Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: special presets (handle fileless exec) #1743

Merged
merged 7 commits into from
Jan 10, 2025
Merged

feat: special presets (handle fileless exec) #1743

merged 7 commits into from
Jan 10, 2025

Conversation

daemon1024
Copy link
Member

Purpose of PR?:

Fixes #

Does this PR introduce a breaking change?

If the changes in this PR are manually verified, list down the scenarios covered::

Additional information for reviewer? :
Mention if this PR is part of any design or a continuation of previous PRs

Checklist:

  • Bug fix. Fixes #
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update
  • PR Title follows the convention of <type>(<scope>): <subject>
  • Commit has unit tests
  • Commit has integration tests

@daemon1024
Copy link
Member Author

Ref #1295

// @rksharma95

@rksharma95 rksharma95 force-pushed the special-presets branch 5 times, most recently from 53b1d78 to c60a17a Compare October 8, 2024 05:08
@rksharma95 rksharma95 marked this pull request as ready for review October 8, 2024 06:41
@rksharma95 rksharma95 force-pushed the special-presets branch 3 times, most recently from 230011b to 0dee72e Compare October 18, 2024 06:17
@daemon1024 daemon1024 changed the title feat-wip: special presets feat: special presets (handle fileless exec) Oct 28, 2024
@rootxrishabh
Copy link
Member

Facing bpf module read error -

2024-11-13 13:16:31.661337 ERROR Failed to initialize BPF (bpf module is nil program kretprobe__rmdir: load program: permission denied: 1256: (1d) if r3 == r1 goto pc+1182 ; R1_w=scalar() R3_w=scalar(): ; bpf (truncated, 1008 line(s) omitted)) github.com/kubearmor/KubeArmor/KubeArmor/log.Errf /usr/src/KubeArmor/KubeArmor/log/logger.go:108 github.com/kubearmor/KubeArmor/KubeArmor/core.(*KubeArmorDaemon).InitSystemMonitor /usr/src/KubeArmor/KubeArmor/core/kubeArmor.go:261 github.com/kubearmor/KubeArmor/KubeArmor/core.KubeArmor /usr/src/KubeArmor/KubeArmor/core/kubeArmor.go:555 main.main /usr/src/KubeArmor/KubeArmor/main.go:79 runtime.main /usr/local/go/src/runtime/proc.go:271 2024-11-13 13:16:31.661415 ERROR Failed to initialize KubeArmor Monitor github.com/kubearmor/KubeArmor/KubeArmor/log.Err /usr/src/KubeArmor/KubeArmor/log/logger.go:103 github.com/kubearmor/KubeArmor/KubeArmor/feeder.(*Feeder).Err /usr/src/KubeArmor/KubeArmor/feeder/feeder.go:439 github.com/kubearmor/KubeArmor/KubeArmor/core.KubeArmor /usr/src/KubeArmor/KubeArmor/core/kubeArmor.go:556 main.main /usr/src/KubeArmor/KubeArmor/main.go:79 runtime.main /usr/local/go/src/runtime/proc.go:271

Environment -

  • K8s -> GKE
  • Container Runtime -> containerd://1.7.22
  • Kernel Version -> 6.1.100+
  • Operating system -> Container-Optimized OS from Google

@Aryan-sharma11 Aryan-sharma11 self-assigned this Dec 16, 2024
@rksharma95 rksharma95 force-pushed the special-presets branch 2 times, most recently from c22e0a8 to ffe74e0 Compare December 20, 2024 08:50
Aryan-sharma11
Aryan-sharma11 requested changes Dec 23, 2024
View reviewed changes
KubeArmor/feeder/feeder.go Outdated Show resolved Hide resolved
KubeArmor/presets/anonmapexec/preset.go Outdated Show resolved Hide resolved
KubeArmor/presets/filelessexec/preset.go Outdated Show resolved Hide resolved
KubeArmor/BPF/filelessexec.bpf.c Show resolved Hide resolved
KubeArmor/presets/protectEnv/preset.go Outdated Show resolved Hide resolved
@rksharma95 rksharma95 force-pushed the special-presets branch 2 times, most recently from 7953d6f to aec76cb Compare December 24, 2024 07:41
Aryan-sharma11
Aryan-sharma11 previously approved these changes Dec 24, 2024
View reviewed changes
daemon1024
daemon1024 commented Jan 8, 2025
View reviewed changes
Copy link
Member Author

@daemon1024 daemon1024 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@daemon1024 daemon1024 merged commit b88c8f5 into kubearmor:main Jan 10, 2025
20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rksharma95 rksharma95 rksharma95 left review comments

@rootxrishabh rootxrishabh rootxrishabh approved these changes

@Aryan-sharma11 Aryan-sharma11 Aryan-sharma11 approved these changes

@Prateeknandle Prateeknandle Awaiting requested review from Prateeknandle

@DelusionalOptimist DelusionalOptimist Awaiting requested review from DelusionalOptimist

Assignees

@Aryan-sharma11 Aryan-sharma11

Labels
None yet
Projects
Release v1.5
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@daemon1024 @rootxrishabh @Aryan-sharma11 @rksharma95