Michal Rostecki
Michal Rostecki
Currently building the `deepfence_agent` container image takes at least 15 minutes, regardless of how small the change is and which component or plugin was modified. That's because building the most...
This change separates the previous `SkBuffContext` into three structs: * `SkBuff` which is a wrapper around `__sk_buff` which contains all possible methods operating on it. * `SkBuffContext` which is a...
Add a helper which writes a full path of the given `path` kernel object to the buffer. Useful for resolving paths when using `file` or `ìnode` objects. Signed-off-by: Michal Rostecki
This change adds a summary of the aya-bpf lib and docs for: * hash map * lpm trie * perf event arrays Signed-off-by: Michal Rostecki
https://lore.kernel.org/bpf/[email protected]/ There is a kernel patchset which allows to attach BPF LSM programs to cgroups. If I understand it correctly, that would allow us to get rid of "container monitoring"...
When deployed on k3d, lockc policies don't work at all. Those deployments are succeeding: https://github.com/lockc-project/lockc/blob/main/examples/kubernetes/deployments-should-fail.yaml
Currently Linux distributions don't enable BPF LSM by default. Enabling it requires editing GRUB configuration and providing custom kernel parameter like: ``` GRUB_CMDLINE_LINUX="lsm=lockdown,capability,bpf" ``` This is not really convenient and...
Currently we put allowed mount paths in a BPF hash map, where those paths are values and for cheching each mount, we iterate over that whole map and search for...
So far we are using Github Actions to run tests and checkers. The problem is that all `ubuntu-latest` Github Actions have quite an old kernel, too old for us. If...
* [ ] Add a support of opentelemetry with https://crates.io/crates/opentelemetry * [ ] add metrics about newly observed containers * [ ] add Prometheus integration