Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libbpfgo: set libbpfgo callbacks #2761

Merged
merged 2 commits into from
Feb 28, 2023
Merged

libbpfgo: set libbpfgo callbacks #2761

merged 2 commits into from
Feb 28, 2023

Conversation

geyslan
Copy link
Member

@geyslan geyslan commented Feb 22, 2023
edited
Loading

1. Explain what the PR does

commit 0a83bf0

libbpfgo: set libbpfgo callbacks

This brings to Tracee the libbpfgo filtering logic that was removed from
libbpfgo.

 - https://github.com/aquasecurity/libbpfgo/pull/294

This also changes libbpfgoKprobePerfEventRegexp to match:
'trace_utimes_common' progs.

commit 29b5090

bump libbpfgo to v0.4.6

2. Explain how to test it

Compile and run, the libbpf output should remain as silent as ever.

3. Other comments

Fixes: #2756 #2754

Context:

Related:

@geyslan geyslan self-assigned this Feb 22, 2023
@geyslan geyslan marked this pull request as draft February 22, 2023 16:47
@geyslan
Copy link
Member Author

geyslan commented Feb 22, 2023

Doing this code move, I realised that libbpfgo doesn't need to take care of keyValues ...interface{}, since the remaining internal logic only have level and msg. I'm going to tackle the libbpfgo side first and come back to this when the latter is done.

@geyslan
Copy link
Member Author

geyslan commented Feb 22, 2023

After aquasecurity/libbpfgo#294 merge, will need other commit bumping libbpfgo version.

Checks failed due to that (change of function callback signature).
https://github.com/aquasecurity/tracee/pull/2761/checks

@geyslan geyslan requested review from rafaeldtinoco and removed request for NDStrahilevitz February 22, 2023 18:47
@geyslan geyslan force-pushed the 2756-libbpfgo-log-filter-in branch 2 times, most recently from 1a73a22 to 6184c5e Compare February 27, 2023 21:26
@geyslan geyslan marked this pull request as ready for review February 27, 2023 21:27
@geyslan
Copy link
Member Author

geyslan commented Feb 27, 2023

Alright, I've relocated code to the new file callbacks.go in cmd/initialize, and call it from cmd/*/main.go init and integration tests. Also bumped the libbpfgo to latest release.

@rafaeldtinoco
Copy link
Contributor

Make sure to rebase so #2776 is included and new testers are used.

@geyslan
bump libbpfgo to v0.4.6
29b5090
@geyslan
libbpfgo: set libbpfgo callbacks
0a83bf0 
This brings to Tracee the libbpfgo filtering logic that was removed from
libbpfgo.

 - aquasecurity/libbpfgo#294

This also changes libbpfgoKprobePerfEventRegexp to match:
'trace_utimes_common' progs.
@geyslan
Copy link
Member Author

geyslan commented Feb 28, 2023

Make sure to rebase so #2776 is included and new testers are used.

All green in the new tests platform. Awesome.

rafaeldtinoco
rafaeldtinoco approved these changes Feb 28, 2023
View reviewed changes
Copy link
Contributor

@rafaeldtinoco rafaeldtinoco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@rafaeldtinoco rafaeldtinoco merged commit 05fd6c8 into aquasecurity:main Feb 28, 2023
@rafaeldtinoco rafaeldtinoco mentioned this pull request Mar 1, 2023
Closed
@geyslan geyslan mentioned this pull request Mar 1, 2023
Closed
@geyslan geyslan deleted the 2756-libbpfgo-log-filter-in branch May 29, 2023 22:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rafaeldtinoco rafaeldtinoco rafaeldtinoco approved these changes

Assignees

@geyslan geyslan

Labels
kind/chore
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move libbpfgo log filter logic to tracee
2 participants
@geyslan @rafaeldtinoco