Release v1.4.18
- 04 Apr 2024
- 1 Minute to read
- PDF
Release v1.4.18
- Updated on 04 Apr 2024
- 1 Minute to read
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Fixed
eBPF Telemetry: Support for kernels that had anonymous integers/floats as part of their BTF file. In practice, this has only been seen in [GCOS Milestone 97 using kernel
5.10.161+](https://cloud.google.com/container-optimized-os/docs/release-notes/m97#cos-97-16919-235-1_).
Added
Runtime container tracking: Previously, container information was read from procfs data on a per-process basis, making it less dependable for short-lived processes. We will now track containers as they are created/destroyed so we can more reliably assign container information to processes within containers. Our initial support is only for containers that use `runc` or `crun` under the hood.
Script data: If a process start launched a "shebang" script (file starting with `#!`), the sensor will now emit information about that script and any middle interpreters of that script along with the executable information.
Changed
eBPF Telemetry: Changed the logic to record the *start* time of fork, clone, clone3, and unshare syscalls instead of their end time. This was done to better accommodate scenarios in which a clone terminated after the children's process started due to a VFORK flag. We expect this change to be essentially invisible to users.
Was this article helpful?
