tetragon: Move enforcer sensor maps under new hierarchy

Moving enforcer sensor maps under new hierarchy. per policy maps: enforcer_data Signed-off-by: Jiri Olsa <jolsa@kernel.org>
cilium · May 22, 2024 · 5d58a04 · 5d58a04
1 parent 3677a69
commit 5d58a04
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 12 deletions.
diff --git a/pkg/sensors/tracing/enforcer.go b/pkg/sensors/tracing/enforcer.go
@@ -50,9 +50,8 @@ func init() {
 	sensors.RegisterPolicyHandlerAtInit("enforcer", gEnforcerPolicy)
 }
 
-func enforcerMap(policyName string, load *program.Program) *program.Map {
-	return program.MapBuilderPin(enforcerDataMapName,
-		fmt.Sprintf("%s_%s", enforcerDataMapName, policyName), load)
+func enforcerMap(load *program.Program) *program.Map {
+	return program.MapBuilderType(enforcerDataMapName, load, program.MapTypePolicy)
 }
 
 func (kp *enforcerPolicy) enforcerGet(name string) (*enforcerHandler, bool) {
@@ -315,7 +314,7 @@ func (kp *enforcerPolicy) createEnforcerSensor(
 		return nil, fmt.Errorf("unexpected override method: %d", overrideMethod)
 	}
 
-	enforcerDataMap := enforcerMap(policyName, load)
+	enforcerDataMap := enforcerMap(load)
 	maps = append(maps, enforcerDataMap)
 
 	if ok := kp.enforcerAdd(name, kh); !ok {
@@ -325,9 +324,10 @@ func (kp *enforcerPolicy) createEnforcerSensor(
 	logger.GetLogger().Infof("Added enforcer sensor '%s'", name)
 
 	return &sensors.Sensor{
-		Name:  "__enforcer__",
-		Progs: progs,
-		Maps:  maps,
+		Name:   "__enforcer__",
+		Progs:  progs,
+		Maps:   maps,
+		Policy: policyName,
 		PostUnloadHook: func() error {
 			if ok := kp.enforcerDel(name); !ok {
 				logger.GetLogger().Infof("Failed to clean up enforcer sensor '%s'", name)

diff --git a/pkg/sensors/tracing/generickprobe.go b/pkg/sensors/tracing/generickprobe.go
@@ -250,7 +250,7 @@ func filterMaps(load *program.Program, kprobeEntry *genericKprobe) []*program.Ma
 	return maps
 }
 
-func createMultiKprobeSensor(policyName string, multiIDs []idtable.EntryID) ([]*program.Program, []*program.Map, error) {
+func createMultiKprobeSensor(multiIDs []idtable.EntryID) ([]*program.Program, []*program.Map, error) {
 	var multiRetIDs []idtable.EntryID
 	var progs []*program.Program
 	var maps []*program.Map
@@ -321,7 +321,7 @@ func createMultiKprobeSensor(policyName string, multiIDs []idtable.EntryID) ([]*
 		maps = append(maps, socktrack)
 	}
 
-	enforcerDataMap := enforcerMap(policyName, load)
+	enforcerDataMap := enforcerMap(load)
 	maps = append(maps, enforcerDataMap)
 
 	filterMap.SetMaxEntries(len(multiIDs))
@@ -569,7 +569,7 @@ func createGenericKprobeSensor(
 	}
 
 	if useMulti {
-		progs, maps, err = createMultiKprobeSensor(in.policyName, ids)
+		progs, maps, err = createMultiKprobeSensor(ids)
 	} else {
 		progs, maps, err = createSingleKprobeSensor(ids)
 	}
@@ -856,7 +856,7 @@ func createKprobeSensorFromEntry(kprobeEntry *genericKprobe,
 		maps = append(maps, socktrack)
 	}
 
-	enforcerDataMap := enforcerMap(kprobeEntry.policyName, load)
+	enforcerDataMap := enforcerMap(load)
 	maps = append(maps, enforcerDataMap)
 
 	if kprobeEntry.loadArgs.retprobe {

diff --git a/pkg/sensors/tracing/generictracepoint.go b/pkg/sensors/tracing/generictracepoint.go
@@ -481,7 +481,7 @@ func createGenericTracepointSensor(
 		}
 		maps = append(maps, matchBinariesPaths)
 
-		enforcerDataMap := enforcerMap(policyName, prog0)
+		enforcerDataMap := enforcerMap(prog0)
 		maps = append(maps, enforcerDataMap)
 
 		selMatchBinariesMap := program.MapBuilderType("tg_mb_sel_opts", prog0, program.MapTypeProgram)