571
edits
Changes
Jump to navigation
Jump to search
mLine 133:
Line 133: − + − The go-crit tool was created during GSoC 2022 to enable analysis of CRIU [[images]] with tools written in Go. It allows container management tools such as [https://github.com/checkpoint-restore/checkpointctl checkpointctl] and Podman to provide capabilities similar to CRIT. The goal of this project is to extend go-crit with functionality for forensic analysis of container checkpoints to provide a better user experience. − + Line 146:
Line 145: + + + + + + +
no edit summary
=== Forensic analysis of container checkpoints ===
=== Forensic analysis of container checkpoints ===
'''Summary:''' Extending go-crit with capabilities for forensic analysis
'''Summary:''' Extending go-crit and checkpointctl with capabilities for forensic analysis
'''Merged:''' https://github.com/checkpoint-restore/checkpointctl
'''Merged:''' https://github.com/checkpoint-restore/checkpointctl
The go-crit tool is still in its early stages of development. To effectively utilise this new feature, the checkpointctl tool would be extended to display information about the processes included in a container checkpoint and their runtime state (e.g., memory, open files, sockets, etc).
The Go implementation of the [[crit]] tool was developed during GSoC 2022 to enable native Go–based decoding and encoding of CRIU [[images]]. In GSoC 2023, this tool was integrated with [https://github.com/checkpoint-restore/checkpointctl checkpointctl] to enable forensic analysis capabilities for container checkpoints. Behouba Manassé implemented support for memory forensics by extending the Go version of the crit tool and checkpointctl with support for parsing memory pages, and displaying information about the command-line arguments and environment variables when analysing checkpoints with the <code>inspect</code> command. Prajwal Nadig build upon his previous work during GSoC 2022, by implementing capabilities for analysing the process tree, open files, and sockets within a checkpoint, as well as introducing CI tests.
'''Links:'''
'''Links:'''
* https://kubernetes.io/blog/2022/12/05/forensic-container-checkpointing-alpha/
* https://kubernetes.io/blog/2022/12/05/forensic-container-checkpointing-alpha/
'''Details:'''
* Contributor: [https://github.com/behouba Behouba Manassé] and [https://github.com/snprajwal Prajwal Nadig]
* Final Report: [https://github.com/behouba/gsoc-2023 Behouba Manassé], [https://github.com/snprajwal/gsoc-2023 Prajwal Nadig]
* Skill level: intermediate
* Language: Go
* Expected size: 350 hours
* Mentors: Radostin Stoyanov <rstoyanov@fedoraproject.org>, Adrian Reber <areber@redhat.com>
=== Restrict checks for open/mmaped files ===
=== Restrict checks for open/mmaped files ===