List view
Description: Extend BPF network support in the Tarian Detector by integrating hooks for specific system calls, enhancing our capability to monitor and ensure the safety and security of Kubernetes applications. List of Tasks / Enhancements: 1. Add BPF hook for security_socket_listen. 2. Integrate support for security_socket_connect. 3. Develop functionality for security_socket_accept. 4. Implement BPF interception for security_socket_bind. 5. Extend BPF support for security_socket_setsockopt. 6. Design integration for security_socket_recvmsg. 7. Add hook mechanism for security_socket_sendmsg. 8. Develop and test tcp_data_queue support. 9. Implement support for tracepoint/sock/inet_sock_set_state. Expected Outcome: Upon successful completion of this milestone, the Tarian Detector should have enhanced network-level monitoring capability for specific system calls, further strengthening its ability to safeguard Kubernetes applications from potential threats.
No due date•11/11 issues closed# Support for Multiple eBPF Maps in the Program ## Description ### Overview This milestone aims to enhance our eBPF (extended Berkeley Packet Filter) program by adding support for multiple eBPF maps. Currently, the program is limited to using a single map, which restricts its flexibility and extensibility. By allowing the use of multiple maps, we can unlock new possibilities and accommodate more complex use cases. ### Goals 1. **Multiple Maps Support**: The primary objective of this milestone is to modify our eBPF program to allow the use of multiple eBPF maps simultaneously. This enhancement will enable the program to handle diverse data and improve the efficiency of data management. 2. **Map Type Flexibility**: We intend to support various map types, including hash maps, array maps, and per-CPU maps. This flexibility will empower users to choose the most suitable map type for their specific data storage and retrieval requirements. 3. **Dynamic Map Creation**: Users should be able to create and delete maps at runtime. This dynamic map creation feature will enhance the adaptability of the eBPF program and simplify data management during execution. 4. **Map Interaction APIs**: To fully utilize the multiple maps, we will design and implement appropriate APIs that facilitate seamless interaction between the eBPF program and the multiple maps. These APIs will enable efficient data insertion, retrieval, and manipulation. 5. **Documentation and Examples**: Proper documentation and illustrative examples will be created to guide users in effectively utilizing the newly added support for multiple eBPF maps. ### Deliverables 1. **Multiple Maps Support**: The eBPF program will be updated to allow the use of multiple eBPF maps. 2. **Map Type Flexibility**: Support for various map types, such as hash maps, array maps, and per-CPU maps, will be added. 3. **Dynamic Map Creation**: Users will be able to create and delete maps at runtime as needed. 4. **Map Interaction APIs**: Well-defined APIs will be provided to facilitate interaction with the multiple maps. 5. **Documentation and Examples**: Comprehensive documentation and practical examples will be created to assist users in utilizing the multiple maps feature effectively. ### Timeline - **Week 1-2**: Research and design the architecture for multiple maps support in the eBPF program. - **Week 3-4**: Implement the necessary changes to enable the - **Week 5-6**: Add support for various map types (hash maps, array maps, and per-CPU maps). - **Week 7**: Create comprehensive documentation and practical examples. - **Week 8**: Test the entire implementation, fix any bugs, and finalize the milestone. ### Conclusion Upon the successful completion of this milestone, our eBPF program will support multiple eBPF maps, offering users greater flexibility and versatility in handling diverse data sets. The additional map types and dynamic map creation feature will contribute to the program's efficiency and expand its applicability to various eBPF use cases.
No due date•1/1 issues closedDescription Feature Expansion: We plan to introduce new features and capabilities to our eBPF network program. This includes support for syscalls and kretprobe Error Handling and Diagnostics: Robust error handling and diagnostics are crucial for identifying and resolving issues effectively. We will implement comprehensive error handling mechanisms to provide clear and informative error messages for easier troubleshooting. Testing and Validation: A major focus of this milestone is to develop an extensive test suite for our eBPF network program. This will ensure the correctness of the implementation, verify new features, and guard against regressions.
Overdue by 2 year(s)•Due by August 15, 2023•10/10 issues closedIt aims to provide comprehensive and user-friendly guidance to developers, contributors, and users of your open-source project. Well-structured and up-to-date documentation plays a crucial role in empowering individuals to understand the project's purpose, functionalities, and implementation details. It serves as a valuable resource for newcomers to get started quickly, fosters smoother collaboration among contributors, and allows users to utilize your project effectively.
No due date•13/15 issues closed