From 518b30514b5df4f7af035f4e1cd01ef2062e2a03 Mon Sep 17 00:00:00 2001 From: Djalal Harouni Date: Mon, 22 Jul 2024 10:34:24 +0100 Subject: [PATCH] tetragon: make resolving uid to username work with a processapi struct [Upstream main 62291742a33 ] Working with processapi object is better, so change userinfo.MsgToExecveAccountUnix() to use processapi.MsgExecveEventUnix as an argument. Signed-off-by: Djalal Harouni --- pkg/sensors/exec/exec.go | 2 +- pkg/sensors/exec/procevents/proc_reader.go | 2 +- pkg/sensors/exec/userinfo/userinfo.go | 7 +++---- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/pkg/sensors/exec/exec.go b/pkg/sensors/exec/exec.go index c18bb23f480..083fd79e5b2 100644 --- a/pkg/sensors/exec/exec.go +++ b/pkg/sensors/exec/exec.go @@ -188,7 +188,7 @@ func handleExecve(r *bytes.Reader) ([]observer.Event, error) { msgUnix.Unix.Process = nopMsgProcess() } if err == nil && !empty { - err = userinfo.MsgToExecveAccountUnix(msgUnix) + err = userinfo.MsgToExecveAccountUnix(msgUnix.Unix) if err != nil { logger.GetLogger().WithFields(logrus.Fields{ "process.pid": msgUnix.Unix.Process.PID, diff --git a/pkg/sensors/exec/procevents/proc_reader.go b/pkg/sensors/exec/procevents/proc_reader.go index 24f48e31396..5509f0d2f65 100644 --- a/pkg/sensors/exec/procevents/proc_reader.go +++ b/pkg/sensors/exec/procevents/proc_reader.go @@ -281,7 +281,7 @@ func pushExecveEvents(p procs) { m.Unix.Process.Filename = filename m.Unix.Process.Args = args - err := userinfo.MsgToExecveAccountUnix(&m) + err := userinfo.MsgToExecveAccountUnix(m.Unix) if err != nil { logger.GetLogger().WithFields(logrus.Fields{ "process.pid": p.pid, diff --git a/pkg/sensors/exec/userinfo/userinfo.go b/pkg/sensors/exec/userinfo/userinfo.go index ee01a753edb..729d95659ac 100644 --- a/pkg/sensors/exec/userinfo/userinfo.go +++ b/pkg/sensors/exec/userinfo/userinfo.go @@ -7,7 +7,6 @@ import ( "errors" "github.com/cilium/tetragon/pkg/api/processapi" - "github.com/cilium/tetragon/pkg/grpc/exec" "github.com/cilium/tetragon/pkg/metrics/errormetrics" "github.com/cilium/tetragon/pkg/option" "github.com/cilium/tetragon/pkg/reader/namespace" @@ -34,11 +33,11 @@ func getAccountUnix(uid uint32, ns *processapi.MsgNamespaces) (string, error) { return "", ErrNotInHostNs } -func MsgToExecveAccountUnix(m *exec.MsgExecveEventUnix) error { +func MsgToExecveAccountUnix(unix *processapi.MsgExecveEventUnix) error { if option.Config.UsernameMetadata == int(option.USERNAME_METADATA_UNIX) { - username, err := getAccountUnix(m.Unix.Process.UID, &m.Unix.Msg.Namespaces) + username, err := getAccountUnix(unix.Process.UID, &unix.Msg.Namespaces) if err == nil { - m.Unix.Process.User.Name = username + unix.Process.User.Name = username return nil }