AllBPFProbeWriteUserSections returns the list of program sections that use the bpf_probe_write_user helper.

AllMaps returns the list of maps of the runtime security module.

AllMapSpecEditors returns the list of map editors.

AllPerfMaps returns the list of perf maps of the runtime security module.

AllProbes returns the list of all the probes of the runtime security module.

AllTailRoutes returns the list of all the tail call routes.

ExpandSyscallProbes returns the list of available hook probes for the syscall func name of the provided probe.

ExpandSyscallProbesSelector returns the list of a ProbesSelector required to query all the probes available for a syscall.

GetPerfBufferStatisticsMaps returns the list of maps used to monitor the performances of each perf buffers.

ShouldUseSyscallExitTracepoints returns true if the kernel version is old and we need to use tracepoints to handle syscall exits instead of kretprobes.

DentryResolverERPCKey is the key to the eRPC dentry resolver tail call program.

DentryResolverKernKprobeKey is the key to the kernel dentry resolver tail call program.

DentryResolverKernTracepointKey is the key to the kernel dentry resolver tail call program.

DentryResolverLinkDstCallbackKprobeKey is the key to the callback program to execute after resolving the destination dentry of a link event.

DentryResolverLinkDstCallbackTracepointKey is the key to the callback program to execute after resolving the destination dentry of a link event.

DentryResolverLinkSrcCallbackKprobeKey is the key to the callback program to execute after resolving the source dentry of a link event.

DentryResolverMkdirCallbackKprobeKey is the key to the callback program to execute after resolving the dentry of an mkdir event.

DentryResolverMkdirCallbackTracepointKey is the key to the callback program to execute after resolving the dentry of an mkdir event.

DentryResolverMountCallbackKprobeKey is the key to the callback program to execute after resolving the dentry of an mount event.

DentryResolverMountCallbackTracepointKey is the key to the callback program to execute after resolving the dentry of an mount event.

DentryResolverOpenCallbackKprobeKey is the key to the callback program to execute after resolving the dentry of an open event.

DentryResolverOpenCallbackTracepointKey is the key to the callback program to execute after resolving the dentry of an open event.

DentryResolverParentERPCKey is the key to the eRPC dentry parent resolver tail call program.

DentryResolverRenameCallbackKprobeKey is the key to the callback program to execute after resolving the destination dentry of a rename event.

DentryResolverRenameCallbackTracepointKey is the key to the callback program to execute after resolving the destination dentry of a rename event.

DentryResolverSecurityInodeRmdirCallbackKprobeKey is the key to the callback program to execute after resolving the dentry of an rmdir or unlink event.

DentryResolverSegmentERPCKey is the key to the eRPC dentry segment resolver tail call program.

DentryResolverSELinuxCallbackKprobeKey is the key to the callback program to execute after resolving the destination dentry of a selinux event.

DentryResolverSetAttrCallbackKprobeKey is the key to the callback program to execute after resolving the dentry of an setattr event.

DentryResolverSetXAttrCallbackKprobeKey is the key to the callback program to execute after resolving the dentry of an setxattr event.

DentryResolverUnlinkCallbackKprobeKey is the key to the callback program to execute after resolving the dentry of an unlink event.

Entry indicates that the entry kprobe should be expanded.

EntryAndExit indicates that both the entry kprobe and exit kretprobe should be expanded.

Exit indicates that the exit kretprobe should be expanded.

ExpandTime32 indicates that the _time32 suffix should be added to the provided probe if needed.

SecurityAgentUID is the UID used for all the runtime security module probes.

SelectorsPerEventType is the list of probes that should be activated for each event.

SyscallMonitorSelectors is the list of probes that should be activated for the syscall monitor feature.