alibaba
diff --git a/Diff for: ‎core/CMakeLists.txt
+1-1 b/Diff for: ‎core/CMakeLists.txt
+1-1
diff --git a/Diff for: ‎core/collection_pipeline/batch/BatchItem.h
+1-1 b/Diff for: ‎core/collection_pipeline/batch/BatchItem.h
+1-1
diff --git a/Diff for: ‎core/collection_pipeline/batch/BatchedEvents.h
+1-1 b/Diff for: ‎core/collection_pipeline/batch/BatchedEvents.h
+1-1
diff --git a/Diff for: ‎core/common/MachineInfoUtil.h
+1-1 b/Diff for: ‎core/common/MachineInfoUtil.h
+1-1
diff --git a/Diff for: ‎core/models/Span.h renamed to ‎core/common/Span.h b/Diff for: ‎core/models/Span.h renamed to ‎core/common/Span.h
diff --git a/Diff for: ‎core/common/StringTools.h
+1-1 b/Diff for: ‎core/common/StringTools.h
+1-1
diff --git a/Diff for: ‎core/models/StringView.h renamed to ‎core/common/StringView.h b/Diff for: ‎core/models/StringView.h renamed to ‎core/common/StringView.h
diff --git a/Diff for: ‎core/common/TimeUtil.cpp
+4-6 b/Diff for: ‎core/common/TimeUtil.cpp
+4-6
diff --git a/Diff for: ‎core/common/TimeUtil.h
+1-1 b/Diff for: ‎core/common/TimeUtil.h
+1-1
diff --git a/Diff for: ‎core/common/memory/SourceBuffer.h
+1-1 b/Diff for: ‎core/common/memory/SourceBuffer.h
+1-1
diff --git a/Diff for: ‎core/common/timer/Timer.cpp
+9-9 b/Diff for: ‎core/common/timer/Timer.cpp
+9-9
diff --git a/Diff for: ‎core/common/timer/TimerEvent.h
+16-15 b/Diff for: ‎core/common/timer/TimerEvent.h
+16-15
diff --git a/Diff for: ‎core/ebpf/Config.cpp
-11 b/Diff for: ‎core/ebpf/Config.cpp
-11
diff --git a/Diff for: ‎core/ebpf/driver/CallName.h
+3-1 b/Diff for: ‎core/ebpf/driver/CallName.h
+3-1
diff --git a/Diff for: ‎core/ebpf/driver/FileFilter.cpp
+46-44 b/Diff for: ‎core/ebpf/driver/FileFilter.cpp
+46-44
diff --git a/Diff for: ‎core/ebpf/driver/IdAllocator.h
+3-1 b/Diff for: ‎core/ebpf/driver/IdAllocator.h
+3-1
@@ -126,7 +126,7 @@ set(SUB_DIRECTORIES_LIST
         protobuf/sls protobuf/models
         file_server file_server/event file_server/event_handler file_server/event_listener file_server/reader file_server/polling
         prometheus prometheus/labels prometheus/schedulers prometheus/async prometheus/component
-        ebpf ebpf/type/table ebpf/util ebpf/util/sampler ebpf/protocol/http ebpf/protocol ebpf/plugin/file_security ebpf/plugin/network_observer ebpf/plugin/process_security ebpf/plugin/network_security ebpf/plugin ebpf/observer ebpf/security
+        ebpf ebpf/type ebpf/type/table ebpf/util ebpf/util/sampler ebpf/protocol/http ebpf/protocol ebpf/plugin/file_security ebpf/plugin/network_observer ebpf/plugin/process_security ebpf/plugin/network_security ebpf/plugin ebpf/observer ebpf/security
         parser
         host_monitor host_monitor/collector
         )
 
@@ -23,8 +23,8 @@
 #include "collection_pipeline/batch/BatchStatus.h"
 #include "collection_pipeline/batch/BatchedEvents.h"
 #include "collection_pipeline/batch/FlushStrategy.h"
+#include "common/StringView.h"
 #include "models/PipelineEventGroup.h"
-#include "models/StringView.h"
 
 namespace logtail {
 
 
@@ -19,8 +19,8 @@
 #include <unordered_set>
 #include <vector>
 
+#include "common/StringView.h"
 #include "models/PipelineEventGroup.h"
-#include "models/StringView.h"
 
 namespace logtail {
 
 
@@ -23,7 +23,7 @@
 #include "json/value.h"
 
 #include "AppConfig.h"
-#include "models/StringView.h"
+#include "common/StringView.h"
 
 namespace logtail {
 
 
@@ -27,7 +27,7 @@
 #include <string>
 #include <vector>
 
-#include "models/StringView.h"
+#include "common/StringView.h"
 
 namespace logtail {
 
 
@@ -428,14 +428,12 @@ std::chrono::nanoseconds GetTimeDiffFromMonotonic() {
 #endif
 }
 
-struct timespec KernelNanoTimeToUTC(uint64_t nano) {
-    static std::chrono::nanoseconds diff = GetTimeDiffFromMonotonic();
-    auto ts = std::chrono::nanoseconds(nano + diff.count());
+struct timespec KernelTimeNanoToUTC(uint64_t nano) {
+    static auto diff = GetTimeDiffFromMonotonic().count();
+    auto ts = std::chrono::nanoseconds(nano + diff);
     auto seconds = std::chrono::duration_cast<std::chrono::seconds>(ts);
     auto nanoseconds = std::chrono::duration_cast<std::chrono::nanoseconds>(ts - seconds);
-    struct timespec res;
-    res.tv_sec = seconds.count();
-    res.tv_nsec = nanoseconds.count();
+    struct timespec res = {seconds.count(), nanoseconds.count()};
     return res;
 }
 
 
@@ -101,6 +101,6 @@ long GetTicksPerSecond();
 
 std::chrono::nanoseconds GetTimeDiffFromMonotonic();
 
-struct timespec KernelNanoTimeToUTC(uint64_t nano);
+struct timespec KernelTimeNanoToUTC(uint64_t nano);
 
 } // namespace logtail
@@ -19,7 +19,7 @@
 #include <list>
 #include <memory>
 
-#include "models/StringView.h"
+#include "common/StringView.h"
 
 namespace logtail {
 
 
@@ -90,15 +90,15 @@ void Timer::Run() {
                         LOG_INFO(sLogger, ("invalid timer event", "task is cancelled"));
                     } else {
                         e->Execute();
-                        if (e->IsPeriodicalEvent()) {
-                            auto pe = static_cast<PeriodicalTimerEvent*>(e.get());
-                            pe->ScheduleNext();
-                            if (!pe->IsStop()) {
-                                PushEvent(std::move(e));
-                            } else {
-                                LOG_DEBUG(sLogger, ("periodical event schedule done", "exit"));
-                            }
-                        }
+                        // if (e->IsPeriodicalEvent()) {
+                        //     auto pe = static_cast<PeriodicalTimerEvent*>(e.get());
+                        //     pe->ScheduleNext();
+                        //     if (!pe->IsStop()) {
+                        //         PushEvent(std::move(e));
+                        //     } else {
+                        //         LOG_DEBUG(sLogger, ("periodical event schedule done", "exit"));
+                        //     }
+                        // }
                     }
                     queueLock.lock();
                 }
 
@@ -27,7 +27,7 @@ class TimerEvent {
 
     virtual bool IsValid() const = 0;
     virtual bool Execute() = 0;
-    virtual bool IsPeriodicalEvent() { return false; }
+    // virtual bool IsPeriodicalEvent() { return false; }
 
     std::chrono::steady_clock::time_point GetExecTime() const { return mExecTime; }
     void SetExecTime(std::chrono::steady_clock::time_point nextExecTime) { mExecTime = nextExecTime; }
@@ -36,22 +36,23 @@ class TimerEvent {
     std::chrono::steady_clock::time_point mExecTime;
 };
 
-class PeriodicalTimerEvent : public TimerEvent {
-public:
-    PeriodicalTimerEvent(int intervalSec)
-        : TimerEvent(std::chrono::steady_clock::now() + std::chrono::seconds(intervalSec)), mIntervalSec(intervalSec) {}
-    virtual ~PeriodicalTimerEvent() = default;
+// class PeriodicalTimerEvent : public TimerEvent {
+// public:
+//     PeriodicalTimerEvent(int intervalSec)
+//         : TimerEvent(std::chrono::steady_clock::now() + std::chrono::seconds(intervalSec)), mIntervalSec(intervalSec)
+//         {}
+//     virtual ~PeriodicalTimerEvent() = default;
 
-    virtual bool IsValid() const = 0;
-    virtual bool Execute() = 0;
-    virtual bool IsPeriodicalEvent() override { return true; }
-    virtual void ScheduleNext() { mExecTime += std::chrono::seconds(mIntervalSec); }
-    virtual bool IsStop() = 0;
+//     virtual bool IsValid() const = 0;
+//     virtual bool Execute() = 0;
+//     virtual bool IsPeriodicalEvent() override { return true; }
+//     virtual void ScheduleNext() { mExecTime += std::chrono::seconds(mIntervalSec); }
+//     virtual bool IsStop() = 0;
 
-    std::chrono::steady_clock::time_point GetExecTime() const { return mExecTime; }
+//     std::chrono::steady_clock::time_point GetExecTime() const { return mExecTime; }
 
-protected:
-    int mIntervalSec;
-};
+// protected:
+//     int mIntervalSec;
+// };
 
 } // namespace logtail
@@ -84,17 +84,6 @@ bool InitObserverNetworkOptionInner(const Json::Value& probeConfig,
                              mContext->GetLogstoreName(),
                              mContext->GetRegion());
     }
-    // DisableMetadata (Optional)
-    if (!GetOptionalBoolParam(probeConfig, "DisableMetadata", thisObserverNetworkOption.mDisableMetadata, errorMsg)) {
-        PARAM_WARNING_IGNORE(mContext->GetLogger(),
-                             mContext->GetAlarm(),
-                             errorMsg,
-                             sName,
-                             mContext->GetConfigName(),
-                             mContext->GetProjectName(),
-                             mContext->GetLogstoreName(),
-                             mContext->GetRegion());
-    }
     // SampleRate (Optional)
     if (!GetOptionalDoubleParam(probeConfig, "SampleRate", thisObserverNetworkOption.mSampleRate, errorMsg)) {
         PARAM_WARNING_IGNORE(mContext->GetLogger(),
 
@@ -21,6 +21,8 @@
 namespace logtail {
 namespace ebpf {
 
+#define ERR_UNKNOWN_CALLNAME -1
+
 static inline int GetCallNameIdx(const std::string& call_name) {
     if (call_name == "security_file_permission") {
         return SECURE_FUNC_TRACEPOINT_FUNC_SECURITY_FILE_PERMISSION;
@@ -41,7 +43,7 @@ static inline int GetCallNameIdx(const std::string& call_name) {
     }
     ebpf_log(
         logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_WARN, "[GetCallNameIdx] unknown call name: %s \n", call_name.c_str());
-    return -1;
+    return ERR_UNKNOWN_CALLNAME;
 }
 
 } // namespace ebpf
 
@@ -38,49 +38,50 @@ namespace logtail {
 namespace ebpf {
 
 int CreateFileFilterForCallname(std::shared_ptr<logtail::ebpf::BPFWrapper<security_bpf>> wrapper,
-                                const std::string& call_name,
+                                const std::string& callName,
                                 const std::variant<std::monostate, SecurityFileFilter, SecurityNetworkFilter> config) {
     ebpf_log(logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_INFO,
              "[CreateFilterForCallname] EnableCallName:%s, idx:%ld, hold:%d \n",
-             call_name.c_str(),
+             callName.c_str(),
              config.index(),
              std::holds_alternative<SecurityFileFilter>(config));
     int ret = 0;
 
-    int call_name_idx = GetCallNameIdx(call_name);
-    if (call_name_idx < 0)
-        return 1;
+    int callNameIdx = GetCallNameIdx(callName);
+    if (callNameIdx == ERR_UNKNOWN_CALLNAME) {
+        return ERR_DRIVER_INVALID_PARAM;
+    }
 
     auto filter = std::get_if<SecurityFileFilter>(&config);
     // update filters map
     std::vector<path_entry> path_entries;
     // concatenate path and filename, then write the resulting char* path into path_filter_list
     // TODO qianlu.kk use map in map feature to support filters for different call names
     if (filter && filter->mFilePathList.size()) {
-        selector_filters kernel_filters;
-        ::memset(&kernel_filters, 0, sizeof(kernel_filters));
+        selector_filters kernelFilters;
+        ::memset(&kernelFilters, 0, sizeof(kernelFilters));
 
         int idx = IdAllocator::GetInstance()->GetNextId<StringPrefixMap>();
-        if (idx < 0) {
+        if (idx == ERR_LIMIT_EXCEEDED) {
             ebpf_log(logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_WARN,
                      "[CreateFilterForCallname][IDAllocator] Failed to get next id, reach max %d\n",
                      IdAllocator::GetInstance()->GetMaxId<StringPrefixMap>());
-            return 1;
+            return ERR_DRIVER_INVALID_PARAM;
         }
         ebpf_log(logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_WARN,
                  "[CreateFilterForCallname] Get index %d for %s\n",
                  idx,
-                 call_name.c_str());
+                 callName.c_str());
         // step1: add a new entry into string_prefix_maps, and assign a filter id
         // step2: add a filter into filter map and record filter type and filter id
-        selector_filter k_filter;
-        ::memset(&k_filter, 0, sizeof(k_filter));
-        k_filter.filter_type = FILTER_TYPE_FILE_PREFIX;
-        k_filter.map_idx[0] = idx;
+        selector_filter kFilter;
+        ::memset(&kFilter, 0, sizeof(kFilter));
+        kFilter.filter_type = FILTER_TYPE_FILE_PREFIX;
+        kFilter.map_idx[0] = idx;
         // in bytes
-        // k_filter.vallen = x.length();
-        kernel_filters.filter_count = 1;
-        kernel_filters.filters[0] = k_filter;
+        // kFilter.vallen = x.length();
+        kernelFilters.filter_count = 1;
+        kernelFilters.filters[0] = kFilter;
 
         // LOG(INFO) << "filter not empty!";
         for (int i = 0; i < (int)filter->mFilePathList.size() && i < MAX_FILTER_FOR_PER_CALLNAME; i++) {
@@ -92,70 +93,71 @@ int CreateFileFilterForCallname(std::shared_ptr<logtail::ebpf::BPFWrapper<securi
                      x.c_str());
 
             // update inner map
-            string_prefix_lpm_trie prefix_trie;
-            ::memset(&prefix_trie, 0, sizeof(prefix_trie));
-            ::memcpy(prefix_trie.data, x.data(), x.length());
-            prefix_trie.prefixlen = x.length() * 8; // in bits
+            string_prefix_lpm_trie prefixTrie;
+            ::memset(&prefixTrie, 0, sizeof(prefixTrie));
+            ::memcpy(prefixTrie.data, x.data(), x.length());
+            prefixTrie.prefixlen = x.length() * 8; // in bits
             uint8_t val = 1;
             ebpf_log(logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_WARN,
                      "[CreateFilterForCallname][before update] prefix trie data: %s prefix_len: %u\n",
-                     prefix_trie.data,
-                     prefix_trie.prefixlen);
+                     prefixTrie.data,
+                     prefixTrie.prefixlen);
             ret = wrapper->UpdateInnerMapElem<StringPrefixMap>(
-                std::string("string_prefix_maps"), &idx, &prefix_trie, &val, 0);
+                std::string("string_prefix_maps"), &idx, &prefixTrie, &val, 0);
             if (ret) {
                 ebpf_log(logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_WARN,
                          "[CreateFilterForCallname][update failed] prefix trie data: %s prefix_len: %u\n",
-                         prefix_trie.data,
-                         prefix_trie.prefixlen);
+                         prefixTrie.data,
+                         prefixTrie.prefixlen);
                 continue;
             }
         }
 
         // udpate filter_map
-        wrapper->UpdateBPFHashMap("filter_map", &call_name_idx, &kernel_filters, 0);
+        wrapper->UpdateBPFHashMap("filter_map", &callNameIdx, &kernelFilters, 0);
     }
 
     return ret;
 }
 
 int DeleteFileFilterForCallname(std::shared_ptr<logtail::ebpf::BPFWrapper<security_bpf>> wrapper,
-                                const std::string& call_name) {
-    ebpf_log(logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_WARN, "DeleteFilterForCallname %s\n", call_name.c_str());
-    int call_name_idx = GetCallNameIdx(call_name);
-    if (call_name_idx < 0)
-        return 1;
+                                const std::string& callName) {
+    ebpf_log(logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_WARN, "DeleteFilterForCallname %s\n", callName.c_str());
+    int callNameIdx = GetCallNameIdx(callName);
+    if (callNameIdx == ERR_UNKNOWN_CALLNAME) {
+        return ERR_DRIVER_INVALID_PARAM;
+    }
     int ret = 0;
     // step1: detach callname
 
     // step2: get filters for call name
-    selector_filters kernel_filters;
-    ::memset(&kernel_filters, 0, sizeof(kernel_filters));
+    selector_filters kernelFilters;
+    ::memset(&kernelFilters, 0, sizeof(kernelFilters));
     // get filters
-    ret = wrapper->LookupBPFHashMap("filter_map", &call_name_idx, &kernel_filters);
+    ret = wrapper->LookupBPFHashMap("filter_map", &callNameIdx, &kernelFilters);
     if (ret) {
         // no filters found, return directly
         ebpf_log(logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_INFO,
                  "[DeleteFilterForCallname] there is no filter for call name: %s\n",
-                 call_name.c_str());
+                 callName.c_str());
         return 0;
     }
 
     // step3: remove filters
-    for (int i = 0; i < kernel_filters.filter_count; i++) {
-        auto filter = kernel_filters.filters[i];
-        auto outter_key = filter.map_idx[0];
-        wrapper->DeleteInnerMap<StringPrefixMap>("string_prefix_maps", &outter_key);
-        IdAllocator::GetInstance()->ReleaseId<StringPrefixMap>(outter_key);
+    for (int i = 0; i < kernelFilters.filter_count; i++) {
+        auto filter = kernelFilters.filters[i];
+        auto outterKey = filter.map_idx[0];
+        wrapper->DeleteInnerMap<StringPrefixMap>("string_prefix_maps", &outterKey);
+        IdAllocator::GetInstance()->ReleaseId<StringPrefixMap>(outterKey);
         ebpf_log(logtail::ebpf::eBPFLogType::NAMI_LOG_TYPE_WARN,
                  "[DeleteFilterForCallname] release filter for type: %d mapIdx: %u\n",
                  static_cast<int>(filter.filter_type),
-                 outter_key);
+                 outterKey);
     }
 
     // step4: delete filter map for call name
-    ::memset(&kernel_filters, 0, sizeof(kernel_filters));
-    ret = wrapper->UpdateBPFHashMap("filter_map", &call_name_idx, &kernel_filters, 0);
+    ::memset(&kernelFilters, 0, sizeof(kernelFilters));
+    ret = wrapper->UpdateBPFHashMap("filter_map", &callNameIdx, &kernelFilters, 0);
 
     return ret;
 }
 
@@ -23,6 +23,8 @@
 namespace logtail {
 namespace ebpf {
 
+#define ERR_LIMIT_EXCEEDED -1
+
 template <typename BPFMap>
 class IdManager {
 public:
@@ -37,7 +39,7 @@ class IdManager {
         }
 
         if (mNextId >= mIdMax) {
-            return -1;
+            return ERR_LIMIT_EXCEEDED;
         }
         return mNextId++;
     }
Original file line number	Diff line number	Diff line change
`@@ -126,7 +126,7 @@ set(SUB_DIRECTORIES_LIST`
`126`	`126`	`protobuf/sls protobuf/models`
`127`	`127`	`file_server file_server/event file_server/event_handler file_server/event_listener file_server/reader file_server/polling`
`128`	`128`	`prometheus prometheus/labels prometheus/schedulers prometheus/async prometheus/component`
`129`		`- ebpf ebpf/type/table ebpf/util ebpf/util/sampler ebpf/protocol/http ebpf/protocol ebpf/plugin/file_security ebpf/plugin/network_observer ebpf/plugin/process_security ebpf/plugin/network_security ebpf/plugin ebpf/observer ebpf/security`
	`129`	`+ ebpf ebpf/type ebpf/type/table ebpf/util ebpf/util/sampler ebpf/protocol/http ebpf/protocol ebpf/plugin/file_security ebpf/plugin/network_observer ebpf/plugin/process_security ebpf/plugin/network_security ebpf/plugin ebpf/observer ebpf/security`
`130`	`130`	`parser`
`131`	`131`	`host_monitor host_monitor/collector`
`132`	`132`	`)`
Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,8 @@`
`23`	`23`	`namespace logtail {`
`24`	`24`	`namespace ebpf {`
`25`	`25`
	`26`	`+#define ERR_LIMIT_EXCEEDED -1`
	`27`	`+`
`26`	`28`	`template <typename BPFMap>`
`27`	`29`	`class IdManager {`
`28`	`30`	`public:`
`@@ -37,7 +39,7 @@ class IdManager {`
`37`	`39`	`}`
`38`	`40`
`39`	`41`	`if (mNextId >= mIdMax) {`
`40`		`- return -1;`
	`42`	`+ return ERR_LIMIT_EXCEEDED;`
`41`	`43`	`}`
`42`	`44`	`return mNextId++;`
`43`	`45`	`}`