-
Notifications
You must be signed in to change notification settings - Fork 352
/
policyhandler.go
48 lines (40 loc) · 1.37 KB
/
policyhandler.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
// SPDX-License-Identifier: Apache-2.0
// Copyright Authors of Tetragon
package tracing
import (
"errors"
"fmt"
"sync/atomic"
"github.com/cilium/tetragon/pkg/eventhandler"
"github.com/cilium/tetragon/pkg/policyfilter"
"github.com/cilium/tetragon/pkg/sensors"
"github.com/cilium/tetragon/pkg/tracingpolicy"
)
type policyHandler struct{}
func init() {
sensors.RegisterPolicyHandlerAtInit("tracing", policyHandler{})
}
func (h policyHandler) PolicyHandler(
policy tracingpolicy.TracingPolicy,
policyID policyfilter.PolicyID,
) (*sensors.Sensor, error) {
policyName := policy.TpName()
spec := policy.TpSpec()
if len(spec.KProbes) > 0 && len(spec.Tracepoints) > 0 {
return nil, errors.New("tracing policies with both kprobes and tracepoints are not currently supported")
}
handler := eventhandler.GetCustomEventhandler(policy)
if len(spec.KProbes) > 0 {
name := fmt.Sprintf("gkp-sensor-%d", atomic.AddUint64(&sensorCounter, 1))
err := preValidateKprobes(name, spec.KProbes, spec.Lists)
if err != nil {
return nil, fmt.Errorf("validation failed: %w", err)
}
return createGenericKprobeSensor(spec, name, policyID, policyName, handler)
}
if len(spec.Tracepoints) > 0 {
name := fmt.Sprintf("gtp-sensor-%d", atomic.AddUint64(&sensorCounter, 1))
return createGenericTracepointSensor(name, spec.Tracepoints, policyID, policyName, spec.Lists, handler)
}
return nil, nil
}