mirror of
				https://github.com/prometheus/node_exporter.git
				synced 2025-08-20 18:33:52 -07:00 
			
		
		
		
	
		
			
				
	
	
		
			70 lines
		
	
	
		
			2 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			70 lines
		
	
	
		
			2 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // Copyright 2023 The Prometheus Authors
 | |
| // Licensed under the Apache License, Version 2.0 (the "License");
 | |
| // you may not use this file except in compliance with the License.
 | |
| // You may obtain a copy of the License at
 | |
| //
 | |
| // http://www.apache.org/licenses/LICENSE-2.0
 | |
| //
 | |
| // Unless required by applicable law or agreed to in writing, software
 | |
| // distributed under the License is distributed on an "AS IS" BASIS,
 | |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | |
| // See the License for the specific language governing permissions and
 | |
| // limitations under the License.
 | |
| 
 | |
| package collector
 | |
| 
 | |
| import (
 | |
| 	"fmt"
 | |
| 	"log/slog"
 | |
| 
 | |
| 	"github.com/prometheus/client_golang/prometheus"
 | |
| 	"github.com/prometheus/procfs/sysfs"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	cpuVulnerabilitiesCollectorSubsystem = "cpu_vulnerabilities"
 | |
| )
 | |
| 
 | |
| var (
 | |
| 	vulnerabilityDesc = prometheus.NewDesc(
 | |
| 		prometheus.BuildFQName(namespace, cpuVulnerabilitiesCollectorSubsystem, "info"),
 | |
| 		"Details of each CPU vulnerability reported by sysfs. The value of the series is an int encoded state of the vulnerability. The same state is stored as a string in the label",
 | |
| 		[]string{"codename", "state", "mitigation"},
 | |
| 		nil,
 | |
| 	)
 | |
| )
 | |
| 
 | |
| type cpuVulnerabilitiesCollector struct{}
 | |
| 
 | |
| func init() {
 | |
| 	registerCollector(cpuVulnerabilitiesCollectorSubsystem, defaultDisabled, NewVulnerabilitySysfsCollector)
 | |
| }
 | |
| 
 | |
| func NewVulnerabilitySysfsCollector(logger *slog.Logger) (Collector, error) {
 | |
| 	return &cpuVulnerabilitiesCollector{}, nil
 | |
| }
 | |
| 
 | |
| func (v *cpuVulnerabilitiesCollector) Update(ch chan<- prometheus.Metric) error {
 | |
| 	fs, err := sysfs.NewFS(*sysPath)
 | |
| 	if err != nil {
 | |
| 		return fmt.Errorf("failed to open sysfs: %w", err)
 | |
| 	}
 | |
| 
 | |
| 	vulnerabilities, err := fs.CPUVulnerabilities()
 | |
| 	if err != nil {
 | |
| 		return fmt.Errorf("failed to get vulnerabilities: %w", err)
 | |
| 	}
 | |
| 
 | |
| 	for _, vulnerability := range vulnerabilities {
 | |
| 		ch <- prometheus.MustNewConstMetric(
 | |
| 			vulnerabilityDesc,
 | |
| 			prometheus.GaugeValue,
 | |
| 			1.0,
 | |
| 			vulnerability.CodeName,
 | |
| 			sysfs.VulnerabilityHumanEncoding[vulnerability.State],
 | |
| 			vulnerability.Mitigation,
 | |
| 		)
 | |
| 	}
 | |
| 	return nil
 | |
| }
 |