponse); i { + switch v := v.(*RuntimeHookRequest); i { case 0: return &v.state case 1: @@ -5422,7 +5556,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[40].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CreateContainer); i { + switch v := v.(*RuntimeHookResponse); i { case 0: return &v.state case 1: @@ -5434,6 +5568,18 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[41].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateContainer); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_tetragon_tetragon_proto_msgTypes[42].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*StackTraceEntry); i { case 0: return &v.state @@ -5474,7 +5620,7 @@ func file_tetragon_tetragon_proto_init() { (*KprobeArgument_LinuxBinprmArg)(nil), (*KprobeArgument_NetDevArg)(nil), } - file_tetragon_tetragon_proto_msgTypes[38].OneofWrappers = []interface{}{ + file_tetragon_tetragon_proto_msgTypes[39].OneofWrappers = []interface{}{ (*RuntimeHookRequest_CreateContainer)(nil), } type x struct{} @@ -5483,7 +5629,7 @@ func file_tetragon_tetragon_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_tetragon_tetragon_proto_rawDesc, NumEnums: 4, - NumMessages: 44, + NumMessages: 45, NumExtensions: 0, NumServices: 0, }, diff --git a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.json.go b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.json.go index caedb88f5ec..fece138cc0d 100644 --- a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.json.go +++ b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.json.go @@ -519,6 +519,22 @@ func (msg *ProcessUprobe) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *ProcessLsm) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: false, + UseProtoNames: true, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *ProcessLsm) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *KernelModule) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ diff --git a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.proto b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.proto index 801f46c0b3f..34a6df09557 100644 --- a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.proto +++ b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.proto @@ -532,6 +532,23 @@ message ProcessUprobe { repeated string tags = 8; } +message ProcessLsm { + Process process = 1; + Process parent = 2; + // LSM hook name. + string function_name = 3; + // Name of the policy that created that LSM hook. + string policy_name = 5; + // Short message of the Tracing Policy to inform users what is going on. + string message = 6; + // Arguments definition of the observed LSM hook. + repeated KprobeArgument args = 7; + // Action performed when the LSM hook matched. + KprobeAction action = 8; + // Tags of the Tracing Policy to categorize the event. + repeated string tags = 9; +} + message KernelModule { // Kernel module name string name = 1; diff --git a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/types.pb.go b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/types.pb.go index f418b3eaca8..81f84cc6a27 100644 --- a/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/types.pb.go +++ b/contrib/rthooks/tetragon-oci-hook/vendor/github.com/cilium/tetragon/api/v1/tetragon/types.pb.go @@ -129,6 +129,26 @@ func (event *ProcessUprobe) SetParent(p *Process) { event.Parent = p } +// Encapsulate implements the Event interface. +// Returns the event wrapped by its GetEventsResponse_* type. +func (event *ProcessLsm) Encapsulate() IsGetEventsResponse_Event { + return &GetEventsResponse_ProcessLsm{ + ProcessLsm: event, + } +} + +// SetProcess implements the ProcessEvent interface. +// Sets the Process field of an event. +func (event *ProcessLsm) SetProcess(p *Process) { + event.Process = p +} + +// SetParent implements the ParentEvent interface. +// Sets the Parent field of an event. +func (event *ProcessLsm) SetParent(p *Process) { + event.Parent = p +} + // Encapsulate implements the Event interface. // Returns the event wrapped by its GetEventsResponse_* type. func (event *Test) Encapsulate() IsGetEventsResponse_Event { @@ -184,6 +204,8 @@ func UnwrapGetEventsResponse(response *GetEventsResponse) interface{} { return ev.ProcessTracepoint case *GetEventsResponse_ProcessUprobe: return ev.ProcessUprobe + case *GetEventsResponse_ProcessLsm: + return ev.ProcessLsm case *GetEventsResponse_Test: return ev.Test case *GetEventsResponse_ProcessLoader: diff --git a/contrib/verify/verify.sh b/contrib/verify/verify.sh index 3f17a3e6fed..83df093958c 100755 --- a/contrib/verify/verify.sh +++ b/contrib/verify/verify.sh @@ -78,6 +78,11 @@ for obj in "$TETRAGONDIR"/*.o; do continue fi + # Skip if LSM BPF is not enabled + if [[ "$B" == bpf_generic_lsm* && $(cat /boot/config-$(uname -r) | grep CONFIG_BPF_LSM) != "CONFIG_BPF_LSM=y" ]]; then + continue + fi + echo -e -n "Verifying $BLUEUNDER$obj$NOCOLOR... " OUT="/tmp/tetragon-verify-$B" diff --git a/docs/content/en/docs/reference/grpc-api.md b/docs/content/en/docs/reference/grpc-api.md index 91c15dda93d..ccec113bbfa 100644 --- a/docs/content/en/docs/reference/grpc-api.md +++ b/docs/content/en/docs/reference/grpc-api.md @@ -549,6 +549,21 @@ loader sensor event triggered for loaded binary/library | path | [string](#string) | | | | buildid | [bytes](#bytes) | | | + + +### ProcessLsm + +| Field | Type | Label | Description | +| ----- | ---- | ----- | ----------- | +| process | [Process](#tetragon-Process) | | | +| parent | [Process](#tetragon-Process) | | | +| function_name | [string](#string) | | LSM hook name. | +| policy_name | [string](#string) | | Name of the policy that created that LSM hook. | +| message | [string](#string) | | Short message of the Tracing Policy to inform users what is going on. | +| args | [KprobeArgument](#tetragon-KprobeArgument) | repeated | Arguments definition of the observed LSM hook. | +| action | [KprobeAction](#tetragon-KprobeAction) | | Action performed when the LSM hook matched. | +| tags | [string](#string) | repeated | Tags of the Tracing Policy to categorize the event. | + ### ProcessTracepoint @@ -794,6 +809,7 @@ Capability set to filter over. NOTE: you may specify only ONE set here. | process_tracepoint | [ProcessTracepoint](#tetragon-ProcessTracepoint) | | ProcessTracepoint contains information about the pre-defined tracepoint and the process that invoked them. | | process_loader | [ProcessLoader](#tetragon-ProcessLoader) | | | | process_uprobe | [ProcessUprobe](#tetragon-ProcessUprobe) | | | +| process_lsm | [ProcessLsm](#tetragon-ProcessLsm) | | | | process_throttle | [ProcessThrottle](#tetragon-ProcessThrottle) | | | | test | [Test](#tetragon-Test) | | | | rate_limit_info | [RateLimitInfo](#tetragon-RateLimitInfo) | | | @@ -845,6 +861,7 @@ GetEventsResponse event oneof. | PROCESS_TRACEPOINT | 10 | | | PROCESS_LOADER | 11 | | | PROCESS_UPROBE | 12 | | +| PROCESS_LSM | 13 | | | PROCESS_THROTTLE | 27 | | | TEST | 40000 | | | RATE_LIMIT_INFO | 40001 | | diff --git a/docs/content/en/docs/reference/helm-chart.md b/docs/content/en/docs/reference/helm-chart.md index 4485b1d7316..f684058dfaa 100644 --- a/docs/content/en/docs/reference/helm-chart.md +++ b/docs/content/en/docs/reference/helm-chart.md @@ -62,7 +62,7 @@ To use [the values available](#values), with `helm install` or `helm upgrade`, u | tetragon.enableProcessCred | bool | `false` | | | tetragon.enableProcessNs | bool | `false` | | | tetragon.enabled | bool | `true` | | -| tetragon.exportAllowList | string | `"{\"event_set\":[\"PROCESS_EXEC\", \"PROCESS_EXIT\", \"PROCESS_KPROBE\", \"PROCESS_UPROBE\", \"PROCESS_TRACEPOINT\"]}"` | | +| tetragon.exportAllowList | string | `"{\"event_set\":[\"PROCESS_EXEC\", \"PROCESS_EXIT\", \"PROCESS_KPROBE\", \"PROCESS_UPROBE\", \"PROCESS_TRACEPOINT\", \"PROCESS_LSM\"]}"` | | | tetragon.exportDenyList | string | `"{\"health_check\":true}\n{\"namespace\":[\"\", \"cilium\", \"kube-system\"]}"` | | | tetragon.exportFileCompress | bool | `false` | | | tetragon.exportFileMaxBackups | int | `5` | | diff --git a/docs/content/en/docs/reference/metrics.md b/docs/content/en/docs/reference/metrics.md index ff0ee4cc92c..c61e608ca3d 100644 --- a/docs/content/en/docs/reference/metrics.md +++ b/docs/content/en/docs/reference/metrics.md @@ -59,7 +59,7 @@ The total of errors encountered while fetching process exec information from the | label | values | | ----- | ------ | | `error` | `nil_process_pid` | -| `event_type` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | +| `event_type` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_LSM, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | ### `tetragon_event_cache_parent_info_errors_total` @@ -67,7 +67,7 @@ The total of times we failed to fetch cached parent info for a given event type. | label | values | | ----- | ------ | -| `event_type` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | +| `event_type` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_LSM, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | ### `tetragon_event_cache_pod_info_errors_total` @@ -75,7 +75,7 @@ The total of times we failed to fetch cached pod info for a given event type. | label | values | | ----- | ------ | -| `event_type` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | +| `event_type` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_LSM, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | ### `tetragon_event_cache_process_info_errors_total` @@ -83,7 +83,7 @@ The total of times we failed to fetch cached process info for a given event type | label | values | | ----- | ------ | -| `event_type` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | +| `event_type` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_LSM, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | ### `tetragon_event_cache_retries_total` @@ -425,7 +425,7 @@ The total number of Tetragon events | `binary` | `example-binary` | | `namespace` | `example-namespace` | | `pod ` | `example-pod` | -| `type ` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | +| `type ` | `PROCESS_EXEC, PROCESS_EXIT, PROCESS_KPROBE, PROCESS_LOADER, PROCESS_LSM, PROCESS_THROTTLE, PROCESS_TRACEPOINT, PROCESS_UPROBE, RATE_LIMIT_INFO` | | `workload` | `example-workload` | ### `tetragon_policy_events_total` diff --git a/install/kubernetes/tetragon/README.md b/install/kubernetes/tetragon/README.md index 47ecd29e112..9f04562e11d 100644 --- a/install/kubernetes/tetragon/README.md +++ b/install/kubernetes/tetragon/README.md @@ -44,7 +44,7 @@ Helm chart for Tetragon | tetragon.enableProcessCred | bool | `false` | | | tetragon.enableProcessNs | bool | `false` | | | tetragon.enabled | bool | `true` | | -| tetragon.exportAllowList | string | `"{\"event_set\":[\"PROCESS_EXEC\", \"PROCESS_EXIT\", \"PROCESS_KPROBE\", \"PROCESS_UPROBE\", \"PROCESS_TRACEPOINT\"]}"` | | +| tetragon.exportAllowList | string | `"{\"event_set\":[\"PROCESS_EXEC\", \"PROCESS_EXIT\", \"PROCESS_KPROBE\", \"PROCESS_UPROBE\", \"PROCESS_TRACEPOINT\", \"PROCESS_LSM\"]}"` | | | tetragon.exportDenyList | string | `"{\"health_check\":true}\n{\"namespace\":[\"\", \"cilium\", \"kube-system\"]}"` | | | tetragon.exportFileCompress | bool | `false` | | | tetragon.exportFileMaxBackups | int | `5` | | diff --git a/install/kubernetes/tetragon/crds-yaml/cilium.io_tracingpolicies.yaml b/install/kubernetes/tetragon/crds-yaml/cilium.io_tracingpolicies.yaml index f8699a4f451..d3b14464c16 100644 --- a/install/kubernetes/tetragon/crds-yaml/cilium.io_tracingpolicies.yaml +++ b/install/kubernetes/tetragon/crds-yaml/cilium.io_tracingpolicies.yaml @@ -801,6 +801,574 @@ spec: loader: description: Enable loader events type: boolean + lsmhooks: + description: A list of uprobe specs. + items: + properties: + args: + description: A list of function arguments to include in the + trace output. + items: + properties: + index: + description: Position of the argument. + format: int32 + minimum: 0 + type: integer + label: + description: Label to output in the JSON + type: string + maxData: + default: false + description: Read maximum possible data (currently 327360). + This field is only used for char_buff data. When this + value is false (default), the bpf program will fetch + at most 4096 bytes. In later kernels (>=5.4) tetragon + supports fetching up to 327360 bytes if this flag is + turned on + type: boolean + returnCopy: + default: false + description: This field is used only for char_buf and + char_iovec types. It indicates that this argument should + be read later (when the kretprobe for the symbol is + triggered) because it might not be populated when the + kprobe is triggered at the entrance of the function. + For example, a buffer supplied to read(2) won't have + content until kretprobe is triggered. + type: boolean + sizeArgIndex: + description: Specifies the position of the corresponding + size argument for this argument. This field is used + only for char_buf and char_iovec types. + format: int32 + minimum: 0 + type: integer + type: + default: auto + description: Argument type. + enum: + - auto + - int + - int8 + - uint8 + - int16 + - uint16 + - uint32 + - int32 + - uint64 + - int64 + - char_buf + - char_iovec + - size_t + - skb + - sock + - string + - fd + - file + - filename + - path + - nop + - bpf_attr + - perf_event + - bpf_map + - user_namespace + - capability + - kiocb + - iov_iter + - cred + - load_info + - module + - syscall64 + - kernel_cap_t + - cap_inheritable + - cap_permitted + - cap_effective + - linux_binprm + - data_loc + - net_device + type: string + required: + - index + - type + type: object + type: array + hook: + description: Name of the function to apply the kprobe spec to. + type: string + message: + description: A short message of 256 characters max that will + be included in the event output to inform users what is going + on. + type: string + selectors: + description: Selectors to apply before producing trace output. + Selectors are ORed. + items: + description: KProbeSelector selects function calls for kprobe + based on PIDs and function arguments. The results of MatchPIDs + and MatchArgs are ANDed. + properties: + matchActions: + description: A list of actions to execute when this selector + matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + matchBinaries: + description: A list of binary exec name filters. + items: + properties: + operator: + description: Filter operation. + enum: + - In + - NotIn + - Prefix + - NotPrefix + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilities: + description: A list of capabilities and IDs + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilityChanges: + description: IDs for capabilities changes + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaceChanges: + description: IDs for namespace changes + items: + properties: + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace types (e.g., Mnt, Pid) to + match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaces: + description: A list of namespaces and IDs + items: + properties: + namespace: + description: Namespace selector name. + enum: + - Uts + - Ipc + - Mnt + - Pid + - PidForChildren + - Net + - Time + - TimeForChildren + - Cgroup + - User + type: string + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace IDs (or host_ns for host + namespace) of namespaces to match. + items: + type: string + type: array + required: + - namespace + - operator + - values + type: object + type: array + matchPIDs: + description: A list of process ID filters. MatchPIDs are + ANDed. + items: + properties: + followForks: + default: false + description: Matches any descendant processes of + the matching PIDs. + type: boolean + isNamespacePID: + default: false + description: Indicates whether PIDs are namespace + PIDs. + type: boolean + operator: + description: PID selector operator. + enum: + - In + - NotIn + type: string + values: + description: Process IDs to match. + items: + format: int32 + type: integer + type: array + required: + - operator + - values + type: object + type: array + matchReturnActions: + description: A list of actions to execute when MatchReturnArgs + selector matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchReturnArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + type: object + type: array + tags: + description: Tags to categorize the event, will be include in + the event output. Maximum of 16 Tags are supported. + items: + type: string + maxItems: 16 + type: array + required: + - hook + type: object + type: array options: description: A list of overloaded options items: diff --git a/install/kubernetes/tetragon/crds-yaml/cilium.io_tracingpoliciesnamespaced.yaml b/install/kubernetes/tetragon/crds-yaml/cilium.io_tracingpoliciesnamespaced.yaml index 19b141f0b64..595c2db0235 100644 --- a/install/kubernetes/tetragon/crds-yaml/cilium.io_tracingpoliciesnamespaced.yaml +++ b/install/kubernetes/tetragon/crds-yaml/cilium.io_tracingpoliciesnamespaced.yaml @@ -801,6 +801,574 @@ spec: loader: description: Enable loader events type: boolean + lsmhooks: + description: A list of uprobe specs. + items: + properties: + args: + description: A list of function arguments to include in the + trace output. + items: + properties: + index: + description: Position of the argument. + format: int32 + minimum: 0 + type: integer + label: + description: Label to output in the JSON + type: string + maxData: + default: false + description: Read maximum possible data (currently 327360). + This field is only used for char_buff data. When this + value is false (default), the bpf program will fetch + at most 4096 bytes. In later kernels (>=5.4) tetragon + supports fetching up to 327360 bytes if this flag is + turned on + type: boolean + returnCopy: + default: false + description: This field is used only for char_buf and + char_iovec types. It indicates that this argument should + be read later (when the kretprobe for the symbol is + triggered) because it might not be populated when the + kprobe is triggered at the entrance of the function. + For example, a buffer supplied to read(2) won't have + content until kretprobe is triggered. + type: boolean + sizeArgIndex: + description: Specifies the position of the corresponding + size argument for this argument. This field is used + only for char_buf and char_iovec types. + format: int32 + minimum: 0 + type: integer + type: + default: auto + description: Argument type. + enum: + - auto + - int + - int8 + - uint8 + - int16 + - uint16 + - uint32 + - int32 + - uint64 + - int64 + - char_buf + - char_iovec + - size_t + - skb + - sock + - string + - fd + - file + - filename + - path + - nop + - bpf_attr + - perf_event + - bpf_map + - user_namespace + - capability + - kiocb + - iov_iter + - cred + - load_info + - module + - syscall64 + - kernel_cap_t + - cap_inheritable + - cap_permitted + - cap_effective + - linux_binprm + - data_loc + - net_device + type: string + required: + - index + - type + type: object + type: array + hook: + description: Name of the function to apply the kprobe spec to. + type: string + message: + description: A short message of 256 characters max that will + be included in the event output to inform users what is going + on. + type: string + selectors: + description: Selectors to apply before producing trace output. + Selectors are ORed. + items: + description: KProbeSelector selects function calls for kprobe + based on PIDs and function arguments. The results of MatchPIDs + and MatchArgs are ANDed. + properties: + matchActions: + description: A list of actions to execute when this selector + matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + matchBinaries: + description: A list of binary exec name filters. + items: + properties: + operator: + description: Filter operation. + enum: + - In + - NotIn + - Prefix + - NotPrefix + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilities: + description: A list of capabilities and IDs + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilityChanges: + description: IDs for capabilities changes + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaceChanges: + description: IDs for namespace changes + items: + properties: + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace types (e.g., Mnt, Pid) to + match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaces: + description: A list of namespaces and IDs + items: + properties: + namespace: + description: Namespace selector name. + enum: + - Uts + - Ipc + - Mnt + - Pid + - PidForChildren + - Net + - Time + - TimeForChildren + - Cgroup + - User + type: string + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace IDs (or host_ns for host + namespace) of namespaces to match. + items: + type: string + type: array + required: + - namespace + - operator + - values + type: object + type: array + matchPIDs: + description: A list of process ID filters. MatchPIDs are + ANDed. + items: + properties: + followForks: + default: false + description: Matches any descendant processes of + the matching PIDs. + type: boolean + isNamespacePID: + default: false + description: Indicates whether PIDs are namespace + PIDs. + type: boolean + operator: + description: PID selector operator. + enum: + - In + - NotIn + type: string + values: + description: Process IDs to match. + items: + format: int32 + type: integer + type: array + required: + - operator + - values + type: object + type: array + matchReturnActions: + description: A list of actions to execute when MatchReturnArgs + selector matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchReturnArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + type: object + type: array + tags: + description: Tags to categorize the event, will be include in + the event output. Maximum of 16 Tags are supported. + items: + type: string + maxItems: 16 + type: array + required: + - hook + type: object + type: array options: description: A list of overloaded options items: diff --git a/install/kubernetes/tetragon/values.yaml b/install/kubernetes/tetragon/values.yaml index 23348909d88..053da80b180 100644 --- a/install/kubernetes/tetragon/values.yaml +++ b/install/kubernetes/tetragon/values.yaml @@ -89,7 +89,7 @@ tetragon: # exportAllowList: | # {"namespace":["default"],"event_set":["PROCESS_EXEC"]} exportAllowList: |- - {"event_set":["PROCESS_EXEC", "PROCESS_EXIT", "PROCESS_KPROBE", "PROCESS_UPROBE", "PROCESS_TRACEPOINT"]} + {"event_set":["PROCESS_EXEC", "PROCESS_EXIT", "PROCESS_KPROBE", "PROCESS_UPROBE", "PROCESS_TRACEPOINT", "PROCESS_LSM"]} # Denylist for JSON export. For example, to exclude exec events that look similar to # Kubernetes health checks and all the events from kube-system namespace and the host: # diff --git a/pkg/api/ops/ops.go b/pkg/api/ops/ops.go index d62111ed9a0..783660f0e0a 100644 --- a/pkg/api/ops/ops.go +++ b/pkg/api/ops/ops.go @@ -23,6 +23,7 @@ const ( MSG_OP_GENERIC_KPROBE = 13 MSG_OP_GENERIC_TRACEPOINT = 14 MSG_OP_GENERIC_UPROBE = 15 + MSG_OP_GENERIC_LSM = 16 // MSG_OP_CLONE notifies user-space that a clone() event has occurred. MSG_OP_CLONE = 23 diff --git a/pkg/bpf/detect.go b/pkg/bpf/detect.go index bbed59a3074..95472fe75e4 100644 --- a/pkg/bpf/detect.go +++ b/pkg/bpf/detect.go @@ -218,8 +218,12 @@ func HasProgramLargeSize() bool { return features.HaveLargeInstructions() == nil } +func HasLSMPrograms() bool { + return features.HaveProgramType(ebpf.LSM) == nil +} + func LogFeatures() string { - return fmt.Sprintf("override_return: %t, buildid: %t, kprobe_multi: %t, uprobe_multi %t, fmodret: %t, fmodret_syscall: %t, signal: %t, large: %t", + return fmt.Sprintf("override_return: %t, buildid: %t, kprobe_multi: %t, uprobe_multi %t, fmodret: %t, fmodret_syscall: %t, signal: %t, large: %t, lsm: %t", HasOverrideHelper(), HasBuildId(), HasKprobeMulti(), HasUprobeMulti(), - HasModifyReturn(), HasModifyReturnSyscall(), HasSignalHelper(), HasProgramLargeSize()) + HasModifyReturn(), HasModifyReturnSyscall(), HasSignalHelper(), HasProgramLargeSize(), HasLSMPrograms()) } diff --git a/pkg/grpc/tracing/tracing.go b/pkg/grpc/tracing/tracing.go index 1b35fdba258..82681888853 100644 --- a/pkg/grpc/tracing/tracing.go +++ b/pkg/grpc/tracing/tracing.go @@ -815,6 +815,119 @@ func (msg *MsgGenericUprobeUnix) Cast(o interface{}) notify.Message { return &t } +type MsgGenericLsmUnix struct { + Msg *tracingapi.MsgGenericKprobe + Hook string + Args []tracingapi.MsgGenericKprobeArg + PolicyName string + Message string + KernelStackTrace [unix.PERF_MAX_STACK_DEPTH]uint64 + UserStackTrace [unix.PERF_MAX_STACK_DEPTH]uint64 + Tags []string +} + +func (msg *MsgGenericLsmUnix) Notify() bool { + return true +} + +func (msg *MsgGenericLsmUnix) RetryInternal(ev notify.Event, timestamp uint64) (*process.ProcessInternal, error) { + return eventcache.HandleGenericInternal(ev, msg.Msg.ProcessKey.Pid, &msg.Msg.Tid, timestamp) +} + +func (msg *MsgGenericLsmUnix) Retry(internal *process.ProcessInternal, ev notify.Event) error { + return eventcache.HandleGenericEvent(internal, ev, &msg.Msg.Tid) +} + +func (msg *MsgGenericLsmUnix) HandleMessage() *tetragon.GetEventsResponse { + k := GetProcessLsm(msg) + if k == nil { + return nil + } + return &tetragon.GetEventsResponse{ + Event: &tetragon.GetEventsResponse_ProcessLsm{ProcessLsm: k}, + NodeName: nodeName, + Time: ktime.ToProto(msg.Msg.Common.Ktime), + } +} + +func (msg *MsgGenericLsmUnix) Cast(o interface{}) notify.Message { + t := o.(MsgGenericLsmUnix) + return &t +} + +func (msg *MsgGenericLsmUnix) PolicyInfo() tracingpolicy.PolicyInfo { + return tracingpolicy.PolicyInfo{ + Name: msg.PolicyName, + Hook: fmt.Sprintf("lsm:%s", msg.Hook), + } +} + +func GetProcessLsm(event *MsgGenericLsmUnix) *tetragon.ProcessLsm { + var tetragonParent, tetragonProcess *tetragon.Process + var tetragonArgs []*tetragon.KprobeArgument + + proc, parent := process.GetParentProcessInternal(event.Msg.ProcessKey.Pid, event.Msg.ProcessKey.Ktime) + if proc == nil { + tetragonProcess = &tetragon.Process{ + Pid: &wrapperspb.UInt32Value{Value: event.Msg.ProcessKey.Pid}, + StartTime: ktime.ToProto(event.Msg.ProcessKey.Ktime), + } + } else { + tetragonProcess = proc.UnsafeGetProcess() + if err := proc.AnnotateProcess(option.Config.EnableProcessCred, option.Config.EnableProcessNs); err != nil { + logger.GetLogger().WithError(err).WithField("processId", tetragonProcess.Pid).Debugf("Failed to annotate process with capabilities and namespaces info") + } + } + if parent != nil { + tetragonParent = parent.UnsafeGetProcess() + } + + for _, arg := range event.Args { + a := getKprobeArgument(arg) + tetragonArgs = append(tetragonArgs, a) + } + + tetragonEvent := &tetragon.ProcessLsm{ + Process: tetragonProcess, + Parent: tetragonParent, + FunctionName: event.Hook, + Args: tetragonArgs, + Action: kprobeAction(event.Msg.ActionId), + PolicyName: event.PolicyName, + Message: event.Message, + Tags: event.Tags, + } + + if tetragonProcess.Pid == nil { + eventcachemetrics.EventCacheError(eventcachemetrics.NilProcessPid, notify.EventType(tetragonEvent)).Inc() + return nil + } + + if ec := eventcache.Get(); ec != nil && + (ec.Needed(tetragonProcess) || + (tetragonProcess.Pid.Value > 1 && ec.Needed(tetragonParent))) { + ec.Add(nil, tetragonEvent, event.Msg.Common.Ktime, event.Msg.ProcessKey.Ktime, event) + return nil + } + + if proc != nil { + // At kprobes we report the per thread fields, so take a copy + // of the thread leader from the cache then update the corresponding + // per thread fields. + // + // The cost to get this is relatively high because it requires a + // deep copy of all the fields of the thread leader from the cache in + // order to safely modify them, to not corrupt gRPC streams. + tetragonEvent.Process = proc.GetProcessCopy() + process.UpdateEventProcessTid(tetragonEvent.Process, &event.Msg.Tid) + } + if parent != nil { + tetragonEvent.Parent = tetragonParent + } + + return tetragonEvent +} + type MsgProcessThrottleUnix struct { Type tetragon.ThrottleType Cgroup string diff --git a/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpolicies.yaml b/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpolicies.yaml index f8699a4f451..d3b14464c16 100644 --- a/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpolicies.yaml +++ b/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpolicies.yaml @@ -801,6 +801,574 @@ spec: loader: description: Enable loader events type: boolean + lsmhooks: + description: A list of uprobe specs. + items: + properties: + args: + description: A list of function arguments to include in the + trace output. + items: + properties: + index: + description: Position of the argument. + format: int32 + minimum: 0 + type: integer + label: + description: Label to output in the JSON + type: string + maxData: + default: false + description: Read maximum possible data (currently 327360). + This field is only used for char_buff data. When this + value is false (default), the bpf program will fetch + at most 4096 bytes. In later kernels (>=5.4) tetragon + supports fetching up to 327360 bytes if this flag is + turned on + type: boolean + returnCopy: + default: false + description: This field is used only for char_buf and + char_iovec types. It indicates that this argument should + be read later (when the kretprobe for the symbol is + triggered) because it might not be populated when the + kprobe is triggered at the entrance of the function. + For example, a buffer supplied to read(2) won't have + content until kretprobe is triggered. + type: boolean + sizeArgIndex: + description: Specifies the position of the corresponding + size argument for this argument. This field is used + only for char_buf and char_iovec types. + format: int32 + minimum: 0 + type: integer + type: + default: auto + description: Argument type. + enum: + - auto + - int + - int8 + - uint8 + - int16 + - uint16 + - uint32 + - int32 + - uint64 + - int64 + - char_buf + - char_iovec + - size_t + - skb + - sock + - string + - fd + - file + - filename + - path + - nop + - bpf_attr + - perf_event + - bpf_map + - user_namespace + - capability + - kiocb + - iov_iter + - cred + - load_info + - module + - syscall64 + - kernel_cap_t + - cap_inheritable + - cap_permitted + - cap_effective + - linux_binprm + - data_loc + - net_device + type: string + required: + - index + - type + type: object + type: array + hook: + description: Name of the function to apply the kprobe spec to. + type: string + message: + description: A short message of 256 characters max that will + be included in the event output to inform users what is going + on. + type: string + selectors: + description: Selectors to apply before producing trace output. + Selectors are ORed. + items: + description: KProbeSelector selects function calls for kprobe + based on PIDs and function arguments. The results of MatchPIDs + and MatchArgs are ANDed. + properties: + matchActions: + description: A list of actions to execute when this selector + matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + matchBinaries: + description: A list of binary exec name filters. + items: + properties: + operator: + description: Filter operation. + enum: + - In + - NotIn + - Prefix + - NotPrefix + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilities: + description: A list of capabilities and IDs + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilityChanges: + description: IDs for capabilities changes + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaceChanges: + description: IDs for namespace changes + items: + properties: + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace types (e.g., Mnt, Pid) to + match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaces: + description: A list of namespaces and IDs + items: + properties: + namespace: + description: Namespace selector name. + enum: + - Uts + - Ipc + - Mnt + - Pid + - PidForChildren + - Net + - Time + - TimeForChildren + - Cgroup + - User + type: string + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace IDs (or host_ns for host + namespace) of namespaces to match. + items: + type: string + type: array + required: + - namespace + - operator + - values + type: object + type: array + matchPIDs: + description: A list of process ID filters. MatchPIDs are + ANDed. + items: + properties: + followForks: + default: false + description: Matches any descendant processes of + the matching PIDs. + type: boolean + isNamespacePID: + default: false + description: Indicates whether PIDs are namespace + PIDs. + type: boolean + operator: + description: PID selector operator. + enum: + - In + - NotIn + type: string + values: + description: Process IDs to match. + items: + format: int32 + type: integer + type: array + required: + - operator + - values + type: object + type: array + matchReturnActions: + description: A list of actions to execute when MatchReturnArgs + selector matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchReturnArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + type: object + type: array + tags: + description: Tags to categorize the event, will be include in + the event output. Maximum of 16 Tags are supported. + items: + type: string + maxItems: 16 + type: array + required: + - hook + type: object + type: array options: description: A list of overloaded options items: diff --git a/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpoliciesnamespaced.yaml b/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpoliciesnamespaced.yaml index 19b141f0b64..595c2db0235 100644 --- a/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpoliciesnamespaced.yaml +++ b/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpoliciesnamespaced.yaml @@ -801,6 +801,574 @@ spec: loader: description: Enable loader events type: boolean + lsmhooks: + description: A list of uprobe specs. + items: + properties: + args: + description: A list of function arguments to include in the + trace output. + items: + properties: + index: + description: Position of the argument. + format: int32 + minimum: 0 + type: integer + label: + description: Label to output in the JSON + type: string + maxData: + default: false + description: Read maximum possible data (currently 327360). + This field is only used for char_buff data. When this + value is false (default), the bpf program will fetch + at most 4096 bytes. In later kernels (>=5.4) tetragon + supports fetching up to 327360 bytes if this flag is + turned on + type: boolean + returnCopy: + default: false + description: This field is used only for char_buf and + char_iovec types. It indicates that this argument should + be read later (when the kretprobe for the symbol is + triggered) because it might not be populated when the + kprobe is triggered at the entrance of the function. + For example, a buffer supplied to read(2) won't have + content until kretprobe is triggered. + type: boolean + sizeArgIndex: + description: Specifies the position of the corresponding + size argument for this argument. This field is used + only for char_buf and char_iovec types. + format: int32 + minimum: 0 + type: integer + type: + default: auto + description: Argument type. + enum: + - auto + - int + - int8 + - uint8 + - int16 + - uint16 + - uint32 + - int32 + - uint64 + - int64 + - char_buf + - char_iovec + - size_t + - skb + - sock + - string + - fd + - file + - filename + - path + - nop + - bpf_attr + - perf_event + - bpf_map + - user_namespace + - capability + - kiocb + - iov_iter + - cred + - load_info + - module + - syscall64 + - kernel_cap_t + - cap_inheritable + - cap_permitted + - cap_effective + - linux_binprm + - data_loc + - net_device + type: string + required: + - index + - type + type: object + type: array + hook: + description: Name of the function to apply the kprobe spec to. + type: string + message: + description: A short message of 256 characters max that will + be included in the event output to inform users what is going + on. + type: string + selectors: + description: Selectors to apply before producing trace output. + Selectors are ORed. + items: + description: KProbeSelector selects function calls for kprobe + based on PIDs and function arguments. The results of MatchPIDs + and MatchArgs are ANDed. + properties: + matchActions: + description: A list of actions to execute when this selector + matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + matchBinaries: + description: A list of binary exec name filters. + items: + properties: + operator: + description: Filter operation. + enum: + - In + - NotIn + - Prefix + - NotPrefix + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilities: + description: A list of capabilities and IDs + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilityChanges: + description: IDs for capabilities changes + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaceChanges: + description: IDs for namespace changes + items: + properties: + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace types (e.g., Mnt, Pid) to + match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaces: + description: A list of namespaces and IDs + items: + properties: + namespace: + description: Namespace selector name. + enum: + - Uts + - Ipc + - Mnt + - Pid + - PidForChildren + - Net + - Time + - TimeForChildren + - Cgroup + - User + type: string + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace IDs (or host_ns for host + namespace) of namespaces to match. + items: + type: string + type: array + required: + - namespace + - operator + - values + type: object + type: array + matchPIDs: + description: A list of process ID filters. MatchPIDs are + ANDed. + items: + properties: + followForks: + default: false + description: Matches any descendant processes of + the matching PIDs. + type: boolean + isNamespacePID: + default: false + description: Indicates whether PIDs are namespace + PIDs. + type: boolean + operator: + description: PID selector operator. + enum: + - In + - NotIn + type: string + values: + description: Process IDs to match. + items: + format: int32 + type: integer + type: array + required: + - operator + - values + type: object + type: array + matchReturnActions: + description: A list of actions to execute when MatchReturnArgs + selector matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchReturnArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + type: object + type: array + tags: + description: Tags to categorize the event, will be include in + the event output. Maximum of 16 Tags are supported. + items: + type: string + maxItems: 16 + type: array + required: + - hook + type: object + type: array options: description: A list of overloaded options items: diff --git a/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go b/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go index e1db656a847..36b6d9f9197 100644 --- a/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go +++ b/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go @@ -85,6 +85,9 @@ type TracingPolicySpec struct { // +kubebuilder:validation:Optional // A list of uprobe specs. UProbes []UProbeSpec `json:"uprobes,omitempty"` + // +kubebuilder:validation:Optional + // A list of uprobe specs. + LsmHooks []LsmHookSpec `json:"lsmhooks,omitempty"` // +kubebuilder:validation:Optional // PodSelector selects pods that this policy applies to diff --git a/pkg/k8s/apis/cilium.io/v1alpha1/types.go b/pkg/k8s/apis/cilium.io/v1alpha1/types.go index e491c37df3e..9d9c7744281 100644 --- a/pkg/k8s/apis/cilium.io/v1alpha1/types.go +++ b/pkg/k8s/apis/cilium.io/v1alpha1/types.go @@ -285,6 +285,26 @@ type UProbeSpec struct { Tags []string `json:"tags,omitempty"` } +type LsmHookSpec struct { + // Name of the function to apply the kprobe spec to. + Hook string `json:"hook"` + // +kubebuilder:validation:Optional + // A short message of 256 characters max that will be included + // in the event output to inform users what is going on. + Message string `json:"message"` + // +kubebuilder:validation:Optional + // A list of function arguments to include in the trace output. + Args []KProbeArg `json:"args,omitempty"` + // +kubebuilder:validation:Optional + // Selectors to apply before producing trace output. Selectors are ORed. + Selectors []KProbeSelector `json:"selectors,omitempty"` + // +kubebuilder:validation:optional + // +kubebuilder:validation:MaxItems=16 + // Tags to categorize the event, will be include in the event output. + // Maximum of 16 Tags are supported. + Tags []string `json:"tags,omitempty"` +} + type ListSpec struct { // Name of the list Name string `json:"name"` diff --git a/pkg/k8s/apis/cilium.io/v1alpha1/version.go b/pkg/k8s/apis/cilium.io/v1alpha1/version.go index 0f2a4026011..203377ec2ee 100644 --- a/pkg/k8s/apis/cilium.io/v1alpha1/version.go +++ b/pkg/k8s/apis/cilium.io/v1alpha1/version.go @@ -7,4 +7,4 @@ package v1alpha1 // Used to determine if CRD needs to be updated in cluster // // Developers: Bump patch for each change in the CRD schema. -const CustomResourceDefinitionSchemaVersion = "1.2.0" +const CustomResourceDefinitionSchemaVersion = "1.2.1" diff --git a/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go b/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go index 2dc62a7bb93..afa464eb9be 100644 --- a/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go @@ -275,6 +275,39 @@ func (in *ListSpec) DeepCopy() *ListSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LsmHookSpec) DeepCopyInto(out *LsmHookSpec) { + *out = *in + if in.Args != nil { + in, out := &in.Args, &out.Args + *out = make([]KProbeArg, len(*in)) + copy(*out, *in) + } + if in.Selectors != nil { + in, out := &in.Selectors, &out.Selectors + *out = make([]KProbeSelector, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tags != nil { + in, out := &in.Tags, &out.Tags + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LsmHookSpec. +func (in *LsmHookSpec) DeepCopy() *LsmHookSpec { + if in == nil { + return nil + } + out := new(LsmHookSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NamespaceChangesSelector) DeepCopyInto(out *NamespaceChangesSelector) { *out = *in @@ -647,6 +680,13 @@ func (in *TracingPolicySpec) DeepCopyInto(out *TracingPolicySpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.LsmHooks != nil { + in, out := &in.LsmHooks, &out.LsmHooks + *out = make([]LsmHookSpec, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.PodSelector != nil { in, out := &in.PodSelector, &out.PodSelector *out = new(v1.LabelSelector) diff --git a/pkg/sensors/program/loader.go b/pkg/sensors/program/loader.go index b709f5c711f..69d0d7eb89f 100644 --- a/pkg/sensors/program/loader.go +++ b/pkg/sensors/program/loader.go @@ -385,6 +385,8 @@ func TracingAttach() AttachFunc { func LSMAttach() AttachFunc { return func(_ *ebpf.Collection, _ *ebpf.CollectionSpec, prog *ebpf.Program, spec *ebpf.ProgramSpec) (unloader.Unloader, error) { + + logger.GetLogger().Warnf("LSM AttachTo: %s", spec.AttachTo) linkFn := func() (link.Link, error) { return link.AttachLSM(link.LSMOptions{ Program: prog, @@ -623,8 +625,17 @@ func LoadTracingProgram(bpfDir string, load *Program, verbose int) error { } func LoadLSMProgram(bpfDir string, load *Program, verbose int) error { + var tc tailCall + for mName, mPath := range load.PinMap { + if mName == "lsm_calls" { + tc = tailCall{mPath.PinName, "lsm"} + break + } + } opts := &LoadOpts{ - Attach: LSMAttach(), + Attach: LSMAttach(), + TcMap: tc.name, + TcPrefix: tc.prefix, } return loadProgram(bpfDir, load, opts, verbose) } @@ -769,6 +780,9 @@ func doLoadProgram( refMaps := make(map[string]bool) for _, prog := range spec.Programs { + if prog.AttachType == ebpf.AttachLSMMac { + prog.AttachTo = load.Attach + } if prog.SectionName == load.Label { progSpec = prog } diff --git a/pkg/sensors/sensors.go b/pkg/sensors/sensors.go index e5125207379..e406e924779 100644 --- a/pkg/sensors/sensors.go +++ b/pkg/sensors/sensors.go @@ -119,6 +119,7 @@ var ( "raw_tp": program.LoadRawTracepointProgram, "cgrp_socket": cgroup.LoadCgroupProgram, "kprobe": program.LoadKprobeProgram, + "lsm": program.LoadLSMProgram, } ) diff --git a/pkg/sensors/tracing/genericlsm.go b/pkg/sensors/tracing/genericlsm.go new file mode 100644 index 00000000000..f80f6cb0d5c --- /dev/null +++ b/pkg/sensors/tracing/genericlsm.go @@ -0,0 +1,456 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright Authors of Tetragon + +package tracing + +import ( + "bytes" + "encoding/binary" + "errors" + "fmt" + "path" + + "github.com/cilium/ebpf" + "github.com/cilium/tetragon/pkg/api/ops" + api "github.com/cilium/tetragon/pkg/api/tracingapi" + gt "github.com/cilium/tetragon/pkg/generictypes" + "github.com/cilium/tetragon/pkg/grpc/tracing" + "github.com/cilium/tetragon/pkg/idtable" + "github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1" + "github.com/cilium/tetragon/pkg/kernels" + "github.com/cilium/tetragon/pkg/logger" + "github.com/cilium/tetragon/pkg/observer" + "github.com/cilium/tetragon/pkg/option" + "github.com/cilium/tetragon/pkg/policyfilter" + "github.com/cilium/tetragon/pkg/selectors" + "github.com/cilium/tetragon/pkg/sensors" + "github.com/cilium/tetragon/pkg/sensors/program" +) + +type observerLsmSensor struct { + name string +} + +func init() { + lsm := &observerLsmSensor{ + name: "lsm sensor", + } + sensors.RegisterProbeType("generic_lsm", lsm) + observer.RegisterEventHandlerAtInit(ops.MSG_OP_GENERIC_LSM, handleGenericLsm) +} + +var ( + // genericLsmTable is a global table that maintains information for + // generic LSM hooks + genericLsmTable idtable.Table +) + +type genericLsm struct { + tableId idtable.EntryID + pinPathPrefix string + config *api.EventConfig + hook string + selectors *selectors.KernelSelectorState + // policyName is the name of the policy that this uprobe belongs to + policyName string + // message field of the Tracing Policy + message string + // argument data printers + argPrinters []argPrinter + // tags field of the Tracing Policy + tags []string +} + +func (g *genericLsm) SetID(id idtable.EntryID) { + g.tableId = id +} + +func genericLsmTableGet(id idtable.EntryID) (*genericLsm, error) { + entry, err := genericLsmTable.GetEntry(id) + if err != nil { + return nil, fmt.Errorf("getting entry from genericLsmTable failed with: %w", err) + } + val, ok := entry.(*genericLsm) + if !ok { + return nil, fmt.Errorf("getting entry from genericLsmTable failed with: got invalid type: %T (%v)", entry, entry) + } + return val, nil +} + +func (k *observerLsmSensor) LoadProbe(args sensors.LoadProbeArgs) error { + if id, ok := args.Load.LoaderData.(idtable.EntryID); ok { + gl, err := genericLsmTableGet(id) + if err != nil { + return err + } + args.Load.MapLoad = append(args.Load.MapLoad, selectorsMaploads(gl.selectors, gl.pinPathPrefix, 0)...) + var configData bytes.Buffer + binary.Write(&configData, binary.LittleEndian, gl.config) + config := &program.MapLoad{ + Index: 0, + Name: "config_map", + Load: func(m *ebpf.Map, index uint32) error { + return m.Update(index, configData.Bytes()[:], ebpf.UpdateAny) + }, + } + args.Load.MapLoad = append(args.Load.MapLoad, config) + + if err := program.LoadLSMProgram(args.BPFDir, args.Load, args.Verbose); err == nil { + logger.GetLogger().Infof("Loaded generic LSM program: %s -> %s", args.Load.Name, args.Load.Attach) + } else { + return err + } + } else { + return fmt.Errorf("invalid loadData type: expecting idtable.EntryID/[] and got: %T (%v)", + args.Load.LoaderData, args.Load.LoaderData) + } + return nil +} + +func handleGenericLsm(r *bytes.Reader) ([]observer.Event, error) { + m := api.MsgGenericKprobe{} + err := binary.Read(r, binary.LittleEndian, &m) + if err != nil { + logger.GetLogger().WithError(err).Warnf("Failed to read process call msg") + return nil, fmt.Errorf("Failed to read process call msg") + } + + gl, err := genericLsmTableGet(idtable.EntryID{ID: int(m.FuncId)}) + if err != nil { + logger.GetLogger().WithError(err).Warnf("Failed to match id:%d", m.FuncId) + return nil, fmt.Errorf("Failed to match id") + } + + unix := &tracing.MsgGenericLsmUnix{} + unix.Msg = &m + unix.Hook = gl.hook + unix.PolicyName = gl.policyName + unix.Message = gl.message + unix.Tags = gl.tags + + printers := gl.argPrinters + + // Get argument objects for specific printers/types + for _, a := range printers { + arg := getArg(r, a) + // nop or unknown type (already logged) + if arg == nil { + continue + } + unix.Args = append(unix.Args, arg) + } + + return []observer.Event{unix}, err +} + +func isValidLsmSelectors(selectors []v1alpha1.KProbeSelector) error { + for _, s := range selectors { + if len(s.MatchReturnArgs) > 0 { + return fmt.Errorf("MatchReturnArgs selector is not supported") + } + } + return nil +} + +type addLsmIn struct { + sensorPath string + policyName string + policyID policyfilter.PolicyID + selMaps *selectors.KernelSelectorMaps +} + +func addLsm(f *v1alpha1.LsmHookSpec, in *addLsmIn) (id idtable.EntryID, err error) { + var argSigPrinters []argPrinter + var argsBTFSet [api.MaxArgsSupported]bool + + errFn := func(err error) (idtable.EntryID, error) { + return idtable.UninitializedEntryID, err + } + + if err := isValidLsmSelectors(f.Selectors); err != nil { + return errFn(err) + } + + config := &api.EventConfig{} + config.PolicyID = uint32(in.policyID) + + msgField, err := getPolicyMessage(f.Message) + if errors.Is(err, ErrMsgSyntaxShort) || errors.Is(err, ErrMsgSyntaxEscape) { + return errFn(fmt.Errorf("Error: '%v'", err)) + } else if errors.Is(err, ErrMsgSyntaxLong) { + logger.GetLogger().WithField("policy-name", in.policyName).Warnf("TracingPolicy 'message' field too long, truncated to %d characters", TpMaxMessageLen) + } + + tagsField, err := getPolicyTags(f.Tags) + if err != nil { + return errFn(fmt.Errorf("Error: '%v'", err)) + } + + // Parse Arguments + for j, a := range f.Args { + argType := gt.GenericTypeFromString(a.Type) + if argType == gt.GenericInvalidType { + return errFn(fmt.Errorf("Arg(%d) type '%s' unsupported", j, a.Type)) + } + if a.MaxData { + if argType != gt.GenericCharBuffer { + logger.GetLogger().Warnf("maxData flag is ignored (supported for char_buf type)") + } + if !kernels.EnableLargeProgs() { + logger.GetLogger().Warnf("maxData flag is ignored (supported from large programs)") + } + } + argMValue, err := getMetaValue(&a) + if err != nil { + return errFn(err) + } + if a.Index > 4 { + return errFn(fmt.Errorf("Error add arg: ArgType %s Index %d out of bounds", + a.Type, int(a.Index))) + } + config.Arg[a.Index] = int32(argType) + config.ArgM[a.Index] = uint32(argMValue) + + argsBTFSet[a.Index] = true + argP := argPrinter{index: j, ty: argType, maxData: a.MaxData, label: a.Label} + argSigPrinters = append(argSigPrinters, argP) + } + + config.ArgReturn = int32(0) + config.ArgReturnCopy = int32(0) + + // Mark remaining arguments as 'nops' the kernel side will skip + // copying 'nop' args. + for j, a := range argsBTFSet { + if !a { + if j != api.ReturnArgIndex { + config.Arg[j] = gt.GenericNopType + config.ArgM[j] = 0 + } + } + } + + config.Syscall = 0 + + // create a new entry on the table, and pass its id to BPF-side + // so that we can do the matching at event-generation time + lsmEntry := genericLsm{ + config: config, + argPrinters: argSigPrinters, + hook: f.Hook, + tableId: idtable.UninitializedEntryID, + policyName: in.policyName, + message: msgField, + tags: tagsField, + } + + // Parse Filters into kernel filter logic + lsmEntry.selectors, err = selectors.InitKernelSelectorState(f.Selectors, f.Args, nil, nil, in.selMaps) + if err != nil { + return errFn(err) + } + + genericLsmTable.AddEntry(&lsmEntry) + config.FuncId = uint32(lsmEntry.tableId.ID) + + lsmEntry.pinPathPrefix = sensors.PathJoin(in.sensorPath, fmt.Sprintf("glsm-%d", lsmEntry.tableId.ID)) + + logger.GetLogger(). + WithField("hook", lsmEntry.hook). + Infof("Added lsm Hook") + + return lsmEntry.tableId, nil +} + +func createGenericLsmSensor( + spec *v1alpha1.TracingPolicySpec, + name string, + policyID policyfilter.PolicyID, + policyName string, +) (*sensors.Sensor, error) { + var progs []*program.Program + var maps []*program.Map + var ids []idtable.EntryID + var selMaps *selectors.KernelSelectorMaps + var err error + + lsmHooks := spec.LsmHooks + + in := addLsmIn{ + sensorPath: name, + policyID: policyID, + policyName: policyName, + selMaps: selMaps, + } + + for _, hook := range lsmHooks { + id, err := addLsm(&hook, &in) + if err != nil { + return nil, err + } + ids = append(ids, id) + } + + for _, id := range ids { + gl, err := genericLsmTableGet(id) + if err != nil { + return nil, err + } + progs, maps = createLsmSensorFromEntry(gl, in.sensorPath, progs, maps) + } + + if err != nil { + return nil, err + } + + return &sensors.Sensor{ + Name: name, + Progs: progs, + Maps: maps, + DestroyHook: func() error { + var errs error + for _, id := range ids { + _, err := genericLsmTable.RemoveEntry(id) + if err != nil { + errs = errors.Join(errs, err) + } + } + return errs + }, + }, nil +} + +func createLsmSensorFromEntry(lsmEntry *genericLsm, sensorPath string, + progs []*program.Program, maps []*program.Map) ([]*program.Program, []*program.Map) { + + loadProgName := "bpf_generic_lsm_v61.o" + /*if kernels.EnableV61Progs() { + loadProgName = "bpf_generic_uprobe_v61.o" + } else if kernels.EnableLargeProgs() { + loadProgName = "bpf_generic_uprobe_v53.o" + }*/ + + pinPath := lsmEntry.pinPathPrefix + pinProg := sensors.PathJoin(pinPath, fmt.Sprintf("%s_prog", lsmEntry.hook)) + + load := program.Builder( + path.Join(option.Config.HubbleLib, loadProgName), + lsmEntry.hook, + "lsm/generic_lsm", + pinProg, + "generic_lsm"). + SetLoaderData(lsmEntry.tableId) + progs = append(progs, load) + + fdinstall := program.MapBuilderPin("fdinstall_map", sensors.PathJoin(sensorPath, "fdinstall_map"), load) + maps = append(maps, fdinstall) + + configMap := program.MapBuilderPin("config_map", sensors.PathJoin(pinPath, "config_map"), load) + maps = append(maps, configMap) + + tailCalls := program.MapBuilderPin("lsm_calls", sensors.PathJoin(pinPath, "lsm_calls"), load) + maps = append(maps, tailCalls) + + filterMap := program.MapBuilderPin("filter_map", sensors.PathJoin(pinPath, "filter_map"), load) + maps = append(maps, filterMap) + + maps = append(maps, filterMapsForLsm(load, pinPath, lsmEntry)...) + + callHeap := program.MapBuilderPin("process_call_heap", sensors.PathJoin(pinPath, "process_call_heap"), load) + maps = append(maps, callHeap) + + selMatchBinariesMap := program.MapBuilderPin("tg_mb_sel_opts", sensors.PathJoin(pinPath, "tg_mb_sel_opts"), load) + maps = append(maps, selMatchBinariesMap) + + matchBinariesPaths := program.MapBuilderPin("tg_mb_paths", sensors.PathJoin(pinPath, "tg_mb_paths"), load) + if !kernels.MinKernelVersion("5.9") { + // Versions before 5.9 do not allow inner maps to have different sizes. + // See: https://lore.kernel.org/bpf/20200828011800.1970018-1-kafai@fb.com/ + matchBinariesPaths.SetInnerMaxEntries(lsmEntry.selectors.MatchBinariesPathsMaxEntries()) + } + maps = append(maps, matchBinariesPaths) + + stackTraceMap := program.MapBuilderPin("stack_trace_map", sensors.PathJoin(pinPath, "stack_trace_map"), load) + maps = append(maps, stackTraceMap) + + if kernels.EnableLargeProgs() { + socktrack := program.MapBuilderPin("socktrack_map", sensors.PathJoin(sensorPath, "socktrack_map"), load) + maps = append(maps, socktrack) + } + + enforcerDataMap := enforcerMap(lsmEntry.policyName, load) + maps = append(maps, enforcerDataMap) + + logger.GetLogger(). + Infof("Added generic lsm sensor: %s -> %s", load.Name, load.Attach) + return progs, maps +} + +func filterMapsForLsm(load *program.Program, pinPath string, lsmEntry *genericLsm) []*program.Map { + var maps []*program.Map + + argFilterMaps := program.MapBuilderPin("argfilter_maps", sensors.PathJoin(pinPath, "argfilter_maps"), load) + if !kernels.MinKernelVersion("5.9") { + // Versions before 5.9 do not allow inner maps to have different sizes. + // See: https://lore.kernel.org/bpf/20200828011800.1970018-1-kafai@fb.com/ + maxEntries := lsmEntry.selectors.ValueMapsMaxEntries() + argFilterMaps.SetInnerMaxEntries(maxEntries) + } + maps = append(maps, argFilterMaps) + + addr4FilterMaps := program.MapBuilderPin("addr4lpm_maps", sensors.PathJoin(pinPath, "addr4lpm_maps"), load) + if !kernels.MinKernelVersion("5.9") { + // Versions before 5.9 do not allow inner maps to have different sizes. + // See: https://lore.kernel.org/bpf/20200828011800.1970018-1-kafai@fb.com/ + maxEntries := lsmEntry.selectors.Addr4MapsMaxEntries() + addr4FilterMaps.SetInnerMaxEntries(maxEntries) + } + maps = append(maps, addr4FilterMaps) + + addr6FilterMaps := program.MapBuilderPin("addr6lpm_maps", sensors.PathJoin(pinPath, "addr6lpm_maps"), load) + if !kernels.MinKernelVersion("5.9") { + // Versions before 5.9 do not allow inner maps to have different sizes. + // See: https://lore.kernel.org/bpf/20200828011800.1970018-1-kafai@fb.com/ + maxEntries := lsmEntry.selectors.Addr6MapsMaxEntries() + addr6FilterMaps.SetInnerMaxEntries(maxEntries) + } + maps = append(maps, addr6FilterMaps) + + var stringFilterMap [selectors.StringMapsNumSubMaps]*program.Map + numSubMaps := selectors.StringMapsNumSubMaps + if !kernels.MinKernelVersion("5.11") { + numSubMaps = selectors.StringMapsNumSubMapsSmall + } + + for string_map_index := 0; string_map_index < numSubMaps; string_map_index++ { + stringFilterMap[string_map_index] = program.MapBuilderPin(fmt.Sprintf("string_maps_%d", string_map_index), + sensors.PathJoin(pinPath, fmt.Sprintf("string_maps_%d", string_map_index)), load) + if !kernels.MinKernelVersion("5.9") { + // Versions before 5.9 do not allow inner maps to have different sizes. + // See: https://lore.kernel.org/bpf/20200828011800.1970018-1-kafai@fb.com/ + maxEntries := lsmEntry.selectors.StringMapsMaxEntries(string_map_index) + stringFilterMap[string_map_index].SetInnerMaxEntries(maxEntries) + } + maps = append(maps, stringFilterMap[string_map_index]) + } + + stringPrefixFilterMaps := program.MapBuilderPin("string_prefix_maps", sensors.PathJoin(pinPath, "string_prefix_maps"), load) + if !kernels.MinKernelVersion("5.9") { + // Versions before 5.9 do not allow inner maps to have different sizes. + // See: https://lore.kernel.org/bpf/20200828011800.1970018-1-kafai@fb.com/ + maxEntries := lsmEntry.selectors.StringPrefixMapsMaxEntries() + stringPrefixFilterMaps.SetInnerMaxEntries(maxEntries) + } + maps = append(maps, stringPrefixFilterMaps) + + stringPostfixFilterMaps := program.MapBuilderPin("string_postfix_maps", sensors.PathJoin(pinPath, "string_postfix_maps"), load) + if !kernels.MinKernelVersion("5.9") { + // Versions before 5.9 do not allow inner maps to have different sizes. + // See: https://lore.kernel.org/bpf/20200828011800.1970018-1-kafai@fb.com/ + maxEntries := lsmEntry.selectors.StringPostfixMapsMaxEntries() + stringPostfixFilterMaps.SetInnerMaxEntries(maxEntries) + } + maps = append(maps, stringPostfixFilterMaps) + + return maps +} diff --git a/pkg/sensors/tracing/policyhandler.go b/pkg/sensors/tracing/policyhandler.go index e29aebc02e0..e3138f998c4 100644 --- a/pkg/sensors/tracing/policyhandler.go +++ b/pkg/sensors/tracing/policyhandler.go @@ -44,5 +44,9 @@ func (h policyHandler) PolicyHandler( name := fmt.Sprintf("gtp-sensor-%d", atomic.AddUint64(&sensorCounter, 1)) return createGenericTracepointSensor(name, spec.Tracepoints, policyID, policyName, spec.Lists, handler) } + if len(spec.LsmHooks) > 0 { + name := fmt.Sprintf("glsm-sensor-%d", atomic.AddUint64(&sensorCounter, 1)) + return createGenericLsmSensor(spec, name, policyID, policyName) + } return nil, nil } diff --git a/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/eventchecker/eventchecker.pb.go b/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/eventchecker/eventchecker.pb.go index 7d5f8e8c5ca..b2fb69ede6e 100644 --- a/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/eventchecker/eventchecker.pb.go +++ b/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/eventchecker/eventchecker.pb.go @@ -274,6 +274,8 @@ func CheckerFromEvent(event Event) (EventChecker, error) { return NewProcessTracepointChecker("").FromProcessTracepoint(ev), nil case *tetragon.ProcessUprobe: return NewProcessUprobeChecker("").FromProcessUprobe(ev), nil + case *tetragon.ProcessLsm: + return NewProcessLsmChecker("").FromProcessLsm(ev), nil case *tetragon.Test: return NewTestChecker("").FromTest(ev), nil case *tetragon.ProcessLoader: @@ -336,6 +338,8 @@ func EventFromResponse(response *tetragon.GetEventsResponse) (Event, error) { return ev.ProcessTracepoint, nil case *tetragon.GetEventsResponse_ProcessUprobe: return ev.ProcessUprobe, nil + case *tetragon.GetEventsResponse_ProcessLsm: + return ev.ProcessLsm, nil case *tetragon.GetEventsResponse_Test: return ev.Test, nil case *tetragon.GetEventsResponse_ProcessLoader: @@ -1662,6 +1666,197 @@ func (checker *ProcessUprobeChecker) FromProcessUprobe(event *tetragon.ProcessUp return checker } +// ProcessLsmChecker implements a checker struct to check a ProcessLsm event +type ProcessLsmChecker struct { + CheckerName string `json:"checkerName"` + Process *ProcessChecker `json:"process,omitempty"` + Parent *ProcessChecker `json:"parent,omitempty"` + FunctionName *stringmatcher.StringMatcher `json:"functionName,omitempty"` + PolicyName *stringmatcher.StringMatcher `json:"policyName,omitempty"` + Message *stringmatcher.StringMatcher `json:"message,omitempty"` + Args *KprobeArgumentListMatcher `json:"args,omitempty"` + Action *KprobeActionChecker `json:"action,omitempty"` + Tags *StringListMatcher `json:"tags,omitempty"` +} + +// CheckEvent checks a single event and implements the EventChecker interface +func (checker *ProcessLsmChecker) CheckEvent(event Event) error { + if ev, ok := event.(*tetragon.ProcessLsm); ok { + return checker.Check(ev) + } + return fmt.Errorf("%s: %T is not a ProcessLsm event", CheckerLogPrefix(checker), event) +} + +// CheckResponse checks a single gRPC response and implements the EventChecker interface +func (checker *ProcessLsmChecker) CheckResponse(response *tetragon.GetEventsResponse) error { + event, err := EventFromResponse(response) + if err != nil { + return err + } + return checker.CheckEvent(event) +} + +// NewProcessLsmChecker creates a new ProcessLsmChecker +func NewProcessLsmChecker(name string) *ProcessLsmChecker { + return &ProcessLsmChecker{CheckerName: name} +} + +// Get the name associated with the checker +func (checker *ProcessLsmChecker) GetCheckerName() string { + return checker.CheckerName +} + +// Get the type of the checker as a string +func (checker *ProcessLsmChecker) GetCheckerType() string { + return "ProcessLsmChecker" +} + +// Check checks a ProcessLsm event +func (checker *ProcessLsmChecker) Check(event *tetragon.ProcessLsm) error { + if event == nil { + return fmt.Errorf("%s: ProcessLsm event is nil", CheckerLogPrefix(checker)) + } + + fieldChecks := func() error { + if checker.Process != nil { + if err := checker.Process.Check(event.Process); err != nil { + return fmt.Errorf("Process check failed: %w", err) + } + } + if checker.Parent != nil { + if err := checker.Parent.Check(event.Parent); err != nil { + return fmt.Errorf("Parent check failed: %w", err) + } + } + if checker.FunctionName != nil { + if err := checker.FunctionName.Match(event.FunctionName); err != nil { + return fmt.Errorf("FunctionName check failed: %w", err) + } + } + if checker.PolicyName != nil { + if err := checker.PolicyName.Match(event.PolicyName); err != nil { + return fmt.Errorf("PolicyName check failed: %w", err) + } + } + if checker.Message != nil { + if err := checker.Message.Match(event.Message); err != nil { + return fmt.Errorf("Message check failed: %w", err) + } + } + if checker.Args != nil { + if err := checker.Args.Check(event.Args); err != nil { + return fmt.Errorf("Args check failed: %w", err) + } + } + if checker.Action != nil { + if err := checker.Action.Check(&event.Action); err != nil { + return fmt.Errorf("Action check failed: %w", err) + } + } + if checker.Tags != nil { + if err := checker.Tags.Check(event.Tags); err != nil { + return fmt.Errorf("Tags check failed: %w", err) + } + } + return nil + } + if err := fieldChecks(); err != nil { + return fmt.Errorf("%s: %w", CheckerLogPrefix(checker), err) + } + return nil +} + +// WithProcess adds a Process check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithProcess(check *ProcessChecker) *ProcessLsmChecker { + checker.Process = check + return checker +} + +// WithParent adds a Parent check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithParent(check *ProcessChecker) *ProcessLsmChecker { + checker.Parent = check + return checker +} + +// WithFunctionName adds a FunctionName check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithFunctionName(check *stringmatcher.StringMatcher) *ProcessLsmChecker { + checker.FunctionName = check + return checker +} + +// WithPolicyName adds a PolicyName check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithPolicyName(check *stringmatcher.StringMatcher) *ProcessLsmChecker { + checker.PolicyName = check + return checker +} + +// WithMessage adds a Message check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithMessage(check *stringmatcher.StringMatcher) *ProcessLsmChecker { + checker.Message = check + return checker +} + +// WithArgs adds a Args check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithArgs(check *KprobeArgumentListMatcher) *ProcessLsmChecker { + checker.Args = check + return checker +} + +// WithAction adds a Action check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithAction(check tetragon.KprobeAction) *ProcessLsmChecker { + wrappedCheck := KprobeActionChecker(check) + checker.Action = &wrappedCheck + return checker +} + +// WithTags adds a Tags check to the ProcessLsmChecker +func (checker *ProcessLsmChecker) WithTags(check *StringListMatcher) *ProcessLsmChecker { + checker.Tags = check + return checker +} + +//FromProcessLsm populates the ProcessLsmChecker using data from a ProcessLsm event +func (checker *ProcessLsmChecker) FromProcessLsm(event *tetragon.ProcessLsm) *ProcessLsmChecker { + if event == nil { + return checker + } + if event.Process != nil { + checker.Process = NewProcessChecker().FromProcess(event.Process) + } + if event.Parent != nil { + checker.Parent = NewProcessChecker().FromProcess(event.Parent) + } + checker.FunctionName = stringmatcher.Full(event.FunctionName) + checker.PolicyName = stringmatcher.Full(event.PolicyName) + checker.Message = stringmatcher.Full(event.Message) + { + var checks []*KprobeArgumentChecker + for _, check := range event.Args { + var convertedCheck *KprobeArgumentChecker + if check != nil { + convertedCheck = NewKprobeArgumentChecker().FromKprobeArgument(check) + } + checks = append(checks, convertedCheck) + } + lm := NewKprobeArgumentListMatcher().WithOperator(listmatcher.Ordered). + WithValues(checks...) + checker.Args = lm + } + checker.Action = NewKprobeActionChecker(event.Action) + { + var checks []*stringmatcher.StringMatcher + for _, check := range event.Tags { + var convertedCheck *stringmatcher.StringMatcher + convertedCheck = stringmatcher.Full(check) + checks = append(checks, convertedCheck) + } + lm := NewStringListMatcher().WithOperator(listmatcher.Ordered). + WithValues(checks...) + checker.Tags = lm + } + return checker +} + // TestChecker implements a checker struct to check a Test event type TestChecker struct { CheckerName string `json:"checkerName"` diff --git a/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/eventchecker/yaml/yaml.pb.go b/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/eventchecker/yaml/yaml.pb.go index f3ff5347a95..61eb2b0452a 100644 --- a/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/eventchecker/yaml/yaml.pb.go +++ b/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/eventchecker/yaml/yaml.pb.go @@ -145,6 +145,7 @@ type eventCheckerHelper struct { ProcessKprobe *eventchecker.ProcessKprobeChecker `json:"kprobe,omitempty"` ProcessTracepoint *eventchecker.ProcessTracepointChecker `json:"tracepoint,omitempty"` ProcessUprobe *eventchecker.ProcessUprobeChecker `json:"uprobe,omitempty"` + ProcessLsm *eventchecker.ProcessLsmChecker `json:"lsm,omitempty"` Test *eventchecker.TestChecker `json:"test,omitempty"` ProcessLoader *eventchecker.ProcessLoaderChecker `json:"loader,omitempty"` RateLimitInfo *eventchecker.RateLimitInfoChecker `json:"rateLimitInfo,omitempty"` @@ -193,6 +194,12 @@ func (checker *EventChecker) UnmarshalJSON(b []byte) error { } eventChecker = helper.ProcessUprobe } + if helper.ProcessLsm != nil { + if eventChecker != nil { + return fmt.Errorf("EventChecker: cannot define more than one checker, got %T but already had %T", helper.ProcessLsm, eventChecker) + } + eventChecker = helper.ProcessLsm + } if helper.Test != nil { if eventChecker != nil { return fmt.Errorf("EventChecker: cannot define more than one checker, got %T but already had %T", helper.Test, eventChecker) @@ -235,6 +242,8 @@ func (checker EventChecker) MarshalJSON() ([]byte, error) { helper.ProcessTracepoint = c case *eventchecker.ProcessUprobeChecker: helper.ProcessUprobe = c + case *eventchecker.ProcessLsmChecker: + helper.ProcessLsm = c case *eventchecker.TestChecker: helper.Test = c case *eventchecker.ProcessLoaderChecker: diff --git a/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/helpers/helpers.pb.go b/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/helpers/helpers.pb.go index 55f80b413ef..f4a241432a0 100644 --- a/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/helpers/helpers.pb.go +++ b/vendor/github.com/cilium/tetragon/api/v1/tetragon/codegen/helpers/helpers.pb.go @@ -34,6 +34,8 @@ func ResponseTypeString(response *tetragon.GetEventsResponse) (string, error) { return tetragon.EventType_PROCESS_LOADER.String(), nil case *tetragon.GetEventsResponse_ProcessUprobe: return tetragon.EventType_PROCESS_UPROBE.String(), nil + case *tetragon.GetEventsResponse_ProcessLsm: + return tetragon.EventType_PROCESS_LSM.String(), nil case *tetragon.GetEventsResponse_ProcessThrottle: return tetragon.EventType_PROCESS_THROTTLE.String(), nil case *tetragon.GetEventsResponse_Test: @@ -72,6 +74,8 @@ func ResponseInnerGetProcess(event tetragon.IsGetEventsResponse_Event) *tetragon return ev.ProcessTracepoint.Process case *tetragon.GetEventsResponse_ProcessUprobe: return ev.ProcessUprobe.Process + case *tetragon.GetEventsResponse_ProcessLsm: + return ev.ProcessLsm.Process case *tetragon.GetEventsResponse_ProcessLoader: return ev.ProcessLoader.Process @@ -115,6 +119,8 @@ func ResponseInnerGetParent(event tetragon.IsGetEventsResponse_Event) *tetragon. return ev.ProcessTracepoint.Parent case *tetragon.GetEventsResponse_ProcessUprobe: return ev.ProcessUprobe.Parent + case *tetragon.GetEventsResponse_ProcessLsm: + return ev.ProcessLsm.Parent } return nil diff --git a/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.pb.go b/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.pb.go index f11dc36ba6c..b903f651925 100644 --- a/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.pb.go +++ b/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.pb.go @@ -41,6 +41,7 @@ const ( EventType_PROCESS_TRACEPOINT EventType = 10 EventType_PROCESS_LOADER EventType = 11 EventType_PROCESS_UPROBE EventType = 12 + EventType_PROCESS_LSM EventType = 13 EventType_PROCESS_THROTTLE EventType = 27 EventType_TEST EventType = 40000 EventType_RATE_LIMIT_INFO EventType = 40001 @@ -56,6 +57,7 @@ var ( 10: "PROCESS_TRACEPOINT", 11: "PROCESS_LOADER", 12: "PROCESS_UPROBE", + 13: "PROCESS_LSM", 27: "PROCESS_THROTTLE", 40000: "TEST", 40001: "RATE_LIMIT_INFO", @@ -68,6 +70,7 @@ var ( "PROCESS_TRACEPOINT": 10, "PROCESS_LOADER": 11, "PROCESS_UPROBE": 12, + "PROCESS_LSM": 13, "PROCESS_THROTTLE": 27, "TEST": 40000, "RATE_LIMIT_INFO": 40001, @@ -944,6 +947,7 @@ type GetEventsResponse struct { // *GetEventsResponse_ProcessTracepoint // *GetEventsResponse_ProcessLoader // *GetEventsResponse_ProcessUprobe + // *GetEventsResponse_ProcessLsm // *GetEventsResponse_ProcessThrottle // *GetEventsResponse_Test // *GetEventsResponse_RateLimitInfo @@ -1040,6 +1044,13 @@ func (x *GetEventsResponse) GetProcessUprobe() *ProcessUprobe { return nil } +func (x *GetEventsResponse) GetProcessLsm() *ProcessLsm { + if x, ok := x.GetEvent().(*GetEventsResponse_ProcessLsm); ok { + return x.ProcessLsm + } + return nil +} + func (x *GetEventsResponse) GetProcessThrottle() *ProcessThrottle { if x, ok := x.GetEvent().(*GetEventsResponse_ProcessThrottle); ok { return x.ProcessThrottle @@ -1117,6 +1128,10 @@ type GetEventsResponse_ProcessUprobe struct { ProcessUprobe *ProcessUprobe `protobuf:"bytes,12,opt,name=process_uprobe,json=processUprobe,proto3,oneof"` } +type GetEventsResponse_ProcessLsm struct { + ProcessLsm *ProcessLsm `protobuf:"bytes,13,opt,name=process_lsm,json=processLsm,proto3,oneof"` +} + type GetEventsResponse_ProcessThrottle struct { ProcessThrottle *ProcessThrottle `protobuf:"bytes,27,opt,name=process_throttle,json=processThrottle,proto3,oneof"` } @@ -1141,6 +1156,8 @@ func (*GetEventsResponse_ProcessLoader) isGetEventsResponse_Event() {} func (*GetEventsResponse_ProcessUprobe) isGetEventsResponse_Event() {} +func (*GetEventsResponse_ProcessLsm) isGetEventsResponse_Event() {} + func (*GetEventsResponse_ProcessThrottle) isGetEventsResponse_Event() {} func (*GetEventsResponse_Test) isGetEventsResponse_Event() {} @@ -1274,7 +1291,7 @@ var file_tetragon_events_proto_rawDesc = []byte{ 0x20, 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x06, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x22, 0xf3, 0x05, 0x0a, 0x11, 0x47, + 0x28, 0x09, 0x52, 0x06, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x22, 0xac, 0x06, 0x0a, 0x11, 0x47, 0x65, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3a, 0x0a, 0x0c, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x65, 0x78, 0x65, 0x63, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x15, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, @@ -1300,49 +1317,54 @@ var file_tetragon_events_proto_rawDesc = []byte{ 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x75, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x55, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x48, 0x00, 0x52, 0x0d, 0x70, - 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x55, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x12, 0x46, 0x0a, 0x10, - 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, - 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, - 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, - 0x65, 0x48, 0x00, 0x52, 0x0f, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, - 0x74, 0x74, 0x6c, 0x65, 0x12, 0x26, 0x0a, 0x04, 0x74, 0x65, 0x73, 0x74, 0x18, 0xc0, 0xb8, 0x02, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, - 0x54, 0x65, 0x73, 0x74, 0x48, 0x00, 0x52, 0x04, 0x74, 0x65, 0x73, 0x74, 0x12, 0x43, 0x0a, 0x0f, - 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, - 0xc1, 0xb8, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, - 0x6f, 0x6e, 0x2e, 0x52, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, 0x6f, - 0x48, 0x00, 0x52, 0x0d, 0x72, 0x61, 0x74, 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, - 0x6f, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0xe8, - 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, - 0x2f, 0x0a, 0x04, 0x74, 0x69, 0x6d, 0x65, 0x18, 0xe9, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, - 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x04, 0x74, 0x69, 0x6d, 0x65, - 0x12, 0x45, 0x0a, 0x10, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, - 0x69, 0x6e, 0x66, 0x6f, 0x18, 0xea, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, - 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x42, 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, - 0x2a, 0xc7, 0x01, 0x0a, 0x09, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, - 0x0a, 0x05, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, - 0x43, 0x45, 0x53, 0x53, 0x5f, 0x45, 0x58, 0x45, 0x43, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x50, - 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x45, 0x58, 0x49, 0x54, 0x10, 0x05, 0x12, 0x12, 0x0a, - 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, - 0x09, 0x12, 0x16, 0x0a, 0x12, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x52, 0x41, - 0x43, 0x45, 0x50, 0x4f, 0x49, 0x4e, 0x54, 0x10, 0x0a, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, - 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x4f, 0x41, 0x44, 0x45, 0x52, 0x10, 0x0b, 0x12, 0x12, 0x0a, - 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x55, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, - 0x0c, 0x12, 0x14, 0x0a, 0x10, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x48, 0x52, - 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x10, 0x1b, 0x12, 0x0a, 0x0a, 0x04, 0x54, 0x45, 0x53, 0x54, 0x10, - 0xc0, 0xb8, 0x02, 0x12, 0x15, 0x0a, 0x0f, 0x52, 0x41, 0x54, 0x45, 0x5f, 0x4c, 0x49, 0x4d, 0x49, - 0x54, 0x5f, 0x49, 0x4e, 0x46, 0x4f, 0x10, 0xc1, 0xb8, 0x02, 0x2a, 0x2d, 0x0a, 0x11, 0x46, 0x69, - 0x65, 0x6c, 0x64, 0x46, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, - 0x0b, 0x0a, 0x07, 0x49, 0x4e, 0x43, 0x4c, 0x55, 0x44, 0x45, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, - 0x45, 0x58, 0x43, 0x4c, 0x55, 0x44, 0x45, 0x10, 0x01, 0x2a, 0x4b, 0x0a, 0x0c, 0x54, 0x68, 0x72, - 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x54, 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x48, 0x52, - 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, - 0x12, 0x0a, 0x0e, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x52, - 0x54, 0x10, 0x01, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, - 0x53, 0x54, 0x4f, 0x50, 0x10, 0x02, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x55, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x12, 0x37, 0x0a, 0x0b, + 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x6c, 0x73, 0x6d, 0x18, 0x0d, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x14, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, + 0x63, 0x65, 0x73, 0x73, 0x4c, 0x73, 0x6d, 0x48, 0x00, 0x52, 0x0a, 0x70, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x4c, 0x73, 0x6d, 0x12, 0x46, 0x0a, 0x10, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, + 0x5f, 0x74, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x48, 0x00, 0x52, 0x0f, 0x70, 0x72, + 0x6f, 0x63, 0x65, 0x73, 0x73, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x12, 0x26, 0x0a, + 0x04, 0x74, 0x65, 0x73, 0x74, 0x18, 0xc0, 0xb8, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0e, 0x2e, + 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, 0x65, 0x73, 0x74, 0x48, 0x00, 0x52, + 0x04, 0x74, 0x65, 0x73, 0x74, 0x12, 0x43, 0x0a, 0x0f, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x6c, 0x69, + 0x6d, 0x69, 0x74, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0xc1, 0xb8, 0x02, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x17, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x52, 0x61, 0x74, 0x65, + 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, 0x6f, 0x48, 0x00, 0x52, 0x0d, 0x72, 0x61, 0x74, + 0x65, 0x4c, 0x69, 0x6d, 0x69, 0x74, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x6f, + 0x64, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0xe8, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, + 0x6e, 0x6f, 0x64, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2f, 0x0a, 0x04, 0x74, 0x69, 0x6d, 0x65, + 0x18, 0xe9, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, + 0x61, 0x6d, 0x70, 0x52, 0x04, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x45, 0x0a, 0x10, 0x61, 0x67, 0x67, + 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0xea, 0x07, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, + 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, 0x52, + 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x66, 0x6f, + 0x42, 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x2a, 0xd8, 0x01, 0x0a, 0x09, 0x45, 0x76, + 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x55, 0x4e, 0x44, 0x45, 0x46, + 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x45, 0x58, + 0x45, 0x43, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, + 0x45, 0x58, 0x49, 0x54, 0x10, 0x05, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, + 0x53, 0x5f, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, 0x09, 0x12, 0x16, 0x0a, 0x12, 0x50, 0x52, + 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x45, 0x50, 0x4f, 0x49, 0x4e, 0x54, + 0x10, 0x0a, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x4f, + 0x41, 0x44, 0x45, 0x52, 0x10, 0x0b, 0x12, 0x12, 0x0a, 0x0e, 0x50, 0x52, 0x4f, 0x43, 0x45, 0x53, + 0x53, 0x5f, 0x55, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x10, 0x0c, 0x12, 0x0f, 0x0a, 0x0b, 0x50, 0x52, + 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x4c, 0x53, 0x4d, 0x10, 0x0d, 0x12, 0x14, 0x0a, 0x10, 0x50, + 0x52, 0x4f, 0x43, 0x45, 0x53, 0x53, 0x5f, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x10, + 0x1b, 0x12, 0x0a, 0x0a, 0x04, 0x54, 0x45, 0x53, 0x54, 0x10, 0xc0, 0xb8, 0x02, 0x12, 0x15, 0x0a, + 0x0f, 0x52, 0x41, 0x54, 0x45, 0x5f, 0x4c, 0x49, 0x4d, 0x49, 0x54, 0x5f, 0x49, 0x4e, 0x46, 0x4f, + 0x10, 0xc1, 0xb8, 0x02, 0x2a, 0x2d, 0x0a, 0x11, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x46, 0x69, 0x6c, + 0x74, 0x65, 0x72, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0b, 0x0a, 0x07, 0x49, 0x4e, 0x43, + 0x4c, 0x55, 0x44, 0x45, 0x10, 0x00, 0x12, 0x0b, 0x0a, 0x07, 0x45, 0x58, 0x43, 0x4c, 0x55, 0x44, + 0x45, 0x10, 0x01, 0x2a, 0x4b, 0x0a, 0x0c, 0x54, 0x68, 0x72, 0x6f, 0x74, 0x74, 0x6c, 0x65, 0x54, + 0x79, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, + 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x12, 0x0a, 0x0e, 0x54, 0x48, 0x52, + 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x52, 0x54, 0x10, 0x01, 0x12, 0x11, 0x0a, + 0x0d, 0x54, 0x48, 0x52, 0x4f, 0x54, 0x54, 0x4c, 0x45, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x10, 0x02, + 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -1384,8 +1406,9 @@ var file_tetragon_events_proto_goTypes = []interface{}{ (*ProcessTracepoint)(nil), // 21: tetragon.ProcessTracepoint (*ProcessLoader)(nil), // 22: tetragon.ProcessLoader (*ProcessUprobe)(nil), // 23: tetragon.ProcessUprobe - (*Test)(nil), // 24: tetragon.Test - (*timestamppb.Timestamp)(nil), // 25: google.protobuf.Timestamp + (*ProcessLsm)(nil), // 24: tetragon.ProcessLsm + (*Test)(nil), // 25: tetragon.Test + (*timestamppb.Timestamp)(nil), // 26: google.protobuf.Timestamp } var file_tetragon_events_proto_depIdxs = []int32{ 14, // 0: tetragon.Filter.health_check:type_name -> google.protobuf.BoolValue @@ -1415,16 +1438,17 @@ var file_tetragon_events_proto_depIdxs = []int32{ 21, // 24: tetragon.GetEventsResponse.process_tracepoint:type_name -> tetragon.ProcessTracepoint 22, // 25: tetragon.GetEventsResponse.process_loader:type_name -> tetragon.ProcessLoader 23, // 26: tetragon.GetEventsResponse.process_uprobe:type_name -> tetragon.ProcessUprobe - 12, // 27: tetragon.GetEventsResponse.process_throttle:type_name -> tetragon.ProcessThrottle - 24, // 28: tetragon.GetEventsResponse.test:type_name -> tetragon.Test - 11, // 29: tetragon.GetEventsResponse.rate_limit_info:type_name -> tetragon.RateLimitInfo - 25, // 30: tetragon.GetEventsResponse.time:type_name -> google.protobuf.Timestamp - 10, // 31: tetragon.GetEventsResponse.aggregation_info:type_name -> tetragon.AggregationInfo - 32, // [32:32] is the sub-list for method output_type - 32, // [32:32] is the sub-list for method input_type - 32, // [32:32] is the sub-list for extension type_name - 32, // [32:32] is the sub-list for extension extendee - 0, // [0:32] is the sub-list for field type_name + 24, // 27: tetragon.GetEventsResponse.process_lsm:type_name -> tetragon.ProcessLsm + 12, // 28: tetragon.GetEventsResponse.process_throttle:type_name -> tetragon.ProcessThrottle + 25, // 29: tetragon.GetEventsResponse.test:type_name -> tetragon.Test + 11, // 30: tetragon.GetEventsResponse.rate_limit_info:type_name -> tetragon.RateLimitInfo + 26, // 31: tetragon.GetEventsResponse.time:type_name -> google.protobuf.Timestamp + 10, // 32: tetragon.GetEventsResponse.aggregation_info:type_name -> tetragon.AggregationInfo + 33, // [33:33] is the sub-list for method output_type + 33, // [33:33] is the sub-list for method input_type + 33, // [33:33] is the sub-list for extension type_name + 33, // [33:33] is the sub-list for extension extendee + 0, // [0:33] is the sub-list for field type_name } func init() { file_tetragon_events_proto_init() } @@ -1575,6 +1599,7 @@ func file_tetragon_events_proto_init() { (*GetEventsResponse_ProcessTracepoint)(nil), (*GetEventsResponse_ProcessLoader)(nil), (*GetEventsResponse_ProcessUprobe)(nil), + (*GetEventsResponse_ProcessLsm)(nil), (*GetEventsResponse_ProcessThrottle)(nil), (*GetEventsResponse_Test)(nil), (*GetEventsResponse_RateLimitInfo)(nil), diff --git a/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.proto b/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.proto index f2bd554645f..155bd489665 100644 --- a/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.proto +++ b/vendor/github.com/cilium/tetragon/api/v1/tetragon/events.proto @@ -25,6 +25,7 @@ enum EventType { PROCESS_TRACEPOINT = 10; PROCESS_LOADER = 11; PROCESS_UPROBE = 12; + PROCESS_LSM = 13; PROCESS_THROTTLE = 27; TEST = 40000; @@ -183,6 +184,7 @@ message GetEventsResponse { ProcessTracepoint process_tracepoint = 10; ProcessLoader process_loader = 11; ProcessUprobe process_uprobe = 12; + ProcessLsm process_lsm = 13; ProcessThrottle process_throttle = 27; Test test = 40000; diff --git a/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.go b/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.go index ace6dfcfc1c..8a5d6be212e 100644 --- a/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.go +++ b/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.go @@ -3475,6 +3475,115 @@ func (x *ProcessUprobe) GetTags() []string { return nil } +type ProcessLsm struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Process *Process `protobuf:"bytes,1,opt,name=process,proto3" json:"process,omitempty"` + Parent *Process `protobuf:"bytes,2,opt,name=parent,proto3" json:"parent,omitempty"` + // LSM hook name. + FunctionName string `protobuf:"bytes,3,opt,name=function_name,json=functionName,proto3" json:"function_name,omitempty"` + // Name of the policy that created that LSM hook. + PolicyName string `protobuf:"bytes,5,opt,name=policy_name,json=policyName,proto3" json:"policy_name,omitempty"` + // Short message of the Tracing Policy to inform users what is going on. + Message string `protobuf:"bytes,6,opt,name=message,proto3" json:"message,omitempty"` + // Arguments definition of the observed LSM hook. + Args []*KprobeArgument `protobuf:"bytes,7,rep,name=args,proto3" json:"args,omitempty"` + // Action performed when the LSM hook matched. + Action KprobeAction `protobuf:"varint,8,opt,name=action,proto3,enum=tetragon.KprobeAction" json:"action,omitempty"` + // Tags of the Tracing Policy to categorize the event. + Tags []string `protobuf:"bytes,9,rep,name=tags,proto3" json:"tags,omitempty"` +} + +func (x *ProcessLsm) Reset() { + *x = ProcessLsm{} + if protoimpl.UnsafeEnabled { + mi := &file_tetragon_tetragon_proto_msgTypes[32] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *ProcessLsm) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ProcessLsm) ProtoMessage() {} + +func (x *ProcessLsm) ProtoReflect() protoreflect.Message { + mi := &file_tetragon_tetragon_proto_msgTypes[32] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ProcessLsm.ProtoReflect.Descriptor instead. +func (*ProcessLsm) Descriptor() ([]byte, []int) { + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{32} +} + +func (x *ProcessLsm) GetProcess() *Process { + if x != nil { + return x.Process + } + return nil +} + +func (x *ProcessLsm) GetParent() *Process { + if x != nil { + return x.Parent + } + return nil +} + +func (x *ProcessLsm) GetFunctionName() string { + if x != nil { + return x.FunctionName + } + return "" +} + +func (x *ProcessLsm) GetPolicyName() string { + if x != nil { + return x.PolicyName + } + return "" +} + +func (x *ProcessLsm) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +func (x *ProcessLsm) GetArgs() []*KprobeArgument { + if x != nil { + return x.Args + } + return nil +} + +func (x *ProcessLsm) GetAction() KprobeAction { + if x != nil { + return x.Action + } + return KprobeAction_KPROBE_ACTION_UNKNOWN +} + +func (x *ProcessLsm) GetTags() []string { + if x != nil { + return x.Tags + } + return nil +} + type KernelModule struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -3492,7 +3601,7 @@ type KernelModule struct { func (x *KernelModule) Reset() { *x = KernelModule{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[32] + mi := &file_tetragon_tetragon_proto_msgTypes[33] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3505,7 +3614,7 @@ func (x *KernelModule) String() string { func (*KernelModule) ProtoMessage() {} func (x *KernelModule) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[32] + mi := &file_tetragon_tetragon_proto_msgTypes[33] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3518,7 +3627,7 @@ func (x *KernelModule) ProtoReflect() protoreflect.Message { // Deprecated: Use KernelModule.ProtoReflect.Descriptor instead. func (*KernelModule) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{32} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{33} } func (x *KernelModule) GetName() string { @@ -3556,7 +3665,7 @@ type Test struct { func (x *Test) Reset() { *x = Test{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[33] + mi := &file_tetragon_tetragon_proto_msgTypes[34] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3569,7 +3678,7 @@ func (x *Test) String() string { func (*Test) ProtoMessage() {} func (x *Test) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[33] + mi := &file_tetragon_tetragon_proto_msgTypes[34] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3582,7 +3691,7 @@ func (x *Test) ProtoReflect() protoreflect.Message { // Deprecated: Use Test.ProtoReflect.Descriptor instead. func (*Test) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{33} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{34} } func (x *Test) GetArg0() uint64 { @@ -3624,7 +3733,7 @@ type GetHealthStatusRequest struct { func (x *GetHealthStatusRequest) Reset() { *x = GetHealthStatusRequest{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[34] + mi := &file_tetragon_tetragon_proto_msgTypes[35] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3637,7 +3746,7 @@ func (x *GetHealthStatusRequest) String() string { func (*GetHealthStatusRequest) ProtoMessage() {} func (x *GetHealthStatusRequest) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[34] + mi := &file_tetragon_tetragon_proto_msgTypes[35] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3650,7 +3759,7 @@ func (x *GetHealthStatusRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use GetHealthStatusRequest.ProtoReflect.Descriptor instead. func (*GetHealthStatusRequest) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{34} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{35} } func (x *GetHealthStatusRequest) GetEventSet() []HealthStatusType { @@ -3673,7 +3782,7 @@ type HealthStatus struct { func (x *HealthStatus) Reset() { *x = HealthStatus{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[35] + mi := &file_tetragon_tetragon_proto_msgTypes[36] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3686,7 +3795,7 @@ func (x *HealthStatus) String() string { func (*HealthStatus) ProtoMessage() {} func (x *HealthStatus) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[35] + mi := &file_tetragon_tetragon_proto_msgTypes[36] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3699,7 +3808,7 @@ func (x *HealthStatus) ProtoReflect() protoreflect.Message { // Deprecated: Use HealthStatus.ProtoReflect.Descriptor instead. func (*HealthStatus) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{35} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{36} } func (x *HealthStatus) GetEvent() HealthStatusType { @@ -3734,7 +3843,7 @@ type GetHealthStatusResponse struct { func (x *GetHealthStatusResponse) Reset() { *x = GetHealthStatusResponse{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[36] + mi := &file_tetragon_tetragon_proto_msgTypes[37] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3747,7 +3856,7 @@ func (x *GetHealthStatusResponse) String() string { func (*GetHealthStatusResponse) ProtoMessage() {} func (x *GetHealthStatusResponse) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[36] + mi := &file_tetragon_tetragon_proto_msgTypes[37] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3760,7 +3869,7 @@ func (x *GetHealthStatusResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use GetHealthStatusResponse.ProtoReflect.Descriptor instead. func (*GetHealthStatusResponse) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{36} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{37} } func (x *GetHealthStatusResponse) GetHealthStatus() []*HealthStatus { @@ -3784,7 +3893,7 @@ type ProcessLoader struct { func (x *ProcessLoader) Reset() { *x = ProcessLoader{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[37] + mi := &file_tetragon_tetragon_proto_msgTypes[38] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3797,7 +3906,7 @@ func (x *ProcessLoader) String() string { func (*ProcessLoader) ProtoMessage() {} func (x *ProcessLoader) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[37] + mi := &file_tetragon_tetragon_proto_msgTypes[38] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3810,7 +3919,7 @@ func (x *ProcessLoader) ProtoReflect() protoreflect.Message { // Deprecated: Use ProcessLoader.ProtoReflect.Descriptor instead. func (*ProcessLoader) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{37} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{38} } func (x *ProcessLoader) GetProcess() *Process { @@ -3849,7 +3958,7 @@ type RuntimeHookRequest struct { func (x *RuntimeHookRequest) Reset() { *x = RuntimeHookRequest{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[38] + mi := &file_tetragon_tetragon_proto_msgTypes[39] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3862,7 +3971,7 @@ func (x *RuntimeHookRequest) String() string { func (*RuntimeHookRequest) ProtoMessage() {} func (x *RuntimeHookRequest) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[38] + mi := &file_tetragon_tetragon_proto_msgTypes[39] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3875,7 +3984,7 @@ func (x *RuntimeHookRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use RuntimeHookRequest.ProtoReflect.Descriptor instead. func (*RuntimeHookRequest) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{38} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{39} } func (m *RuntimeHookRequest) GetEvent() isRuntimeHookRequest_Event { @@ -3911,7 +4020,7 @@ type RuntimeHookResponse struct { func (x *RuntimeHookResponse) Reset() { *x = RuntimeHookResponse{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[39] + mi := &file_tetragon_tetragon_proto_msgTypes[40] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3924,7 +4033,7 @@ func (x *RuntimeHookResponse) String() string { func (*RuntimeHookResponse) ProtoMessage() {} func (x *RuntimeHookResponse) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[39] + mi := &file_tetragon_tetragon_proto_msgTypes[40] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3937,7 +4046,7 @@ func (x *RuntimeHookResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RuntimeHookResponse.ProtoReflect.Descriptor instead. func (*RuntimeHookResponse) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{39} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{40} } // CreateContainer informs the agent that a container was created @@ -3965,7 +4074,7 @@ type CreateContainer struct { func (x *CreateContainer) Reset() { *x = CreateContainer{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[40] + mi := &file_tetragon_tetragon_proto_msgTypes[41] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -3978,7 +4087,7 @@ func (x *CreateContainer) String() string { func (*CreateContainer) ProtoMessage() {} func (x *CreateContainer) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[40] + mi := &file_tetragon_tetragon_proto_msgTypes[41] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -3991,7 +4100,7 @@ func (x *CreateContainer) ProtoReflect() protoreflect.Message { // Deprecated: Use CreateContainer.ProtoReflect.Descriptor instead. func (*CreateContainer) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{40} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{41} } func (x *CreateContainer) GetCgroupsPath() string { @@ -4040,7 +4149,7 @@ type StackTraceEntry struct { func (x *StackTraceEntry) Reset() { *x = StackTraceEntry{} if protoimpl.UnsafeEnabled { - mi := &file_tetragon_tetragon_proto_msgTypes[41] + mi := &file_tetragon_tetragon_proto_msgTypes[42] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -4053,7 +4162,7 @@ func (x *StackTraceEntry) String() string { func (*StackTraceEntry) ProtoMessage() {} func (x *StackTraceEntry) ProtoReflect() protoreflect.Message { - mi := &file_tetragon_tetragon_proto_msgTypes[41] + mi := &file_tetragon_tetragon_proto_msgTypes[42] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -4066,7 +4175,7 @@ func (x *StackTraceEntry) ProtoReflect() protoreflect.Message { // Deprecated: Use StackTraceEntry.ProtoReflect.Descriptor instead. func (*StackTraceEntry) Descriptor() ([]byte, []int) { - return file_tetragon_tetragon_proto_rawDescGZIP(), []int{41} + return file_tetragon_tetragon_proto_rawDescGZIP(), []int{42} } func (x *StackTraceEntry) GetAddress() uint64 { @@ -4619,136 +4728,156 @@ var file_tetragon_tetragon_proto_rawDesc = []byte{ 0x61, 0x72, 0x67, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x4b, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x72, 0x67, 0x75, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x04, 0x61, 0x72, 0x67, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x61, - 0x67, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x22, 0x96, - 0x01, 0x0a, 0x0c, 0x4b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x12, - 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, - 0x61, 0x6d, 0x65, 0x12, 0x3d, 0x0a, 0x0c, 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, - 0x5f, 0x6f, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, - 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, - 0x4f, 0x6b, 0x12, 0x33, 0x0a, 0x07, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, - 0x03, 0x28, 0x0e, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, - 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x42, 0x69, 0x74, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x07, - 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x22, 0x56, 0x0a, 0x04, 0x54, 0x65, 0x73, 0x74, 0x12, - 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x30, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, - 0x72, 0x67, 0x30, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x31, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x31, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x32, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x32, 0x12, 0x12, 0x0a, 0x04, 0x61, - 0x72, 0x67, 0x33, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x33, 0x22, - 0x51, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, - 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x65, 0x76, 0x65, - 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, - 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x08, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x53, - 0x65, 0x74, 0x22, 0x90, 0x01, 0x0a, 0x0c, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x12, 0x30, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, - 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x05, - 0x65, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x34, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, - 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, - 0x75, 0x6c, 0x74, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x64, - 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x64, 0x65, - 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, 0x56, 0x0a, 0x17, 0x47, 0x65, 0x74, 0x48, 0x65, 0x61, 0x6c, - 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x12, 0x3b, 0x0a, 0x0d, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, - 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, - 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, - 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x6a, 0x0a, - 0x0d, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x12, 0x2b, - 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, - 0x11, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, - 0x73, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, - 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, - 0x18, 0x0a, 0x07, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, - 0x52, 0x07, 0x62, 0x75, 0x69, 0x6c, 0x64, 0x69, 0x64, 0x22, 0x64, 0x0a, 0x12, 0x52, 0x75, 0x6e, - 0x74, 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, - 0x45, 0x0a, 0x0f, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, - 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, - 0x67, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, - 0x6e, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0f, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x42, 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x22, - 0x15, 0x0a, 0x13, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, 0x6b, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x81, 0x02, 0x0a, 0x0f, 0x43, 0x72, 0x65, 0x61, 0x74, - 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x67, - 0x72, 0x6f, 0x75, 0x70, 0x73, 0x50, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0b, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x50, 0x61, 0x74, 0x68, 0x12, 0x18, 0x0a, 0x07, - 0x72, 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, - 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, 0x12, 0x4c, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x74, 0x65, - 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x2e, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, - 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6e, - 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0x3e, 0x0a, 0x10, 0x41, 0x6e, - 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, - 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, - 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x73, 0x0a, 0x0f, 0x53, 0x74, - 0x61, 0x63, 0x6b, 0x54, 0x72, 0x61, 0x63, 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x18, 0x0a, - 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x07, - 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, - 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, - 0x16, 0x0a, 0x06, 0x73, 0x79, 0x6d, 0x62, 0x6f, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x06, 0x73, 0x79, 0x6d, 0x62, 0x6f, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, - 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x2a, - 0x95, 0x03, 0x0a, 0x0c, 0x4b, 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, - 0x12, 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, - 0x4e, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x16, 0x0a, 0x12, 0x4b, - 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x50, 0x4f, 0x53, - 0x54, 0x10, 0x01, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, - 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x46, 0x4f, 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, 0x02, 0x12, - 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, - 0x5f, 0x53, 0x49, 0x47, 0x4b, 0x49, 0x4c, 0x4c, 0x10, 0x03, 0x12, 0x1c, 0x0a, 0x18, 0x4b, 0x50, - 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x46, 0x4f, - 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, 0x04, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x50, 0x52, 0x4f, - 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4f, 0x56, 0x45, 0x52, 0x52, 0x49, - 0x44, 0x45, 0x10, 0x05, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, - 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x43, 0x4f, 0x50, 0x59, 0x46, 0x44, 0x10, 0x06, 0x12, 0x18, + 0x67, 0x73, 0x18, 0x08, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x22, 0xb6, + 0x02, 0x0a, 0x0a, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x4c, 0x73, 0x6d, 0x12, 0x2b, 0x0a, + 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, + 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, + 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x12, 0x29, 0x0a, 0x06, 0x70, 0x61, + 0x72, 0x65, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x74, 0x65, 0x74, + 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x52, 0x06, 0x70, + 0x61, 0x72, 0x65, 0x6e, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x66, 0x75, 0x6e, 0x63, 0x74, 0x69, 0x6f, + 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x66, 0x75, + 0x6e, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x70, 0x6f, + 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0a, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, + 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x2c, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x73, 0x18, 0x07, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x4b, + 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x72, 0x67, 0x75, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x04, 0x61, + 0x72, 0x67, 0x73, 0x12, 0x2e, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x08, 0x20, + 0x01, 0x28, 0x0e, 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x4b, + 0x70, 0x72, 0x6f, 0x62, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x06, 0x61, 0x63, 0x74, + 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x61, 0x67, 0x73, 0x18, 0x09, 0x20, 0x03, 0x28, + 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x22, 0x96, 0x01, 0x0a, 0x0c, 0x4b, 0x65, 0x72, 0x6e, + 0x65, 0x6c, 0x4d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3d, 0x0a, 0x0c, + 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x5f, 0x6f, 0x6b, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x42, 0x6f, 0x6f, 0x6c, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x52, 0x0b, + 0x73, 0x69, 0x67, 0x6e, 0x61, 0x74, 0x75, 0x72, 0x65, 0x4f, 0x6b, 0x12, 0x33, 0x0a, 0x07, 0x74, + 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x19, 0x2e, 0x74, + 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x42, + 0x69, 0x74, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x07, 0x74, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, + 0x22, 0x56, 0x0a, 0x04, 0x54, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x30, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x30, 0x12, 0x12, 0x0a, 0x04, + 0x61, 0x72, 0x67, 0x31, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x31, + 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x32, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x52, 0x04, + 0x61, 0x72, 0x67, 0x32, 0x12, 0x12, 0x0a, 0x04, 0x61, 0x72, 0x67, 0x33, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x04, 0x52, 0x04, 0x61, 0x72, 0x67, 0x33, 0x22, 0x51, 0x0a, 0x16, 0x47, 0x65, 0x74, 0x48, + 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x37, 0x0a, 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x65, 0x74, 0x18, + 0x01, 0x20, 0x03, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, + 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, + 0x65, 0x52, 0x08, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x53, 0x65, 0x74, 0x22, 0x90, 0x01, 0x0a, 0x0c, + 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x30, 0x0a, 0x05, + 0x65, 0x76, 0x65, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1a, 0x2e, 0x74, 0x65, + 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, + 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x52, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x34, + 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1c, + 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x06, 0x73, 0x74, + 0x61, 0x74, 0x75, 0x73, 0x12, 0x18, 0x0a, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x22, 0x56, + 0x0a, 0x17, 0x47, 0x65, 0x74, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3b, 0x0a, 0x0d, 0x68, 0x65, 0x61, + 0x6c, 0x74, 0x68, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x16, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x48, 0x65, 0x61, 0x6c, + 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x0c, 0x68, 0x65, 0x61, 0x6c, 0x74, 0x68, + 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x22, 0x6a, 0x0a, 0x0d, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, + 0x73, 0x4c, 0x6f, 0x61, 0x64, 0x65, 0x72, 0x12, 0x2b, 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x11, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, + 0x67, 0x6f, 0x6e, 0x2e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, + 0x63, 0x65, 0x73, 0x73, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x18, 0x0a, 0x07, 0x62, 0x75, 0x69, 0x6c, + 0x64, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x07, 0x62, 0x75, 0x69, 0x6c, 0x64, + 0x69, 0x64, 0x22, 0x64, 0x0a, 0x12, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, + 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x45, 0x0a, 0x0f, 0x63, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x19, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, 0x43, 0x72, 0x65, + 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x48, 0x00, 0x52, 0x0f, + 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x42, + 0x07, 0x0a, 0x05, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x22, 0x15, 0x0a, 0x13, 0x52, 0x75, 0x6e, 0x74, + 0x69, 0x6d, 0x65, 0x48, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x81, 0x02, 0x0a, 0x0f, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, + 0x6e, 0x65, 0x72, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x50, 0x61, + 0x74, 0x68, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x67, 0x72, 0x6f, 0x75, 0x70, + 0x73, 0x50, 0x61, 0x74, 0x68, 0x12, 0x18, 0x0a, 0x07, 0x72, 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, 0x6f, 0x6f, 0x74, 0x44, 0x69, 0x72, 0x12, + 0x4c, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, + 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2a, 0x2e, 0x74, 0x65, 0x74, 0x72, 0x61, 0x67, 0x6f, 0x6e, 0x2e, + 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x2e, + 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, + 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x24, 0x0a, + 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x4e, + 0x61, 0x6d, 0x65, 0x1a, 0x3e, 0x0a, 0x10, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, + 0x02, 0x38, 0x01, 0x22, 0x73, 0x0a, 0x0f, 0x53, 0x74, 0x61, 0x63, 0x6b, 0x54, 0x72, 0x61, 0x63, + 0x65, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x18, 0x0a, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, + 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x07, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, + 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, + 0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x79, 0x6d, 0x62, + 0x6f, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x79, 0x6d, 0x62, 0x6f, 0x6c, + 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x06, 0x6d, 0x6f, 0x64, 0x75, 0x6c, 0x65, 0x2a, 0x95, 0x03, 0x0a, 0x0c, 0x4b, 0x70, 0x72, + 0x6f, 0x62, 0x65, 0x41, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, + 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, + 0x57, 0x4e, 0x10, 0x00, 0x12, 0x16, 0x0a, 0x12, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, + 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x50, 0x4f, 0x53, 0x54, 0x10, 0x01, 0x12, 0x1a, 0x0a, 0x16, + 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x46, 0x4f, + 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, 0x02, 0x12, 0x19, 0x0a, 0x15, 0x4b, 0x50, 0x52, 0x4f, + 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x49, 0x47, 0x4b, 0x49, 0x4c, + 0x4c, 0x10, 0x03, 0x12, 0x1c, 0x0a, 0x18, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, + 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x46, 0x4f, 0x4c, 0x4c, 0x4f, 0x57, 0x46, 0x44, 0x10, + 0x04, 0x12, 0x1a, 0x0a, 0x16, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, + 0x4f, 0x4e, 0x5f, 0x4f, 0x56, 0x45, 0x52, 0x52, 0x49, 0x44, 0x45, 0x10, 0x05, 0x12, 0x18, 0x0a, + 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x43, + 0x4f, 0x50, 0x59, 0x46, 0x44, 0x10, 0x06, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, + 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x47, 0x45, 0x54, 0x55, 0x52, 0x4c, 0x10, + 0x07, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, + 0x4f, 0x4e, 0x5f, 0x44, 0x4e, 0x53, 0x4c, 0x4f, 0x4f, 0x4b, 0x55, 0x50, 0x10, 0x08, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, - 0x47, 0x45, 0x54, 0x55, 0x52, 0x4c, 0x10, 0x07, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, 0x4f, - 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x44, 0x4e, 0x53, 0x4c, 0x4f, 0x4f, - 0x4b, 0x55, 0x50, 0x10, 0x08, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, - 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4e, 0x4f, 0x50, 0x4f, 0x53, 0x54, 0x10, 0x09, 0x12, - 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, - 0x5f, 0x53, 0x49, 0x47, 0x4e, 0x41, 0x4c, 0x10, 0x0a, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, - 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x4b, - 0x53, 0x4f, 0x43, 0x4b, 0x10, 0x0b, 0x12, 0x1d, 0x0a, 0x19, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, - 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x54, 0x52, 0x41, 0x43, 0x4b, 0x53, - 0x4f, 0x43, 0x4b, 0x10, 0x0c, 0x12, 0x20, 0x0a, 0x1c, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, - 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4e, 0x4f, 0x54, 0x49, 0x46, 0x59, 0x45, 0x4e, 0x46, - 0x4f, 0x52, 0x43, 0x45, 0x52, 0x10, 0x0d, 0x2a, 0x4f, 0x0a, 0x10, 0x48, 0x65, 0x61, 0x6c, 0x74, - 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1c, 0x0a, 0x18, 0x48, - 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, - 0x45, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, 0x12, 0x1d, 0x0a, 0x19, 0x48, 0x45, 0x41, - 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, - 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x10, 0x01, 0x2a, 0x7c, 0x0a, 0x12, 0x48, 0x65, 0x61, 0x6c, - 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x17, - 0x0a, 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, - 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, 0x12, 0x19, 0x0a, 0x15, 0x48, 0x45, 0x41, 0x4c, 0x54, - 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x52, 0x55, 0x4e, 0x4e, 0x49, 0x4e, 0x47, - 0x10, 0x01, 0x12, 0x19, 0x0a, 0x15, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, - 0x54, 0x55, 0x53, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x50, 0x45, 0x44, 0x10, 0x02, 0x12, 0x17, 0x0a, - 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x45, - 0x52, 0x52, 0x4f, 0x52, 0x10, 0x03, 0x2a, 0x8d, 0x02, 0x0a, 0x0f, 0x54, 0x61, 0x69, 0x6e, 0x74, - 0x65, 0x64, 0x42, 0x69, 0x74, 0x73, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x41, - 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x53, 0x45, 0x54, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, 0x54, - 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x50, 0x52, 0x4f, 0x50, 0x52, 0x49, 0x45, 0x54, 0x41, 0x52, 0x59, - 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x01, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x49, - 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, - 0x10, 0x02, 0x12, 0x1e, 0x0a, 0x1a, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, - 0x45, 0x44, 0x5f, 0x55, 0x4e, 0x4c, 0x4f, 0x41, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, - 0x10, 0x04, 0x12, 0x18, 0x0a, 0x13, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x53, 0x54, 0x41, 0x47, - 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x08, 0x12, 0x1d, 0x0a, 0x18, - 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x4f, 0x55, 0x54, 0x5f, 0x4f, 0x46, 0x5f, 0x54, 0x52, 0x45, - 0x45, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x20, 0x12, 0x1a, 0x0a, 0x15, 0x54, - 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x53, 0x49, 0x47, 0x4e, 0x45, 0x44, 0x5f, 0x4d, 0x4f, - 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x40, 0x12, 0x24, 0x0a, 0x1e, 0x54, 0x41, 0x49, 0x4e, 0x54, - 0x5f, 0x4b, 0x45, 0x52, 0x4e, 0x45, 0x4c, 0x5f, 0x4c, 0x49, 0x56, 0x45, 0x5f, 0x50, 0x41, 0x54, - 0x43, 0x48, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x80, 0x02, 0x12, 0x17, 0x0a, - 0x11, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x54, 0x45, 0x53, 0x54, 0x5f, 0x4d, 0x4f, 0x44, 0x55, - 0x4c, 0x45, 0x10, 0x80, 0x80, 0x10, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x4e, 0x4f, 0x50, 0x4f, 0x53, 0x54, 0x10, 0x09, 0x12, 0x18, 0x0a, 0x14, 0x4b, 0x50, 0x52, 0x4f, + 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x49, 0x47, 0x4e, 0x41, 0x4c, + 0x10, 0x0a, 0x12, 0x1b, 0x0a, 0x17, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, + 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x52, 0x41, 0x43, 0x4b, 0x53, 0x4f, 0x43, 0x4b, 0x10, 0x0b, 0x12, + 0x1d, 0x0a, 0x19, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, + 0x5f, 0x55, 0x4e, 0x54, 0x52, 0x41, 0x43, 0x4b, 0x53, 0x4f, 0x43, 0x4b, 0x10, 0x0c, 0x12, 0x20, + 0x0a, 0x1c, 0x4b, 0x50, 0x52, 0x4f, 0x42, 0x45, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x5f, + 0x4e, 0x4f, 0x54, 0x49, 0x46, 0x59, 0x45, 0x4e, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x52, 0x10, 0x0d, + 0x2a, 0x4f, 0x0a, 0x10, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, + 0x54, 0x79, 0x70, 0x65, 0x12, 0x1c, 0x0a, 0x18, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, + 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, + 0x10, 0x00, 0x12, 0x1d, 0x0a, 0x19, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, + 0x54, 0x55, 0x53, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x10, + 0x01, 0x2a, 0x7c, 0x0a, 0x12, 0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x53, 0x74, 0x61, 0x74, 0x75, + 0x73, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x17, 0x0a, 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, + 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x55, 0x4e, 0x44, 0x45, 0x46, 0x10, 0x00, + 0x12, 0x19, 0x0a, 0x15, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, + 0x53, 0x5f, 0x52, 0x55, 0x4e, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x19, 0x0a, 0x15, 0x48, + 0x45, 0x41, 0x4c, 0x54, 0x48, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x53, 0x54, 0x4f, + 0x50, 0x50, 0x45, 0x44, 0x10, 0x02, 0x12, 0x17, 0x0a, 0x13, 0x48, 0x45, 0x41, 0x4c, 0x54, 0x48, + 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x10, 0x03, 0x2a, + 0x8d, 0x02, 0x0a, 0x0f, 0x54, 0x61, 0x69, 0x6e, 0x74, 0x65, 0x64, 0x42, 0x69, 0x74, 0x73, 0x54, + 0x79, 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, 0x53, + 0x45, 0x54, 0x10, 0x00, 0x12, 0x1c, 0x0a, 0x18, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x50, 0x52, + 0x4f, 0x50, 0x52, 0x49, 0x45, 0x54, 0x41, 0x52, 0x59, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, + 0x10, 0x01, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, + 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x02, 0x12, 0x1e, 0x0a, 0x1a, 0x54, + 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x44, 0x5f, 0x55, 0x4e, 0x4c, 0x4f, + 0x41, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x04, 0x12, 0x18, 0x0a, 0x13, 0x54, + 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x53, 0x54, 0x41, 0x47, 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, + 0x4c, 0x45, 0x10, 0x80, 0x08, 0x12, 0x1d, 0x0a, 0x18, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x4f, + 0x55, 0x54, 0x5f, 0x4f, 0x46, 0x5f, 0x54, 0x52, 0x45, 0x45, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, + 0x45, 0x10, 0x80, 0x20, 0x12, 0x1a, 0x0a, 0x15, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x55, 0x4e, + 0x53, 0x49, 0x47, 0x4e, 0x45, 0x44, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x40, + 0x12, 0x24, 0x0a, 0x1e, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, 0x4b, 0x45, 0x52, 0x4e, 0x45, 0x4c, + 0x5f, 0x4c, 0x49, 0x56, 0x45, 0x5f, 0x50, 0x41, 0x54, 0x43, 0x48, 0x5f, 0x4d, 0x4f, 0x44, 0x55, + 0x4c, 0x45, 0x10, 0x80, 0x80, 0x02, 0x12, 0x17, 0x0a, 0x11, 0x54, 0x41, 0x49, 0x4e, 0x54, 0x5f, + 0x54, 0x45, 0x53, 0x54, 0x5f, 0x4d, 0x4f, 0x44, 0x55, 0x4c, 0x45, 0x10, 0x80, 0x80, 0x10, 0x62, + 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -4764,7 +4893,7 @@ func file_tetragon_tetragon_proto_rawDescGZIP() []byte { } var file_tetragon_tetragon_proto_enumTypes = make([]protoimpl.EnumInfo, 4) -var file_tetragon_tetragon_proto_msgTypes = make([]protoimpl.MessageInfo, 44) +var file_tetragon_tetragon_proto_msgTypes = make([]protoimpl.MessageInfo, 45) var file_tetragon_tetragon_proto_goTypes = []interface{}{ (KprobeAction)(0), // 0: tetragon.KprobeAction (HealthStatusType)(0), // 1: tetragon.HealthStatusType @@ -4802,35 +4931,36 @@ var file_tetragon_tetragon_proto_goTypes = []interface{}{ (*ProcessKprobe)(nil), // 33: tetragon.ProcessKprobe (*ProcessTracepoint)(nil), // 34: tetragon.ProcessTracepoint (*ProcessUprobe)(nil), // 35: tetragon.ProcessUprobe - (*KernelModule)(nil), // 36: tetragon.KernelModule - (*Test)(nil), // 37: tetragon.Test - (*GetHealthStatusRequest)(nil), // 38: tetragon.GetHealthStatusRequest - (*HealthStatus)(nil), // 39: tetragon.HealthStatus - (*GetHealthStatusResponse)(nil), // 40: tetragon.GetHealthStatusResponse - (*ProcessLoader)(nil), // 41: tetragon.ProcessLoader - (*RuntimeHookRequest)(nil), // 42: tetragon.RuntimeHookRequest - (*RuntimeHookResponse)(nil), // 43: tetragon.RuntimeHookResponse - (*CreateContainer)(nil), // 44: tetragon.CreateContainer - (*StackTraceEntry)(nil), // 45: tetragon.StackTraceEntry - nil, // 46: tetragon.Pod.PodLabelsEntry - nil, // 47: tetragon.CreateContainer.AnnotationsEntry - (*timestamppb.Timestamp)(nil), // 48: google.protobuf.Timestamp - (*wrapperspb.UInt32Value)(nil), // 49: google.protobuf.UInt32Value - (CapabilitiesType)(0), // 50: tetragon.CapabilitiesType - (*wrapperspb.Int32Value)(nil), // 51: google.protobuf.Int32Value - (SecureBitsType)(0), // 52: tetragon.SecureBitsType - (ProcessPrivilegesChanged)(0), // 53: tetragon.ProcessPrivilegesChanged - (*wrapperspb.BoolValue)(nil), // 54: google.protobuf.BoolValue + (*ProcessLsm)(nil), // 36: tetragon.ProcessLsm + (*KernelModule)(nil), // 37: tetragon.KernelModule + (*Test)(nil), // 38: tetragon.Test + (*GetHealthStatusRequest)(nil), // 39: tetragon.GetHealthStatusRequest + (*HealthStatus)(nil), // 40: tetragon.HealthStatus + (*GetHealthStatusResponse)(nil), // 41: tetragon.GetHealthStatusResponse + (*ProcessLoader)(nil), // 42: tetragon.ProcessLoader + (*RuntimeHookRequest)(nil), // 43: tetragon.RuntimeHookRequest + (*RuntimeHookResponse)(nil), // 44: tetragon.RuntimeHookResponse + (*CreateContainer)(nil), // 45: tetragon.CreateContainer + (*StackTraceEntry)(nil), // 46: tetragon.StackTraceEntry + nil, // 47: tetragon.Pod.PodLabelsEntry + nil, // 48: tetragon.CreateContainer.AnnotationsEntry + (*timestamppb.Timestamp)(nil), // 49: google.protobuf.Timestamp + (*wrapperspb.UInt32Value)(nil), // 50: google.protobuf.UInt32Value + (CapabilitiesType)(0), // 51: tetragon.CapabilitiesType + (*wrapperspb.Int32Value)(nil), // 52: google.protobuf.Int32Value + (SecureBitsType)(0), // 53: tetragon.SecureBitsType + (ProcessPrivilegesChanged)(0), // 54: tetragon.ProcessPrivilegesChanged + (*wrapperspb.BoolValue)(nil), // 55: google.protobuf.BoolValue } var file_tetragon_tetragon_proto_depIdxs = []int32{ 4, // 0: tetragon.Container.image:type_name -> tetragon.Image - 48, // 1: tetragon.Container.start_time:type_name -> google.protobuf.Timestamp - 49, // 2: tetragon.Container.pid:type_name -> google.protobuf.UInt32Value + 49, // 1: tetragon.Container.start_time:type_name -> google.protobuf.Timestamp + 50, // 2: tetragon.Container.pid:type_name -> google.protobuf.UInt32Value 5, // 3: tetragon.Pod.container:type_name -> tetragon.Container - 46, // 4: tetragon.Pod.pod_labels:type_name -> tetragon.Pod.PodLabelsEntry - 50, // 5: tetragon.Capabilities.permitted:type_name -> tetragon.CapabilitiesType - 50, // 6: tetragon.Capabilities.effective:type_name -> tetragon.CapabilitiesType - 50, // 7: tetragon.Capabilities.inheritable:type_name -> tetragon.CapabilitiesType + 47, // 4: tetragon.Pod.pod_labels:type_name -> tetragon.Pod.PodLabelsEntry + 51, // 5: tetragon.Capabilities.permitted:type_name -> tetragon.CapabilitiesType + 51, // 6: tetragon.Capabilities.effective:type_name -> tetragon.CapabilitiesType + 51, // 7: tetragon.Capabilities.inheritable:type_name -> tetragon.CapabilitiesType 8, // 8: tetragon.Namespaces.uts:type_name -> tetragon.Namespace 8, // 9: tetragon.Namespaces.ipc:type_name -> tetragon.Namespace 8, // 10: tetragon.Namespaces.mnt:type_name -> tetragon.Namespace @@ -4841,35 +4971,35 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 8, // 15: tetragon.Namespaces.time_for_children:type_name -> tetragon.Namespace 8, // 16: tetragon.Namespaces.cgroup:type_name -> tetragon.Namespace 8, // 17: tetragon.Namespaces.user:type_name -> tetragon.Namespace - 51, // 18: tetragon.UserNamespace.level:type_name -> google.protobuf.Int32Value - 49, // 19: tetragon.UserNamespace.uid:type_name -> google.protobuf.UInt32Value - 49, // 20: tetragon.UserNamespace.gid:type_name -> google.protobuf.UInt32Value + 52, // 18: tetragon.UserNamespace.level:type_name -> google.protobuf.Int32Value + 50, // 19: tetragon.UserNamespace.uid:type_name -> google.protobuf.UInt32Value + 50, // 20: tetragon.UserNamespace.gid:type_name -> google.protobuf.UInt32Value 8, // 21: tetragon.UserNamespace.ns:type_name -> tetragon.Namespace - 49, // 22: tetragon.ProcessCredentials.uid:type_name -> google.protobuf.UInt32Value - 49, // 23: tetragon.ProcessCredentials.gid:type_name -> google.protobuf.UInt32Value - 49, // 24: tetragon.ProcessCredentials.euid:type_name -> google.protobuf.UInt32Value - 49, // 25: tetragon.ProcessCredentials.egid:type_name -> google.protobuf.UInt32Value - 49, // 26: tetragon.ProcessCredentials.suid:type_name -> google.protobuf.UInt32Value - 49, // 27: tetragon.ProcessCredentials.sgid:type_name -> google.protobuf.UInt32Value - 49, // 28: tetragon.ProcessCredentials.fsuid:type_name -> google.protobuf.UInt32Value - 49, // 29: tetragon.ProcessCredentials.fsgid:type_name -> google.protobuf.UInt32Value - 52, // 30: tetragon.ProcessCredentials.securebits:type_name -> tetragon.SecureBitsType + 50, // 22: tetragon.ProcessCredentials.uid:type_name -> google.protobuf.UInt32Value + 50, // 23: tetragon.ProcessCredentials.gid:type_name -> google.protobuf.UInt32Value + 50, // 24: tetragon.ProcessCredentials.euid:type_name -> google.protobuf.UInt32Value + 50, // 25: tetragon.ProcessCredentials.egid:type_name -> google.protobuf.UInt32Value + 50, // 26: tetragon.ProcessCredentials.suid:type_name -> google.protobuf.UInt32Value + 50, // 27: tetragon.ProcessCredentials.sgid:type_name -> google.protobuf.UInt32Value + 50, // 28: tetragon.ProcessCredentials.fsuid:type_name -> google.protobuf.UInt32Value + 50, // 29: tetragon.ProcessCredentials.fsgid:type_name -> google.protobuf.UInt32Value + 53, // 30: tetragon.ProcessCredentials.securebits:type_name -> tetragon.SecureBitsType 7, // 31: tetragon.ProcessCredentials.caps:type_name -> tetragon.Capabilities 10, // 32: tetragon.ProcessCredentials.user_ns:type_name -> tetragon.UserNamespace - 49, // 33: tetragon.InodeProperties.links:type_name -> google.protobuf.UInt32Value + 50, // 33: tetragon.InodeProperties.links:type_name -> google.protobuf.UInt32Value 12, // 34: tetragon.FileProperties.inode:type_name -> tetragon.InodeProperties - 49, // 35: tetragon.BinaryProperties.setuid:type_name -> google.protobuf.UInt32Value - 49, // 36: tetragon.BinaryProperties.setgid:type_name -> google.protobuf.UInt32Value - 53, // 37: tetragon.BinaryProperties.privileges_changed:type_name -> tetragon.ProcessPrivilegesChanged + 50, // 35: tetragon.BinaryProperties.setuid:type_name -> google.protobuf.UInt32Value + 50, // 36: tetragon.BinaryProperties.setgid:type_name -> google.protobuf.UInt32Value + 54, // 37: tetragon.BinaryProperties.privileges_changed:type_name -> tetragon.ProcessPrivilegesChanged 13, // 38: tetragon.BinaryProperties.file:type_name -> tetragon.FileProperties - 49, // 39: tetragon.Process.pid:type_name -> google.protobuf.UInt32Value - 49, // 40: tetragon.Process.uid:type_name -> google.protobuf.UInt32Value - 48, // 41: tetragon.Process.start_time:type_name -> google.protobuf.Timestamp - 49, // 42: tetragon.Process.auid:type_name -> google.protobuf.UInt32Value + 50, // 39: tetragon.Process.pid:type_name -> google.protobuf.UInt32Value + 50, // 40: tetragon.Process.uid:type_name -> google.protobuf.UInt32Value + 49, // 41: tetragon.Process.start_time:type_name -> google.protobuf.Timestamp + 50, // 42: tetragon.Process.auid:type_name -> google.protobuf.UInt32Value 6, // 43: tetragon.Process.pod:type_name -> tetragon.Pod 7, // 44: tetragon.Process.cap:type_name -> tetragon.Capabilities 9, // 45: tetragon.Process.ns:type_name -> tetragon.Namespaces - 49, // 46: tetragon.Process.tid:type_name -> google.protobuf.UInt32Value + 50, // 46: tetragon.Process.tid:type_name -> google.protobuf.UInt32Value 11, // 47: tetragon.Process.process_credentials:type_name -> tetragon.ProcessCredentials 14, // 48: tetragon.Process.binary_properties:type_name -> tetragon.BinaryProperties 15, // 49: tetragon.Process.user:type_name -> tetragon.UserRecord @@ -4878,14 +5008,14 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 16, // 52: tetragon.ProcessExec.ancestors:type_name -> tetragon.Process 16, // 53: tetragon.ProcessExit.process:type_name -> tetragon.Process 16, // 54: tetragon.ProcessExit.parent:type_name -> tetragon.Process - 48, // 55: tetragon.ProcessExit.time:type_name -> google.protobuf.Timestamp - 50, // 56: tetragon.KprobeCred.permitted:type_name -> tetragon.CapabilitiesType - 50, // 57: tetragon.KprobeCred.effective:type_name -> tetragon.CapabilitiesType - 50, // 58: tetragon.KprobeCred.inheritable:type_name -> tetragon.CapabilitiesType - 51, // 59: tetragon.KprobeCapability.value:type_name -> google.protobuf.Int32Value - 51, // 60: tetragon.KprobeUserNamespace.level:type_name -> google.protobuf.Int32Value - 49, // 61: tetragon.KprobeUserNamespace.owner:type_name -> google.protobuf.UInt32Value - 49, // 62: tetragon.KprobeUserNamespace.group:type_name -> google.protobuf.UInt32Value + 49, // 55: tetragon.ProcessExit.time:type_name -> google.protobuf.Timestamp + 51, // 56: tetragon.KprobeCred.permitted:type_name -> tetragon.CapabilitiesType + 51, // 57: tetragon.KprobeCred.effective:type_name -> tetragon.CapabilitiesType + 51, // 58: tetragon.KprobeCred.inheritable:type_name -> tetragon.CapabilitiesType + 52, // 59: tetragon.KprobeCapability.value:type_name -> google.protobuf.Int32Value + 52, // 60: tetragon.KprobeUserNamespace.level:type_name -> google.protobuf.Int32Value + 50, // 61: tetragon.KprobeUserNamespace.owner:type_name -> google.protobuf.UInt32Value + 50, // 62: tetragon.KprobeUserNamespace.group:type_name -> google.protobuf.UInt32Value 8, // 63: tetragon.KprobeUserNamespace.ns:type_name -> tetragon.Namespace 20, // 64: tetragon.KprobeArgument.skb_arg:type_name -> tetragon.KprobeSkb 22, // 65: tetragon.KprobeArgument.path_arg:type_name -> tetragon.KprobePath @@ -4900,7 +5030,7 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 27, // 74: tetragon.KprobeArgument.capability_arg:type_name -> tetragon.KprobeCapability 11, // 75: tetragon.KprobeArgument.process_credentials_arg:type_name -> tetragon.ProcessCredentials 10, // 76: tetragon.KprobeArgument.user_ns_arg:type_name -> tetragon.UserNamespace - 36, // 77: tetragon.KprobeArgument.module_arg:type_name -> tetragon.KernelModule + 37, // 77: tetragon.KprobeArgument.module_arg:type_name -> tetragon.KernelModule 26, // 78: tetragon.KprobeArgument.linux_binprm_arg:type_name -> tetragon.KprobeLinuxBinprm 21, // 79: tetragon.KprobeArgument.net_dev_arg:type_name -> tetragon.KprobeNetDev 16, // 80: tetragon.ProcessKprobe.process:type_name -> tetragon.Process @@ -4908,9 +5038,9 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 32, // 82: tetragon.ProcessKprobe.args:type_name -> tetragon.KprobeArgument 32, // 83: tetragon.ProcessKprobe.return:type_name -> tetragon.KprobeArgument 0, // 84: tetragon.ProcessKprobe.action:type_name -> tetragon.KprobeAction - 45, // 85: tetragon.ProcessKprobe.kernel_stack_trace:type_name -> tetragon.StackTraceEntry + 46, // 85: tetragon.ProcessKprobe.kernel_stack_trace:type_name -> tetragon.StackTraceEntry 0, // 86: tetragon.ProcessKprobe.return_action:type_name -> tetragon.KprobeAction - 45, // 87: tetragon.ProcessKprobe.user_stack_trace:type_name -> tetragon.StackTraceEntry + 46, // 87: tetragon.ProcessKprobe.user_stack_trace:type_name -> tetragon.StackTraceEntry 16, // 88: tetragon.ProcessTracepoint.process:type_name -> tetragon.Process 16, // 89: tetragon.ProcessTracepoint.parent:type_name -> tetragon.Process 32, // 90: tetragon.ProcessTracepoint.args:type_name -> tetragon.KprobeArgument @@ -4918,20 +5048,24 @@ var file_tetragon_tetragon_proto_depIdxs = []int32{ 16, // 92: tetragon.ProcessUprobe.process:type_name -> tetragon.Process 16, // 93: tetragon.ProcessUprobe.parent:type_name -> tetragon.Process 32, // 94: tetragon.ProcessUprobe.args:type_name -> tetragon.KprobeArgument - 54, // 95: tetragon.KernelModule.signature_ok:type_name -> google.protobuf.BoolValue - 3, // 96: tetragon.KernelModule.tainted:type_name -> tetragon.TaintedBitsType - 1, // 97: tetragon.GetHealthStatusRequest.event_set:type_name -> tetragon.HealthStatusType - 1, // 98: tetragon.HealthStatus.event:type_name -> tetragon.HealthStatusType - 2, // 99: tetragon.HealthStatus.status:type_name -> tetragon.HealthStatusResult - 39, // 100: tetragon.GetHealthStatusResponse.health_status:type_name -> tetragon.HealthStatus - 16, // 101: tetragon.ProcessLoader.process:type_name -> tetragon.Process - 44, // 102: tetragon.RuntimeHookRequest.createContainer:type_name -> tetragon.CreateContainer - 47, // 103: tetragon.CreateContainer.annotations:type_name -> tetragon.CreateContainer.AnnotationsEntry - 104, // [104:104] is the sub-list for method output_type - 104, // [104:104] is the sub-list for method input_type - 104, // [104:104] is the sub-list for extension type_name - 104, // [104:104] is the sub-list for extension extendee - 0, // [0:104] is the sub-list for field type_name + 16, // 95: tetragon.ProcessLsm.process:type_name -> tetragon.Process + 16, // 96: tetragon.ProcessLsm.parent:type_name -> tetragon.Process + 32, // 97: tetragon.ProcessLsm.args:type_name -> tetragon.KprobeArgument + 0, // 98: tetragon.ProcessLsm.action:type_name -> tetragon.KprobeAction + 55, // 99: tetragon.KernelModule.signature_ok:type_name -> google.protobuf.BoolValue + 3, // 100: tetragon.KernelModule.tainted:type_name -> tetragon.TaintedBitsType + 1, // 101: tetragon.GetHealthStatusRequest.event_set:type_name -> tetragon.HealthStatusType + 1, // 102: tetragon.HealthStatus.event:type_name -> tetragon.HealthStatusType + 2, // 103: tetragon.HealthStatus.status:type_name -> tetragon.HealthStatusResult + 40, // 104: tetragon.GetHealthStatusResponse.health_status:type_name -> tetragon.HealthStatus + 16, // 105: tetragon.ProcessLoader.process:type_name -> tetragon.Process + 45, // 106: tetragon.RuntimeHookRequest.createContainer:type_name -> tetragon.CreateContainer + 48, // 107: tetragon.CreateContainer.annotations:type_name -> tetragon.CreateContainer.AnnotationsEntry + 108, // [108:108] is the sub-list for method output_type + 108, // [108:108] is the sub-list for method input_type + 108, // [108:108] is the sub-list for extension type_name + 108, // [108:108] is the sub-list for extension extendee + 0, // [0:108] is the sub-list for field type_name } func init() { file_tetragon_tetragon_proto_init() } @@ -5326,7 +5460,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[32].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*KernelModule); i { + switch v := v.(*ProcessLsm); i { case 0: return &v.state case 1: @@ -5338,7 +5472,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[33].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Test); i { + switch v := v.(*KernelModule); i { case 0: return &v.state case 1: @@ -5350,7 +5484,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[34].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetHealthStatusRequest); i { + switch v := v.(*Test); i { case 0: return &v.state case 1: @@ -5362,7 +5496,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[35].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*HealthStatus); i { + switch v := v.(*GetHealthStatusRequest); i { case 0: return &v.state case 1: @@ -5374,7 +5508,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[36].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*GetHealthStatusResponse); i { + switch v := v.(*HealthStatus); i { case 0: return &v.state case 1: @@ -5386,7 +5520,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[37].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ProcessLoader); i { + switch v := v.(*GetHealthStatusResponse); i { case 0: return &v.state case 1: @@ -5398,7 +5532,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[38].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RuntimeHookRequest); i { + switch v := v.(*ProcessLoader); i { case 0: return &v.state case 1: @@ -5410,7 +5544,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[39].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*RuntimeHookResponse); i { + switch v := v.(*RuntimeHookRequest); i { case 0: return &v.state case 1: @@ -5422,7 +5556,7 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[40].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*CreateContainer); i { + switch v := v.(*RuntimeHookResponse); i { case 0: return &v.state case 1: @@ -5434,6 +5568,18 @@ func file_tetragon_tetragon_proto_init() { } } file_tetragon_tetragon_proto_msgTypes[41].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*CreateContainer); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_tetragon_tetragon_proto_msgTypes[42].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*StackTraceEntry); i { case 0: return &v.state @@ -5474,7 +5620,7 @@ func file_tetragon_tetragon_proto_init() { (*KprobeArgument_LinuxBinprmArg)(nil), (*KprobeArgument_NetDevArg)(nil), } - file_tetragon_tetragon_proto_msgTypes[38].OneofWrappers = []interface{}{ + file_tetragon_tetragon_proto_msgTypes[39].OneofWrappers = []interface{}{ (*RuntimeHookRequest_CreateContainer)(nil), } type x struct{} @@ -5483,7 +5629,7 @@ func file_tetragon_tetragon_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_tetragon_tetragon_proto_rawDesc, NumEnums: 4, - NumMessages: 44, + NumMessages: 45, NumExtensions: 0, NumServices: 0, }, diff --git a/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.json.go b/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.json.go index caedb88f5ec..fece138cc0d 100644 --- a/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.json.go +++ b/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.pb.json.go @@ -519,6 +519,22 @@ func (msg *ProcessUprobe) UnmarshalJSON(b []byte) error { }.Unmarshal(b, msg) } +// MarshalJSON implements json.Marshaler +func (msg *ProcessLsm) MarshalJSON() ([]byte, error) { + return protojson.MarshalOptions{ + UseEnumNumbers: false, + EmitUnpopulated: false, + UseProtoNames: true, + }.Marshal(msg) +} + +// UnmarshalJSON implements json.Unmarshaler +func (msg *ProcessLsm) UnmarshalJSON(b []byte) error { + return protojson.UnmarshalOptions{ + DiscardUnknown: false, + }.Unmarshal(b, msg) +} + // MarshalJSON implements json.Marshaler func (msg *KernelModule) MarshalJSON() ([]byte, error) { return protojson.MarshalOptions{ diff --git a/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.proto b/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.proto index 801f46c0b3f..34a6df09557 100644 --- a/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.proto +++ b/vendor/github.com/cilium/tetragon/api/v1/tetragon/tetragon.proto @@ -532,6 +532,23 @@ message ProcessUprobe { repeated string tags = 8; } +message ProcessLsm { + Process process = 1; + Process parent = 2; + // LSM hook name. + string function_name = 3; + // Name of the policy that created that LSM hook. + string policy_name = 5; + // Short message of the Tracing Policy to inform users what is going on. + string message = 6; + // Arguments definition of the observed LSM hook. + repeated KprobeArgument args = 7; + // Action performed when the LSM hook matched. + KprobeAction action = 8; + // Tags of the Tracing Policy to categorize the event. + repeated string tags = 9; +} + message KernelModule { // Kernel module name string name = 1; diff --git a/vendor/github.com/cilium/tetragon/api/v1/tetragon/types.pb.go b/vendor/github.com/cilium/tetragon/api/v1/tetragon/types.pb.go index f418b3eaca8..81f84cc6a27 100644 --- a/vendor/github.com/cilium/tetragon/api/v1/tetragon/types.pb.go +++ b/vendor/github.com/cilium/tetragon/api/v1/tetragon/types.pb.go @@ -129,6 +129,26 @@ func (event *ProcessUprobe) SetParent(p *Process) { event.Parent = p } +// Encapsulate implements the Event interface. +// Returns the event wrapped by its GetEventsResponse_* type. +func (event *ProcessLsm) Encapsulate() IsGetEventsResponse_Event { + return &GetEventsResponse_ProcessLsm{ + ProcessLsm: event, + } +} + +// SetProcess implements the ProcessEvent interface. +// Sets the Process field of an event. +func (event *ProcessLsm) SetProcess(p *Process) { + event.Process = p +} + +// SetParent implements the ParentEvent interface. +// Sets the Parent field of an event. +func (event *ProcessLsm) SetParent(p *Process) { + event.Parent = p +} + // Encapsulate implements the Event interface. // Returns the event wrapped by its GetEventsResponse_* type. func (event *Test) Encapsulate() IsGetEventsResponse_Event { @@ -184,6 +204,8 @@ func UnwrapGetEventsResponse(response *GetEventsResponse) interface{} { return ev.ProcessTracepoint case *GetEventsResponse_ProcessUprobe: return ev.ProcessUprobe + case *GetEventsResponse_ProcessLsm: + return ev.ProcessLsm case *GetEventsResponse_Test: return ev.Test case *GetEventsResponse_ProcessLoader: diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpolicies.yaml b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpolicies.yaml index f8699a4f451..d3b14464c16 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpolicies.yaml +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpolicies.yaml @@ -801,6 +801,574 @@ spec: loader: description: Enable loader events type: boolean + lsmhooks: + description: A list of uprobe specs. + items: + properties: + args: + description: A list of function arguments to include in the + trace output. + items: + properties: + index: + description: Position of the argument. + format: int32 + minimum: 0 + type: integer + label: + description: Label to output in the JSON + type: string + maxData: + default: false + description: Read maximum possible data (currently 327360). + This field is only used for char_buff data. When this + value is false (default), the bpf program will fetch + at most 4096 bytes. In later kernels (>=5.4) tetragon + supports fetching up to 327360 bytes if this flag is + turned on + type: boolean + returnCopy: + default: false + description: This field is used only for char_buf and + char_iovec types. It indicates that this argument should + be read later (when the kretprobe for the symbol is + triggered) because it might not be populated when the + kprobe is triggered at the entrance of the function. + For example, a buffer supplied to read(2) won't have + content until kretprobe is triggered. + type: boolean + sizeArgIndex: + description: Specifies the position of the corresponding + size argument for this argument. This field is used + only for char_buf and char_iovec types. + format: int32 + minimum: 0 + type: integer + type: + default: auto + description: Argument type. + enum: + - auto + - int + - int8 + - uint8 + - int16 + - uint16 + - uint32 + - int32 + - uint64 + - int64 + - char_buf + - char_iovec + - size_t + - skb + - sock + - string + - fd + - file + - filename + - path + - nop + - bpf_attr + - perf_event + - bpf_map + - user_namespace + - capability + - kiocb + - iov_iter + - cred + - load_info + - module + - syscall64 + - kernel_cap_t + - cap_inheritable + - cap_permitted + - cap_effective + - linux_binprm + - data_loc + - net_device + type: string + required: + - index + - type + type: object + type: array + hook: + description: Name of the function to apply the kprobe spec to. + type: string + message: + description: A short message of 256 characters max that will + be included in the event output to inform users what is going + on. + type: string + selectors: + description: Selectors to apply before producing trace output. + Selectors are ORed. + items: + description: KProbeSelector selects function calls for kprobe + based on PIDs and function arguments. The results of MatchPIDs + and MatchArgs are ANDed. + properties: + matchActions: + description: A list of actions to execute when this selector + matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + matchBinaries: + description: A list of binary exec name filters. + items: + properties: + operator: + description: Filter operation. + enum: + - In + - NotIn + - Prefix + - NotPrefix + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilities: + description: A list of capabilities and IDs + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilityChanges: + description: IDs for capabilities changes + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaceChanges: + description: IDs for namespace changes + items: + properties: + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace types (e.g., Mnt, Pid) to + match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaces: + description: A list of namespaces and IDs + items: + properties: + namespace: + description: Namespace selector name. + enum: + - Uts + - Ipc + - Mnt + - Pid + - PidForChildren + - Net + - Time + - TimeForChildren + - Cgroup + - User + type: string + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace IDs (or host_ns for host + namespace) of namespaces to match. + items: + type: string + type: array + required: + - namespace + - operator + - values + type: object + type: array + matchPIDs: + description: A list of process ID filters. MatchPIDs are + ANDed. + items: + properties: + followForks: + default: false + description: Matches any descendant processes of + the matching PIDs. + type: boolean + isNamespacePID: + default: false + description: Indicates whether PIDs are namespace + PIDs. + type: boolean + operator: + description: PID selector operator. + enum: + - In + - NotIn + type: string + values: + description: Process IDs to match. + items: + format: int32 + type: integer + type: array + required: + - operator + - values + type: object + type: array + matchReturnActions: + description: A list of actions to execute when MatchReturnArgs + selector matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchReturnArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + type: object + type: array + tags: + description: Tags to categorize the event, will be include in + the event output. Maximum of 16 Tags are supported. + items: + type: string + maxItems: 16 + type: array + required: + - hook + type: object + type: array options: description: A list of overloaded options items: diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpoliciesnamespaced.yaml b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpoliciesnamespaced.yaml index 19b141f0b64..595c2db0235 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpoliciesnamespaced.yaml +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpoliciesnamespaced.yaml @@ -801,6 +801,574 @@ spec: loader: description: Enable loader events type: boolean + lsmhooks: + description: A list of uprobe specs. + items: + properties: + args: + description: A list of function arguments to include in the + trace output. + items: + properties: + index: + description: Position of the argument. + format: int32 + minimum: 0 + type: integer + label: + description: Label to output in the JSON + type: string + maxData: + default: false + description: Read maximum possible data (currently 327360). + This field is only used for char_buff data. When this + value is false (default), the bpf program will fetch + at most 4096 bytes. In later kernels (>=5.4) tetragon + supports fetching up to 327360 bytes if this flag is + turned on + type: boolean + returnCopy: + default: false + description: This field is used only for char_buf and + char_iovec types. It indicates that this argument should + be read later (when the kretprobe for the symbol is + triggered) because it might not be populated when the + kprobe is triggered at the entrance of the function. + For example, a buffer supplied to read(2) won't have + content until kretprobe is triggered. + type: boolean + sizeArgIndex: + description: Specifies the position of the corresponding + size argument for this argument. This field is used + only for char_buf and char_iovec types. + format: int32 + minimum: 0 + type: integer + type: + default: auto + description: Argument type. + enum: + - auto + - int + - int8 + - uint8 + - int16 + - uint16 + - uint32 + - int32 + - uint64 + - int64 + - char_buf + - char_iovec + - size_t + - skb + - sock + - string + - fd + - file + - filename + - path + - nop + - bpf_attr + - perf_event + - bpf_map + - user_namespace + - capability + - kiocb + - iov_iter + - cred + - load_info + - module + - syscall64 + - kernel_cap_t + - cap_inheritable + - cap_permitted + - cap_effective + - linux_binprm + - data_loc + - net_device + type: string + required: + - index + - type + type: object + type: array + hook: + description: Name of the function to apply the kprobe spec to. + type: string + message: + description: A short message of 256 characters max that will + be included in the event output to inform users what is going + on. + type: string + selectors: + description: Selectors to apply before producing trace output. + Selectors are ORed. + items: + description: KProbeSelector selects function calls for kprobe + based on PIDs and function arguments. The results of MatchPIDs + and MatchArgs are ANDed. + properties: + matchActions: + description: A list of actions to execute when this selector + matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + matchBinaries: + description: A list of binary exec name filters. + items: + properties: + operator: + description: Filter operation. + enum: + - In + - NotIn + - Prefix + - NotPrefix + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilities: + description: A list of capabilities and IDs + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchCapabilityChanges: + description: IDs for capabilities changes + items: + properties: + isNamespaceCapability: + default: false + description: Indicates whether these caps are namespace + caps. + type: boolean + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + type: + default: Effective + description: Type of capabilities + enum: + - Effective + - Inheritable + - Permitted + type: string + values: + description: Capabilities to match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaceChanges: + description: IDs for namespace changes + items: + properties: + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace types (e.g., Mnt, Pid) to + match. + items: + type: string + type: array + required: + - operator + - values + type: object + type: array + matchNamespaces: + description: A list of namespaces and IDs + items: + properties: + namespace: + description: Namespace selector name. + enum: + - Uts + - Ipc + - Mnt + - Pid + - PidForChildren + - Net + - Time + - TimeForChildren + - Cgroup + - User + type: string + operator: + description: Namespace selector operator. + enum: + - In + - NotIn + type: string + values: + description: Namespace IDs (or host_ns for host + namespace) of namespaces to match. + items: + type: string + type: array + required: + - namespace + - operator + - values + type: object + type: array + matchPIDs: + description: A list of process ID filters. MatchPIDs are + ANDed. + items: + properties: + followForks: + default: false + description: Matches any descendant processes of + the matching PIDs. + type: boolean + isNamespacePID: + default: false + description: Indicates whether PIDs are namespace + PIDs. + type: boolean + operator: + description: PID selector operator. + enum: + - In + - NotIn + type: string + values: + description: Process IDs to match. + items: + format: int32 + type: integer + type: array + required: + - operator + - values + type: object + type: array + matchReturnActions: + description: A list of actions to execute when MatchReturnArgs + selector matches + items: + properties: + action: + description: Action to execute. + enum: + - Post + - FollowFD + - UnfollowFD + - Sigkill + - CopyFD + - Override + - GetUrl + - DnsLookup + - NoPost + - Signal + - TrackSock + - UntrackSock + - NotifyEnforcer + type: string + argError: + description: error value for override action + format: int32 + type: integer + argFd: + description: An arg index for the fd for fdInstall + action + format: int32 + type: integer + argFqdn: + description: A FQDN to lookup for the dnsLookup + action + type: string + argName: + description: An arg index for the filename for fdInstall + action + format: int32 + type: integer + argSig: + description: A signal number for signal action + format: int32 + type: integer + argSock: + description: An arg index for the sock for trackSock + and untrackSock actions + format: int32 + type: integer + argUrl: + description: A URL for the getUrl action + type: string + kernelStackTrace: + description: Enable kernel stack trace export. Only + valid with the post action. + type: boolean + rateLimit: + description: A time period within which repeated + messages will not be posted. Can be specified + in seconds (default or with 's' suffix), minutes + ('m' suffix) or hours ('h' suffix). Only valid + with the post action. + type: string + rateLimitScope: + description: The scope of the provided rate limit + argument. Can be "thread" (default), "process" + (all threads for the same process), or "global". + If "thread" is selected then rate limiting applies + per thread; if "process" is selected then rate + limiting applies per process; if "global" is selected + then rate limiting applies regardless of which + process or thread caused the action. Only valid + with the post action and with a rateLimit specified. + type: string + userStackTrace: + description: Enable user stack trace export. Only + valid with the post action. + type: boolean + required: + - action + type: object + type: array + matchReturnArgs: + description: A list of argument filters. MatchArgs are + ANDed. + items: + properties: + index: + description: Position of the argument to apply fhe + filter to. + format: int32 + minimum: 0 + type: integer + operator: + description: Filter operation. + enum: + - Equal + - NotEqual + - Prefix + - NotPrefix + - Postfix + - NotPostfix + - GreaterThan + - LessThan + - GT + - LT + - Mask + - SPort + - NotSPort + - SPortPriv + - NotSportPriv + - DPort + - NotDPort + - DPortPriv + - NotDPortPriv + - SAddr + - NotSAddr + - DAddr + - NotDAddr + - Protocol + - Family + - State + - InMap + - NotInMap + type: string + values: + description: Value to compare the argument against. + items: + type: string + type: array + required: + - index + - operator + type: object + type: array + type: object + type: array + tags: + description: Tags to categorize the event, will be include in + the event output. Maximum of 16 Tags are supported. + items: + type: string + maxItems: 16 + type: array + required: + - hook + type: object + type: array options: description: A list of overloaded options items: diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go index e1db656a847..36b6d9f9197 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go @@ -85,6 +85,9 @@ type TracingPolicySpec struct { // +kubebuilder:validation:Optional // A list of uprobe specs. UProbes []UProbeSpec `json:"uprobes,omitempty"` + // +kubebuilder:validation:Optional + // A list of uprobe specs. + LsmHooks []LsmHookSpec `json:"lsmhooks,omitempty"` // +kubebuilder:validation:Optional // PodSelector selects pods that this policy applies to diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/types.go b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/types.go index e491c37df3e..9d9c7744281 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/types.go +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/types.go @@ -285,6 +285,26 @@ type UProbeSpec struct { Tags []string `json:"tags,omitempty"` } +type LsmHookSpec struct { + // Name of the function to apply the kprobe spec to. + Hook string `json:"hook"` + // +kubebuilder:validation:Optional + // A short message of 256 characters max that will be included + // in the event output to inform users what is going on. + Message string `json:"message"` + // +kubebuilder:validation:Optional + // A list of function arguments to include in the trace output. + Args []KProbeArg `json:"args,omitempty"` + // +kubebuilder:validation:Optional + // Selectors to apply before producing trace output. Selectors are ORed. + Selectors []KProbeSelector `json:"selectors,omitempty"` + // +kubebuilder:validation:optional + // +kubebuilder:validation:MaxItems=16 + // Tags to categorize the event, will be include in the event output. + // Maximum of 16 Tags are supported. + Tags []string `json:"tags,omitempty"` +} + type ListSpec struct { // Name of the list Name string `json:"name"` diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/version.go b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/version.go index 0f2a4026011..203377ec2ee 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/version.go +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/version.go @@ -7,4 +7,4 @@ package v1alpha1 // Used to determine if CRD needs to be updated in cluster // // Developers: Bump patch for each change in the CRD schema. -const CustomResourceDefinitionSchemaVersion = "1.2.0" +const CustomResourceDefinitionSchemaVersion = "1.2.1" diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go index 2dc62a7bb93..afa464eb9be 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go @@ -275,6 +275,39 @@ func (in *ListSpec) DeepCopy() *ListSpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LsmHookSpec) DeepCopyInto(out *LsmHookSpec) { + *out = *in + if in.Args != nil { + in, out := &in.Args, &out.Args + *out = make([]KProbeArg, len(*in)) + copy(*out, *in) + } + if in.Selectors != nil { + in, out := &in.Selectors, &out.Selectors + *out = make([]KProbeSelector, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tags != nil { + in, out := &in.Tags, &out.Tags + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LsmHookSpec. +func (in *LsmHookSpec) DeepCopy() *LsmHookSpec { + if in == nil { + return nil + } + out := new(LsmHookSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NamespaceChangesSelector) DeepCopyInto(out *NamespaceChangesSelector) { *out = *in @@ -647,6 +680,13 @@ func (in *TracingPolicySpec) DeepCopyInto(out *TracingPolicySpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.LsmHooks != nil { + in, out := &in.LsmHooks, &out.LsmHooks + *out = make([]LsmHookSpec, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.PodSelector != nil { in, out := &in.PodSelector, &out.PodSelector *out = new(v1.LabelSelector)