NVIDIA DOCA SDK Data Center on a Chip Framework Documentation
yara_inspection_core.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2023 NVIDIA CORPORATION AND AFFILIATES. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without modification, are permitted
5  * provided that the following conditions are met:
6  * * Redistributions of source code must retain the above copyright notice, this list of
7  * conditions and the following disclaimer.
8  * * Redistributions in binary form must reproduce the above copyright notice, this list of
9  * conditions and the following disclaimer in the documentation and/or other materials
10  * provided with the distribution.
11  * * Neither the name of the NVIDIA CORPORATION nor the names of its contributors may be used
12  * to endorse or promote products derived from this software without specific prior written
13  * permission.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
17  * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NVIDIA CORPORATION BE LIABLE
18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
19  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
20  * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
21  * STRICT LIABILITY, OR TOR (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
22  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23  *
24  */
25 #include <stdlib.h>
26 #include <unistd.h>
27 
28 #include <doca_argp.h>
29 #include <doca_log.h>
30 
31 #include <samples/common.h>
32 
33 #include <utils.h>
34 
35 #include "yara_inspection_core.h"
36 
37 DOCA_LOG_REGISTER(YARA_APP::Core);
38 
39 /* This value is guaranteed to be 253 on Linux, and 16 bytes on Windows */
40 #define MAX_HOSTNAME_LEN 253
41 
42 /*
43  * ARGP Callback - Handle mem_regions.json path parameter
44  *
45  * @param [in]: Input parameter
46  * @config [in/out]: Program configuration context
47  * @return: DOCA_SUCCESS on success and DOCA_ERROR otherwise
48  */
49 static doca_error_t memr_callback(void *param, void *config)
50 {
51  struct yara_config *conf = (struct yara_config *)config;
52  size_t size = sizeof(conf->system_mem_region_path);
53 
54  if (strnlen(param, size) >= size) {
55  DOCA_LOG_ERR("System memory regions map argument too long, must be <=%zu long", size - 1);
56  return DOCA_ERROR_INVALID_VALUE;
57  }
58  strcpy(conf->system_mem_region_path, param);
59 
60  if (access(conf->system_mem_region_path, F_OK) == -1) {
61  DOCA_LOG_ERR("System memory regions map json file not found %s", conf->system_mem_region_path);
62  return DOCA_ERROR_NOT_FOUND;
63  }
64  return DOCA_SUCCESS;
65 }
66 
67 /*
68  * ARGP Callback - Handle VUID parameter
69  *
70  * @param [in]: Input parameter
71  * @config [in/out]: Program configuration context
72  * @return: DOCA_SUCCESS on success and DOCA_ERROR otherwise
73  */
74 static doca_error_t vuid_callback(void *param, void *config)
75 {
76  struct yara_config *conf = (struct yara_config *)config;
77  size_t size = sizeof(conf->system_vuid);
78 
79  if (strnlen(param, size) >= size) {
80  DOCA_LOG_ERR("System VUID argument too long, must be <=%zu long", size - 1);
81  return DOCA_ERROR_INVALID_VALUE;
82  }
83  strcpy(conf->system_vuid, param);
84  return DOCA_SUCCESS;
85 }
86 
87 /*
88  * ARGP Callback - Handle DMA device name parameter
89  *
90  * @param [in]: Input parameter
91  * @config [in/out]: Program configuration context
92  * @return: DOCA_SUCCESS on success and DOCA_ERROR otherwise
93  */
94 static doca_error_t dma_callback(void *param, void *config)
95 {
96  struct yara_config *conf = (struct yara_config *)config;
97  size_t size = sizeof(conf->dma_dev_name);
98 
99  if (strnlen(param, size) >= size) {
100  DOCA_LOG_ERR("DMA device name argument too long, must be <=%zu long", size - 1);
101  return DOCA_ERROR_INVALID_VALUE;
102  }
103  strcpy(conf->dma_dev_name, param);
104  return DOCA_SUCCESS;
105 }
106 
107 /*
108  * ARGP Callback - Handle os_symbols.json path parameter
109  *
110  * @param [in]: Input parameter
111  * @config [in/out]: Program configuration context
112  * @return: DOCA_SUCCESS on success and DOCA_ERROR otherwise
113  */
114 static doca_error_t os_syms_callback(void *param, void *config)
115 {
116  struct yara_config *conf = (struct yara_config *)config;
117  size_t size = sizeof(conf->system_os_symbol_map_path);
118 
119  if (strnlen(param, size) >= size) {
120  DOCA_LOG_ERR("System os symbols map argument too long, must be <=%zu long", size - 1);
121  return DOCA_ERROR_INVALID_VALUE;
122  }
123  strcpy(conf->system_os_symbol_map_path, param);
124 
125  if (access(conf->system_os_symbol_map_path, F_OK) == -1) {
126  DOCA_LOG_ERR("System os symbols map json file not found %s", conf->system_os_symbol_map_path);
127  return DOCA_ERROR_NOT_FOUND;
128  }
129  return DOCA_SUCCESS;
130 }
131 
132 /*
133  * ARGP Callback - Handle time between attestations parameter
134  *
135  * @param [in]: Input parameter
136  * @config [in/out]: Program configuration context
137  * @return: DOCA_SUCCESS on success and DOCA_ERROR otherwise
138  */
139 static doca_error_t time_callback(void *param, void *config)
140 {
141  struct yara_config *conf = (struct yara_config *)config;
142 
143  conf->time_interval = *(int *)param;
144  return DOCA_SUCCESS;
145 }
146 
147 doca_error_t register_yara_params(void)
148 {
149  doca_error_t result;
150  struct doca_argp_param *memr_param, *vuid_param, *dma_param, *os_syms_param;
151  struct doca_argp_param *time_param;
152 
153  /* Create and register system memory map param */
154  result = doca_argp_param_create(&memr_param);
155  if (result != DOCA_SUCCESS) {
156  DOCA_LOG_ERR("Failed to create ARGP param: %s", doca_error_get_descr(result));
157  return result;
158  }
159  doca_argp_param_set_short_name(memr_param, "m");
160  doca_argp_param_set_long_name(memr_param, "memr");
161  doca_argp_param_set_arguments(memr_param, "<path>");
162  doca_argp_param_set_description(memr_param, "System memory regions map");
163  doca_argp_param_set_callback(memr_param, memr_callback);
164  doca_argp_param_set_type(memr_param, DOCA_ARGP_TYPE_STRING);
165  doca_argp_param_set_mandatory(memr_param);
166  result = doca_argp_register_param(memr_param);
167  if (result != DOCA_SUCCESS) {
168  DOCA_LOG_ERR("Failed to register program param: %s", doca_error_get_descr(result));
169  return result;
170  }
171 
172  /* Create and register VUID param */
173  result = doca_argp_param_create(&vuid_param);
174  if (result != DOCA_SUCCESS) {
175  DOCA_LOG_ERR("Failed to create ARGP param: %s", doca_error_get_descr(result));
176  return result;
177  }
178  doca_argp_param_set_short_name(vuid_param, "f");
179  doca_argp_param_set_long_name(vuid_param, "vuid");
180  doca_argp_param_set_description(vuid_param, "VUID of the System device");
181  doca_argp_param_set_callback(vuid_param, vuid_callback);
182  doca_argp_param_set_type(vuid_param, DOCA_ARGP_TYPE_STRING);
183  doca_argp_param_set_mandatory(vuid_param);
184  result = doca_argp_register_param(vuid_param);
185  if (result != DOCA_SUCCESS) {
186  DOCA_LOG_ERR("Failed to register program param: %s", doca_error_get_descr(result));
187  return result;
188  }
189 
190  /* Create and register DMA param */
191  result = doca_argp_param_create(&dma_param);
192  if (result != DOCA_SUCCESS) {
193  DOCA_LOG_ERR("Failed to create ARGP param: %s", doca_error_get_descr(result));
194  return result;
195  }
196  doca_argp_param_set_short_name(dma_param, "d");
197  doca_argp_param_set_long_name(dma_param, "dma");
198  doca_argp_param_set_description(dma_param, "DMA device name");
199  doca_argp_param_set_callback(dma_param, dma_callback);
200  doca_argp_param_set_type(dma_param, DOCA_ARGP_TYPE_STRING);
201  doca_argp_param_set_mandatory(dma_param);
202  result = doca_argp_register_param(dma_param);
203  if (result != DOCA_SUCCESS) {
204  DOCA_LOG_ERR("Failed to register program param: %s", doca_error_get_descr(result));
205  return result;
206  }
207 
208  /* Create and register system OS map param */
209  result = doca_argp_param_create(&os_syms_param);
210  if (result != DOCA_SUCCESS) {
211  DOCA_LOG_ERR("Failed to create ARGP param: %s", doca_error_get_descr(result));
212  return result;
213  }
214  doca_argp_param_set_short_name(os_syms_param, "o");
215  doca_argp_param_set_long_name(os_syms_param, "osym");
216  doca_argp_param_set_arguments(os_syms_param, "<path>");
217  doca_argp_param_set_description(os_syms_param, "System OS symbol map path");
218  doca_argp_param_set_callback(os_syms_param, os_syms_callback);
219  doca_argp_param_set_type(os_syms_param, DOCA_ARGP_TYPE_STRING);
220  doca_argp_param_set_mandatory(os_syms_param);
221  result = doca_argp_register_param(os_syms_param);
222  if (result != DOCA_SUCCESS) {
223  DOCA_LOG_ERR("Failed to register program param: %s", doca_error_get_descr(result));
224  return result;
225  }
226 
227  /* Create and register time interval param */
228  result = doca_argp_param_create(&time_param);
229  if (result != DOCA_SUCCESS) {
230  DOCA_LOG_ERR("Failed to create ARGP param: %s", doca_error_get_descr(result));
231  return result;
232  }
233  doca_argp_param_set_short_name(time_param, "t");
234  doca_argp_param_set_long_name(time_param, "time");
235  doca_argp_param_set_arguments(time_param, "<seconds>");
236  doca_argp_param_set_description(time_param, "Scan time interval in seconds");
237  doca_argp_param_set_callback(time_param, time_callback);
238  doca_argp_param_set_type(time_param, DOCA_ARGP_TYPE_INT);
239  doca_argp_param_set_mandatory(time_param);
240  result = doca_argp_register_param(time_param);
241  if (result != DOCA_SUCCESS) {
242  DOCA_LOG_ERR("Failed to register program param: %s", doca_error_get_descr(result));
243  return result;
244  }
245 
246  result = doca_argp_register_version_callback(sdk_version_callback);
247  if (result != DOCA_SUCCESS) {
248  DOCA_LOG_ERR("Failed to register version callback: %s", doca_error_get_descr(result));
249  return result;
250  }
251  return DOCA_SUCCESS;
252 }
253 
254 /*
255  * Creates and starts a DOCA Apsh context, in order to make the library usable.
256  *
257  * @conf [in]: Configuration used for init process
258  * @resources [out]: Memory storage for the context pointer
259  * @return: DOCA_SUCCESS on success and DOCA_ERROR otherwise
260  *
261  * @NOTE: On failure all lib Apsh resources are freed
262  */
263 static doca_error_t yara_ctx_init(struct yara_config *conf, struct yara_resources *resources)
264 {
265  doca_error_t result;
266 
267  /* Create a new yara context */
268  resources->ctx = doca_apsh_create();
269  if (resources->ctx == NULL) {
270  DOCA_LOG_ERR("Create lib APSH context failed");
271  return DOCA_ERROR_INITIALIZATION;
272  }
273 
274  /* Get dma device */
275  result = open_doca_device_with_ibdev_name((uint8_t *)conf->dma_dev_name,
276  strlen(conf->dma_dev_name),
277  NULL,
278  &resources->dma_device);
279  if (result != DOCA_SUCCESS) {
280  yara_inspection_cleanup(resources);
281  DOCA_LOG_ERR("Failed to open dma device");
282  return result;
283  }
284 
285  /* Start apsh context */
286  /* set the DMA device */
287  result = doca_apsh_dma_dev_set(resources->ctx, resources->dma_device);
288  if (result != DOCA_SUCCESS) {
289  yara_inspection_cleanup(resources);
290  DOCA_LOG_ERR("Set dma device failed");
291  return result;
292  }
293 
294  /* Start apsh handler and init connection to devices */
295  result = doca_apsh_start(resources->ctx);
296  if (result != DOCA_SUCCESS) {
297  yara_inspection_cleanup(resources);
298  DOCA_LOG_ERR("Start APSH failed");
299  return result;
300  }
301 
302  /* return value */
303  return DOCA_SUCCESS;
304 }
305 
306 /*
307  * Creates and starts a DOCA Apsh System context, in order to apply the library on a specific target system.
308  *
309  * @conf [in]: Configuration used for init process
310  * @resources [out]: Memory storage for the system context pointer
311  * @return: DOCA_SUCCESS on success and DOCA_ERROR otherwise
312  *
313  * @NOTE: On failure all lib Apsh resources are freed
314  */
315 static doca_error_t yara_system_init(struct yara_config *conf, struct yara_resources *resources)
316 {
317  doca_error_t result;
318 
319  result = open_doca_device_rep_with_vuid(resources->dma_device,
320  DOCA_DEVINFO_REP_FILTER_NET,
321  (uint8_t *)conf->system_vuid,
322  strlen(conf->system_vuid),
323  &resources->system_device);
324  if (result != DOCA_SUCCESS) {
325  yara_inspection_cleanup(resources);
326  DOCA_LOG_ERR("Failed to open representor device");
327  return result;
328  }
329 
330  /* Create a new system handler to introspect */
331  resources->sys = doca_apsh_system_create(resources->ctx);
332  if (resources->sys == NULL) {
333  yara_inspection_cleanup(resources);
334  DOCA_LOG_ERR("Create system context failed");
335  return result;
336  }
337 
338  /* Start system context - bare-metal */
339  /* Set the system os symbol map */
340  result = doca_apsh_sys_os_symbol_map_set(resources->sys, conf->system_os_symbol_map_path);
341  if (result != DOCA_SUCCESS) {
342  yara_inspection_cleanup(resources);
343  DOCA_LOG_ERR("Set os symbols map failed");
344  return result;
345  }
346 
347  /* Set the system memory region the apsh handler is allowed to access */
348  result = doca_apsh_sys_mem_region_set(resources->sys, conf->system_mem_region_path);
349  if (result != DOCA_SUCCESS) {
350  yara_inspection_cleanup(resources);
351  DOCA_LOG_ERR("Set mem regions map failed");
352  return result;
353  }
354 
355  /* Set the system device for the apsh handler to use */
356  result = doca_apsh_sys_dev_set(resources->sys, resources->system_device);
357  if (result != DOCA_SUCCESS) {
358  yara_inspection_cleanup(resources);
359  DOCA_LOG_ERR("Set system device failed");
360  return result;
361  }
362 
363  /* Set the system os type - linux/widows */
364  result = doca_apsh_sys_os_type_set(resources->sys, DOCA_APSH_SYSTEM_WINDOWS);
365  if (result != DOCA_SUCCESS) {
366  yara_inspection_cleanup(resources);
367  DOCA_LOG_ERR("Set system os type failed");
368  return result;
369  }
370 
371  /* Start system handler and init connection to the system and the devices */
372  result = doca_apsh_system_start(resources->sys);
373  if (result != DOCA_SUCCESS) {
374  yara_inspection_cleanup(resources);
375  DOCA_LOG_ERR("Start system failed");
376  return result;
377  }
378 
379  /* return value */
380  return DOCA_SUCCESS;
381 }
382 
383 doca_error_t yara_inspection_init(struct yara_config *conf, struct yara_resources *resources)
384 {
385  doca_error_t result;
386 
387  /* Init basic apsh handlers */
388  memset(resources, 0, sizeof(*resources));
389  result = yara_ctx_init(conf, resources);
390  if (result != DOCA_SUCCESS)
391  return result;
392  return yara_system_init(conf, resources);
393 }
394 
395 void yara_inspection_cleanup(struct yara_resources *resources)
396 {
397  /* free the system handler and disconnect from the devices */
398  if (resources->sys != NULL) {
399  doca_apsh_system_destroy(resources->sys);
400  resources->sys = NULL;
401  }
402 
403  /* free the apsh handler and disconnect from the devices */
404  if (resources->ctx != NULL) {
405  doca_apsh_destroy(resources->ctx);
406  resources->ctx = NULL;
407  }
408 
409  /* Close the devices */
410  if (resources->dma_device != NULL) {
411  doca_dev_close(resources->dma_device);
412  resources->dma_device = NULL;
413  }
414  if (resources->system_device != NULL) {
415  doca_dev_rep_close(resources->system_device);
416  resources->system_device = NULL;
417  }
418 }
419 
420 /*
421  * Register a yara event to the Telemetry schema
422  *
423  * @schema [in]: Created DOCA Telemetry schema
424  * @type_index [out]: Memory storage for the Telemetry index created for the event
425  * @return: DOCA_SUCCESS on success and DOCA_ERROR otherwise
426  */
427 static doca_error_t telemetry_register_yara_event(struct doca_telemetry_exporter_schema *schema,
428  doca_telemetry_exporter_type_index_t *type_index)
429 {
430  doca_error_t result;
431  /* Event type for schema. Should be consistent with event struct */
432  struct doca_telemetry_exporter_type *type;
433  struct doca_telemetry_exporter_field *field;
434  const int nb_fields = 5;
435  int idx = 0;
436  struct {
437  const char *name;
438  const char *desc;
439  const char *type_name;
440  uint16_t len;
441  } fields_info[] = {
442  {"timestamp", "Event timestamp", DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_TIMESTAMP, 1},
443  {"pid", "Pid", DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_INT32, 1},
444  {"process_name", "Process name", DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_CHAR, MAX_PROCESS_NAME_LEN + 1},
445  {"rule_name", "Rule name", DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_CHAR, MAX_PATH_LEN + 1},
446  {"vad", "Path", DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_INT64, 1},
447  };
448 
449  result = doca_telemetry_exporter_type_create(&type);
450  if (result != DOCA_SUCCESS)
451  return result;
452 
453  for (idx = 0; idx < nb_fields; idx++) {
454  result = doca_telemetry_exporter_field_create(&field);
455  if (result != DOCA_SUCCESS) {
456  DOCA_LOG_ERR("Failed to create field");
457  doca_telemetry_exporter_type_destroy(type);
458  return result;
459  }
460  doca_telemetry_exporter_field_set_name(field, fields_info[idx].name);
461  doca_telemetry_exporter_field_set_description(field, fields_info[idx].desc);
462  doca_telemetry_exporter_field_set_type_name(field, fields_info[idx].type_name);
463  doca_telemetry_exporter_field_set_array_len(field, fields_info[idx].len);
464 
465  result = doca_telemetry_exporter_type_add_field(type, field);
466  if (result != DOCA_SUCCESS) {
467  DOCA_LOG_ERR("Failed to add field to type");
468  doca_telemetry_exporter_field_destroy(field);
469  doca_telemetry_exporter_type_destroy(type);
470  return result;
471  }
472  }
473 
474  /* Register type */
475  result = doca_telemetry_exporter_schema_add_type(schema, "yara_event", type, type_index);
476  if (result != DOCA_SUCCESS) {
477  DOCA_LOG_ERR("Failed to add type to schema");
478  doca_telemetry_exporter_type_destroy(type);
479  }
480  return result;
481 }
482 
483 doca_error_t telemetry_start(struct doca_telemetry_exporter_schema **telemetry_schema,
484  struct doca_telemetry_exporter_source **telemetry_source,
485  doca_telemetry_exporter_type_index_t *index)
486 {
487  doca_error_t result;
488  struct doca_telemetry_exporter_schema *schema = NULL;
489  struct doca_telemetry_exporter_source *source = NULL;
490  char source_id_buf[MAX_HOSTNAME_LEN + 1], source_tag_buf[MAX_HOSTNAME_LEN + strlen("_tag") + 1];
491 
492  /* Creating telemetry schema */
493  result = doca_telemetry_exporter_schema_init("yara_inspection_telemetry", &schema);
494  if (result != DOCA_SUCCESS) {
495  DOCA_LOG_ERR("Failed to init the doca telemetry schema");
496  return result;
497  }
498 
499  /* Register all currently supported events */
500  result = telemetry_register_yara_event(schema, index);
501  if (result != DOCA_SUCCESS) {
502  DOCA_LOG_ERR("Failed to register attestation event in the telemetry schema");
503  goto schema_error;
504  }
505 
506  /* Enable file write during the app development.
507  * Check written files under data root to make sure that data format is correct.
508  * Default max_file_size is 1 Mb, default max_file_age is 1 hour.
509  */
510  // doca_telemetry_exporter_schema_set_file_write_enabled(schema);
511  // doca_telemetry_exporter_schema_set_file_write_max_size(schema, 1 * 1024 * 1024);
512  // doca_telemetry_exporter_schema_set_file_write_max_age(schema, 60 * 60 * 1000000L);
513 
514  /* Activate the schema */
515  result = doca_telemetry_exporter_schema_start(schema);
516  if (result != DOCA_SUCCESS) {
517  DOCA_LOG_ERR("Failed to start the doca telemetry schema");
518  goto schema_error;
519  }
520 
521  /* Open a telemetry connection with custom source id and tag */
522  result = doca_telemetry_exporter_source_create(schema, &source);
523  if (result != DOCA_SUCCESS) {
524  DOCA_LOG_ERR("Failed to create a source end point to the telemetry");
525  goto schema_error;
526  }
527 
528  /* Creating a unique tag and id per host */
529  if (gethostname(source_id_buf, sizeof(source_id_buf)) < 0) {
530  DOCA_LOG_ERR("Gethostname failed, can't create a unique source tag and id");
531  result = DOCA_ERROR_OPERATING_SYSTEM;
532  goto source_error;
533  }
534 
535  strlcpy(source_tag_buf, source_id_buf, sizeof(source_tag_buf));
536  strlcat(source_tag_buf, "_tag", sizeof(source_tag_buf));
537  doca_telemetry_exporter_source_set_id(source, source_id_buf);
538  doca_telemetry_exporter_source_set_tag(source, source_tag_buf);
539 
540  /* Initiate the DOCA telemetry source */
541  result = doca_telemetry_exporter_source_start(source);
542  if (result != DOCA_SUCCESS) {
543  DOCA_LOG_ERR("Failed to establish a source connection to the telemetry");
544  goto source_error;
545  }
546 
547  /* Success init, return handlers */
548  *telemetry_schema = schema;
549  *telemetry_source = source;
550  return DOCA_SUCCESS;
551 
552 source_error:
553  doca_telemetry_exporter_source_destroy(source);
554 schema_error:
555  doca_telemetry_exporter_schema_destroy(schema);
556  return result;
557 }
558 
559 void telemetry_destroy(struct doca_telemetry_exporter_schema *telemetry_schema,
560  struct doca_telemetry_exporter_source *telemetry_source)
561 {
562  doca_telemetry_exporter_source_destroy(telemetry_source);
563  doca_telemetry_exporter_schema_destroy(telemetry_schema);
564 }
NULL
#define NULL
Definition: __stddef_null.h:26
result
int32_t result
Definition: app_shield_agent_core.h:3
MAX_PATH_LEN
#define MAX_PATH_LEN
Definition: app_shield_agent_core.h:45
open_doca_device_rep_with_vuid
doca_error_t open_doca_device_rep_with_vuid(struct doca_dev *local, enum doca_devinfo_rep_filter filter, const uint8_t *value, size_t val_size, struct doca_dev_rep **retval)
Definition: common.c:222
open_doca_device_with_ibdev_name
doca_error_t open_doca_device_with_ibdev_name(const uint8_t *value, size_t val_size, tasks_check func, struct doca_dev **retval)
Definition: common.c:84
doca_argp.h
len
uint64_t len
Definition: doca_dpa_dev_buf.h:1
doca_log.h
resources
struct rdma_resources resources
Definition: gpunetio_rdma_client_server_write_sample.c:43
DOCA_APSH_SYSTEM_WINDOWS
@ DOCA_APSH_SYSTEM_WINDOWS
Definition: doca_apsh_attr.h:40
doca_apsh_sys_mem_region_set
DOCA_EXPERIMENTAL doca_error_t doca_apsh_sys_mem_region_set(struct doca_apsh_system *system, const char *system_mem_region_path)
Set system allowed memory regions.
doca_apsh_sys_dev_set
DOCA_EXPERIMENTAL doca_error_t doca_apsh_sys_dev_set(struct doca_apsh_system *system, struct doca_dev_rep *dev)
Set system device.
doca_apsh_start
DOCA_EXPERIMENTAL doca_error_t doca_apsh_start(struct doca_apsh_ctx *ctx)
Start apsh handler.
doca_apsh_sys_os_type_set
DOCA_EXPERIMENTAL doca_error_t doca_apsh_sys_os_type_set(struct doca_apsh_system *system, enum doca_apsh_system_os os_type)
Set system os type.
doca_apsh_create
DOCA_EXPERIMENTAL struct doca_apsh_ctx * doca_apsh_create(void)
Create a new apsh handler.
doca_apsh_dma_dev_set
DOCA_EXPERIMENTAL doca_error_t doca_apsh_dma_dev_set(struct doca_apsh_ctx *ctx, struct doca_dev *dma_dev)
Set apsh dma device.
doca_apsh_system_create
DOCA_EXPERIMENTAL struct doca_apsh_system * doca_apsh_system_create(struct doca_apsh_ctx *ctx)
Create a new system handler.
doca_apsh_sys_os_symbol_map_set
DOCA_EXPERIMENTAL doca_error_t doca_apsh_sys_os_symbol_map_set(struct doca_apsh_system *system, const char *system_os_symbol_map_path)
Set system os symbol map.
doca_apsh_destroy
DOCA_EXPERIMENTAL void doca_apsh_destroy(struct doca_apsh_ctx *ctx)
Free the APSH memory and close connections.
doca_apsh_system_destroy
DOCA_EXPERIMENTAL void doca_apsh_system_destroy(struct doca_apsh_system *system)
Destroy system handler.
doca_apsh_system_start
DOCA_EXPERIMENTAL doca_error_t doca_apsh_system_start(struct doca_apsh_system *system)
Start system handler.
doca_argp_param_set_description
DOCA_EXPERIMENTAL void doca_argp_param_set_description(struct doca_argp_param *param, const char *description)
Set the description of the program param, used during program usage.
doca_argp_param_set_long_name
DOCA_EXPERIMENTAL void doca_argp_param_set_long_name(struct doca_argp_param *param, const char *name)
Set the long name of the program param.
doca_argp_param_set_arguments
DOCA_EXPERIMENTAL void doca_argp_param_set_arguments(struct doca_argp_param *param, const char *arguments)
Set the description of the expected arguments of the program param, used during program usage.
doca_argp_param_set_callback
DOCA_EXPERIMENTAL void doca_argp_param_set_callback(struct doca_argp_param *param, doca_argp_param_cb_t callback)
Set the callback function of the program param.
doca_argp_param_set_mandatory
DOCA_EXPERIMENTAL void doca_argp_param_set_mandatory(struct doca_argp_param *param)
Mark the program param as mandatory.
doca_argp_param_create
DOCA_EXPERIMENTAL doca_error_t doca_argp_param_create(struct doca_argp_param **param)
Create new program param.
doca_argp_param_set_type
DOCA_EXPERIMENTAL void doca_argp_param_set_type(struct doca_argp_param *param, enum doca_argp_type type)
Set the type of the param arguments.
doca_argp_register_version_callback
DOCA_EXPERIMENTAL doca_error_t doca_argp_register_version_callback(doca_argp_param_cb_t callback)
Register an alternative version callback.
doca_argp_param_set_short_name
DOCA_EXPERIMENTAL void doca_argp_param_set_short_name(struct doca_argp_param *param, const char *name)
Set the short name of the program param.
doca_argp_register_param
DOCA_EXPERIMENTAL doca_error_t doca_argp_register_param(struct doca_argp_param *input_param)
Register a program flag.
DOCA_ARGP_TYPE_STRING
@ DOCA_ARGP_TYPE_STRING
Definition: doca_argp.h:56
DOCA_ARGP_TYPE_INT
@ DOCA_ARGP_TYPE_INT
Definition: doca_argp.h:57
doca_dev_rep_close
DOCA_STABLE doca_error_t doca_dev_rep_close(struct doca_dev_rep *dev)
Destroy allocated representor device instance.
doca_dev_close
DOCA_STABLE doca_error_t doca_dev_close(struct doca_dev *dev)
Destroy allocated local device instance.
DOCA_DEVINFO_REP_FILTER_NET
@ DOCA_DEVINFO_REP_FILTER_NET
Definition: doca_dev.h:67
doca_error_t
enum doca_error doca_error_t
DOCA API return codes.
doca_error_get_descr
DOCA_STABLE const char * doca_error_get_descr(doca_error_t error)
Returns the description string of an error code.
DOCA_ERROR_INVALID_VALUE
@ DOCA_ERROR_INVALID_VALUE
Definition: doca_error.h:44
DOCA_ERROR_INITIALIZATION
@ DOCA_ERROR_INITIALIZATION
Definition: doca_error.h:46
DOCA_ERROR_OPERATING_SYSTEM
@ DOCA_ERROR_OPERATING_SYSTEM
Definition: doca_error.h:58
DOCA_ERROR_NOT_FOUND
@ DOCA_ERROR_NOT_FOUND
Definition: doca_error.h:54
DOCA_SUCCESS
@ DOCA_SUCCESS
Definition: doca_error.h:38
DOCA_LOG_ERR
#define DOCA_LOG_ERR(format,...)
Generates an ERROR application log message.
Definition: doca_log.h:466
DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_TIMESTAMP
#define DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_TIMESTAMP
DOCA telemetry timestamp type.
Definition: doca_telemetry_exporter.h:125
doca_telemetry_exporter_schema_init
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_schema_init(const char *schema_name, struct doca_telemetry_exporter_schema **doca_schema)
Initialize DOCA schema to prepare it for setting attributes and adding types. DOCA schema is used to ...
doca_telemetry_exporter_type_destroy
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_type_destroy(struct doca_telemetry_exporter_type *type)
Destroy doca telemetry type previously created by doca_telemetry_exporter_type_create()
doca_telemetry_exporter_field_set_type_name
DOCA_EXPERIMENTAL void doca_telemetry_exporter_field_set_type_name(struct doca_telemetry_exporter_field *field_info, const char *type)
Set doca telemetry field type.
doca_telemetry_exporter_source_destroy
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_source_destroy(struct doca_telemetry_exporter_source *doca_source)
Destructor for DOCA source.
doca_telemetry_exporter_field_set_description
DOCA_EXPERIMENTAL void doca_telemetry_exporter_field_set_description(struct doca_telemetry_exporter_field *field_info, const char *desc)
Set doca telemetry field description.
doca_telemetry_exporter_field_destroy
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_field_destroy(struct doca_telemetry_exporter_field *field)
Destroy field previously created by doca_telemetry_exporter_field_create()
DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_INT32
#define DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_INT32
DOCA telemetry int32 type.
Definition: doca_telemetry_exporter.h:113
doca_telemetry_exporter_source_set_id
DOCA_EXPERIMENTAL void doca_telemetry_exporter_source_set_id(struct doca_telemetry_exporter_source *doca_source, const char *source_id)
Set source id.
doca_telemetry_exporter_type_index_t
uint8_t doca_telemetry_exporter_type_index_t
DOCA schema field type index.
Definition: doca_telemetry_exporter.h:56
doca_telemetry_exporter_field_set_array_len
DOCA_EXPERIMENTAL void doca_telemetry_exporter_field_set_array_len(struct doca_telemetry_exporter_field *field_info, uint16_t len)
Set doca telemetry field length.
doca_telemetry_exporter_schema_add_type
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_schema_add_type(struct doca_telemetry_exporter_schema *doca_schema, const char *new_type_name, struct doca_telemetry_exporter_type *type, doca_telemetry_exporter_type_index_t *type_index)
Add user-defined fields to create new type in DOCA schema. The users loses the ownership of the type ...
doca_telemetry_exporter_source_create
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_source_create(struct doca_telemetry_exporter_schema *doca_schema, struct doca_telemetry_exporter_source **doca_source)
Creates a single DOCA source from schema.
doca_telemetry_exporter_field_set_name
DOCA_EXPERIMENTAL void doca_telemetry_exporter_field_set_name(struct doca_telemetry_exporter_field *field_info, const char *name)
Set doca telemetry field name.
DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_INT64
#define DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_INT64
DOCA telemetry int64 type.
Definition: doca_telemetry_exporter.h:115
DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_CHAR
#define DOCA_TELEMETRY_EXPORTER_FIELD_TYPE_CHAR
DOCA telemetry char type.
Definition: doca_telemetry_exporter.h:85
doca_telemetry_exporter_type_create
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_type_create(struct doca_telemetry_exporter_type **type)
Create new telemetry type.
doca_telemetry_exporter_source_set_tag
DOCA_EXPERIMENTAL void doca_telemetry_exporter_source_set_tag(struct doca_telemetry_exporter_source *doca_source, const char *source_tag)
Set source tag.
doca_telemetry_exporter_field_create
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_field_create(struct doca_telemetry_exporter_field **field)
Create new telemetry field.
doca_telemetry_exporter_schema_destroy
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_schema_destroy(struct doca_telemetry_exporter_schema *doca_schema)
Destructor for DOCA schema.
doca_telemetry_exporter_schema_start
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_schema_start(struct doca_telemetry_exporter_schema *doca_schema)
Finalizes schema setup to start creating Doca Sources from the schema.
doca_telemetry_exporter_type_add_field
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_type_add_field(struct doca_telemetry_exporter_type *type, struct doca_telemetry_exporter_field *field)
Add DOCA telemetry field to type. The users loses the ownership of the field after a successful invoc...
doca_telemetry_exporter_source_start
DOCA_EXPERIMENTAL doca_error_t doca_telemetry_exporter_source_start(struct doca_telemetry_exporter_source *doca_source)
Applies source attribute and starts DOCA source.
type
uint8_t type
Definition: packets.h:0
yara_config
Definition: yara_inspection_core.h:48
yara_config::dma_dev_name
char dma_dev_name[DOCA_DEVINFO_IBDEV_NAME_SIZE+1]
Definition: yara_inspection_core.h:55
yara_config::system_os_symbol_map_path
char system_os_symbol_map_path[MAX_PATH_LEN]
Definition: yara_inspection_core.h:56
yara_config::system_mem_region_path
char system_mem_region_path[MAX_PATH_LEN]
Definition: yara_inspection_core.h:51
yara_config::time_interval
int time_interval
Definition: yara_inspection_core.h:57
yara_config::system_vuid
char system_vuid[DOCA_DEVINFO_VUID_SIZE+1]
Definition: yara_inspection_core.h:52
yara_resources
Definition: yara_inspection_core.h:60
strlcat
size_t strlcat(char *dst, const char *src, size_t size)
Definition: utils.c:144
strlcpy
size_t strlcpy(char *dst, const char *src, size_t size)
Definition: utils.c:123
sdk_version_callback
noreturn doca_error_t sdk_version_callback(void *param, void *doca_config)
Definition: utils.c:41
time_callback
static doca_error_t time_callback(void *param, void *config)
Definition: yara_inspection_core.c:139
os_syms_callback
static doca_error_t os_syms_callback(void *param, void *config)
Definition: yara_inspection_core.c:114
DOCA_LOG_REGISTER
DOCA_LOG_REGISTER(YARA_APP::Core)
yara_system_init
static doca_error_t yara_system_init(struct yara_config *conf, struct yara_resources *resources)
Definition: yara_inspection_core.c:315
memr_callback
static doca_error_t memr_callback(void *param, void *config)
Definition: yara_inspection_core.c:49
dma_callback
static doca_error_t dma_callback(void *param, void *config)
Definition: yara_inspection_core.c:94
register_yara_params
doca_error_t register_yara_params(void)
Definition: yara_inspection_core.c:147
yara_inspection_cleanup
void yara_inspection_cleanup(struct yara_resources *resources)
Definition: yara_inspection_core.c:395
yara_inspection_init
doca_error_t yara_inspection_init(struct yara_config *conf, struct yara_resources *resources)
Definition: yara_inspection_core.c:383
telemetry_register_yara_event
static doca_error_t telemetry_register_yara_event(struct doca_telemetry_exporter_schema *schema, doca_telemetry_exporter_type_index_t *type_index)
Definition: yara_inspection_core.c:427
yara_ctx_init
static doca_error_t yara_ctx_init(struct yara_config *conf, struct yara_resources *resources)
Definition: yara_inspection_core.c:263
vuid_callback
static doca_error_t vuid_callback(void *param, void *config)
Definition: yara_inspection_core.c:74
telemetry_start
doca_error_t telemetry_start(struct doca_telemetry_exporter_schema **telemetry_schema, struct doca_telemetry_exporter_source **telemetry_source, doca_telemetry_exporter_type_index_t *index)
Definition: yara_inspection_core.c:483
MAX_HOSTNAME_LEN
#define MAX_HOSTNAME_LEN
Definition: yara_inspection_core.c:40
telemetry_destroy
void telemetry_destroy(struct doca_telemetry_exporter_schema *telemetry_schema, struct doca_telemetry_exporter_source *telemetry_source)
Definition: yara_inspection_core.c:559
yara_inspection_core.h
MAX_PROCESS_NAME_LEN
#define MAX_PROCESS_NAME_LEN
Definition: yara_inspection_core.h:46