Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

enhancement(monitor): enable dropping events at the kernel level #1087

Merged
merged 2 commits into from
Mar 7, 2023
Merged

enhancement(monitor): enable dropping events at the kernel level #1087

merged 2 commits into from
Mar 7, 2023

Conversation

achrefbensaad
Copy link
Member

@achrefbensaad achrefbensaad commented Feb 2, 2023
edited by Ankurk99
Loading

Signed-off-by: Achref ben saad achref@accuknox.com

Purpose of PR?: #1088 #1089 #1006

Does this PR introduce a breaking change? No

If the changes in this PR are manually verified, list down the scenarios covered::

Additional information for reviewer? :
Mention if this PR is part of any design or a continuation of previous PRs

Checklist:

  • New feature (non-breaking change which adds functionality)
  • This change requires a documentation update
  • PR Title follows the convention of <type>(<scope>): <subject>
  • Commit has integration tests

@achrefbensaad achrefbensaad marked this pull request as ready for review February 3, 2023 04:11
@achrefbensaad achrefbensaad changed the title enable dropping events at the kernel level enhancement(monitor): enable dropping events at the kernel level Feb 3, 2023
This was linked to issues Feb 3, 2023
Ability to enable/disable visibility at runtime using annotations. #1088
Closed
Ability to enable/disable visibility at host, namespace #1089
Closed
@achrefbensaad achrefbensaad force-pushed the perform-on-off-switch branch 4 times, most recently from 4ac1eef to 1f54e5c Compare February 3, 2023 09:56
@achrefbensaad achrefbensaad self-assigned this Feb 3, 2023
@daemon1024 daemon1024 self-requested a review February 6, 2023 07:06
daemon1024
daemon1024 requested changes Feb 6, 2023
View reviewed changes
Copy link
Member

@daemon1024 daemon1024 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM in general. Some minor nits inline and queries inline.

KubeArmor/monitor/systemMonitor.go Outdated Show resolved Hide resolved
KubeArmor/BPF/system_monitor.c Show resolved Hide resolved
KubeArmor/BPF/system_monitor.c Outdated Show resolved Hide resolved
KubeArmor/BPF/system_monitor.c Outdated Show resolved Hide resolved
@achrefbensaad
Copy link
Member Author

New logic for droping events:
image

@achrefbensaad achrefbensaad force-pushed the perform-on-off-switch branch 2 times, most recently from b650d1b to d031431 Compare February 20, 2023 12:35
@achrefbensaad achrefbensaad mentioned this pull request Feb 20, 2023
Closed
1 task
nyrahul
nyrahul requested changes Feb 21, 2023
View reviewed changes
KubeArmor/BPF/system_monitor.c Outdated Show resolved Hide resolved
KubeArmor/core/kubeUpdate.go Show resolved Hide resolved
KubeArmor/core/kubeUpdate.go Outdated Show resolved Hide resolved
daemon1024
daemon1024 requested changes Feb 21, 2023
View reviewed changes
KubeArmor/monitor/systemMonitor.go Outdated Show resolved Hide resolved
nyrahul
nyrahul requested changes Feb 22, 2023
View reviewed changes
Copy link
Contributor

@nyrahul nyrahul left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please fix the lint issues. thanks

@daemon1024 daemon1024 force-pushed the perform-on-off-switch branch 3 times, most recently from ae0718f to 5f348a0 Compare February 28, 2023 12:23
daemon1024
daemon1024 approved these changes Mar 1, 2023
View reviewed changes
Copy link
Member

@daemon1024 daemon1024 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Verified Changes. LGTM

Ankurk99
Ankurk99 requested changes Mar 1, 2023
View reviewed changes
Copy link
Member

@Ankurk99 Ankurk99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have some suggestions, ptal

KubeArmor/monitor/systemMonitor.go Show resolved Hide resolved
KubeArmor/monitor/systemMonitor.go Show resolved Hide resolved
KubeArmor/common/bpffs.go Show resolved Hide resolved
KubeArmor/core/kubeUpdate.go Show resolved Hide resolved
KubeArmor/enforcer/bpflsm/enforcer.go Show resolved Hide resolved
@daemon1024
Copy link
Member

Noting the init container changes are not backwards compatible, so we need to establish stable and version init containers as well.

daemon1024
daemon1024 reviewed Mar 3, 2023
View reviewed changes
Copy link
Member

@daemon1024 daemon1024 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Ankurk99 addressed comments inline

KubeArmor/core/kubeUpdate.go Show resolved Hide resolved
KubeArmor/common/bpffs.go Show resolved Hide resolved
KubeArmor/enforcer/bpflsm/enforcer.go Show resolved Hide resolved
KubeArmor/monitor/systemMonitor.go Show resolved Hide resolved
KubeArmor/monitor/systemMonitor.go Show resolved Hide resolved
achrefbensaad and others added 2 commits March 6, 2023 17:10
@achrefbensaad @daemon1024
Enable dropping events at the kernel level
b13ffae 
Signed-off-by: Achref ben saad <achref@accuknox.com>
@daemon1024
chore(core): handle informer event handler err
02b3ae4 
Signed-off-by: daemon1024 <barun1024@gmail.com>
@daemon1024 daemon1024 force-pushed the perform-on-off-switch branch from 5f348a0 to 02b3ae4 Compare March 6, 2023 11:41
This was referenced Mar 6, 2023
Merged
Merged
Ankurk99
Ankurk99 approved these changes Mar 7, 2023
View reviewed changes
Copy link
Member

@Ankurk99 Ankurk99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! 👍

@nyrahul nyrahul merged commit 2485da2 into kubearmor:main Mar 7, 2023
@DelusionalOptimist DelusionalOptimist mentioned this pull request Mar 27, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daemon1024 daemon1024 daemon1024 approved these changes

@Ankurk99 Ankurk99 Ankurk99 approved these changes

@nyrahul nyrahul nyrahul approved these changes

@DelusionalOptimist DelusionalOptimist Awaiting requested review from DelusionalOptimist

Assignees

@achrefbensaad achrefbensaad

Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@achrefbensaad @daemon1024 @nyrahul @Ankurk99