From 77073bcdff50fdca3c0e9d5efe68d95b08e87385 Mon Sep 17 00:00:00 2001 From: Sylvain Baubeau Date: Fri, 3 Jan 2025 13:14:19 +0100 Subject: [PATCH] [CWS] Delete cgroup from cache for non container cgroups (#32612) --- pkg/security/resolvers/cgroup/resolver.go | 12 ------------ pkg/security/resolvers/process/resolver_ebpf.go | 2 +- 2 files changed, 1 insertion(+), 13 deletions(-) diff --git a/pkg/security/resolvers/cgroup/resolver.go b/pkg/security/resolvers/cgroup/resolver.go index 8dbca72a927f2..de710c7e7e647 100644 --- a/pkg/security/resolvers/cgroup/resolver.go +++ b/pkg/security/resolvers/cgroup/resolver.go @@ -47,7 +47,6 @@ type ResolverInterface interface { AddPID(*model.ProcessCacheEntry) GetWorkload(containerutils.ContainerID) (*cgroupModel.CacheEntry, bool) DelPID(uint32) - DelPIDWithID(containerutils.ContainerID, uint32) Len() int RegisterListener(Event, utils.Listener[*cgroupModel.CacheEntry]) error } @@ -176,17 +175,6 @@ func (cr *Resolver) DelPID(pid uint32) { } } -// DelPIDWithID removes a PID from the cgroup cache entry referenced by the provided ID -func (cr *Resolver) DelPIDWithID(id containerutils.ContainerID, pid uint32) { - cr.Lock() - defer cr.Unlock() - - entry, exists := cr.containerWorkloads.Get(id) - if exists { - cr.deleteWorkloadPID(pid, entry) - } -} - // deleteWorkloadPID removes a PID from a workload func (cr *Resolver) deleteWorkloadPID(pid uint32, workload *cgroupModel.CacheEntry) { workload.Lock() diff --git a/pkg/security/resolvers/process/resolver_ebpf.go b/pkg/security/resolvers/process/resolver_ebpf.go index 0e80c8aa2ae93..041b7d5b4739f 100644 --- a/pkg/security/resolvers/process/resolver_ebpf.go +++ b/pkg/security/resolvers/process/resolver_ebpf.go @@ -621,7 +621,7 @@ func (p *EBPFResolver) deleteEntry(pid uint32, exitTime time.Time) { } if p.cgroupResolver != nil { - p.cgroupResolver.DelPIDWithID(entry.ContainerID, entry.Pid) + p.cgroupResolver.DelPID(entry.Pid) } entry.Exit(exitTime)