Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

verify.sh: Handle when bpf_verride_return is unavailable #2838

Merged
merged 1 commit into from
Sep 2, 2024
Merged

verify.sh: Handle when bpf_verride_return is unavailable #2838

merged 1 commit into from
Sep 2, 2024

Conversation

russellb
Copy link
Contributor

While taking a look at tetragon, I tried running verify.sh and
observed bpf_enforce and bpf_generic_kprobe* all fail because
bpf_override_return is not available. I also observed that this seems
be handled conditionally in tetragon via the
pkg.bpf.HasOverrideHelper() function.

This change updates verify.sh to check for bpf_override_return before
trying to load these programs. If it's not present, it will be skipped
cleanly since it's not expected to work.

A cleaner solution is to reuse the same check from the Go code.
Rewriting this script in Go is tracked in issue #229.

Signed-off-by: Russell Bryant [email protected]

@russellb
verify.sh: Handle when bpf_verride_return is unavailable
291f55c 
While taking a look at tetragon, I tried running verify.sh and
observed bpf_enforce and bpf_generic_kprobe* all fail because
bpf_override_return is not available. I also observed that this seems
be handled conditionally in tetragon via the
pkg.bpf.HasOverrideHelper() function.

This change updates verify.sh to check for bpf_override_return before
trying to load these programs. If it's not present, it will be skipped
cleanly since it's not expected to work.

A cleaner solution is to reuse the same check from the Go code.
Rewriting this script in Go is tracked in issue cilium#229.

Signed-off-by: Russell Bryant <[email protected]>
@russellb russellb requested a review from a team as a code owner August 23, 2024 20:25
@russellb russellb requested a review from kkourt August 23, 2024 20:25
mtardy
mtardy approved these changes Aug 29, 2024
View reviewed changes
Copy link
Member

@mtardy mtardy left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey thanks for that, looks like a good patch for this script! FYI we have the same check exposed from tetra, the CLI, you can use:

$ sudo ./tetra probe
override_return: true
buildid: true
kprobe_multi: false
uprobe_multi false
fmodret: true
fmodret_syscall: true
signal: true
large: true
link_pin: true
lsm: false
missed_stats_kprobe_multi: false
missed_stats_kprobe: false

but that's perfectly reasonable (better?) to use bpftool here directly

@mtardy mtardy added the release-note/ci This PR makes changes to the CI. label Aug 29, 2024
@kkourt kkourt merged commit 376480d into cilium:main Sep 2, 2024
38 of 39 checks passed
@kkourt
Copy link
Contributor

kkourt commented Sep 2, 2024

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mtardy mtardy mtardy approved these changes

@kkourt kkourt Awaiting requested review from kkourt kkourt is a code owner automatically assigned from cilium/tetragon

Assignees
No one assigned
Labels
release-note/ci This PR makes changes to the CI.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@russellb @kkourt @mtardy