Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rules: add support to openat2 in default ruleset #1796

Merged
merged 1 commit into from
Dec 6, 2021

Conversation

jasondellaluce
Copy link
Contributor

@jasondellaluce jasondellaluce commented Nov 18, 2021

Signed-off-by: Jason Dellaluce jasondellaluce@gmail.com

What type of PR is this?

/kind feature

/kind rule-update

Any specific area of the project related to this PR?

/area rules

What this PR does / why we need it:

This includes the openat2 in the default rulesets, following up the recent merging of falcosecurity/libs#80.

Which issue(s) this PR fixes:

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

rule(macro open_write): add support to openat2
rule(macro open_read): add support to openat2
rule(macro open_directory): add support to openat2
rule(Create files below dev): add support to openat2
rule(Container Drift Detected (open+create)): add support to openat2

@poiana poiana requested review from fntlnz and Kaizhe November 18, 2021 15:02
@poiana poiana added the size/S label Nov 18, 2021
@jasondellaluce jasondellaluce changed the title rules: add support to openat2 in default ruleset wip: rules: add support to openat2 in default ruleset Nov 18, 2021
@jasondellaluce
Copy link
Contributor Author

This is a reference to the umbrella issue listing some of the high-priority missing syscalls, on which the need of openat2 arised: #676 (comment)

@jasondellaluce
Copy link
Contributor Author

NOTE: This is blocked until #1791 gets merged, as it introduces the libs version bump that includes openat2

Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
@jasondellaluce jasondellaluce changed the title wip: rules: add support to openat2 in default ruleset rules: add support to openat2 in default ruleset Nov 18, 2021
Copy link
Member

@leogr leogr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@poiana poiana added the lgtm label Dec 3, 2021
@poiana
Copy link
Contributor

poiana commented Dec 3, 2021

LGTM label has been added.

Git tree hash: 1c264e5ca93dcf5fa4d06c3e9c249f609e0df4d1

@poiana
Copy link
Contributor

poiana commented Dec 3, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jasondellaluce, leogr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana poiana added the approved label Dec 3, 2021
@poiana poiana merged commit 2a00a4d into falcosecurity:master Dec 6, 2021
@jasondellaluce jasondellaluce deleted the rules/add-openat2 branch December 9, 2021 08:11
@leogr leogr added this to the 0.31.0 milestone Jan 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants