From 2278df1493e064c197913e49b5d1935942d83448 Mon Sep 17 00:00:00 2001
From: daniel <daniel@planethacker.net>
Date: Tue, 6 May 2025 16:57:32 -0700
Subject: initial import

---
 include/proc_connector.h | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 include/proc_connector.h

(limited to 'include/proc_connector.h')

diff --git a/include/proc_connector.h b/include/proc_connector.h
new file mode 100644
index 0000000..10a20ff
--- /dev/null
+++ b/include/proc_connector.h
@@ -0,0 +1,24 @@
+#pragma once
+
+#include <linux/connector.h>
+#include <linux/cn_proc.h>
+
+#include "agent_context.h"
+#include "proc_ledger.h"
+#include "json.h"
+#include "net.h"
+
+sock_t setup_proc_connector(void);
+void select_proc_connector(sock_t, agent_context_t *);
+
+json_t handle_PROC_EVENT_SID(struct proc_event *, agent_context_t *);
+json_t handle_PROC_EVENT_COMM(struct proc_event *, agent_context_t *, const char *);
+json_t handle_PROC_EVENT_COREDUMP(struct proc_event *, agent_context_t *);
+json_t handle_PROC_EVENT_FORK(struct proc_event *, agent_context_t *);
+json_t handle_PROC_EVENT_EXEC(struct proc_event *, agent_context_t *);
+json_t handle_PROC_EVENT_EXEC_environment(struct proc_event *, agent_context_t *);
+json_t handle_PROC_EVENT_EXIT(struct proc_event *, agent_context_t *);
+json_t handle_PROC_EVENT_UID(struct proc_event *, agent_context_t *, int, int);
+json_t handle_PROC_EVENT_GID(struct proc_event *, agent_context_t *, int, int);
+json_t handle_PROC_EVENT_PTRACE(struct proc_event *, agent_context_t *);
+json_t handle_PROC_EVENT_UNKNOWN(struct proc_event *, agent_context_t *);
-- 
cgit v1.2.3