Revert "build: use upstream clang instead of forked version for BPF programs"

.dockerignore

@@ -1,11 +1,6 @@
 # Ignore VCS
 .git/
 
-# Ignore dockerignore and Dockerfiles
-.dockerignore
-Dockerfile
-Dockerfile.*
-
 # Ignore compiled binaries and libraries
 go-tests/
 lib/

.github/workflows/gotests.yml

@@ -24,10 +24,10 @@ jobs:
 
     - name: Install dependencies
       run: |
-        sudo apt-get install libelf-dev netcat-traditional libcap-dev gcc
+        sudo apt install libelf-dev netcat-traditional libcap-dev gcc
 
         cd go/src/github.com/cilium/tetragon/
-        sudo -E make tools-install LIBBPF_INSTALL_DIR=/usr/local/lib
+        sudo -E make tools-install LIBBPF_INSTALL_DIR=/usr/local/lib CLANG_INSTALL_DIR=/usr/bin
         sudo -E ldconfig /usr/local/
 
         sudo sed -i '/secure_path/d' /etc/sudoers

Dockerfile

@@ -1,4 +1,4 @@
-FROM quay.io/cilium/clang:7ea8dd5b610a8864ce7b56e10ffeb61030a0c50e@sha256:02ad7cc1d08d85c027557099b88856945be5124b5c31aeabce326e7983e3913b as bpf-builder
+FROM quay.io/isovalent/hubble-llvm:2022-01-03-a6dfdaf as bpf-builder
 WORKDIR /go/src/github.com/cilium/tetragon
 RUN apt-get update
 RUN apt-get install -y linux-libc-dev

Dockerfile.dev

@@ -1,9 +1,10 @@
-FROM quay.io/cilium/clang:7ea8dd5b610a8864ce7b56e10ffeb61030a0c50e@sha256:02ad7cc1d08d85c027557099b88856945be5124b5c31aeabce326e7983e3913b as bpf-builder
+FROM quay.io/isovalent/hubble-llvm:2022-01-03-a6dfdaf as bpf-builder
 WORKDIR /go/src/github.com/cilium/tetragon
-RUN apt-get update
-RUN apt-get install -y linux-libc-dev
+RUN apt-get update  -y && \
+    apt-get upgrade -y && \
+    apt-get install -y linux-libc-dev
 COPY . ./
-RUN make tetragon-bpf LOCAL_CLANG=1
+RUN make tetragon-bpf
 
 FROM quay.io/isovalent/hubble-libbpf:v0.2.3 as hubble-libbpf
 WORKDIR /go/src/github.com/cilium/tetragon

Dockerfile.test

@@ -1,9 +1,4 @@
-FROM quay.io/cilium/clang:7ea8dd5b610a8864ce7b56e10ffeb61030a0c50e@sha256:02ad7cc1d08d85c027557099b88856945be5124b5c31aeabce326e7983e3913b as bpf-builder
-WORKDIR /go/src/github.com/cilium/tetragon
-RUN apt-get update
-RUN apt-get install -y linux-libc-dev
-COPY . ./
-RUN make tetragon-bpf LOCAL_CLANG=1
+FROM quay.io/isovalent/hubble-llvm:2022-01-03-a6dfdaf as bpf-builder
 
 WORKDIR /go/src/github.com/cilium/tetragon
 RUN apt-get update

Makefile

@@ -8,11 +8,12 @@ LOCAL_CLANG_FORMAT ?= 0
 FORMAT_FIND_FLAGS ?= -name '*.c' -o -name '*.h' -not -path 'bpf/include/vmlinux.h' -not -path 'bpf/include/api.h' -not -path 'bpf/libbpf/*'
 NOOPT ?= 0
 LIBBPF_IMAGE = quay.io/isovalent/hubble-libbpf:v0.2.3
-CLANG_IMAGE  = quay.io/cilium/clang:7ea8dd5b610a8864ce7b56e10ffeb61030a0c50e@sha256:02ad7cc1d08d85c027557099b88856945be5124b5c31aeabce326e7983e3913b
+CLANG_IMAGE  = quay.io/isovalent/hubble-llvm:2020-12-29-45f6aa2
 METADATA_IMAGE = quay.io/isovalent/tetragon-metadata
 TESTER_PROGS_DIR = "contrib/tester-progs"
 
 LIBBPF_INSTALL_DIR ?= ./lib
+CLANG_INSTALL_DIR  ?= ./bin
 VERSION=$(shell git describe --tags --always)
 GO_GCFLAGS ?= ""
 GO_LDFLAGS="-X 'github.com/cilium/tetragon/pkg/version.Version=$(VERSION)'"
@@ -47,9 +48,9 @@ verify: tetragon-bpf
 	sudo contrib/verify/verify.sh bpf/objs
 
 tetragon-bpf-container:
-	$(CONTAINER_ENGINE) rm tetragon-clang || true
-	$(CONTAINER_ENGINE) run -v $(CURDIR):/tetragon -u $$(id -u) --name tetragon-clang $(CLANG_IMAGE) $(MAKE) -C /tetragon/bpf
-	$(CONTAINER_ENGINE) rm tetragon-clang
+	$(CONTAINER_ENGINE) rm hubble-llvm || true
+	$(CONTAINER_ENGINE) run -v $(CURDIR):/tetragon -u $$(id -u)  --name hubble-llvm $(CLANG_IMAGE) $(MAKE) -C /tetragon/bpf
+	$(CONTAINER_ENGINE) rm hubble-llvm
 
 tetragon:
 	$(GO) build -gcflags=$(GO_GCFLAGS) -ldflags=$(GO_LDFLAGS) -mod=vendor ./cmd/tetragon/
@@ -115,7 +116,7 @@ update-copyright:
 lint:
 	golint -set_exit_status $$(go list ./...)
 
-image: image-clang
+image:
 	$(CONTAINER_ENGINE) build -t "cilium/tetragon:${DOCKER_IMAGE_TAG}" .
 	$(QUIET)echo "Push like this when ready:"
 	$(QUIET)echo "${CONTAINER_ENGINE} push cilium/tetragon:$(DOCKER_IMAGE_TAG)"
@@ -125,7 +126,7 @@ image-operator:
 	$(QUIET)echo "Push like this when ready:"
 	$(QUIET)echo "${CONTAINER_ENGINE} push cilium/tetragon-operator:$(DOCKER_IMAGE_TAG)"
 
-image-test: image-clang
+image-test:
 	$(CONTAINER_ENGINE) build -f Dockerfile.test -t "cilium/tetragon-test:${DOCKER_IMAGE_TAG}" .
 	$(QUIET)echo "Push like this when ready:"
 	$(QUIET)echo "${CONTAINER_ENGINE} push cilium/tetragon-test:$(DOCKER_IMAGE_TAG)"
@@ -135,16 +136,11 @@ image-codegen:
 	$(QUIET)echo "Push like this when ready:"
 	$(QUIET)echo "${CONTAINER_ENGINE} push cilium/tetragon-codegen:$(DOCKER_IMAGE_TAG)"
 
-.PHONY: image-clang
-image-clang:
-	$(CONTAINER_ENGINE) build -f Dockerfile.clang -t "cilium/clang:${DOCKER_IMAGE_TAG}" .
-	$(QUIET)echo "Push like this when ready:"
-	$(QUIET)echo "${CONTAINER_ENGINE} push cilium/clang:$(DOCKER_IMAGE_TAG)"
-
-.PHONY: tools-install tools-clean libbpf-install
-tools-install: libbpf-install
+.PHONY: tools-install tools-clean libbpf-install clang-install
+tools-install: libbpf-install clang-install
 tools-clean:
 	rm -rf $(LIBBPF_INSTALL_DIR)
+	rm -rf $(CLANG_INSTALL_DIR)
 libbpf-install:
 	$(eval id=$(shell $(CONTAINER_ENGINE) create $(LIBBPF_IMAGE)))
 	mkdir -p $(LIBBPF_INSTALL_DIR)
@@ -153,6 +149,13 @@ libbpf-install:
 	$(CONTAINER_ENGINE) cp ${id}:/go/src/github.com/covalentio/hubble-fgs/src/libbpf.so.0.2.0 $(LIBBPF_INSTALL_DIR)
 	$(CONTAINER_ENGINE) stop ${id}
 
+clang-install:
+	$(eval id=$(shell $(CONTAINER_ENGINE) create $(CLANG_IMAGE)))
+	mkdir -p $(CLANG_INSTALL_DIR)
+	$(CONTAINER_ENGINE) cp ${id}:/usr/local/bin/clang-11 $(CLANG_INSTALL_DIR)/clang
+	$(CONTAINER_ENGINE) cp ${id}:/usr/local/bin/llc $(CLANG_INSTALL_DIR)/llc
+	$(CONTAINER_ENGINE) stop ${id}
+
 generate:
 	./tools/controller-gen crd paths=./pkg/k8s/apis/... output:dir=pkg/k8s/apis/cilium.io/client/crds/v1alpha1
 	export GOPATH=$$(go env GOPATH); \

bpf/process/generic_calls.h

@@ -7,7 +7,7 @@ generic_process_event0(struct pt_regs *ctx, struct bpf_map_def *heap_map,
 {
 	struct execve_map_value *enter;
 	struct msg_generic_kprobe *e;
-	unsigned long a0;
+	unsigned long a0, a1, a2, a3, a4;
 	struct event_config *config;
 	bool walker = 0;
 	__u32 ppid;
@@ -31,6 +31,10 @@ generic_process_event0(struct pt_regs *ctx, struct bpf_map_def *heap_map,
 		return 0;
 
 	a0 = e->a0;
+	a1 = e->a1;
+	a2 = e->a2;
+	a3 = e->a3;
+	a4 = e->a4;
 
 	e->common.flags = 0;
 	e->common.pad[0] = 0;
@@ -142,7 +146,7 @@ generic_process_event1(void *ctx, struct bpf_map_def *heap_map,
 		       struct bpf_map_def *map, struct bpf_map_def *tailcals,
 		       struct bpf_map_def *config_map)
 {
-	unsigned long a1;
+	unsigned long a0, a1, a2, a3, a4;
 	struct execve_map_value *enter;
 	struct msg_generic_kprobe *e;
 	struct event_config *config;
@@ -166,7 +170,11 @@ generic_process_event1(void *ctx, struct bpf_map_def *heap_map,
 
 	total = e->common.size;
 
+	a0 = e->a0;
 	a1 = e->a1;
+	a2 = e->a2;
+	a3 = e->a3;
+	a4 = e->a4;
 
 	ty = config->arg1;
 	if (total < MAX_TOTAL) {
@@ -192,7 +200,7 @@ generic_process_event2(void *ctx, struct bpf_map_def *heap_map,
 		       struct bpf_map_def *map, struct bpf_map_def *tailcals,
 		       struct bpf_map_def *config_map)
 {
-	unsigned long a2;
+	unsigned long a0, a1, a2, a3, a4;
 	struct execve_map_value *enter;
 	struct msg_generic_kprobe *e;
 	struct event_config *config;
@@ -216,7 +224,11 @@ generic_process_event2(void *ctx, struct bpf_map_def *heap_map,
 
 	total = e->common.size;
 
+	a0 = e->a0;
+	a1 = e->a1;
 	a2 = e->a2;
+	a3 = e->a3;
+	a4 = e->a4;
 
 	ty = config->arg2;
 	if (total < MAX_TOTAL) {
@@ -242,7 +254,7 @@ generic_process_event3(void *ctx, struct bpf_map_def *heap_map,
 		       struct bpf_map_def *map, struct bpf_map_def *tailcals,
 		       struct bpf_map_def *config_map)
 {
-	unsigned long a3;
+	unsigned long a0, a1, a2, a3, a4;
 	struct execve_map_value *enter;
 	struct msg_generic_kprobe *e;
 	struct event_config *config;
@@ -266,7 +278,11 @@ generic_process_event3(void *ctx, struct bpf_map_def *heap_map,
 
 	total = e->common.size;
 
+	a0 = e->a0;
+	a1 = e->a1;
+	a2 = e->a2;
 	a3 = e->a3;
+	a4 = e->a4;
 
 	/* Arg filter and copy logic */
 	ty = config->arg3;
@@ -293,7 +309,7 @@ generic_process_event4(void *ctx, struct bpf_map_def *heap_map,
 		       struct bpf_map_def *map, struct bpf_map_def *tailcals,
 		       struct bpf_map_def *config_map)
 {
-	unsigned long a4;
+	unsigned long a0, a1, a2, a3, a4;
 	struct execve_map_value *enter;
 	struct msg_generic_kprobe *e;
 	struct event_config *config;
@@ -317,6 +333,10 @@ generic_process_event4(void *ctx, struct bpf_map_def *heap_map,
 
 	total = e->common.size;
 
+	a0 = e->a0;
+	a1 = e->a1;
+	a2 = e->a2;
+	a3 = e->a3;
 	a4 = e->a4;
 
 	ty = config->arg4;