From 77e0249c3234d7a0e614d945426232ebef34afe6 Mon Sep 17 00:00:00 2001 From: daemon1024 Date: Thu, 14 Mar 2024 11:15:44 +0530 Subject: [PATCH 1/2] fix(enforcer): fix missing proc name in alerts Signed-off-by: daemon1024 --- KubeArmor/enforcer/bpflsm/enforcer.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/KubeArmor/enforcer/bpflsm/enforcer.go b/KubeArmor/enforcer/bpflsm/enforcer.go index a410f5971..44b27963e 100644 --- a/KubeArmor/enforcer/bpflsm/enforcer.go +++ b/KubeArmor/enforcer/bpflsm/enforcer.go @@ -360,6 +360,9 @@ func (be *BPFEnforcer) TraceEvents() { log.Source = string(bytes.Trim(event.Data.Source[:], "\x00")) log.ProcessName = log.Source } + if len(log.ProcessName) == 0 && len(log.Source) > 0 { + log.ProcessName = log.Source + } if event.Retval >= 0 { log.Result = "Passed" } else { From 6624073ab5302b4f5e15b652d8e85ead40f459be Mon Sep 17 00:00:00 2001 From: daemon1024 Date: Thu, 14 Mar 2024 11:31:21 +0530 Subject: [PATCH 2/2] fix(bpflsm): panic during cleanup Signed-off-by: daemon1024 --- KubeArmor/enforcer/bpflsm/enforcer.go | 43 +++++++++++++-------------- 1 file changed, 21 insertions(+), 22 deletions(-) diff --git a/KubeArmor/enforcer/bpflsm/enforcer.go b/KubeArmor/enforcer/bpflsm/enforcer.go index 44b27963e..47cb33b9f 100644 --- a/KubeArmor/enforcer/bpflsm/enforcer.go +++ b/KubeArmor/enforcer/bpflsm/enforcer.go @@ -405,12 +405,11 @@ func (be *BPFEnforcer) DestroyBPFEnforcer() error { if be == nil { return nil } - - errBPFCleanUp := false + var errBPFCleanUp error if err := be.obj.Close(); err != nil { be.Logger.Err(err.Error()) - errBPFCleanUp = true + errBPFCleanUp = errors.Join(errBPFCleanUp, err) } for _, link := range be.Probes { @@ -419,41 +418,41 @@ func (be *BPFEnforcer) DestroyBPFEnforcer() error { } if err := link.Close(); err != nil { be.Logger.Err(err.Error()) - errBPFCleanUp = true + errBPFCleanUp = errors.Join(errBPFCleanUp, err) + } } be.ContainerMapLock.Lock() - defer be.ContainerMapLock.Unlock() if be.BPFContainerMap != nil { if err := be.BPFContainerMap.Unpin(); err != nil { be.Logger.Err(err.Error()) - errBPFCleanUp = true + errBPFCleanUp = errors.Join(errBPFCleanUp, err) } if err := be.BPFContainerMap.Close(); err != nil { be.Logger.Err(err.Error()) - errBPFCleanUp = true + errBPFCleanUp = errors.Join(errBPFCleanUp, err) } } - if err := be.obj.KubearmorEvents.Unpin(); err != nil { - be.Logger.Err(err.Error()) - errBPFCleanUp = true - } - if err := be.obj.KubearmorEvents.Close(); err != nil { - be.Logger.Err(err.Error()) - errBPFCleanUp = true - } - if err := be.Events.Close(); err != nil { - be.Logger.Err(err.Error()) - errBPFCleanUp = true - } + be.ContainerMapLock.Unlock() - if errBPFCleanUp { - return errors.New("error cleaning up BPF LSM Enforcer Objects") + if be.Events != nil { + if err := be.obj.KubearmorEvents.Unpin(); err != nil { + be.Logger.Err(err.Error()) + errBPFCleanUp = errors.Join(errBPFCleanUp, err) + } + if err := be.obj.KubearmorEvents.Close(); err != nil { + be.Logger.Err(err.Error()) + errBPFCleanUp = errors.Join(errBPFCleanUp, err) + } + if err := be.Events.Close(); err != nil { + be.Logger.Err(err.Error()) + errBPFCleanUp = errors.Join(errBPFCleanUp, err) + } } be = nil - return nil + return errBPFCleanUp }