From 28347b04f28c06b79fb331e89c55574d5e55f3ef Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 17 Dec 2024 09:12:49 +0100 Subject: [PATCH 01/14] Allow specifying managers of cgroups to capture --- pkg/config/setup/system_probe_cws.go | 11 ++++++ pkg/security/config/config.go | 4 +++ .../ebpf/c/include/constants/custom.h | 3 ++ .../ebpf/c/include/helpers/activity_dump.h | 22 +++++++----- pkg/security/ebpf/c/include/hooks/cgroup.h | 14 ++++---- pkg/security/ebpf/c/include/maps.h | 2 +- .../resolvers/process/resolver_ebpf.go | 17 +++++---- pkg/security/secl/containerutils/cgroup.go | 6 ++++ pkg/security/secl/containerutils/helpers.go | 33 +++++++++-------- .../security_profile/dump/load_controller.go | 36 +++++++++++++++---- pkg/security/security_profile/dump/manager.go | 21 ++++++++--- 11 files changed, 122 insertions(+), 47 deletions(-) diff --git a/pkg/config/setup/system_probe_cws.go b/pkg/config/setup/system_probe_cws.go index d2cc6276907d3..d378b0f4e77af 100644 --- a/pkg/config/setup/system_probe_cws.go +++ b/pkg/config/setup/system_probe_cws.go @@ -8,8 +8,18 @@ package setup import ( pkgconfigmodel "github.com/DataDog/datadog-agent/pkg/config/model" "github.com/DataDog/datadog-agent/pkg/config/setup/constants" + "github.com/DataDog/datadog-agent/pkg/security/secl/containerutils" ) +func getDefaultCGroupManagers() []string { + return []string{ + containerutils.CGroupManagerDocker.String(), + containerutils.CGroupManagerPodman.String(), + containerutils.CGroupManagerCRI.String(), + containerutils.CGroupManagerCRIO.String(), + } +} + func initCWSSystemProbeConfig(cfg pkgconfigmodel.Config) { // CWS - general config // the following entries are platform specific @@ -57,6 +67,7 @@ func initCWSSystemProbeConfig(cfg pkgconfigmodel.Config) { cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.min_timeout", "10m") cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.max_dump_size", 1750) cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.traced_cgroups_count", 5) + cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.cgroup_managers", getDefaultCGroupManagers()) cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.traced_event_types", []string{"exec", "open", "dns", "imds"}) cfg.BindEnv("runtime_security_config.activity_dump.cgroup_dump_timeout") // deprecated in favor of dump_duration cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.dump_duration", "900s") diff --git a/pkg/security/config/config.go b/pkg/security/config/config.go index ab6b0b6b591e1..9d165a4ae1900 100644 --- a/pkg/security/config/config.go +++ b/pkg/security/config/config.go @@ -101,6 +101,9 @@ type RuntimeSecurityConfig struct { // ActivityDumpTracedCgroupsCount defines the maximum count of cgroups that should be monitored concurrently. Leave this parameter to 0 to prevent the generation // of activity dumps based on cgroups. ActivityDumpTracedCgroupsCount int + // ActivityDumpCgroupsManagers defines the cgroup managers we generate dumps for. + ActivityDumpCgroupsManagers []string + // ActivityDumpTracedEventTypes defines the list of events that should be captured in an activity dump. Leave this // parameter empty to monitor all event types. If not already present, the `exec` event will automatically be added // to this list. @@ -368,6 +371,7 @@ func NewRuntimeSecurityConfig() (*RuntimeSecurityConfig, error) { ActivityDumpLoadControlPeriod: pkgconfigsetup.SystemProbe().GetDuration("runtime_security_config.activity_dump.load_controller_period"), ActivityDumpLoadControlMinDumpTimeout: pkgconfigsetup.SystemProbe().GetDuration("runtime_security_config.activity_dump.min_timeout"), ActivityDumpTracedCgroupsCount: pkgconfigsetup.SystemProbe().GetInt("runtime_security_config.activity_dump.traced_cgroups_count"), + ActivityDumpCgroupsManagers: pkgconfigsetup.SystemProbe().GetStringSlice("runtime_security_config.activity_dump.cgroup_managers"), ActivityDumpTracedEventTypes: parseEventTypeStringSlice(pkgconfigsetup.SystemProbe().GetStringSlice("runtime_security_config.activity_dump.traced_event_types")), ActivityDumpCgroupDumpTimeout: pkgconfigsetup.SystemProbe().GetDuration("runtime_security_config.activity_dump.dump_duration"), ActivityDumpRateLimiter: pkgconfigsetup.SystemProbe().GetInt("runtime_security_config.activity_dump.rate_limiter"), diff --git a/pkg/security/ebpf/c/include/constants/custom.h b/pkg/security/ebpf/c/include/constants/custom.h index 88be17fa3c80b..d89db81c9d45f 100644 --- a/pkg/security/ebpf/c/include/constants/custom.h +++ b/pkg/security/ebpf/c/include/constants/custom.h @@ -196,4 +196,7 @@ static __attribute__((always_inline)) u64 get_imds_ip() { #define CGROUP_MANAGER_CRI 4 #define CGROUP_MANAGER_SYSTEMD 5 +#define CGROUP_SYSTEMD_SERVICE (0 << 8) +#define CGROUP_SYSTEMD_SCOPE (1 << 8) + #endif diff --git a/pkg/security/ebpf/c/include/helpers/activity_dump.h b/pkg/security/ebpf/c/include/helpers/activity_dump.h index c0f8d246006bf..4acbd20e0a71c 100644 --- a/pkg/security/ebpf/c/include/helpers/activity_dump.h +++ b/pkg/security/ebpf/c/include/helpers/activity_dump.h @@ -53,10 +53,15 @@ __attribute__((always_inline)) struct cgroup_tracing_event_t *get_cgroup_tracing return evt; } +__attribute__((always_inline)) u32 is_cgroup_activity_dumps_supported(struct cgroup_context_t *cgroup) { + u32 cgroup_manager = cgroup->cgroup_flags & 0b111; + u32 supported = (cgroup->cgroup_flags != 0) && (bpf_map_lookup_elem(&activity_dump_config_defaults, &cgroup_manager) != NULL); + return supported; +} + __attribute__((always_inline)) bool reserve_traced_cgroup_spot(struct cgroup_context_t *cgroup, u64 now, u64 cookie, struct activity_dump_config *config) { // insert dump config defaults - u32 defaults_key = 0; - struct activity_dump_config *defaults = bpf_map_lookup_elem(&activity_dump_config_defaults, &defaults_key); + struct activity_dump_config *defaults = bpf_map_lookup_elem(&activity_dump_config_defaults, &cgroup->cgroup_flags); if (defaults == NULL) { // should never happen, ignore return false; @@ -102,23 +107,24 @@ __attribute__((always_inline)) u64 trace_new_cgroup(void *ctx, u64 now, struct c return 0; } - if ((container->cgroup_context.cgroup_flags & 0b111) == CGROUP_MANAGER_SYSTEMD) { + if (!is_cgroup_activity_dumps_supported(&container->cgroup_context)) { return 0; } - copy_container_id(container->container_id, evt->container.container_id); + if ((container->cgroup_context.cgroup_flags&0b111) != CGROUP_MANAGER_SYSTEMD) { + copy_container_id(container->container_id, evt->container.container_id); + } else { + evt->container.container_id[0] = '\0'; + } evt->container.cgroup_context = container->cgroup_context; evt->cookie = cookie; evt->config = config; + bpf_printk("tracing new cgroup for %d: %d", container->cgroup_context.cgroup_flags, is_cgroup_activity_dumps_supported(&container->cgroup_context)); send_event_ptr(ctx, EVENT_CGROUP_TRACING, evt); return cookie; } -__attribute__((always_inline)) u64 is_cgroup_activity_dumps_supported(struct cgroup_context_t *cgroup) { - return (cgroup->cgroup_flags != 0) && ((cgroup->cgroup_flags&0b111) != CGROUP_MANAGER_SYSTEMD); -} - __attribute__((always_inline)) u64 should_trace_new_process_cgroup(void *ctx, u64 now, u32 pid, struct container_context_t *container) { // should we start tracing this cgroup ? struct cgroup_context_t cgroup_context; diff --git a/pkg/security/ebpf/c/include/hooks/cgroup.h b/pkg/security/ebpf/c/include/hooks/cgroup.h index a231142b8f90a..b7ce66a870b92 100644 --- a/pkg/security/ebpf/c/include/hooks/cgroup.h +++ b/pkg/security/ebpf/c/include/hooks/cgroup.h @@ -189,13 +189,13 @@ static __attribute__((always_inline)) int trace__cgroup_write(ctx_t *ctx) { #endif int length = bpf_probe_read_str(prefix, sizeof(cgroup_prefix_t), container_id) & 0xff; - if (cgroup_flags == 0 && ( - (length >= 9 && (*prefix)[length-9] == '.' && (*prefix)[length-8] == 's' && (*prefix)[length-7] == 'e' && (*prefix)[length-6] == 'r' && (*prefix)[length-5] == 'v' && (*prefix)[length-4] == 'i' && (*prefix)[length-3] == 'c' && (*prefix)[length-2] == 'e') - || - (length >= 7 && (*prefix)[length-7] == '.' && (*prefix)[length-6] == 's' && (*prefix)[length-5] == 'c' && (*prefix)[length-4] == 'o' && (*prefix)[length-3] == 'p' && (*prefix)[length-2] == 'e') - )) { - cgroup_flags = CGROUP_MANAGER_SYSTEMD; - } else if (cgroup_flags != 0) { + if (cgroup_flags == 0) { + if (length >= 9 && (*prefix)[length-9] == '.' && (*prefix)[length-8] == 's' && (*prefix)[length-7] == 'e' && (*prefix)[length-6] == 'r' && (*prefix)[length-5] == 'v' && (*prefix)[length-4] == 'i' && (*prefix)[length-3] == 'c' && (*prefix)[length-2] == 'e') { + cgroup_flags = CGROUP_MANAGER_SYSTEMD | CGROUP_SYSTEMD_SERVICE; + } else if (length >= 7 && (*prefix)[length-7] == '.' && (*prefix)[length-6] == 's' && (*prefix)[length-5] == 'c' && (*prefix)[length-4] == 'o' && (*prefix)[length-3] == 'p' && (*prefix)[length-2] == 'e') { + cgroup_flags = CGROUP_MANAGER_SYSTEMD | CGROUP_SYSTEMD_SCOPE; + } + } else { bpf_probe_read(&new_entry.container.container_id, sizeof(new_entry.container.container_id), container_id); } diff --git a/pkg/security/ebpf/c/include/maps.h b/pkg/security/ebpf/c/include/maps.h index d6ab3ceb74dfb..5db11dc1facc5 100644 --- a/pkg/security/ebpf/c/include/maps.h +++ b/pkg/security/ebpf/c/include/maps.h @@ -28,7 +28,7 @@ BPF_ARRAY_MAP(syscall_ctx_gen_id, u32, 1) BPF_ARRAY_MAP(syscall_ctx, char[MAX_SYSCALL_CTX_SIZE], MAX_SYSCALL_CTX_ENTRIES) BPF_HASH_MAP(activity_dumps_config, u64, struct activity_dump_config, 1) // max entries will be overridden at runtime -BPF_HASH_MAP(activity_dump_config_defaults, u32, struct activity_dump_config, 1) +BPF_HASH_MAP(activity_dump_config_defaults, u32, struct activity_dump_config, 4) BPF_HASH_MAP(traced_cgroups, struct path_key_t, u64, 1) // max entries will be overridden at runtime BPF_HASH_MAP(cgroup_wait_list, struct path_key_t, u64, 1) // max entries will be overridden at runtime BPF_HASH_MAP(traced_pids, u32, u64, 8192) // max entries will be overridden at runtime diff --git a/pkg/security/resolvers/process/resolver_ebpf.go b/pkg/security/resolvers/process/resolver_ebpf.go index 5bcccdb52c540..a56037d56d2ba 100644 --- a/pkg/security/resolvers/process/resolver_ebpf.go +++ b/pkg/security/resolvers/process/resolver_ebpf.go @@ -340,7 +340,7 @@ func (p *EBPFResolver) enrichEventFromProc(entry *model.ProcessCacheEntry, proc // Retrieve the container ID of the process from /proc containerID, cgroup, err := p.containerResolver.GetContainerContext(pid) if err != nil { - return fmt.Errorf("snapshot failed for %d: couldn't parse container ID: %w", proc.Pid, err) + return fmt.Errorf("snapshot failed for %d: couldn't parse container and cgroup context: %w", proc.Pid, err) } entry.ContainerID = containerID @@ -461,15 +461,15 @@ func (p *EBPFResolver) enrichEventFromProc(entry *model.ProcessCacheEntry, proc return nil } -// retrieveExecFileFields fetches inode metadata from kernel space -func (p *EBPFResolver) retrieveExecFileFields(procExecPath string) (*model.FileFields, error) { - fi, err := os.Stat(procExecPath) +// retrieveFileFields fetches inode metadata from kernel space +func (p *EBPFResolver) retrieveFileFields(filePath string) (*model.FileFields, error) { + fi, err := os.Stat(filePath) if err != nil { - return nil, fmt.Errorf("snapshot failed for `%s`: couldn't stat binary: %w", procExecPath, err) + return nil, fmt.Errorf("snapshot failed for `%s`: couldn't stat binary: %w", filePath, err) } stat, ok := fi.Sys().(*syscall.Stat_t) if !ok { - return nil, fmt.Errorf("snapshot failed for `%s`: couldn't stat binary", procExecPath) + return nil, fmt.Errorf("snapshot failed for `%s`: couldn't stat binary", filePath) } inode := stat.Ino @@ -493,6 +493,11 @@ func (p *EBPFResolver) retrieveExecFileFields(procExecPath string) (*model.FileF return &fileFields, nil } +// retrieveExecFileFields fetches inode metadata from kernel space +func (p *EBPFResolver) retrieveExecFileFields(procExecPath string) (*model.FileFields, error) { + return p.retrieveFileFields(procExecPath) +} + func (p *EBPFResolver) insertEntry(entry, prev *model.ProcessCacheEntry, source uint64) { entry.Source = source p.entryCache[entry.Pid] = entry diff --git a/pkg/security/secl/containerutils/cgroup.go b/pkg/security/secl/containerutils/cgroup.go index 74e7a64540c84..9cc6cca12d884 100644 --- a/pkg/security/secl/containerutils/cgroup.go +++ b/pkg/security/secl/containerutils/cgroup.go @@ -24,6 +24,12 @@ const ( CGroupManagerSystemd // systemd ) +// CGroup flags +const ( + SystemdService CGroupFlags = (0 << 8) + SystemdScope CGroupFlags = (1 << 8) +) + const ( // ContainerRuntimeDocker is used to specify that a container is managed by Docker ContainerRuntimeDocker = "docker" diff --git a/pkg/security/secl/containerutils/helpers.go b/pkg/security/secl/containerutils/helpers.go index 0e46e87af7f2a..311322f94ffc6 100644 --- a/pkg/security/secl/containerutils/helpers.go +++ b/pkg/security/secl/containerutils/helpers.go @@ -29,39 +29,42 @@ func init() { containerIDPattern = regexp.MustCompile(ContainerIDPatternStr) } -func isSystemdCgroup(cgroup CGroupID) bool { - return strings.HasSuffix(string(cgroup), ".service") || strings.HasSuffix(string(cgroup), ".scope") +func isSystemdScope(cgroup CGroupID) bool { + return strings.HasSuffix(string(cgroup), ".scope") +} + +func isSystemdService(cgroup CGroupID) bool { + return strings.HasSuffix(string(cgroup), ".service") +} + +func getSystemdCGroupFlags(cgroup CGroupID) uint64 { + if isSystemdScope(cgroup) { + return uint64(CGroupManagerSystemd) | uint64(SystemdScope) + } else if isSystemdService(cgroup) { + return uint64(CGroupManagerSystemd) | uint64(SystemdService) + } + return 0 } // FindContainerID extracts the first sub string that matches the pattern of a container ID along with the container flags induced from the container runtime prefix func FindContainerID(s CGroupID) (ContainerID, uint64) { match := containerIDPattern.FindIndex([]byte(s)) if match == nil { - if isSystemdCgroup(s) { - return "", uint64(CGroupManagerSystemd) - } - - return "", 0 + return "", getSystemdCGroupFlags(s) } // first, check what's before if match[0] != 0 { previousChar := string(s[match[0]-1]) if strings.ContainsAny(previousChar, containerIDCoreChars) { - if isSystemdCgroup(s) { - return "", uint64(CGroupManagerSystemd) - } - return "", 0 + return "", getSystemdCGroupFlags(s) } } // then, check what's after if match[1] < len(s) { nextChar := string(s[match[1]]) if strings.ContainsAny(nextChar, containerIDCoreChars) { - if isSystemdCgroup(s) { - return "", uint64(CGroupManagerSystemd) - } - return "", 0 + return "", getSystemdCGroupFlags(s) } } diff --git a/pkg/security/security_profile/dump/load_controller.go b/pkg/security/security_profile/dump/load_controller.go index ae8767bcfd153..7e8a42a735bba 100644 --- a/pkg/security/security_profile/dump/load_controller.go +++ b/pkg/security/security_profile/dump/load_controller.go @@ -16,6 +16,7 @@ import ( "github.com/DataDog/datadog-agent/pkg/security/config" "github.com/DataDog/datadog-agent/pkg/security/metrics" + "github.com/DataDog/datadog-agent/pkg/security/secl/containerutils" "github.com/DataDog/datadog-agent/pkg/security/secl/model" "github.com/DataDog/datadog-agent/pkg/security/seclog" ) @@ -58,7 +59,7 @@ func NewActivityDumpLoadController(adm *ActivityDumpManager) (*ActivityDumpLoadC }, nil } -func (lc *ActivityDumpLoadController) getDefaultLoadConfig() *model.ActivityDumpLoadConfig { +func (lc *ActivityDumpLoadController) getDefaultLoadConfigs() (map[containerutils.CGroupManager]*model.ActivityDumpLoadConfig, error) { defaults := NewActivityDumpLoadConfig( lc.adm.config.RuntimeSecurity.ActivityDumpTracedEventTypes, lc.adm.config.RuntimeSecurity.ActivityDumpCgroupDumpTimeout, @@ -68,14 +69,37 @@ func (lc *ActivityDumpLoadController) getDefaultLoadConfig() *model.ActivityDump lc.adm.resolvers.TimeResolver, ) defaults.WaitListTimestampRaw = uint64(lc.adm.config.RuntimeSecurity.ActivityDumpCgroupWaitListTimeout) - return defaults + + allDefaultConfigs := map[string]containerutils.CGroupManager{ + containerutils.CGroupManagerDocker.String(): containerutils.CGroupManagerDocker, + containerutils.CGroupManagerPodman.String(): containerutils.CGroupManagerPodman, + containerutils.CGroupManagerCRI.String(): containerutils.CGroupManagerCRI, + containerutils.CGroupManagerCRIO.String(): containerutils.CGroupManagerCRIO, + containerutils.CGroupManagerSystemd.String(): containerutils.CGroupManagerSystemd, + } + defaultConfigs := make(map[containerutils.CGroupManager]*model.ActivityDumpLoadConfig) + for _, cgroupManager := range lc.adm.config.RuntimeSecurity.ActivityDumpCgroupsManagers { + cgroupManager, found := allDefaultConfigs[cgroupManager] + if !found { + return nil, fmt.Errorf("unsupported cgroup manager '%s'", cgroupManager) + } + defaultConfigs[cgroupManager] = defaults + } + return defaultConfigs, nil } -// PushCurrentConfig pushes the current load controller config to kernel space -func (lc *ActivityDumpLoadController) PushCurrentConfig() error { +// PushDefaultCurrentConfig pushes the current load controller config to kernel space +func (lc *ActivityDumpLoadController) PushDefaultCurrentConfigs() error { + defaultConfigs, err := lc.getDefaultLoadConfigs() + if err != nil { + return err + } + // push default load config values - if err := lc.activityDumpConfigDefaults.Put(uint32(0), lc.getDefaultLoadConfig()); err != nil { - return fmt.Errorf("couldn't update default activity dump load config: %w", err) + for cgroupManager, defaultConfig := range defaultConfigs { + if err := lc.activityDumpConfigDefaults.Put(uint32(cgroupManager), defaultConfig); err != nil { + return fmt.Errorf("couldn't update default activity dump load config: %w", err) + } } return nil } diff --git a/pkg/security/security_profile/dump/manager.go b/pkg/security/security_profile/dump/manager.go index 079f45c13bc21..be81a28ca5c4d 100644 --- a/pkg/security/security_profile/dump/manager.go +++ b/pkg/security/security_profile/dump/manager.go @@ -321,7 +321,8 @@ func NewActivityDumpManager(config *config.Config, statsdClient statsd.ClientInt if err != nil { return nil, fmt.Errorf("couldn't instantiate the activity dump load controller: %w", err) } - if err = loadController.PushCurrentConfig(); err != nil { + + if err = loadController.PushDefaultCurrentConfigs(); err != nil { return nil, fmt.Errorf("failed to push load controller config settings to kernel space: %w", err) } adm.loadController = loadController @@ -449,8 +450,8 @@ func (adm *ActivityDumpManager) HandleCGroupTracingEvent(event *model.CgroupTrac adm.Lock() defer adm.Unlock() - if len(event.ContainerContext.ContainerID) == 0 { - seclog.Warnf("received a cgroup tracing event with an empty container ID") + if len(event.CGroupContext.CGroupID) == 0 { + seclog.Warnf("received a cgroup tracing event with an empty cgroup ID") return } @@ -514,7 +515,19 @@ workloadLoop: } // if we're still here, we can start tracing this workload - if err := adm.startDumpWithConfig(workloads[0].ContainerID, workloads[0].CGroupContext, utils.NewCookie(), *adm.loadController.getDefaultLoadConfig()); err != nil { + defaultConfigs, err := adm.loadController.getDefaultLoadConfigs() + if err != nil { + seclog.Errorf("%v", err) + continue + } + + defaultConfig, found := defaultConfigs[containerutils.CGroupManager(workloads[0].CGroupContext.CGroupFlags)] + if !found { + seclog.Errorf("Failed to find default activity dump config for %s", containerutils.CGroupManager(workloads[0].CGroupContext.CGroupFlags).String()) + continue + } + + if err := adm.startDumpWithConfig(workloads[0].ContainerID, workloads[0].CGroupContext, utils.NewCookie(), *defaultConfig); err != nil { if !errors.Is(err, unix.E2BIG) { seclog.Debugf("%v", err) break From e60947a2479f90919737f4745e6f13cb6b20d0cc Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Wed, 11 Dec 2024 20:56:49 +0100 Subject: [PATCH 02/14] Add Pid to CgroupTracing event --- pkg/security/ebpf/c/include/events_definition.h | 1 + .../ebpf/c/include/helpers/activity_dump.h | 2 +- pkg/security/probe/probe_ebpf.go | 14 ++++++-------- pkg/security/secl/model/model_unix.go | 1 + pkg/security/secl/model/unmarshallers_linux.go | 5 +++-- 5 files changed, 12 insertions(+), 11 deletions(-) diff --git a/pkg/security/ebpf/c/include/events_definition.h b/pkg/security/ebpf/c/include/events_definition.h index ef52f5edcf386..1c1cea8fd9af0 100644 --- a/pkg/security/ebpf/c/include/events_definition.h +++ b/pkg/security/ebpf/c/include/events_definition.h @@ -122,6 +122,7 @@ struct cgroup_tracing_event_t { struct container_context_t container; struct activity_dump_config config; u64 cookie; + u32 pid; }; struct cgroup_write_event_t { diff --git a/pkg/security/ebpf/c/include/helpers/activity_dump.h b/pkg/security/ebpf/c/include/helpers/activity_dump.h index 4acbd20e0a71c..8a53d5a3c16ec 100644 --- a/pkg/security/ebpf/c/include/helpers/activity_dump.h +++ b/pkg/security/ebpf/c/include/helpers/activity_dump.h @@ -119,7 +119,7 @@ __attribute__((always_inline)) u64 trace_new_cgroup(void *ctx, u64 now, struct c evt->container.cgroup_context = container->cgroup_context; evt->cookie = cookie; evt->config = config; - bpf_printk("tracing new cgroup for %d: %d", container->cgroup_context.cgroup_flags, is_cgroup_activity_dumps_supported(&container->cgroup_context)); + evt->pid = bpf_get_current_pid_tgid() >> 32; send_event_ptr(ctx, EVENT_CGROUP_TRACING, evt); return cookie; diff --git a/pkg/security/probe/probe_ebpf.go b/pkg/security/probe/probe_ebpf.go index f06cbe8fa45ae..79dd662147379 100644 --- a/pkg/security/probe/probe_ebpf.go +++ b/pkg/security/probe/probe_ebpf.go @@ -818,18 +818,16 @@ func (p *EBPFProbe) handleEvent(CPU int, data []byte) { return } - if cgroupContext, err := p.Resolvers.ResolveCGroupContext(event.CgroupTracing.CGroupContext.CGroupFile, containerutils.CGroupFlags(event.CgroupTracing.CGroupContext.CGroupFlags)); err != nil { - seclog.Debugf("Failed to resolve cgroup: %s", err) - } else { - event.CgroupTracing.CGroupContext = *cgroupContext - if cgroupContext.CGroupFlags.IsContainer() { - containerID, _ := containerutils.FindContainerID(cgroupContext.CGroupID) + pce := p.Resolvers.ProcessResolver.Resolve(event.CgroupTracing.Pid, event.CgroupTracing.Pid, 0, false, newEntryCb) + if pce != nil { + if pce.CGroup.CGroupFlags.IsContainer() { + containerID, _ := containerutils.FindContainerID(pce.CGroup.CGroupID) event.CgroupTracing.ContainerContext.ContainerID = containerID } - - p.profileManagers.activityDumpManager.HandleCGroupTracingEvent(&event.CgroupTracing) + event.CgroupTracing.CGroupContext = pce.CGroup } + p.profileManagers.activityDumpManager.HandleCGroupTracingEvent(&event.CgroupTracing) return case model.CgroupWriteEventType: if _, err = event.CgroupWrite.UnmarshalBinary(data[offset:]); err != nil { diff --git a/pkg/security/secl/model/model_unix.go b/pkg/security/secl/model/model_unix.go index c7ff2ac4240b3..8dbb8660fc856 100644 --- a/pkg/security/secl/model/model_unix.go +++ b/pkg/security/secl/model/model_unix.go @@ -624,6 +624,7 @@ type CgroupTracingEvent struct { ContainerContext ContainerContext CGroupContext CGroupContext Config ActivityDumpLoadConfig + Pid uint32 ConfigCookie uint64 } diff --git a/pkg/security/secl/model/unmarshallers_linux.go b/pkg/security/secl/model/unmarshallers_linux.go index 7c38d3127e1ba..2a85441738286 100644 --- a/pkg/security/secl/model/unmarshallers_linux.go +++ b/pkg/security/secl/model/unmarshallers_linux.go @@ -984,12 +984,13 @@ func (e *CgroupTracingEvent) UnmarshalBinary(data []byte) (int, error) { } cursor += read - if len(data)-cursor < 8 { + if len(data)-cursor < 12 { return 0, ErrNotEnoughData } e.ConfigCookie = binary.NativeEndian.Uint64(data[cursor : cursor+8]) - return cursor + 8, nil + e.Pid = binary.NativeEndian.Uint32(data[cursor+8 : cursor+12]) + return cursor + 12, nil } // UnmarshalBinary unmarshals a binary representation of itself From 9027c4264429ce910507d4e8dc01b4ade02c1548 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 17 Dec 2024 12:53:21 +0100 Subject: [PATCH 03/14] Make linters happy --- comp/api/authtoken/go.mod | 1 + comp/api/authtoken/go.sum | 2 ++ comp/core/config/go.mod | 1 + comp/core/config/go.sum | 2 ++ comp/core/log/impl-trace/go.mod | 1 + comp/core/log/impl-trace/go.sum | 2 ++ comp/core/log/impl/go.mod | 1 + comp/core/log/impl/go.sum | 2 ++ comp/core/log/mock/go.sum | 2 ++ comp/core/status/statusimpl/go.mod | 1 + comp/core/status/statusimpl/go.sum | 2 ++ comp/forwarder/defaultforwarder/go.mod | 1 + comp/forwarder/defaultforwarder/go.sum | 2 ++ comp/forwarder/orchestrator/orchestratorinterface/go.mod | 1 + comp/forwarder/orchestrator/orchestratorinterface/go.sum | 2 ++ comp/logs/agent/config/go.mod | 1 + comp/logs/agent/config/go.sum | 2 ++ comp/otelcol/converter/impl/go.mod | 1 + comp/otelcol/converter/impl/go.sum | 2 ++ comp/otelcol/ddflareextension/impl/go.mod | 1 + comp/otelcol/ddflareextension/impl/go.sum | 2 ++ comp/otelcol/logsagentpipeline/go.mod | 1 + comp/otelcol/logsagentpipeline/go.sum | 2 ++ comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.mod | 1 + comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.sum | 2 ++ comp/otelcol/otlp/components/exporter/datadogexporter/go.mod | 1 + comp/otelcol/otlp/components/exporter/datadogexporter/go.sum | 2 ++ comp/otelcol/otlp/components/exporter/logsagentexporter/go.mod | 1 + comp/otelcol/otlp/components/exporter/logsagentexporter/go.sum | 2 ++ comp/otelcol/otlp/components/exporter/serializerexporter/go.mod | 1 + comp/otelcol/otlp/components/exporter/serializerexporter/go.sum | 2 ++ comp/otelcol/otlp/testutil/go.mod | 1 + comp/otelcol/otlp/testutil/go.sum | 2 ++ comp/serializer/compression/go.mod | 1 + comp/serializer/compression/go.sum | 2 ++ go.mod | 2 +- pkg/api/go.mod | 1 + pkg/api/go.sum | 2 ++ pkg/config/mock/go.mod | 1 + pkg/config/mock/go.sum | 2 ++ pkg/config/remote/go.mod | 1 + pkg/config/remote/go.sum | 2 ++ pkg/config/setup/go.mod | 1 + pkg/config/setup/go.sum | 2 ++ pkg/config/utils/go.mod | 1 + pkg/config/utils/go.sum | 2 ++ pkg/logs/auditor/go.mod | 1 + pkg/logs/auditor/go.sum | 2 ++ pkg/logs/client/go.mod | 1 + pkg/logs/client/go.sum | 2 ++ pkg/logs/diagnostic/go.mod | 1 + pkg/logs/diagnostic/go.sum | 2 ++ pkg/logs/message/go.mod | 1 + pkg/logs/message/go.sum | 2 ++ pkg/logs/pipeline/go.mod | 1 + pkg/logs/pipeline/go.sum | 2 ++ pkg/logs/processor/go.mod | 1 + pkg/logs/processor/go.sum | 2 ++ pkg/logs/sds/go.mod | 1 + pkg/logs/sds/go.sum | 2 ++ pkg/logs/sender/go.mod | 1 + pkg/logs/sender/go.sum | 2 ++ pkg/logs/sources/go.mod | 1 + pkg/logs/sources/go.sum | 2 ++ pkg/logs/util/testutils/go.mod | 1 + pkg/logs/util/testutils/go.sum | 2 ++ pkg/metrics/go.mod | 1 + pkg/metrics/go.sum | 2 ++ pkg/security/security_profile/dump/load_controller.go | 2 +- pkg/serializer/go.mod | 1 + pkg/serializer/go.sum | 2 ++ pkg/util/flavor/go.mod | 1 + pkg/util/flavor/go.sum | 2 ++ pkg/util/grpc/go.mod | 1 + pkg/util/grpc/go.sum | 2 ++ pkg/util/http/go.mod | 1 + pkg/util/http/go.sum | 2 ++ pkg/util/log/setup/go.mod | 1 + pkg/util/log/setup/go.sum | 2 ++ test/otel/go.mod | 1 + test/otel/go.sum | 2 ++ 81 files changed, 121 insertions(+), 2 deletions(-) diff --git a/comp/api/authtoken/go.mod b/comp/api/authtoken/go.mod index 24081f4824780..74132e68a930b 100644 --- a/comp/api/authtoken/go.mod +++ b/comp/api/authtoken/go.mod @@ -65,6 +65,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/api/authtoken/go.sum b/comp/api/authtoken/go.sum index dd16364891695..8c8719cc875e4 100644 --- a/comp/api/authtoken/go.sum +++ b/comp/api/authtoken/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/config/go.mod b/comp/core/config/go.mod index 00be19b3b9ba7..7ecb4324042a0 100644 --- a/comp/core/config/go.mod +++ b/comp/core/config/go.mod @@ -57,6 +57,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/core/config/go.sum b/comp/core/config/go.sum index 323c4fa804e83..e5d6ecc0034ec 100644 --- a/comp/core/config/go.sum +++ b/comp/core/config/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/log/impl-trace/go.mod b/comp/core/log/impl-trace/go.mod index 309b259ad3616..59284eda2d7cf 100644 --- a/comp/core/log/impl-trace/go.mod +++ b/comp/core/log/impl-trace/go.mod @@ -67,6 +67,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/core/log/impl-trace/go.sum b/comp/core/log/impl-trace/go.sum index dd16364891695..8c8719cc875e4 100644 --- a/comp/core/log/impl-trace/go.sum +++ b/comp/core/log/impl-trace/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/log/impl/go.mod b/comp/core/log/impl/go.mod index 12d048a84bd4d..41996c2be1077 100644 --- a/comp/core/log/impl/go.mod +++ b/comp/core/log/impl/go.mod @@ -55,6 +55,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect diff --git a/comp/core/log/impl/go.sum b/comp/core/log/impl/go.sum index dd16364891695..8c8719cc875e4 100644 --- a/comp/core/log/impl/go.sum +++ b/comp/core/log/impl/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/log/mock/go.sum b/comp/core/log/mock/go.sum index 4b0aad4f95926..40403d3913920 100644 --- a/comp/core/log/mock/go.sum +++ b/comp/core/log/mock/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/status/statusimpl/go.mod b/comp/core/status/statusimpl/go.mod index c121259bfa141..1675f6c8dd7de 100644 --- a/comp/core/status/statusimpl/go.mod +++ b/comp/core/status/statusimpl/go.mod @@ -67,6 +67,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/core/status/statusimpl/go.sum b/comp/core/status/statusimpl/go.sum index 73fea28e04146..5ee4743b4f991 100644 --- a/comp/core/status/statusimpl/go.sum +++ b/comp/core/status/statusimpl/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/forwarder/defaultforwarder/go.mod b/comp/forwarder/defaultforwarder/go.mod index 97eb61b033263..2170d3cb8ba60 100644 --- a/comp/forwarder/defaultforwarder/go.mod +++ b/comp/forwarder/defaultforwarder/go.mod @@ -92,6 +92,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/log v0.59.1 // indirect diff --git a/comp/forwarder/defaultforwarder/go.sum b/comp/forwarder/defaultforwarder/go.sum index 735da3a7badda..71b03c1120d59 100644 --- a/comp/forwarder/defaultforwarder/go.sum +++ b/comp/forwarder/defaultforwarder/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/forwarder/orchestrator/orchestratorinterface/go.mod b/comp/forwarder/orchestrator/orchestratorinterface/go.mod index 7c55fcf139cf0..f31e9f19881e4 100644 --- a/comp/forwarder/orchestrator/orchestratorinterface/go.mod +++ b/comp/forwarder/orchestrator/orchestratorinterface/go.mod @@ -85,6 +85,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.57.1 // indirect github.com/DataDog/datadog-agent/pkg/orchestrator/model v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect diff --git a/comp/forwarder/orchestrator/orchestratorinterface/go.sum b/comp/forwarder/orchestrator/orchestratorinterface/go.sum index c23eb9a608463..5edaea7c4c86f 100644 --- a/comp/forwarder/orchestrator/orchestratorinterface/go.sum +++ b/comp/forwarder/orchestrator/orchestratorinterface/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/cast v1.8.0 h1:uooY8bMzq+cjgiNP1VTquCWve5emgk8fRspZojJwQa8= github.com/DataDog/cast v1.8.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/logs/agent/config/go.mod b/comp/logs/agent/config/go.mod index 1ae81a7be7da6..3505bc1a56604 100644 --- a/comp/logs/agent/config/go.mod +++ b/comp/logs/agent/config/go.mod @@ -60,6 +60,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/mock v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/logs/agent/config/go.sum b/comp/logs/agent/config/go.sum index dd16364891695..8c8719cc875e4 100644 --- a/comp/logs/agent/config/go.sum +++ b/comp/logs/agent/config/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/otelcol/converter/impl/go.mod b/comp/otelcol/converter/impl/go.mod index ec9c75f1a3c68..9f4d3ce80631b 100644 --- a/comp/otelcol/converter/impl/go.mod +++ b/comp/otelcol/converter/impl/go.mod @@ -65,6 +65,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.2 // indirect diff --git a/comp/otelcol/converter/impl/go.sum b/comp/otelcol/converter/impl/go.sum index 4239a8ba70c9d..09a6fe28c9d45 100644 --- a/comp/otelcol/converter/impl/go.sum +++ b/comp/otelcol/converter/impl/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/otelcol/ddflareextension/impl/go.mod b/comp/otelcol/ddflareextension/impl/go.mod index 7af5d796d92fb..1e427861ac3c7 100644 --- a/comp/otelcol/ddflareextension/impl/go.mod +++ b/comp/otelcol/ddflareextension/impl/go.mod @@ -151,6 +151,7 @@ require ( require go.opentelemetry.io/collector/extension/extensiontest v0.115.0 // indirect require ( + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/knadh/koanf/maps v0.1.1 // indirect github.com/knadh/koanf/providers/confmap v0.1.0 // indirect github.com/moby/sys/userns v0.1.0 // indirect diff --git a/comp/otelcol/ddflareextension/impl/go.sum b/comp/otelcol/ddflareextension/impl/go.sum index d4f8e67e79da5..90dbb54751ab1 100644 --- a/comp/otelcol/ddflareextension/impl/go.sum +++ b/comp/otelcol/ddflareextension/impl/go.sum @@ -63,6 +63,8 @@ github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytlju github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= github.com/DataDog/datadog-agent/comp/core/log v0.56.2 h1:qvBT+FfjKGqimyEvmsNHCZKbTfBJAdUZSVy2IZQ8HS4= github.com/DataDog/datadog-agent/comp/core/log v0.56.2/go.mod h1:ivJ/RMZjTNkoPPNDX+v/nnBwABLCiMv1vQA5tk/HCR4= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-api-client-go/v2 v2.33.0 h1:OI6kDnJeQmkjfGzxmP0XUQUxMD4tp6oAPXnnJ4VpgUM= github.com/DataDog/datadog-api-client-go/v2 v2.33.0/go.mod h1:d3tOEgUd2kfsr9uuHQdY+nXrWp4uikgTgVCPdKNK30U= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= diff --git a/comp/otelcol/logsagentpipeline/go.mod b/comp/otelcol/logsagentpipeline/go.mod index 2a575bf145e7e..a0311822ebc96 100644 --- a/comp/otelcol/logsagentpipeline/go.mod +++ b/comp/otelcol/logsagentpipeline/go.mod @@ -88,6 +88,7 @@ require ( github.com/DataDog/datadog-agent/pkg/logs/sources v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/statusinterface v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect diff --git a/comp/otelcol/logsagentpipeline/go.sum b/comp/otelcol/logsagentpipeline/go.sum index b0f7d9ee40dfd..9651ecf9c1cdd 100644 --- a/comp/otelcol/logsagentpipeline/go.sum +++ b/comp/otelcol/logsagentpipeline/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.mod b/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.mod index 711aa095cc468..ce8692bf41f1d 100644 --- a/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.mod +++ b/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.mod @@ -106,6 +106,7 @@ require ( github.com/DataDog/datadog-agent/pkg/logs/sds v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/sender v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect diff --git a/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.sum b/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.sum index b0f7d9ee40dfd..9651ecf9c1cdd 100644 --- a/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.sum +++ b/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/comp/otelcol/otlp/components/exporter/datadogexporter/go.mod b/comp/otelcol/otlp/components/exporter/datadogexporter/go.mod index c3e28a412d2e6..0491da72ed581 100644 --- a/comp/otelcol/otlp/components/exporter/datadogexporter/go.mod +++ b/comp/otelcol/otlp/components/exporter/datadogexporter/go.mod @@ -172,6 +172,7 @@ require ( github.com/DataDog/datadog-agent/pkg/orchestrator/model v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/process/util/api v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/tagger/types v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/tagset v0.56.0-rc.3 // indirect diff --git a/comp/otelcol/otlp/components/exporter/datadogexporter/go.sum b/comp/otelcol/otlp/components/exporter/datadogexporter/go.sum index e9c507fbafa8a..aab89ef4f6af5 100644 --- a/comp/otelcol/otlp/components/exporter/datadogexporter/go.sum +++ b/comp/otelcol/otlp/components/exporter/datadogexporter/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-api-client-go/v2 v2.33.0 h1:OI6kDnJeQmkjfGzxmP0XUQUxMD4tp6oAPXnnJ4VpgUM= github.com/DataDog/datadog-api-client-go/v2 v2.33.0/go.mod h1:d3tOEgUd2kfsr9uuHQdY+nXrWp4uikgTgVCPdKNK30U= github.com/DataDog/datadog-go/v5 v5.6.0 h1:2oCLxjF/4htd55piM75baflj/KoE6VYS7alEUqFvRDw= diff --git a/comp/otelcol/otlp/components/exporter/logsagentexporter/go.mod b/comp/otelcol/otlp/components/exporter/logsagentexporter/go.mod index 80cffa6a338c5..1701e8e6020bb 100644 --- a/comp/otelcol/otlp/components/exporter/logsagentexporter/go.mod +++ b/comp/otelcol/otlp/components/exporter/logsagentexporter/go.mod @@ -79,6 +79,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/proto v0.55.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/otelcol/otlp/components/exporter/logsagentexporter/go.sum b/comp/otelcol/otlp/components/exporter/logsagentexporter/go.sum index c50808e9a40cd..6b0355b0a6082 100644 --- a/comp/otelcol/otlp/components/exporter/logsagentexporter/go.sum +++ b/comp/otelcol/otlp/components/exporter/logsagentexporter/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-api-client-go/v2 v2.33.0 h1:OI6kDnJeQmkjfGzxmP0XUQUxMD4tp6oAPXnnJ4VpgUM= github.com/DataDog/datadog-api-client-go/v2 v2.33.0/go.mod h1:d3tOEgUd2kfsr9uuHQdY+nXrWp4uikgTgVCPdKNK30U= github.com/DataDog/opentelemetry-mapping-go/pkg/inframetadata v0.22.0 h1:r1Dx2cRHCBWkVluSZA41i4eoI/nOGbcrrZdkqWjoFCc= diff --git a/comp/otelcol/otlp/components/exporter/serializerexporter/go.mod b/comp/otelcol/otlp/components/exporter/serializerexporter/go.mod index 1f8b9e2be8d1d..7fcfc6c3fcbf5 100644 --- a/comp/otelcol/otlp/components/exporter/serializerexporter/go.mod +++ b/comp/otelcol/otlp/components/exporter/serializerexporter/go.mod @@ -237,6 +237,7 @@ require ( ) require ( + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/ebitengine/purego v0.8.1 // indirect github.com/knadh/koanf/maps v0.1.1 // indirect github.com/knadh/koanf/providers/confmap v0.1.0 // indirect diff --git a/comp/otelcol/otlp/components/exporter/serializerexporter/go.sum b/comp/otelcol/otlp/components/exporter/serializerexporter/go.sum index a33f1cc34269d..25ab753fbe1bc 100644 --- a/comp/otelcol/otlp/components/exporter/serializerexporter/go.sum +++ b/comp/otelcol/otlp/components/exporter/serializerexporter/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/mmh3 v0.0.0-20210722141835-012dc69a9e49 h1:EbzDX8HPk5uE2FsJYxD74QmMw0/3CqSKhEr6teh0ncQ= github.com/DataDog/mmh3 v0.0.0-20210722141835-012dc69a9e49/go.mod h1:SvsjzyJlSg0rKsqYgdcFxeEVflx3ZNAyFfkUHP0TxXg= github.com/DataDog/opentelemetry-mapping-go/pkg/internal/sketchtest v0.22.0 h1:cXcKVEU1D0HlguR7GunnvuI70TghkarCa9DApqzMY94= diff --git a/comp/otelcol/otlp/testutil/go.mod b/comp/otelcol/otlp/testutil/go.mod index d51e4d63d2b36..1745ca47cb164 100644 --- a/comp/otelcol/otlp/testutil/go.mod +++ b/comp/otelcol/otlp/testutil/go.mod @@ -52,6 +52,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/otelcol/otlp/testutil/go.sum b/comp/otelcol/otlp/testutil/go.sum index 0778f221b9bca..4cac626159a12 100644 --- a/comp/otelcol/otlp/testutil/go.sum +++ b/comp/otelcol/otlp/testutil/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/opentelemetry-mapping-go/pkg/inframetadata v0.22.0 h1:r1Dx2cRHCBWkVluSZA41i4eoI/nOGbcrrZdkqWjoFCc= github.com/DataDog/opentelemetry-mapping-go/pkg/inframetadata v0.22.0/go.mod h1:+/dkO8ZiMa8rfm4SmtTF6qPUdBbBcvsWWKaO4xPKAIk= github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes v0.22.0 h1:yfk2cF8Bx98fSFpGrehEHh1FRqewfxcCTAbUDt5r3F8= diff --git a/comp/serializer/compression/go.mod b/comp/serializer/compression/go.mod index f1c59cd40d645..722c41d64c9f4 100644 --- a/comp/serializer/compression/go.mod +++ b/comp/serializer/compression/go.mod @@ -53,6 +53,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/serializer/compression/go.sum b/comp/serializer/compression/go.sum index 3b405d22ebcc8..93f9f7c7baf36 100644 --- a/comp/serializer/compression/go.sum +++ b/comp/serializer/compression/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/DataDog/zstd v1.5.6 h1:LbEglqepa/ipmmQJUDnSsfvA8e8IStVcGaFWDuxvGOY= diff --git a/go.mod b/go.mod index 30981dbec9ce2..5bdd92102f7e7 100644 --- a/go.mod +++ b/go.mod @@ -152,7 +152,7 @@ require ( github.com/DataDog/datadog-agent/pkg/gohai v0.56.0-rc.3 github.com/DataDog/datadog-agent/pkg/obfuscate v0.59.0 github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.59.0 - github.com/DataDog/datadog-agent/pkg/security/secl v0.56.0 + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 github.com/DataDog/datadog-agent/pkg/trace v0.59.0 github.com/DataDog/datadog-agent/pkg/util/cgroups v0.59.0 github.com/DataDog/datadog-agent/pkg/util/log v0.59.1 diff --git a/pkg/api/go.mod b/pkg/api/go.mod index ab50796cf7a58..fd1d8798a8ea3 100644 --- a/pkg/api/go.mod +++ b/pkg/api/go.mod @@ -59,6 +59,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/api/go.sum b/pkg/api/go.sum index dd16364891695..8c8719cc875e4 100644 --- a/pkg/api/go.sum +++ b/pkg/api/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/config/mock/go.mod b/pkg/config/mock/go.mod index f4edf2bbb8c8e..c2ab305102f48 100644 --- a/pkg/config/mock/go.mod +++ b/pkg/config/mock/go.mod @@ -42,6 +42,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/config/mock/go.sum b/pkg/config/mock/go.sum index 7fdf16db5981c..b1719435aa173 100644 --- a/pkg/config/mock/go.sum +++ b/pkg/config/mock/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/config/remote/go.mod b/pkg/config/remote/go.mod index a1c4a4ebbc561..d90fef1124162 100644 --- a/pkg/config/remote/go.mod +++ b/pkg/config/remote/go.mod @@ -75,6 +75,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/obfuscate v0.48.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/cache v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect diff --git a/pkg/config/remote/go.sum b/pkg/config/remote/go.sum index ca537b0d1660e..c40f610fda00d 100644 --- a/pkg/config/remote/go.sum +++ b/pkg/config/remote/go.sum @@ -7,6 +7,8 @@ cloud.google.com/go/compute/metadata v0.5.2/go.mod h1:C66sj2AluDcIqakBq/M8lw8/yb github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/appsec-internal-go v1.9.0 h1:cGOneFsg0JTRzWl5U2+og5dbtyW3N8XaYwc5nXe39Vw= github.com/DataDog/appsec-internal-go v1.9.0/go.mod h1:wW0cRfWBo4C044jHGwYiyh5moQV2x0AhnwqMuiX7O/g= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-go/v5 v5.6.0 h1:2oCLxjF/4htd55piM75baflj/KoE6VYS7alEUqFvRDw= github.com/DataDog/datadog-go/v5 v5.6.0/go.mod h1:K9kcYBlxkcPP8tvvjZZKs/m1edNAUFzBbdpTUKfCsuw= github.com/DataDog/go-libddwaf/v3 v3.5.1 h1:GWA4ln4DlLxiXm+X7HA/oj0ZLcdCwOS81KQitegRTyY= diff --git a/pkg/config/setup/go.mod b/pkg/config/setup/go.mod index efed57c318b83..31f76ba7cad00 100644 --- a/pkg/config/setup/go.mod +++ b/pkg/config/setup/go.mod @@ -41,6 +41,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 diff --git a/pkg/config/setup/go.sum b/pkg/config/setup/go.sum index eb1a58f09f4b8..b3948e3fc177a 100644 --- a/pkg/config/setup/go.sum +++ b/pkg/config/setup/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/cast v1.8.0 h1:uooY8bMzq+cjgiNP1VTquCWve5emgk8fRspZojJwQa8= github.com/DataDog/cast v1.8.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/config/utils/go.mod b/pkg/config/utils/go.mod index ef80f1fde725b..f9625f9e3fe30 100644 --- a/pkg/config/utils/go.mod +++ b/pkg/config/utils/go.mod @@ -49,6 +49,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/env v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/config/utils/go.sum b/pkg/config/utils/go.sum index 7fdf16db5981c..b1719435aa173 100644 --- a/pkg/config/utils/go.sum +++ b/pkg/config/utils/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/auditor/go.mod b/pkg/logs/auditor/go.mod index f9543ab0dda08..963c764b06860 100644 --- a/pkg/logs/auditor/go.mod +++ b/pkg/logs/auditor/go.mod @@ -61,6 +61,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/logs/auditor/go.sum b/pkg/logs/auditor/go.sum index 7fdf16db5981c..b1719435aa173 100644 --- a/pkg/logs/auditor/go.sum +++ b/pkg/logs/auditor/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/client/go.mod b/pkg/logs/client/go.mod index 49dad213dc24f..fb2e19674cb76 100644 --- a/pkg/logs/client/go.mod +++ b/pkg/logs/client/go.mod @@ -78,6 +78,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect diff --git a/pkg/logs/client/go.sum b/pkg/logs/client/go.sum index 5f7384266b821..79d5d9e5467a1 100644 --- a/pkg/logs/client/go.sum +++ b/pkg/logs/client/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/diagnostic/go.mod b/pkg/logs/diagnostic/go.mod index 690eb4c56105e..5707d986fd752 100644 --- a/pkg/logs/diagnostic/go.mod +++ b/pkg/logs/diagnostic/go.mod @@ -63,6 +63,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect diff --git a/pkg/logs/diagnostic/go.sum b/pkg/logs/diagnostic/go.sum index dd16364891695..8c8719cc875e4 100644 --- a/pkg/logs/diagnostic/go.sum +++ b/pkg/logs/diagnostic/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/message/go.mod b/pkg/logs/message/go.mod index 93c9793bafaf5..0754a3e5e3910 100644 --- a/pkg/logs/message/go.mod +++ b/pkg/logs/message/go.mod @@ -57,6 +57,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/logs/message/go.sum b/pkg/logs/message/go.sum index 7fdf16db5981c..b1719435aa173 100644 --- a/pkg/logs/message/go.sum +++ b/pkg/logs/message/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/pipeline/go.mod b/pkg/logs/pipeline/go.mod index 10ad9ab1983b5..bfbfe126432d4 100644 --- a/pkg/logs/pipeline/go.mod +++ b/pkg/logs/pipeline/go.mod @@ -91,6 +91,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/sources v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect diff --git a/pkg/logs/pipeline/go.sum b/pkg/logs/pipeline/go.sum index b0f7d9ee40dfd..9651ecf9c1cdd 100644 --- a/pkg/logs/pipeline/go.sum +++ b/pkg/logs/pipeline/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/pkg/logs/processor/go.mod b/pkg/logs/processor/go.mod index b98eacd627e97..fd30c5c733fc8 100644 --- a/pkg/logs/processor/go.mod +++ b/pkg/logs/processor/go.mod @@ -73,6 +73,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect diff --git a/pkg/logs/processor/go.sum b/pkg/logs/processor/go.sum index 1fb7bbe76cabd..3d40c05c14e4a 100644 --- a/pkg/logs/processor/go.sum +++ b/pkg/logs/processor/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/pkg/logs/sds/go.mod b/pkg/logs/sds/go.mod index f5818700af57b..a940755a7ece8 100644 --- a/pkg/logs/sds/go.mod +++ b/pkg/logs/sds/go.mod @@ -71,6 +71,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/sources v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect diff --git a/pkg/logs/sds/go.sum b/pkg/logs/sds/go.sum index c9341f0f48498..33fc586906e81 100644 --- a/pkg/logs/sds/go.sum +++ b/pkg/logs/sds/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/pkg/logs/sender/go.mod b/pkg/logs/sender/go.mod index 437b2592b6e94..6735de6f90f72 100644 --- a/pkg/logs/sender/go.mod +++ b/pkg/logs/sender/go.mod @@ -76,6 +76,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect diff --git a/pkg/logs/sender/go.sum b/pkg/logs/sender/go.sum index 5f7384266b821..79d5d9e5467a1 100644 --- a/pkg/logs/sender/go.sum +++ b/pkg/logs/sender/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/sources/go.mod b/pkg/logs/sources/go.mod index 47c016d543c91..9f8f6758069a9 100644 --- a/pkg/logs/sources/go.mod +++ b/pkg/logs/sources/go.mod @@ -56,6 +56,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/logs/sources/go.sum b/pkg/logs/sources/go.sum index 7fdf16db5981c..b1719435aa173 100644 --- a/pkg/logs/sources/go.sum +++ b/pkg/logs/sources/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/util/testutils/go.mod b/pkg/logs/util/testutils/go.mod index 1c02f6f2f8775..86adc45538c95 100644 --- a/pkg/logs/util/testutils/go.mod +++ b/pkg/logs/util/testutils/go.mod @@ -55,6 +55,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/logs/util/testutils/go.sum b/pkg/logs/util/testutils/go.sum index 7fdf16db5981c..b1719435aa173 100644 --- a/pkg/logs/util/testutils/go.sum +++ b/pkg/logs/util/testutils/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/metrics/go.mod b/pkg/metrics/go.mod index 66e73954c2885..4fbda1494faf4 100644 --- a/pkg/metrics/go.mod +++ b/pkg/metrics/go.mod @@ -61,6 +61,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.57.1 // indirect diff --git a/pkg/metrics/go.sum b/pkg/metrics/go.sum index 31112092709e6..0af8d9e873ca8 100644 --- a/pkg/metrics/go.sum +++ b/pkg/metrics/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/opentelemetry-mapping-go/pkg/internal/sketchtest v0.22.0 h1:cXcKVEU1D0HlguR7GunnvuI70TghkarCa9DApqzMY94= github.com/DataDog/opentelemetry-mapping-go/pkg/internal/sketchtest v0.22.0/go.mod h1:ES00EXfyEKgUkjd93tAXCxJA6i0seeOhZoS5Cj2qzzg= github.com/DataDog/opentelemetry-mapping-go/pkg/quantile v0.22.0 h1:63SzQz9Ab8XJj8fQKQz6UZNBhOm8rucwzbDfwTVF6dQ= diff --git a/pkg/security/security_profile/dump/load_controller.go b/pkg/security/security_profile/dump/load_controller.go index 7e8a42a735bba..4802ec866c7da 100644 --- a/pkg/security/security_profile/dump/load_controller.go +++ b/pkg/security/security_profile/dump/load_controller.go @@ -88,7 +88,7 @@ func (lc *ActivityDumpLoadController) getDefaultLoadConfigs() (map[containerutil return defaultConfigs, nil } -// PushDefaultCurrentConfig pushes the current load controller config to kernel space +// PushDefaultCurrentConfigs pushes the current load controller configs to kernel space func (lc *ActivityDumpLoadController) PushDefaultCurrentConfigs() error { defaultConfigs, err := lc.getDefaultLoadConfigs() if err != nil { diff --git a/pkg/serializer/go.mod b/pkg/serializer/go.mod index ef22edcd67b2d..5d1054a78e534 100644 --- a/pkg/serializer/go.mod +++ b/pkg/serializer/go.mod @@ -105,6 +105,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.57.1 // indirect github.com/DataDog/datadog-agent/pkg/orchestrator/model v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/buf v0.56.0-rc.3 // indirect diff --git a/pkg/serializer/go.sum b/pkg/serializer/go.sum index 0e4568db35dfe..ee446581981e2 100644 --- a/pkg/serializer/go.sum +++ b/pkg/serializer/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/mmh3 v0.0.0-20210722141835-012dc69a9e49 h1:EbzDX8HPk5uE2FsJYxD74QmMw0/3CqSKhEr6teh0ncQ= github.com/DataDog/mmh3 v0.0.0-20210722141835-012dc69a9e49/go.mod h1:SvsjzyJlSg0rKsqYgdcFxeEVflx3ZNAyFfkUHP0TxXg= github.com/DataDog/opentelemetry-mapping-go/pkg/internal/sketchtest v0.22.0 h1:cXcKVEU1D0HlguR7GunnvuI70TghkarCa9DApqzMY94= diff --git a/pkg/util/flavor/go.mod b/pkg/util/flavor/go.mod index 91efb20fa615f..8547db91e6a0d 100644 --- a/pkg/util/flavor/go.mod +++ b/pkg/util/flavor/go.mod @@ -43,6 +43,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/util/flavor/go.sum b/pkg/util/flavor/go.sum index 7fdf16db5981c..b1719435aa173 100644 --- a/pkg/util/flavor/go.sum +++ b/pkg/util/flavor/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/util/grpc/go.mod b/pkg/util/grpc/go.mod index 9598ddb031dea..1319c5135cc31 100644 --- a/pkg/util/grpc/go.mod +++ b/pkg/util/grpc/go.mod @@ -55,6 +55,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/util/grpc/go.sum b/pkg/util/grpc/go.sum index f5e59fbfc1ba8..624e98372b163 100644 --- a/pkg/util/grpc/go.sum +++ b/pkg/util/grpc/go.sum @@ -3,6 +3,8 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT cloud.google.com/go/compute/metadata v0.5.2 h1:UxK4uu/Tn+I3p2dYWTfiX4wva7aYlKixAHn3fyqngqo= cloud.google.com/go/compute/metadata v0.5.2/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/util/http/go.mod b/pkg/util/http/go.mod index 74a5f34311844..73ec95bcbf59a 100644 --- a/pkg/util/http/go.mod +++ b/pkg/util/http/go.mod @@ -46,6 +46,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/util/http/go.sum b/pkg/util/http/go.sum index 0ba8e47583917..2ccb4022a98b3 100644 --- a/pkg/util/http/go.sum +++ b/pkg/util/http/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/util/log/setup/go.mod b/pkg/util/log/setup/go.mod index f2c45da509f53..757d94455af1d 100644 --- a/pkg/util/log/setup/go.mod +++ b/pkg/util/log/setup/go.mod @@ -46,6 +46,7 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/util/log/setup/go.sum b/pkg/util/log/setup/go.sum index 7fdf16db5981c..b1719435aa173 100644 --- a/pkg/util/log/setup/go.sum +++ b/pkg/util/log/setup/go.sum @@ -1,5 +1,7 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/test/otel/go.mod b/test/otel/go.mod index a4523c0b33b0b..0b51d5729e680 100644 --- a/test/otel/go.mod +++ b/test/otel/go.mod @@ -155,6 +155,7 @@ require ( github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/obfuscate v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.56.0-rc.3 // indirect + github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect diff --git a/test/otel/go.sum b/test/otel/go.sum index bce88ff15bfa8..6d2eca6203921 100644 --- a/test/otel/go.sum +++ b/test/otel/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= +github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-api-client-go/v2 v2.33.0 h1:OI6kDnJeQmkjfGzxmP0XUQUxMD4tp6oAPXnnJ4VpgUM= github.com/DataDog/datadog-api-client-go/v2 v2.33.0/go.mod h1:d3tOEgUd2kfsr9uuHQdY+nXrWp4uikgTgVCPdKNK30U= github.com/DataDog/datadog-go/v5 v5.6.0 h1:2oCLxjF/4htd55piM75baflj/KoE6VYS7alEUqFvRDw= From 60ccba328008c60b8d34bb6e18928352b19b6c50 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 17 Dec 2024 14:49:52 +0100 Subject: [PATCH 04/14] Fix TestFindContainerID unit test --- pkg/security/secl/containerutils/helpers_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/security/secl/containerutils/helpers_test.go b/pkg/security/secl/containerutils/helpers_test.go index b5474b0df5016..5a2066e0295f2 100644 --- a/pkg/security/secl/containerutils/helpers_test.go +++ b/pkg/security/secl/containerutils/helpers_test.go @@ -63,7 +63,7 @@ func TestFindContainerID(t *testing.T) { { // Some random path which could match garden format input: "/user.slice/user-1000.slice/user@1000.service/apps.slice/apps-org.gnome.Terminal.slice/vte-spawn-f9176c6a-2a34-4ce2-86af-60d16888ed8e.scope", output: "", - flags: CGroupManagerSystemd, + flags: CGroupManagerSystemd | CGroupManager(SystemdScope), }, { // GARDEN with prefix / suffix input: "prefix01234567-0123-4567-890a-bcdesuffix", From f3c1244982a5a297044030a22f4e3efae7c78c09 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 17 Dec 2024 16:37:38 +0100 Subject: [PATCH 05/14] Remove dependency on github.com/DataDog/datadog-agent/pkg/security/secl --- comp/api/authtoken/go.mod | 1 - comp/api/authtoken/go.sum | 2 -- comp/core/config/go.mod | 1 - comp/core/config/go.sum | 2 -- comp/core/log/impl-trace/go.mod | 1 - comp/core/log/impl-trace/go.sum | 2 -- comp/core/log/impl/go.mod | 1 - comp/core/log/impl/go.sum | 2 -- comp/core/log/mock/go.sum | 2 -- comp/core/status/statusimpl/go.mod | 1 - comp/core/status/statusimpl/go.sum | 2 -- comp/forwarder/defaultforwarder/go.mod | 1 - comp/forwarder/defaultforwarder/go.sum | 2 -- .../orchestrator/orchestratorinterface/go.mod | 1 - .../orchestrator/orchestratorinterface/go.sum | 2 -- comp/logs/agent/config/go.mod | 1 - comp/logs/agent/config/go.sum | 2 -- comp/otelcol/converter/impl/go.mod | 1 - comp/otelcol/converter/impl/go.sum | 2 -- comp/otelcol/ddflareextension/impl/go.mod | 1 - comp/otelcol/ddflareextension/impl/go.sum | 2 -- comp/otelcol/logsagentpipeline/go.mod | 1 - comp/otelcol/logsagentpipeline/go.sum | 2 -- .../logsagentpipeline/logsagentpipelineimpl/go.mod | 1 - .../logsagentpipeline/logsagentpipelineimpl/go.sum | 2 -- .../otlp/components/exporter/datadogexporter/go.mod | 1 - .../otlp/components/exporter/datadogexporter/go.sum | 2 -- .../components/exporter/logsagentexporter/go.mod | 1 - .../components/exporter/logsagentexporter/go.sum | 2 -- .../components/exporter/serializerexporter/go.mod | 1 - .../components/exporter/serializerexporter/go.sum | 2 -- comp/otelcol/otlp/testutil/go.mod | 1 - comp/otelcol/otlp/testutil/go.sum | 2 -- comp/serializer/compression/go.mod | 1 - comp/serializer/compression/go.sum | 2 -- pkg/api/go.mod | 1 - pkg/api/go.sum | 2 -- pkg/config/mock/go.mod | 1 - pkg/config/mock/go.sum | 2 -- pkg/config/remote/go.mod | 1 - pkg/config/remote/go.sum | 2 -- pkg/config/setup/go.mod | 1 - pkg/config/setup/go.sum | 2 -- pkg/config/setup/system_probe_cws.go | 12 +----------- pkg/config/utils/go.mod | 1 - pkg/config/utils/go.sum | 2 -- pkg/logs/auditor/go.mod | 1 - pkg/logs/auditor/go.sum | 2 -- pkg/logs/client/go.mod | 1 - pkg/logs/client/go.sum | 2 -- pkg/logs/diagnostic/go.mod | 1 - pkg/logs/diagnostic/go.sum | 2 -- pkg/logs/message/go.mod | 1 - pkg/logs/message/go.sum | 2 -- pkg/logs/pipeline/go.mod | 1 - pkg/logs/pipeline/go.sum | 2 -- pkg/logs/processor/go.mod | 1 - pkg/logs/processor/go.sum | 2 -- pkg/logs/sds/go.mod | 1 - pkg/logs/sds/go.sum | 2 -- pkg/logs/sender/go.mod | 1 - pkg/logs/sender/go.sum | 2 -- pkg/logs/sources/go.mod | 1 - pkg/logs/sources/go.sum | 2 -- pkg/logs/util/testutils/go.mod | 1 - pkg/logs/util/testutils/go.sum | 2 -- pkg/metrics/go.mod | 1 - pkg/metrics/go.sum | 2 -- pkg/serializer/go.mod | 1 - pkg/serializer/go.sum | 2 -- pkg/util/flavor/go.mod | 1 - pkg/util/flavor/go.sum | 2 -- pkg/util/grpc/go.mod | 1 - pkg/util/grpc/go.sum | 2 -- pkg/util/http/go.mod | 1 - pkg/util/http/go.sum | 2 -- pkg/util/log/setup/go.mod | 1 - pkg/util/log/setup/go.sum | 2 -- test/otel/go.mod | 1 - test/otel/go.sum | 2 -- 80 files changed, 1 insertion(+), 130 deletions(-) diff --git a/comp/api/authtoken/go.mod b/comp/api/authtoken/go.mod index 74132e68a930b..24081f4824780 100644 --- a/comp/api/authtoken/go.mod +++ b/comp/api/authtoken/go.mod @@ -65,7 +65,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/api/authtoken/go.sum b/comp/api/authtoken/go.sum index 8c8719cc875e4..dd16364891695 100644 --- a/comp/api/authtoken/go.sum +++ b/comp/api/authtoken/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/config/go.mod b/comp/core/config/go.mod index 7ecb4324042a0..00be19b3b9ba7 100644 --- a/comp/core/config/go.mod +++ b/comp/core/config/go.mod @@ -57,7 +57,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/core/config/go.sum b/comp/core/config/go.sum index e5d6ecc0034ec..323c4fa804e83 100644 --- a/comp/core/config/go.sum +++ b/comp/core/config/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/log/impl-trace/go.mod b/comp/core/log/impl-trace/go.mod index 59284eda2d7cf..309b259ad3616 100644 --- a/comp/core/log/impl-trace/go.mod +++ b/comp/core/log/impl-trace/go.mod @@ -67,7 +67,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/core/log/impl-trace/go.sum b/comp/core/log/impl-trace/go.sum index 8c8719cc875e4..dd16364891695 100644 --- a/comp/core/log/impl-trace/go.sum +++ b/comp/core/log/impl-trace/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/log/impl/go.mod b/comp/core/log/impl/go.mod index 41996c2be1077..12d048a84bd4d 100644 --- a/comp/core/log/impl/go.mod +++ b/comp/core/log/impl/go.mod @@ -55,7 +55,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect diff --git a/comp/core/log/impl/go.sum b/comp/core/log/impl/go.sum index 8c8719cc875e4..dd16364891695 100644 --- a/comp/core/log/impl/go.sum +++ b/comp/core/log/impl/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/log/mock/go.sum b/comp/core/log/mock/go.sum index 40403d3913920..4b0aad4f95926 100644 --- a/comp/core/log/mock/go.sum +++ b/comp/core/log/mock/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/core/status/statusimpl/go.mod b/comp/core/status/statusimpl/go.mod index 1675f6c8dd7de..c121259bfa141 100644 --- a/comp/core/status/statusimpl/go.mod +++ b/comp/core/status/statusimpl/go.mod @@ -67,7 +67,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/core/status/statusimpl/go.sum b/comp/core/status/statusimpl/go.sum index 5ee4743b4f991..73fea28e04146 100644 --- a/comp/core/status/statusimpl/go.sum +++ b/comp/core/status/statusimpl/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/forwarder/defaultforwarder/go.mod b/comp/forwarder/defaultforwarder/go.mod index 2170d3cb8ba60..97eb61b033263 100644 --- a/comp/forwarder/defaultforwarder/go.mod +++ b/comp/forwarder/defaultforwarder/go.mod @@ -92,7 +92,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/log v0.59.1 // indirect diff --git a/comp/forwarder/defaultforwarder/go.sum b/comp/forwarder/defaultforwarder/go.sum index 71b03c1120d59..735da3a7badda 100644 --- a/comp/forwarder/defaultforwarder/go.sum +++ b/comp/forwarder/defaultforwarder/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/forwarder/orchestrator/orchestratorinterface/go.mod b/comp/forwarder/orchestrator/orchestratorinterface/go.mod index f31e9f19881e4..7c55fcf139cf0 100644 --- a/comp/forwarder/orchestrator/orchestratorinterface/go.mod +++ b/comp/forwarder/orchestrator/orchestratorinterface/go.mod @@ -85,7 +85,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.57.1 // indirect github.com/DataDog/datadog-agent/pkg/orchestrator/model v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect diff --git a/comp/forwarder/orchestrator/orchestratorinterface/go.sum b/comp/forwarder/orchestrator/orchestratorinterface/go.sum index 5edaea7c4c86f..c23eb9a608463 100644 --- a/comp/forwarder/orchestrator/orchestratorinterface/go.sum +++ b/comp/forwarder/orchestrator/orchestratorinterface/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/cast v1.8.0 h1:uooY8bMzq+cjgiNP1VTquCWve5emgk8fRspZojJwQa8= github.com/DataDog/cast v1.8.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/logs/agent/config/go.mod b/comp/logs/agent/config/go.mod index 3505bc1a56604..1ae81a7be7da6 100644 --- a/comp/logs/agent/config/go.mod +++ b/comp/logs/agent/config/go.mod @@ -60,7 +60,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/mock v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/logs/agent/config/go.sum b/comp/logs/agent/config/go.sum index 8c8719cc875e4..dd16364891695 100644 --- a/comp/logs/agent/config/go.sum +++ b/comp/logs/agent/config/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/otelcol/converter/impl/go.mod b/comp/otelcol/converter/impl/go.mod index 9f4d3ce80631b..ec9c75f1a3c68 100644 --- a/comp/otelcol/converter/impl/go.mod +++ b/comp/otelcol/converter/impl/go.mod @@ -65,7 +65,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.2 // indirect diff --git a/comp/otelcol/converter/impl/go.sum b/comp/otelcol/converter/impl/go.sum index 09a6fe28c9d45..4239a8ba70c9d 100644 --- a/comp/otelcol/converter/impl/go.sum +++ b/comp/otelcol/converter/impl/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/comp/otelcol/ddflareextension/impl/go.mod b/comp/otelcol/ddflareextension/impl/go.mod index 1e427861ac3c7..7af5d796d92fb 100644 --- a/comp/otelcol/ddflareextension/impl/go.mod +++ b/comp/otelcol/ddflareextension/impl/go.mod @@ -151,7 +151,6 @@ require ( require go.opentelemetry.io/collector/extension/extensiontest v0.115.0 // indirect require ( - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/knadh/koanf/maps v0.1.1 // indirect github.com/knadh/koanf/providers/confmap v0.1.0 // indirect github.com/moby/sys/userns v0.1.0 // indirect diff --git a/comp/otelcol/ddflareextension/impl/go.sum b/comp/otelcol/ddflareextension/impl/go.sum index 90dbb54751ab1..d4f8e67e79da5 100644 --- a/comp/otelcol/ddflareextension/impl/go.sum +++ b/comp/otelcol/ddflareextension/impl/go.sum @@ -63,8 +63,6 @@ github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytlju github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= github.com/DataDog/datadog-agent/comp/core/log v0.56.2 h1:qvBT+FfjKGqimyEvmsNHCZKbTfBJAdUZSVy2IZQ8HS4= github.com/DataDog/datadog-agent/comp/core/log v0.56.2/go.mod h1:ivJ/RMZjTNkoPPNDX+v/nnBwABLCiMv1vQA5tk/HCR4= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-api-client-go/v2 v2.33.0 h1:OI6kDnJeQmkjfGzxmP0XUQUxMD4tp6oAPXnnJ4VpgUM= github.com/DataDog/datadog-api-client-go/v2 v2.33.0/go.mod h1:d3tOEgUd2kfsr9uuHQdY+nXrWp4uikgTgVCPdKNK30U= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= diff --git a/comp/otelcol/logsagentpipeline/go.mod b/comp/otelcol/logsagentpipeline/go.mod index a0311822ebc96..2a575bf145e7e 100644 --- a/comp/otelcol/logsagentpipeline/go.mod +++ b/comp/otelcol/logsagentpipeline/go.mod @@ -88,7 +88,6 @@ require ( github.com/DataDog/datadog-agent/pkg/logs/sources v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/statusinterface v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect diff --git a/comp/otelcol/logsagentpipeline/go.sum b/comp/otelcol/logsagentpipeline/go.sum index 9651ecf9c1cdd..b0f7d9ee40dfd 100644 --- a/comp/otelcol/logsagentpipeline/go.sum +++ b/comp/otelcol/logsagentpipeline/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.mod b/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.mod index ce8692bf41f1d..711aa095cc468 100644 --- a/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.mod +++ b/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.mod @@ -106,7 +106,6 @@ require ( github.com/DataDog/datadog-agent/pkg/logs/sds v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/sender v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect diff --git a/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.sum b/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.sum index 9651ecf9c1cdd..b0f7d9ee40dfd 100644 --- a/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.sum +++ b/comp/otelcol/logsagentpipeline/logsagentpipelineimpl/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/comp/otelcol/otlp/components/exporter/datadogexporter/go.mod b/comp/otelcol/otlp/components/exporter/datadogexporter/go.mod index 0491da72ed581..c3e28a412d2e6 100644 --- a/comp/otelcol/otlp/components/exporter/datadogexporter/go.mod +++ b/comp/otelcol/otlp/components/exporter/datadogexporter/go.mod @@ -172,7 +172,6 @@ require ( github.com/DataDog/datadog-agent/pkg/orchestrator/model v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/process/util/api v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/tagger/types v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/tagset v0.56.0-rc.3 // indirect diff --git a/comp/otelcol/otlp/components/exporter/datadogexporter/go.sum b/comp/otelcol/otlp/components/exporter/datadogexporter/go.sum index aab89ef4f6af5..e9c507fbafa8a 100644 --- a/comp/otelcol/otlp/components/exporter/datadogexporter/go.sum +++ b/comp/otelcol/otlp/components/exporter/datadogexporter/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-api-client-go/v2 v2.33.0 h1:OI6kDnJeQmkjfGzxmP0XUQUxMD4tp6oAPXnnJ4VpgUM= github.com/DataDog/datadog-api-client-go/v2 v2.33.0/go.mod h1:d3tOEgUd2kfsr9uuHQdY+nXrWp4uikgTgVCPdKNK30U= github.com/DataDog/datadog-go/v5 v5.6.0 h1:2oCLxjF/4htd55piM75baflj/KoE6VYS7alEUqFvRDw= diff --git a/comp/otelcol/otlp/components/exporter/logsagentexporter/go.mod b/comp/otelcol/otlp/components/exporter/logsagentexporter/go.mod index 1701e8e6020bb..80cffa6a338c5 100644 --- a/comp/otelcol/otlp/components/exporter/logsagentexporter/go.mod +++ b/comp/otelcol/otlp/components/exporter/logsagentexporter/go.mod @@ -79,7 +79,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/proto v0.55.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/otelcol/otlp/components/exporter/logsagentexporter/go.sum b/comp/otelcol/otlp/components/exporter/logsagentexporter/go.sum index 6b0355b0a6082..c50808e9a40cd 100644 --- a/comp/otelcol/otlp/components/exporter/logsagentexporter/go.sum +++ b/comp/otelcol/otlp/components/exporter/logsagentexporter/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-api-client-go/v2 v2.33.0 h1:OI6kDnJeQmkjfGzxmP0XUQUxMD4tp6oAPXnnJ4VpgUM= github.com/DataDog/datadog-api-client-go/v2 v2.33.0/go.mod h1:d3tOEgUd2kfsr9uuHQdY+nXrWp4uikgTgVCPdKNK30U= github.com/DataDog/opentelemetry-mapping-go/pkg/inframetadata v0.22.0 h1:r1Dx2cRHCBWkVluSZA41i4eoI/nOGbcrrZdkqWjoFCc= diff --git a/comp/otelcol/otlp/components/exporter/serializerexporter/go.mod b/comp/otelcol/otlp/components/exporter/serializerexporter/go.mod index 7fcfc6c3fcbf5..1f8b9e2be8d1d 100644 --- a/comp/otelcol/otlp/components/exporter/serializerexporter/go.mod +++ b/comp/otelcol/otlp/components/exporter/serializerexporter/go.mod @@ -237,7 +237,6 @@ require ( ) require ( - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/ebitengine/purego v0.8.1 // indirect github.com/knadh/koanf/maps v0.1.1 // indirect github.com/knadh/koanf/providers/confmap v0.1.0 // indirect diff --git a/comp/otelcol/otlp/components/exporter/serializerexporter/go.sum b/comp/otelcol/otlp/components/exporter/serializerexporter/go.sum index 25ab753fbe1bc..a33f1cc34269d 100644 --- a/comp/otelcol/otlp/components/exporter/serializerexporter/go.sum +++ b/comp/otelcol/otlp/components/exporter/serializerexporter/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/mmh3 v0.0.0-20210722141835-012dc69a9e49 h1:EbzDX8HPk5uE2FsJYxD74QmMw0/3CqSKhEr6teh0ncQ= github.com/DataDog/mmh3 v0.0.0-20210722141835-012dc69a9e49/go.mod h1:SvsjzyJlSg0rKsqYgdcFxeEVflx3ZNAyFfkUHP0TxXg= github.com/DataDog/opentelemetry-mapping-go/pkg/internal/sketchtest v0.22.0 h1:cXcKVEU1D0HlguR7GunnvuI70TghkarCa9DApqzMY94= diff --git a/comp/otelcol/otlp/testutil/go.mod b/comp/otelcol/otlp/testutil/go.mod index 1745ca47cb164..d51e4d63d2b36 100644 --- a/comp/otelcol/otlp/testutil/go.mod +++ b/comp/otelcol/otlp/testutil/go.mod @@ -52,7 +52,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/otelcol/otlp/testutil/go.sum b/comp/otelcol/otlp/testutil/go.sum index 4cac626159a12..0778f221b9bca 100644 --- a/comp/otelcol/otlp/testutil/go.sum +++ b/comp/otelcol/otlp/testutil/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/opentelemetry-mapping-go/pkg/inframetadata v0.22.0 h1:r1Dx2cRHCBWkVluSZA41i4eoI/nOGbcrrZdkqWjoFCc= github.com/DataDog/opentelemetry-mapping-go/pkg/inframetadata v0.22.0/go.mod h1:+/dkO8ZiMa8rfm4SmtTF6qPUdBbBcvsWWKaO4xPKAIk= github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes v0.22.0 h1:yfk2cF8Bx98fSFpGrehEHh1FRqewfxcCTAbUDt5r3F8= diff --git a/comp/serializer/compression/go.mod b/comp/serializer/compression/go.mod index 722c41d64c9f4..f1c59cd40d645 100644 --- a/comp/serializer/compression/go.mod +++ b/comp/serializer/compression/go.mod @@ -53,7 +53,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/comp/serializer/compression/go.sum b/comp/serializer/compression/go.sum index 93f9f7c7baf36..3b405d22ebcc8 100644 --- a/comp/serializer/compression/go.sum +++ b/comp/serializer/compression/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/DataDog/zstd v1.5.6 h1:LbEglqepa/ipmmQJUDnSsfvA8e8IStVcGaFWDuxvGOY= diff --git a/pkg/api/go.mod b/pkg/api/go.mod index fd1d8798a8ea3..ab50796cf7a58 100644 --- a/pkg/api/go.mod +++ b/pkg/api/go.mod @@ -59,7 +59,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/api/go.sum b/pkg/api/go.sum index 8c8719cc875e4..dd16364891695 100644 --- a/pkg/api/go.sum +++ b/pkg/api/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/config/mock/go.mod b/pkg/config/mock/go.mod index c2ab305102f48..f4edf2bbb8c8e 100644 --- a/pkg/config/mock/go.mod +++ b/pkg/config/mock/go.mod @@ -42,7 +42,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/config/mock/go.sum b/pkg/config/mock/go.sum index b1719435aa173..7fdf16db5981c 100644 --- a/pkg/config/mock/go.sum +++ b/pkg/config/mock/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/config/remote/go.mod b/pkg/config/remote/go.mod index d90fef1124162..a1c4a4ebbc561 100644 --- a/pkg/config/remote/go.mod +++ b/pkg/config/remote/go.mod @@ -75,7 +75,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/obfuscate v0.48.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/cache v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect diff --git a/pkg/config/remote/go.sum b/pkg/config/remote/go.sum index c40f610fda00d..ca537b0d1660e 100644 --- a/pkg/config/remote/go.sum +++ b/pkg/config/remote/go.sum @@ -7,8 +7,6 @@ cloud.google.com/go/compute/metadata v0.5.2/go.mod h1:C66sj2AluDcIqakBq/M8lw8/yb github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/appsec-internal-go v1.9.0 h1:cGOneFsg0JTRzWl5U2+og5dbtyW3N8XaYwc5nXe39Vw= github.com/DataDog/appsec-internal-go v1.9.0/go.mod h1:wW0cRfWBo4C044jHGwYiyh5moQV2x0AhnwqMuiX7O/g= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-go/v5 v5.6.0 h1:2oCLxjF/4htd55piM75baflj/KoE6VYS7alEUqFvRDw= github.com/DataDog/datadog-go/v5 v5.6.0/go.mod h1:K9kcYBlxkcPP8tvvjZZKs/m1edNAUFzBbdpTUKfCsuw= github.com/DataDog/go-libddwaf/v3 v3.5.1 h1:GWA4ln4DlLxiXm+X7HA/oj0ZLcdCwOS81KQitegRTyY= diff --git a/pkg/config/setup/go.mod b/pkg/config/setup/go.mod index 31f76ba7cad00..efed57c318b83 100644 --- a/pkg/config/setup/go.mod +++ b/pkg/config/setup/go.mod @@ -41,7 +41,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 diff --git a/pkg/config/setup/go.sum b/pkg/config/setup/go.sum index b3948e3fc177a..eb1a58f09f4b8 100644 --- a/pkg/config/setup/go.sum +++ b/pkg/config/setup/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/cast v1.8.0 h1:uooY8bMzq+cjgiNP1VTquCWve5emgk8fRspZojJwQa8= github.com/DataDog/cast v1.8.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/config/setup/system_probe_cws.go b/pkg/config/setup/system_probe_cws.go index d378b0f4e77af..c689e1fd68e28 100644 --- a/pkg/config/setup/system_probe_cws.go +++ b/pkg/config/setup/system_probe_cws.go @@ -8,18 +8,8 @@ package setup import ( pkgconfigmodel "github.com/DataDog/datadog-agent/pkg/config/model" "github.com/DataDog/datadog-agent/pkg/config/setup/constants" - "github.com/DataDog/datadog-agent/pkg/security/secl/containerutils" ) -func getDefaultCGroupManagers() []string { - return []string{ - containerutils.CGroupManagerDocker.String(), - containerutils.CGroupManagerPodman.String(), - containerutils.CGroupManagerCRI.String(), - containerutils.CGroupManagerCRIO.String(), - } -} - func initCWSSystemProbeConfig(cfg pkgconfigmodel.Config) { // CWS - general config // the following entries are platform specific @@ -67,7 +57,7 @@ func initCWSSystemProbeConfig(cfg pkgconfigmodel.Config) { cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.min_timeout", "10m") cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.max_dump_size", 1750) cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.traced_cgroups_count", 5) - cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.cgroup_managers", getDefaultCGroupManagers()) + cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.cgroup_managers", []string{"docker", "podman", "containerd", "cri-o"}) cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.traced_event_types", []string{"exec", "open", "dns", "imds"}) cfg.BindEnv("runtime_security_config.activity_dump.cgroup_dump_timeout") // deprecated in favor of dump_duration cfg.BindEnvAndSetDefault("runtime_security_config.activity_dump.dump_duration", "900s") diff --git a/pkg/config/utils/go.mod b/pkg/config/utils/go.mod index f9625f9e3fe30..ef80f1fde725b 100644 --- a/pkg/config/utils/go.mod +++ b/pkg/config/utils/go.mod @@ -49,7 +49,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/env v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/config/utils/go.sum b/pkg/config/utils/go.sum index b1719435aa173..7fdf16db5981c 100644 --- a/pkg/config/utils/go.sum +++ b/pkg/config/utils/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/auditor/go.mod b/pkg/logs/auditor/go.mod index 963c764b06860..f9543ab0dda08 100644 --- a/pkg/logs/auditor/go.mod +++ b/pkg/logs/auditor/go.mod @@ -61,7 +61,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/logs/auditor/go.sum b/pkg/logs/auditor/go.sum index b1719435aa173..7fdf16db5981c 100644 --- a/pkg/logs/auditor/go.sum +++ b/pkg/logs/auditor/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/client/go.mod b/pkg/logs/client/go.mod index fb2e19674cb76..49dad213dc24f 100644 --- a/pkg/logs/client/go.mod +++ b/pkg/logs/client/go.mod @@ -78,7 +78,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect diff --git a/pkg/logs/client/go.sum b/pkg/logs/client/go.sum index 79d5d9e5467a1..5f7384266b821 100644 --- a/pkg/logs/client/go.sum +++ b/pkg/logs/client/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/diagnostic/go.mod b/pkg/logs/diagnostic/go.mod index 5707d986fd752..690eb4c56105e 100644 --- a/pkg/logs/diagnostic/go.mod +++ b/pkg/logs/diagnostic/go.mod @@ -63,7 +63,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect diff --git a/pkg/logs/diagnostic/go.sum b/pkg/logs/diagnostic/go.sum index 8c8719cc875e4..dd16364891695 100644 --- a/pkg/logs/diagnostic/go.sum +++ b/pkg/logs/diagnostic/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/message/go.mod b/pkg/logs/message/go.mod index 0754a3e5e3910..93c9793bafaf5 100644 --- a/pkg/logs/message/go.mod +++ b/pkg/logs/message/go.mod @@ -57,7 +57,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/logs/message/go.sum b/pkg/logs/message/go.sum index b1719435aa173..7fdf16db5981c 100644 --- a/pkg/logs/message/go.sum +++ b/pkg/logs/message/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/pipeline/go.mod b/pkg/logs/pipeline/go.mod index bfbfe126432d4..10ad9ab1983b5 100644 --- a/pkg/logs/pipeline/go.mod +++ b/pkg/logs/pipeline/go.mod @@ -91,7 +91,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/sources v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect diff --git a/pkg/logs/pipeline/go.sum b/pkg/logs/pipeline/go.sum index 9651ecf9c1cdd..b0f7d9ee40dfd 100644 --- a/pkg/logs/pipeline/go.sum +++ b/pkg/logs/pipeline/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/pkg/logs/processor/go.mod b/pkg/logs/processor/go.mod index fd30c5c733fc8..b98eacd627e97 100644 --- a/pkg/logs/processor/go.mod +++ b/pkg/logs/processor/go.mod @@ -73,7 +73,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect diff --git a/pkg/logs/processor/go.sum b/pkg/logs/processor/go.sum index 3d40c05c14e4a..1fb7bbe76cabd 100644 --- a/pkg/logs/processor/go.sum +++ b/pkg/logs/processor/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/pkg/logs/sds/go.mod b/pkg/logs/sds/go.mod index a940755a7ece8..f5818700af57b 100644 --- a/pkg/logs/sds/go.mod +++ b/pkg/logs/sds/go.mod @@ -71,7 +71,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/sources v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.56.0-rc.3 // indirect diff --git a/pkg/logs/sds/go.sum b/pkg/logs/sds/go.sum index 33fc586906e81..c9341f0f48498 100644 --- a/pkg/logs/sds/go.sum +++ b/pkg/logs/sds/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42 h1:RoH7VLzTnxHEugRPIgnGlxwDFszFGI7b3WZZUtWuPRM= github.com/DataDog/dd-sensitive-data-scanner/sds-go/go v0.0.0-20240816154533-f7f9beb53a42/go.mod h1:TX7CTOQ3LbQjfAi4SwqUoR5gY1zfUk7VRBDTuArjaDc= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= diff --git a/pkg/logs/sender/go.mod b/pkg/logs/sender/go.mod index 6735de6f90f72..437b2592b6e94 100644 --- a/pkg/logs/sender/go.mod +++ b/pkg/logs/sender/go.mod @@ -76,7 +76,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect diff --git a/pkg/logs/sender/go.sum b/pkg/logs/sender/go.sum index 79d5d9e5467a1..5f7384266b821 100644 --- a/pkg/logs/sender/go.sum +++ b/pkg/logs/sender/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/sources/go.mod b/pkg/logs/sources/go.mod index 9f8f6758069a9..47c016d543c91 100644 --- a/pkg/logs/sources/go.mod +++ b/pkg/logs/sources/go.mod @@ -56,7 +56,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/logs/sources/go.sum b/pkg/logs/sources/go.sum index b1719435aa173..7fdf16db5981c 100644 --- a/pkg/logs/sources/go.sum +++ b/pkg/logs/sources/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/logs/util/testutils/go.mod b/pkg/logs/util/testutils/go.mod index 86adc45538c95..1c02f6f2f8775 100644 --- a/pkg/logs/util/testutils/go.mod +++ b/pkg/logs/util/testutils/go.mod @@ -55,7 +55,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/logs/util/testutils/go.sum b/pkg/logs/util/testutils/go.sum index b1719435aa173..7fdf16db5981c 100644 --- a/pkg/logs/util/testutils/go.sum +++ b/pkg/logs/util/testutils/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/metrics/go.mod b/pkg/metrics/go.mod index 4fbda1494faf4..66e73954c2885 100644 --- a/pkg/metrics/go.mod +++ b/pkg/metrics/go.mod @@ -61,7 +61,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/fxutil v0.57.1 // indirect diff --git a/pkg/metrics/go.sum b/pkg/metrics/go.sum index 0af8d9e873ca8..31112092709e6 100644 --- a/pkg/metrics/go.sum +++ b/pkg/metrics/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/opentelemetry-mapping-go/pkg/internal/sketchtest v0.22.0 h1:cXcKVEU1D0HlguR7GunnvuI70TghkarCa9DApqzMY94= github.com/DataDog/opentelemetry-mapping-go/pkg/internal/sketchtest v0.22.0/go.mod h1:ES00EXfyEKgUkjd93tAXCxJA6i0seeOhZoS5Cj2qzzg= github.com/DataDog/opentelemetry-mapping-go/pkg/quantile v0.22.0 h1:63SzQz9Ab8XJj8fQKQz6UZNBhOm8rucwzbDfwTVF6dQ= diff --git a/pkg/serializer/go.mod b/pkg/serializer/go.mod index 5d1054a78e534..ef22edcd67b2d 100644 --- a/pkg/serializer/go.mod +++ b/pkg/serializer/go.mod @@ -105,7 +105,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.60.0-devel // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.57.1 // indirect github.com/DataDog/datadog-agent/pkg/orchestrator/model v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/buf v0.56.0-rc.3 // indirect diff --git a/pkg/serializer/go.sum b/pkg/serializer/go.sum index ee446581981e2..0e4568db35dfe 100644 --- a/pkg/serializer/go.sum +++ b/pkg/serializer/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/mmh3 v0.0.0-20210722141835-012dc69a9e49 h1:EbzDX8HPk5uE2FsJYxD74QmMw0/3CqSKhEr6teh0ncQ= github.com/DataDog/mmh3 v0.0.0-20210722141835-012dc69a9e49/go.mod h1:SvsjzyJlSg0rKsqYgdcFxeEVflx3ZNAyFfkUHP0TxXg= github.com/DataDog/opentelemetry-mapping-go/pkg/internal/sketchtest v0.22.0 h1:cXcKVEU1D0HlguR7GunnvuI70TghkarCa9DApqzMY94= diff --git a/pkg/util/flavor/go.mod b/pkg/util/flavor/go.mod index 8547db91e6a0d..91efb20fa615f 100644 --- a/pkg/util/flavor/go.mod +++ b/pkg/util/flavor/go.mod @@ -43,7 +43,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/nodetreemodel v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/util/flavor/go.sum b/pkg/util/flavor/go.sum index b1719435aa173..7fdf16db5981c 100644 --- a/pkg/util/flavor/go.sum +++ b/pkg/util/flavor/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/util/grpc/go.mod b/pkg/util/grpc/go.mod index 1319c5135cc31..9598ddb031dea 100644 --- a/pkg/util/grpc/go.mod +++ b/pkg/util/grpc/go.mod @@ -55,7 +55,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/utils v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/util/grpc/go.sum b/pkg/util/grpc/go.sum index 624e98372b163..f5e59fbfc1ba8 100644 --- a/pkg/util/grpc/go.sum +++ b/pkg/util/grpc/go.sum @@ -3,8 +3,6 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT cloud.google.com/go/compute/metadata v0.5.2 h1:UxK4uu/Tn+I3p2dYWTfiX4wva7aYlKixAHn3fyqngqo= cloud.google.com/go/compute/metadata v0.5.2/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/util/http/go.mod b/pkg/util/http/go.mod index 73ec95bcbf59a..74a5f34311844 100644 --- a/pkg/util/http/go.mod +++ b/pkg/util/http/go.mod @@ -46,7 +46,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/util/http/go.sum b/pkg/util/http/go.sum index 2ccb4022a98b3..0ba8e47583917 100644 --- a/pkg/util/http/go.sum +++ b/pkg/util/http/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/pkg/util/log/setup/go.mod b/pkg/util/log/setup/go.mod index 757d94455af1d..f2c45da509f53 100644 --- a/pkg/util/log/setup/go.mod +++ b/pkg/util/log/setup/go.mod @@ -46,7 +46,6 @@ require ( github.com/DataDog/datadog-agent/pkg/config/setup v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/structure v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/config/teeconfig v0.59.0 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/util/executable v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/filesystem v0.59.0 // indirect github.com/DataDog/datadog-agent/pkg/util/hostname/validate v0.59.0 // indirect diff --git a/pkg/util/log/setup/go.sum b/pkg/util/log/setup/go.sum index b1719435aa173..7fdf16db5981c 100644 --- a/pkg/util/log/setup/go.sum +++ b/pkg/util/log/setup/go.sum @@ -1,7 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/viper v1.14.0 h1:dIjTe/uJiah+QFqFZ+MXeqgmUvWhg37l37ZxFWxr3is= github.com/DataDog/viper v1.14.0/go.mod h1:wDdUVJ2SHaMaPrCZrlRCObwkubsX8j5sme3LaR/SGTc= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= diff --git a/test/otel/go.mod b/test/otel/go.mod index 0b51d5729e680..a4523c0b33b0b 100644 --- a/test/otel/go.mod +++ b/test/otel/go.mod @@ -155,7 +155,6 @@ require ( github.com/DataDog/datadog-agent/pkg/logs/status/utils v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/obfuscate v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.56.0-rc.3 // indirect - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 // indirect github.com/DataDog/datadog-agent/pkg/status/health v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/telemetry v0.56.0-rc.3 // indirect github.com/DataDog/datadog-agent/pkg/util/backoff v0.56.0-rc.3 // indirect diff --git a/test/otel/go.sum b/test/otel/go.sum index 6d2eca6203921..bce88ff15bfa8 100644 --- a/test/otel/go.sum +++ b/test/otel/go.sum @@ -2,8 +2,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/DataDog/agent-payload/v5 v5.0.138 h1:Wg7hmWuoLC/o0X3zZ+uGcfRHPyaytljudgSY9O59zjc= github.com/DataDog/agent-payload/v5 v5.0.138/go.mod h1:lxh9lb5xYrBXjblpIWYUi4deJqVbkIfkjwesi5nskDc= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 h1:UzkggdVpPzZ62oeB42JAZDflyx+v/FyD4qYaTnNv1eA= -github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0/go.mod h1:dsXVd3w4Pv47D6ix5FHjBLM+SWmIaFlFO/kXmnaEkVg= github.com/DataDog/datadog-api-client-go/v2 v2.33.0 h1:OI6kDnJeQmkjfGzxmP0XUQUxMD4tp6oAPXnnJ4VpgUM= github.com/DataDog/datadog-api-client-go/v2 v2.33.0/go.mod h1:d3tOEgUd2kfsr9uuHQdY+nXrWp4uikgTgVCPdKNK30U= github.com/DataDog/datadog-go/v5 v5.6.0 h1:2oCLxjF/4htd55piM75baflj/KoE6VYS7alEUqFvRDw= From bc57deb44eafe32490ef5bced0a28af8651f93eb Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 17 Dec 2024 17:18:28 +0100 Subject: [PATCH 06/14] Allow getting a cgroup from its inode/mount_id couple --- pkg/security/probe/probe_ebpf.go | 13 ++++++------- pkg/security/resolvers/cgroup/resolver.go | 18 +++++++++++++++++- pkg/security/resolvers/resolvers_ebpf.go | 4 ++++ 3 files changed, 27 insertions(+), 8 deletions(-) diff --git a/pkg/security/probe/probe_ebpf.go b/pkg/security/probe/probe_ebpf.go index 79dd662147379..444d635c8de27 100644 --- a/pkg/security/probe/probe_ebpf.go +++ b/pkg/security/probe/probe_ebpf.go @@ -818,13 +818,12 @@ func (p *EBPFProbe) handleEvent(CPU int, data []byte) { return } - pce := p.Resolvers.ProcessResolver.Resolve(event.CgroupTracing.Pid, event.CgroupTracing.Pid, 0, false, newEntryCb) - if pce != nil { - if pce.CGroup.CGroupFlags.IsContainer() { - containerID, _ := containerutils.FindContainerID(pce.CGroup.CGroupID) - event.CgroupTracing.ContainerContext.ContainerID = containerID - } - event.CgroupTracing.CGroupContext = pce.CGroup + cgroupContext, err := p.Resolvers.ResolveCGroupContext(event.CgroupWrite.File.PathKey, containerutils.CGroupFlags(event.CgroupWrite.CGroupFlags)) + if err != nil { + seclog.Debugf("Failed to resolve cgroup: %s", err) + return + } else { + event.CgroupTracing.CGroupContext = *cgroupContext } p.profileManagers.activityDumpManager.HandleCGroupTracingEvent(&event.CgroupTracing) diff --git a/pkg/security/resolvers/cgroup/resolver.go b/pkg/security/resolvers/cgroup/resolver.go index 2137cccf14506..118700ef36ba6 100644 --- a/pkg/security/resolvers/cgroup/resolver.go +++ b/pkg/security/resolvers/cgroup/resolver.go @@ -48,6 +48,7 @@ type ResolverInterface interface { type Resolver struct { *utils.Notifier[Event, *cgroupModel.CacheEntry] sync.Mutex + cgroups *simplelru.LRU[model.PathKey, *model.CGroupContext] hostWorkloads *simplelru.LRU[containerutils.CGroupID, *cgroupModel.CacheEntry] containerWorkloads *simplelru.LRU[containerutils.ContainerID, *cgroupModel.CacheEntry] } @@ -80,6 +81,11 @@ func NewResolver() (*Resolver, error) { return nil, err } + cr.cgroups, err = simplelru.NewLRU(2048, func(_ model.PathKey, value *model.CGroupContext) {}) + if err != nil { + return nil, err + } + return cr, nil } @@ -121,10 +127,19 @@ func (cr *Resolver) AddPID(process *model.ProcessCacheEntry) { } else { cr.hostWorkloads.Add(process.CGroup.CGroupID, newCGroup) } + cr.cgroups.Add(process.CGroup.CGroupFile, &process.CGroup) cr.NotifyListeners(CGroupCreated, newCGroup) } +// GetCGroupContext returns the cgroup context with the specified path key +func (cr *Resolver) GetCGroupContext(cgroupPath model.PathKey) (*model.CGroupContext, bool) { + cr.Lock() + defer cr.Unlock() + + return cr.cgroups.Get(cgroupPath) +} + // GetWorkload returns the workload referenced by the provided ID func (cr *Resolver) GetWorkload(id containerutils.ContainerID) (*cgroupModel.CacheEntry, bool) { if id == "" { @@ -171,6 +186,7 @@ func (cr *Resolver) deleteWorkloadPID(pid uint32, workload *cgroupModel.CacheEnt // check if the workload should be deleted if len(workload.PIDs) <= 0 { + cr.cgroups.Remove(workload.CGroupFile) cr.hostWorkloads.Remove(workload.CGroupID) if workload.ContainerID != "" { cr.containerWorkloads.Remove(workload.ContainerID) @@ -183,5 +199,5 @@ func (cr *Resolver) Len() int { cr.Lock() defer cr.Unlock() - return cr.hostWorkloads.Len() + cr.containerWorkloads.Len() + return cr.cgroups.Len() } diff --git a/pkg/security/resolvers/resolvers_ebpf.go b/pkg/security/resolvers/resolvers_ebpf.go index b8899bbd99adf..c9adeb82e557b 100644 --- a/pkg/security/resolvers/resolvers_ebpf.go +++ b/pkg/security/resolvers/resolvers_ebpf.go @@ -219,6 +219,10 @@ func (r *EBPFResolvers) Start(ctx context.Context) error { // ResolveCGroupContext resolves the cgroup context from a cgroup path key func (r *EBPFResolvers) ResolveCGroupContext(pathKey model.PathKey, cgroupFlags containerutils.CGroupFlags) (*model.CGroupContext, error) { + if cgroupContext, found := r.CGroupResolver.GetCGroupContext(pathKey); found { + return cgroupContext, nil + } + path, err := r.DentryResolver.Resolve(pathKey, true) if err != nil { return nil, fmt.Errorf("failed to resolve cgroup file %v: %w", pathKey, err) From 99a06e810bc5f9ca94f65bbb748ca89d38a0ed9d Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 17 Dec 2024 17:21:44 +0100 Subject: [PATCH 07/14] Remove Pid again from the CgroupTracing event --- pkg/security/ebpf/c/include/events_definition.h | 1 - pkg/security/ebpf/c/include/helpers/activity_dump.h | 1 - pkg/security/probe/probe_ebpf.go | 5 ++--- pkg/security/secl/model/model_unix.go | 1 - pkg/security/secl/model/unmarshallers_linux.go | 5 ++--- 5 files changed, 4 insertions(+), 9 deletions(-) diff --git a/pkg/security/ebpf/c/include/events_definition.h b/pkg/security/ebpf/c/include/events_definition.h index 1c1cea8fd9af0..ef52f5edcf386 100644 --- a/pkg/security/ebpf/c/include/events_definition.h +++ b/pkg/security/ebpf/c/include/events_definition.h @@ -122,7 +122,6 @@ struct cgroup_tracing_event_t { struct container_context_t container; struct activity_dump_config config; u64 cookie; - u32 pid; }; struct cgroup_write_event_t { diff --git a/pkg/security/ebpf/c/include/helpers/activity_dump.h b/pkg/security/ebpf/c/include/helpers/activity_dump.h index 8a53d5a3c16ec..e24b1a5bfe494 100644 --- a/pkg/security/ebpf/c/include/helpers/activity_dump.h +++ b/pkg/security/ebpf/c/include/helpers/activity_dump.h @@ -119,7 +119,6 @@ __attribute__((always_inline)) u64 trace_new_cgroup(void *ctx, u64 now, struct c evt->container.cgroup_context = container->cgroup_context; evt->cookie = cookie; evt->config = config; - evt->pid = bpf_get_current_pid_tgid() >> 32; send_event_ptr(ctx, EVENT_CGROUP_TRACING, evt); return cookie; diff --git a/pkg/security/probe/probe_ebpf.go b/pkg/security/probe/probe_ebpf.go index 444d635c8de27..5fd26b4f63f8a 100644 --- a/pkg/security/probe/probe_ebpf.go +++ b/pkg/security/probe/probe_ebpf.go @@ -818,15 +818,14 @@ func (p *EBPFProbe) handleEvent(CPU int, data []byte) { return } - cgroupContext, err := p.Resolvers.ResolveCGroupContext(event.CgroupWrite.File.PathKey, containerutils.CGroupFlags(event.CgroupWrite.CGroupFlags)) + cgroupContext, err := p.Resolvers.ResolveCGroupContext(event.CgroupTracing.CGroupContext.CGroupFile, containerutils.CGroupFlags(event.CgroupTracing.CGroupContext.CGroupFlags)) if err != nil { seclog.Debugf("Failed to resolve cgroup: %s", err) - return } else { event.CgroupTracing.CGroupContext = *cgroupContext + p.profileManagers.activityDumpManager.HandleCGroupTracingEvent(&event.CgroupTracing) } - p.profileManagers.activityDumpManager.HandleCGroupTracingEvent(&event.CgroupTracing) return case model.CgroupWriteEventType: if _, err = event.CgroupWrite.UnmarshalBinary(data[offset:]); err != nil { diff --git a/pkg/security/secl/model/model_unix.go b/pkg/security/secl/model/model_unix.go index 8dbb8660fc856..c7ff2ac4240b3 100644 --- a/pkg/security/secl/model/model_unix.go +++ b/pkg/security/secl/model/model_unix.go @@ -624,7 +624,6 @@ type CgroupTracingEvent struct { ContainerContext ContainerContext CGroupContext CGroupContext Config ActivityDumpLoadConfig - Pid uint32 ConfigCookie uint64 } diff --git a/pkg/security/secl/model/unmarshallers_linux.go b/pkg/security/secl/model/unmarshallers_linux.go index 2a85441738286..7c38d3127e1ba 100644 --- a/pkg/security/secl/model/unmarshallers_linux.go +++ b/pkg/security/secl/model/unmarshallers_linux.go @@ -984,13 +984,12 @@ func (e *CgroupTracingEvent) UnmarshalBinary(data []byte) (int, error) { } cursor += read - if len(data)-cursor < 12 { + if len(data)-cursor < 8 { return 0, ErrNotEnoughData } e.ConfigCookie = binary.NativeEndian.Uint64(data[cursor : cursor+8]) - e.Pid = binary.NativeEndian.Uint32(data[cursor+8 : cursor+12]) - return cursor + 12, nil + return cursor + 8, nil } // UnmarshalBinary unmarshals a binary representation of itself From d1adb3ff07029578fc75c2e53cceb3430d0549cf Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 17 Dec 2024 20:47:31 +0100 Subject: [PATCH 08/14] Fix verifier issue on 4.14 --- pkg/security/ebpf/c/include/helpers/activity_dump.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkg/security/ebpf/c/include/helpers/activity_dump.h b/pkg/security/ebpf/c/include/helpers/activity_dump.h index e24b1a5bfe494..e6e6bcc6cb3f7 100644 --- a/pkg/security/ebpf/c/include/helpers/activity_dump.h +++ b/pkg/security/ebpf/c/include/helpers/activity_dump.h @@ -61,7 +61,8 @@ __attribute__((always_inline)) u32 is_cgroup_activity_dumps_supported(struct cgr __attribute__((always_inline)) bool reserve_traced_cgroup_spot(struct cgroup_context_t *cgroup, u64 now, u64 cookie, struct activity_dump_config *config) { // insert dump config defaults - struct activity_dump_config *defaults = bpf_map_lookup_elem(&activity_dump_config_defaults, &cgroup->cgroup_flags); + u32 cgroup_flags = cgroup->cgroup_flags; + struct activity_dump_config *defaults = bpf_map_lookup_elem(&activity_dump_config_defaults, &cgroup_flags); if (defaults == NULL) { // should never happen, ignore return false; From 174ccd5e901fc3adeedec27f8263d6360202bc72 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Tue, 17 Dec 2024 21:33:43 +0100 Subject: [PATCH 09/14] Make linters happy --- pkg/security/resolvers/cgroup/resolver.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/security/resolvers/cgroup/resolver.go b/pkg/security/resolvers/cgroup/resolver.go index 118700ef36ba6..dcb1de1e6d378 100644 --- a/pkg/security/resolvers/cgroup/resolver.go +++ b/pkg/security/resolvers/cgroup/resolver.go @@ -81,7 +81,7 @@ func NewResolver() (*Resolver, error) { return nil, err } - cr.cgroups, err = simplelru.NewLRU(2048, func(_ model.PathKey, value *model.CGroupContext) {}) + cr.cgroups, err = simplelru.NewLRU(2048, func(_ model.PathKey, _ *model.CGroupContext) {}) if err != nil { return nil, err } From 1f18b56cf9ff55361d9d0ddb9d32c24a65dac862 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Wed, 18 Dec 2024 10:01:16 +0100 Subject: [PATCH 10/14] Add CGROUP_MANAGER_MASK constant --- pkg/security/ebpf/c/include/constants/custom.h | 1 + pkg/security/ebpf/c/include/helpers/activity_dump.h | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/pkg/security/ebpf/c/include/constants/custom.h b/pkg/security/ebpf/c/include/constants/custom.h index d89db81c9d45f..1e2311bf8fc7e 100644 --- a/pkg/security/ebpf/c/include/constants/custom.h +++ b/pkg/security/ebpf/c/include/constants/custom.h @@ -196,6 +196,7 @@ static __attribute__((always_inline)) u64 get_imds_ip() { #define CGROUP_MANAGER_CRI 4 #define CGROUP_MANAGER_SYSTEMD 5 +#define CGROUP_MANAGER_MASK 0b111 #define CGROUP_SYSTEMD_SERVICE (0 << 8) #define CGROUP_SYSTEMD_SCOPE (1 << 8) diff --git a/pkg/security/ebpf/c/include/helpers/activity_dump.h b/pkg/security/ebpf/c/include/helpers/activity_dump.h index e6e6bcc6cb3f7..70e776cca8161 100644 --- a/pkg/security/ebpf/c/include/helpers/activity_dump.h +++ b/pkg/security/ebpf/c/include/helpers/activity_dump.h @@ -54,7 +54,7 @@ __attribute__((always_inline)) struct cgroup_tracing_event_t *get_cgroup_tracing } __attribute__((always_inline)) u32 is_cgroup_activity_dumps_supported(struct cgroup_context_t *cgroup) { - u32 cgroup_manager = cgroup->cgroup_flags & 0b111; + u32 cgroup_manager = cgroup->cgroup_flags & CGROUP_MANAGER_MASK; u32 supported = (cgroup->cgroup_flags != 0) && (bpf_map_lookup_elem(&activity_dump_config_defaults, &cgroup_manager) != NULL); return supported; } @@ -112,7 +112,7 @@ __attribute__((always_inline)) u64 trace_new_cgroup(void *ctx, u64 now, struct c return 0; } - if ((container->cgroup_context.cgroup_flags&0b111) != CGROUP_MANAGER_SYSTEMD) { + if ((container->cgroup_context.cgroup_flags&CGROUP_MANAGER_MASK) != CGROUP_MANAGER_SYSTEMD) { copy_container_id(container->container_id, evt->container.container_id); } else { evt->container.container_id[0] = '\0'; From 1579259c9309fb343c2b803d567bd60ece58c49a Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Wed, 18 Dec 2024 10:01:31 +0100 Subject: [PATCH 11/14] Fix size of activity_dump_config_defaults eBPF map --- pkg/security/ebpf/c/include/maps.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/security/ebpf/c/include/maps.h b/pkg/security/ebpf/c/include/maps.h index 5db11dc1facc5..3b821b19fe5cf 100644 --- a/pkg/security/ebpf/c/include/maps.h +++ b/pkg/security/ebpf/c/include/maps.h @@ -28,7 +28,7 @@ BPF_ARRAY_MAP(syscall_ctx_gen_id, u32, 1) BPF_ARRAY_MAP(syscall_ctx, char[MAX_SYSCALL_CTX_SIZE], MAX_SYSCALL_CTX_ENTRIES) BPF_HASH_MAP(activity_dumps_config, u64, struct activity_dump_config, 1) // max entries will be overridden at runtime -BPF_HASH_MAP(activity_dump_config_defaults, u32, struct activity_dump_config, 4) +BPF_HASH_MAP(activity_dump_config_defaults, u32, struct activity_dump_config, 5) BPF_HASH_MAP(traced_cgroups, struct path_key_t, u64, 1) // max entries will be overridden at runtime BPF_HASH_MAP(cgroup_wait_list, struct path_key_t, u64, 1) // max entries will be overridden at runtime BPF_HASH_MAP(traced_pids, u32, u64, 8192) // max entries will be overridden at runtime From 0477e1a873216c28903fe98541822a43af018e99 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Wed, 18 Dec 2024 10:02:01 +0100 Subject: [PATCH 12/14] Revert useless change --- pkg/security/resolvers/process/resolver_ebpf.go | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/pkg/security/resolvers/process/resolver_ebpf.go b/pkg/security/resolvers/process/resolver_ebpf.go index a56037d56d2ba..409ab86fc2da7 100644 --- a/pkg/security/resolvers/process/resolver_ebpf.go +++ b/pkg/security/resolvers/process/resolver_ebpf.go @@ -461,15 +461,15 @@ func (p *EBPFResolver) enrichEventFromProc(entry *model.ProcessCacheEntry, proc return nil } -// retrieveFileFields fetches inode metadata from kernel space -func (p *EBPFResolver) retrieveFileFields(filePath string) (*model.FileFields, error) { - fi, err := os.Stat(filePath) +// retrieveExecFileFields fetches inode metadata from kernel space +func (p *EBPFResolver) retrieveExecFileFields(procExecPath string) (*model.FileFields, error) { + fi, err := os.Stat(procExecPath) if err != nil { - return nil, fmt.Errorf("snapshot failed for `%s`: couldn't stat binary: %w", filePath, err) + return nil, fmt.Errorf("snapshot failed for `%s`: couldn't stat binary: %w", procExecPath, err) } stat, ok := fi.Sys().(*syscall.Stat_t) if !ok { - return nil, fmt.Errorf("snapshot failed for `%s`: couldn't stat binary", filePath) + return nil, fmt.Errorf("snapshot failed for `%s`: couldn't stat binary", procExecPath) } inode := stat.Ino @@ -493,11 +493,6 @@ func (p *EBPFResolver) retrieveFileFields(filePath string) (*model.FileFields, e return &fileFields, nil } -// retrieveExecFileFields fetches inode metadata from kernel space -func (p *EBPFResolver) retrieveExecFileFields(procExecPath string) (*model.FileFields, error) { - return p.retrieveFileFields(procExecPath) -} - func (p *EBPFResolver) insertEntry(entry, prev *model.ProcessCacheEntry, source uint64) { entry.Source = source p.entryCache[entry.Pid] = entry From 7141a096bc39fe8fb6abfecb54fdd63e7579e7ed Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Wed, 18 Dec 2024 10:02:28 +0100 Subject: [PATCH 13/14] Cache getDefaultLoadConfigs output --- pkg/security/security_profile/dump/load_controller.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkg/security/security_profile/dump/load_controller.go b/pkg/security/security_profile/dump/load_controller.go index 4802ec866c7da..f9bc80cdd3b4f 100644 --- a/pkg/security/security_profile/dump/load_controller.go +++ b/pkg/security/security_profile/dump/load_controller.go @@ -35,6 +35,7 @@ type ActivityDumpLoadController struct { // eBPF maps activityDumpConfigDefaults *ebpf.Map + activityDumpLoadConfig map[containerutils.CGroupManager]*model.ActivityDumpLoadConfig } // NewActivityDumpLoadController returns a new activity dump load controller @@ -60,6 +61,10 @@ func NewActivityDumpLoadController(adm *ActivityDumpManager) (*ActivityDumpLoadC } func (lc *ActivityDumpLoadController) getDefaultLoadConfigs() (map[containerutils.CGroupManager]*model.ActivityDumpLoadConfig, error) { + if lc.activityDumpLoadConfig != nil { + return lc.activityDumpLoadConfig, nil + } + defaults := NewActivityDumpLoadConfig( lc.adm.config.RuntimeSecurity.ActivityDumpTracedEventTypes, lc.adm.config.RuntimeSecurity.ActivityDumpCgroupDumpTimeout, @@ -85,6 +90,7 @@ func (lc *ActivityDumpLoadController) getDefaultLoadConfigs() (map[containerutil } defaultConfigs[cgroupManager] = defaults } + lc.activityDumpLoadConfig = defaultConfigs return defaultConfigs, nil } From 68b757acf12d5912da0bd937737998f2c3fb625b Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Wed, 18 Dec 2024 10:10:17 +0100 Subject: [PATCH 14/14] Revert go.mod bump --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 5bdd92102f7e7..30981dbec9ce2 100644 --- a/go.mod +++ b/go.mod @@ -152,7 +152,7 @@ require ( github.com/DataDog/datadog-agent/pkg/gohai v0.56.0-rc.3 github.com/DataDog/datadog-agent/pkg/obfuscate v0.59.0 github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.59.0 - github.com/DataDog/datadog-agent/pkg/security/secl v0.60.0 + github.com/DataDog/datadog-agent/pkg/security/secl v0.56.0 github.com/DataDog/datadog-agent/pkg/trace v0.59.0 github.com/DataDog/datadog-agent/pkg/util/cgroups v0.59.0 github.com/DataDog/datadog-agent/pkg/util/log v0.59.1