pub enum Update {
Inserted,
Refreshed,
OutOfOrder,
CapacityExceeded,
OriginConflict,
NamespaceConflict,
}Expand description
Result of Tracker::record.
Variants§
Inserted
The frame’s pid was new and a fresh slot was allocated for it.
Refreshed
An existing slot was updated with the new nonce / timestamp / status.
OutOfOrder
The frame’s nonce was not strictly greater than the slot’s last observed nonce; the slot was left untouched.
CapacityExceeded
The tracker is full and the frame’s pid is not yet known. The slot table was not modified.
OriginConflict
A beat arrived for a pid that is already tracked, but the beat’s transport origin disagrees with the origin pinned by the slot’s first beat. First-origin-wins: the slot is not mutated and the beat is dropped. Prevents an attacker on an untrusted transport from “tainting” a slot that legitimately belongs to a kernel-attested agent (or vice-versa).
NamespaceConflict
A beat arrived for a pid that is already tracked, but the beat’s
kernel-attested PID-namespace inode disagrees with the inode pinned
by the slot’s first beat (Linux only — see
[crate::peer_cred::read_pid_namespace_inode]). First-namespace-wins:
the slot is not mutated and the beat is dropped. Catches the
PID-collision case where two containers happen to share a numeric pid
value (e.g. PID 1 in container A vs PID 1 in container B); the
existing frame.pid == peer_pid gate at the observer fires first for
most cross-namespace traffic, but a same-pid-different-namespace
collision is invisible to that gate.