minor updates

Signed-off-by: Aryan-sharma11 <[email protected]>
kubearmor · Jan 16, 2025 · cb148bc · cb148bc
1 parent f2bbe3d
commit cb148bc
Show file tree

Hide file tree

Showing 6 changed files with 7 additions and 5 deletions.
diff --git a/KubeArmor/BPF/filelessexec.bpf.c b/KubeArmor/BPF/filelessexec.bpf.c
@@ -96,10 +96,10 @@ int BPF_PROG(enforce_bprm_check_security, struct linux_binprm *bprm){
 
     // mapping not backed by any file with executable permission, denying mapping
     if (*present == BLOCK) {
-      event_data->retval = -13;
+      event_data->retval = -EPERM;
       bpf_ringbuf_submit(event_data, 0);
-      // bpf_printk("[bprm] fileless execution detected with pid %d, denying execution", event_data->pid);
-      return -13;
+
+      return -EPERM;
     } else {
       event_data->retval = 0;
       bpf_ringbuf_submit(event_data, 0);

diff --git a/KubeArmor/BPF/system_monitor.c b/KubeArmor/BPF/system_monitor.c
@@ -1166,7 +1166,7 @@ static __always_inline bool should_drop_alerts_per_container(sys_context_t *cont
           {
             __builtin_memset(&args_buf->argsArray, 0, sizeof(args_buf->argsArray));
             bpf_probe_read_str(&args_buf->argsArray, sizeof(args_buf->argsArray), argp);
-            // bpf_printk("argp = %s argsBuf = %s" , argp , args_buf->argsArray);
+
             bpf_map_update_elem(&args_store, &key, args_buf, BPF_ANY);
           }
         else {

diff --git a/KubeArmor/core/dockerHandler.go b/KubeArmor/core/dockerHandler.go
@@ -285,7 +285,6 @@ func (dm *KubeArmorDaemon) GetAlreadyDeployedDockerContainers() {
 				dm.ContainersLock.Lock()
 				if _, ok := dm.Containers[container.ContainerID]; !ok {
 					dm.Containers[container.ContainerID] = container
-					fmt.Println("container id ", container.ContainerID)
 					dm.ContainersLock.Unlock()
 
 					// create/update endpoint in non-k8s mode

diff --git a/deployments/CRD/KubeArmorClusterPolicy.yaml b/deployments/CRD/KubeArmorClusterPolicy.yaml
@@ -373,6 +373,7 @@ spec:
                           items: 
                             type: string
                           type: array
+                          maxItems: 16
                         severity:
                           maximum: 10
                           minimum: 1

diff --git a/deployments/CRD/KubeArmorHostPolicy.yaml b/deployments/CRD/KubeArmorHostPolicy.yaml
@@ -382,6 +382,7 @@ spec:
                           items: 
                             type: string
                           type: array
+                          maxItems: 16
                         severity:
                           maximum: 10
                           minimum: 1

diff --git a/deployments/CRD/KubeArmorPolicy.yaml b/deployments/CRD/KubeArmorPolicy.yaml
@@ -376,6 +376,7 @@ spec:
                           items: 
                             type: string
                           type: array
+                          maxItems: 16
                         severity:
                           maximum: 10
                           minimum: 1