MCPcopy
hub / github.com/keploy/keploy / load

Method load

pkg/agent/hooks/linux/hooks.go:111–431  ·  view source on GitHub ↗
(ctx context.Context, opts agent.HookCfg, setupOpts config.Agent)

Source from the content-addressed store, hash-verified

109}
110
111func (h *Hooks) load(ctx context.Context, opts agent.HookCfg, setupOpts config.Agent) error {
112 // Allow the current process to lock memory for eBPF resources.
113 if err := rlimit.RemoveMemlock(); err != nil {
114 utils.LogError(h.logger, err, "failed to lock memory for eBPF resources")
115 return err
116 }
117
118 // Load pre-compiled programs and maps into the kernel.
119 objs := bpfObjects{}
120 bpfopts := &ebpf.CollectionOptions{
121 Programs: ebpf.ProgramOptions{
122 LogLevel: ebpf.LogLevelInstruction | ebpf.LogLevelBranch,
123 LogSizeStart: 1 * 1024 * 1024,
124 },
125 }
126
127 spec, err := loadBpf()
128 if err != nil {
129 utils.LogError(h.logger, err, "failed to load BPF spec")
130 return err
131 }
132
133 programs := []struct {
134 name string
135 pType ebpf.ProgramType
136 aType ebpf.AttachType
137 }{
138 {"k_sockops", ebpf.SockOps, ebpf.AttachCGroupSockOps},
139 }
140
141 for _, p := range programs {
142 if prog, ok := spec.Programs[p.name]; ok {
143 prog.Type = p.pType
144 prog.AttachType = p.aType
145 }
146 }
147
148 // Now load and assign into the kernel with the corrected spec
149 if err := spec.LoadAndAssign(&objs, bpfopts); err != nil {
150 var ve *ebpf.VerifierError
151 if errors.As(err, &ve) {
152 fmt.Printf("VERIFIER FAILURE:\n%s\n", strings.Join(ve.Log, "\n"))
153 } else {
154 fmt.Printf("SYSCALL FAILURE: %v\n", err)
155 }
156 return err
157 }
158 //getting all the ebpf maps with proper synchronization
159 h.objectsMutex.Lock()
160 h.clientRegistrationMap = objs.KeployClientRegistrationMap
161 h.agentRegistrationMap = objs.KeployAgentRegistrationMap
162 h.objects = objs
163 h.objectsMutex.Unlock()
164 // ---------------
165
166 // In DaemonSet mode the CRD-scoped SessionReconciler is the SOLE owner of
167 // target_namespace_pids — it arms exactly the recorded pods' TGIDs, and the
168 // proxyless capture reads that map. The sys_enter_socket tracepoint, by

Callers 1

LoadMethod · 0.95

Calls 13

RegisterClientMethod · 0.95
GetProxyInfoMethod · 0.95
SendAgentInfoMethod · 0.95
LogErrorFunction · 0.92
DetectCgroupPathFunction · 0.92
GetContainerIPv4Function · 0.92
GetSelfInodeNumberFunction · 0.85
ToIPv4MappedIPv6Function · 0.85
loadBpfFunction · 0.70
DebugMethod · 0.65
ErrorMethod · 0.45

Tested by

no test coverage detected