Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tetragon: fixup generic tracepoint sensor create #568

Merged
merged 1 commit into from
Dec 5, 2022
Merged

tetragon: fixup generic tracepoint sensor create #568

merged 1 commit into from
Dec 5, 2022

Conversation

Y-dc
Copy link

@Y-dc Y-dc commented Nov 30, 2022
edited

tracepoint sensor creation not as expected.
source code
use &conf cause all genericTracepoint.Spec as same as the last element in genericTracepointTable, should use &confs[i] instead.
image
fix #569
Signed-off-by: dechengyuan dechengyuan@tencent.com

tetragon: fixup generic tracepoint sensor create
8c1f65a 
Signed-off-by: dechengyuan <dechengyuan@tencent.com>
@Y-dc Y-dc requested a review from a team as a code owner November 30, 2022 09:29
@Y-dc Y-dc requested a review from jrfastab November 30, 2022 09:29
@Y-dc Y-dc mentioned this pull request Nov 30, 2022
Closed
@olsajiri
Copy link
Contributor

could you please be more specific what's failing, best with crd example and description of expected behavior? would be great to have automated test for that if possible, thanks

@anjmao
Copy link
Contributor

anjmao commented Nov 30, 2022

@Y-dc I see that golanglint-ci is used https://github.com/cilium/tetragon/blob/main/.golangci.yml
But it doesn't use exportloopref check which should catch such bugs.

I suggest to enable all linters which covers bugs section https://golangci-lint.run/usage/linters/

@Y-dc
Copy link
Author

Y-dc commented Nov 30, 2022
edited

could you please be more specific what's failing, best with crd example and description of expected behavior? would be great to have automated test for that if possible, thanks

@olsajiri I added some logs before and after the loops.

// createGenericTracepointSensor will create a sensor that can be loaded based on a generic tracepoint configuration
func createGenericTracepointSensor(name string, confs []GenericTracepointConf) (*sensors.Sensor, error) {
	tracepoints := make([]*genericTracepoint, 0, len(confs))
        // ----------add log
	js,_ := json.Marshal(genericTracepointTable.arr)
	fmt.Println("before creating genericTracepointTable: ",string(js))
	js,_ = json.Marshal(confs)
	fmt.Println("before creating confs: ",string(js))
	// -------------

	for _, conf := range confs {
		tp, err := createGenericTracepoint(name, &conf)
		if err != nil {
			return nil, err
		}

                 // ------------add log
		js,_ = json.Marshal(tp.Spec)
		fmt.Println("creating TracepointSpec:",string(js))
		tracepoints = append(tracepoints, tp)
                 // --------------------

	}
        // ------------add log
	js,_ = json.Marshal(genericTracepointTable.arr)
	fmt.Println("after creating genericTracepointTable: ",string(js))
        // --------------------

	//......
}

add tracingpolicy:

apiVersion: cilium.io/v1alpha1
kind: TracingPolicy
metadata:
  name: http
spec:
  tracepoints:
  - args:
    - index: 5
      returnCopy: false
      type: fd
    - index: 6
      returnCopy: false
      sizeArgIndex: 8
      type: char_buf
    - index: 7
      returnCopy: false
      type: size_t
    event: sys_enter_write
    selectors:
    - matchArgs:
      - index: 6
        operator: Prefix
        values:
        - HTTP
    subsystem: syscalls
  - args:
    - index: 5
      returnCopy: false
      type: fd
    - index: 6
      returnCopy: false
      sizeArgIndex: 8
      type: char_buf
    - index: 7
      returnCopy: false
      type: size_t
    event: sys_enter_read
    selectors:
    - {}
    subsystem: syscalls

then output:

time="2022-11-30T10:25:45Z" level=info msg="tracing policy added" policy="{[] [{syscalls sys_enter_write [{5 fd 0 false} {6 char_buf 8 false} {7 size_t 0 false}] [{[] [{6 Prefix [HTTP]}] [] [] [] [] [] [] []}]} {syscalls sys_enter_read [{5 fd 0 false} {6 char_buf 8 false} {7 size_t 0 false}] [{[] [] [] [] [] [] [] [] []}]}]}"
before creating genericTracepointTable:  null
before creating confs:  [{"subsystem":"syscalls","event":"sys_enter_write","args":[{"index":5,"type":"fd","sizeArgIndex":0,"returnCopy":false},{"index":6,"type":"char_buf","sizeArgIndex":8,"returnCopy":false},{"index":7,"type":"size_t","sizeArgIndex":0,"returnCopy":false}],"selectors":[{"matchPIDs":null,"matchArgs":[{"index":6,"operator":"Prefix","values":["HTTP"]}],"matchActions":null,"matchReturnArgs":null,"matchBinaries":null,"matchNamespaces":null,"matchNamespaceChanges":null,"matchCapabilities":null,"matchCapabilityChanges":null}]},{"subsystem":"syscalls","event":"sys_enter_read","args":[{"index":5,"type":"fd","sizeArgIndex":0,"returnCopy":false},{"index":6,"type":"char_buf","sizeArgIndex":8,"returnCopy":false},{"index":7,"type":"size_t","sizeArgIndex":0,"returnCopy":false}],"selectors":[{"matchPIDs":null,"matchArgs":null,"matchActions":null,"matchReturnArgs":null,"matchBinaries":null,"matchNamespaces":null,"matchNamespaceChanges":null,"matchCapabilities":null,"matchCapabilityChanges":null}]}]
creating TracepointSpec: {"subsystem":"syscalls","event":"sys_enter_write","args":[{"index":5,"type":"fd","sizeArgIndex":0,"returnCopy":false},{"index":6,"type":"char_buf","sizeArgIndex":8,"returnCopy":false},{"index":7,"type":"size_t","sizeArgIndex":0,"returnCopy":false}],"selectors":[{"matchPIDs":null,"matchArgs":[{"index":6,"operator":"Prefix","values":["HTTP"]}],"matchActions":null,"matchReturnArgs":null,"matchBinaries":null,"matchNamespaces":null,"matchNamespaceChanges":null,"matchCapabilities":null,"matchCapabilityChanges":null}]}
creating TracepointSpec: {"subsystem":"syscalls","event":"sys_enter_read","args":[{"index":5,"type":"fd","sizeArgIndex":0,"returnCopy":false},{"index":6,"type":"char_buf","sizeArgIndex":8,"returnCopy":false},{"index":7,"type":"size_t","sizeArgIndex":0,"returnCopy":false}],"selectors":[{"matchPIDs":null,"matchArgs":null,"matchActions":null,"matchReturnArgs":null,"matchBinaries":null,"matchNamespaces":null,"matchNamespaceChanges":null,"matchCapabilities":null,"matchCapabilityChanges":null}]}
after creating genericTracepointTable:  [{"Info":{"Subsys":"syscalls","Event":"sys_enter_write","Format":{"Name":"sys_enter_write","ID":640,"Fields":[{"FieldStr":"unsigned short common_type","Field":null,"Offset":0,"Size":2,"IsSigned":false},{"FieldStr":"unsigned char common_flags","Field":null,"Offset":2,"Size":1,"IsSigned":false},{"FieldStr":"unsigned char common_preempt_count","Field":null,"Offset":3,"Size":1,"IsSigned":false},{"FieldStr":"int common_pid","Field":null,"Offset":4,"Size":4,"IsSigned":true},{"FieldStr":"int __syscall_nr","Field":null,"Offset":8,"Size":4,"IsSigned":true},{"FieldStr":"unsigned int fd","Field":null,"Offset":16,"Size":8,"IsSigned":false},{"FieldStr":"const char * buf","Field":null,"Offset":24,"Size":8,"IsSigned":false},{"FieldStr":"size_t count","Field":null,"Offset":32,"Size":8,"IsSigned":false}]}},"Spec":{"subsystem":"syscalls","event":"sys_enter_read","args":[{"index":5,"type":"fd","sizeArgIndex":0,"returnCopy":false},{"index":6,"type":"char_buf","sizeArgIndex":8,"returnCopy":false},{"index":7,"type":"size_t","sizeArgIndex":0,"returnCopy":false}],"selectors":[{"matchPIDs":null,"matchArgs":null,"matchActions":null,"matchReturnArgs":null,"matchBinaries":null,"matchNamespaces":null,"matchNamespaceChanges":null,"matchCapabilities":null,"matchCapabilityChanges":null}]}},{"Info":{"Subsys":"syscalls","Event":"sys_enter_read","Format":{"Name":"sys_enter_read","ID":642,"Fields":[{"FieldStr":"unsigned short common_type","Field":null,"Offset":0,"Size":2,"IsSigned":false},{"FieldStr":"unsigned char common_flags","Field":null,"Offset":2,"Size":1,"IsSigned":false},{"FieldStr":"unsigned char common_preempt_count","Field":null,"Offset":3,"Size":1,"IsSigned":false},{"FieldStr":"int common_pid","Field":null,"Offset":4,"Size":4,"IsSigned":true},{"FieldStr":"int __syscall_nr","Field":null,"Offset":8,"Size":4,"IsSigned":true},{"FieldStr":"unsigned int fd","Field":null,"Offset":16,"Size":8,"IsSigned":false},{"FieldStr":"char * buf","Field":null,"Offset":24,"Size":8,"IsSigned":false},{"FieldStr":"size_t count","Field":null,"Offset":32,"Size":8,"IsSigned":false}]}},"Spec":{"subsystem":"syscalls","event":"sys_enter_read","args":[{"index":5,"type":"fd","sizeArgIndex":0,"returnCopy":false},{"index":6,"type":"char_buf","sizeArgIndex":8,"returnCopy":false},{"index":7,"type":"size_t","sizeArgIndex":0,"returnCopy":false}],"selectors":[{"matchPIDs":null,"matchArgs":null,"matchActions":null,"matchReturnArgs":null,"matchBinaries":null,"matchNamespaces":null,"matchNamespaceChanges":null,"matchCapabilities":null,"matchCapabilityChanges":null}]}}]
time="2022-11-30T10:25:45Z" level=info msg="BTF file: using metadata file" metadata=/sys/kernel/btf/vmlinux

as you can see, after loops, we got genericTracepointTable.arr:

[{"Info":{"Subsys":"syscalls","Event":"sys_enter_write","Format":{"Name":"sys_enter_write","ID":640,"Fields":[{"FieldStr":"unsigned short common_type","Field":null,"Offset":0,"Size":2,"IsSigned":false},{"FieldStr":"unsigned char common_flags","Field":null,"Offset":2,"Size":1,"IsSigned":false},{"FieldStr":"unsigned char common_preempt_count","Field":null,"Offset":3,"Size":1,"IsSigned":false},{"FieldStr":"int common_pid","Field":null,"Offset":4,"Size":4,"IsSigned":true},{"FieldStr":"int __syscall_nr","Field":null,"Offset":8,"Size":4,"IsSigned":true},{"FieldStr":"unsigned int fd","Field":null,"Offset":16,"Size":8,"IsSigned":false},{"FieldStr":"const char * buf","Field":null,"Offset":24,"Size":8,"IsSigned":false},{"FieldStr":"size_t count","Field":null,"Offset":32,"Size":8,"IsSigned":false}]}},"Spec":{"subsystem":"syscalls","event":"sys_enter_read","args":[{"index":5,"type":"fd","sizeArgIndex":0,"returnCopy":false},{"index":6,"type":"char_buf","sizeArgIndex":8,"returnCopy":false},{"index":7,"type":"size_t","sizeArgIndex":0,"returnCopy":false}],"selectors":[{"matchPIDs":null,"matchArgs":null,"matchActions":null,"matchReturnArgs":null,"matchBinaries":null,"matchNamespaces":null,"matchNamespaceChanges":null,"matchCapabilities":null,"matchCapabilityChanges":null}]}},{"Info":{"Subsys":"syscalls","Event":"sys_enter_read","Format":{"Name":"sys_enter_read","ID":642,"Fields":[{"FieldStr":"unsigned short common_type","Field":null,"Offset":0,"Size":2,"IsSigned":false},{"FieldStr":"unsigned char common_flags","Field":null,"Offset":2,"Size":1,"IsSigned":false},{"FieldStr":"unsigned char common_preempt_count","Field":null,"Offset":3,"Size":1,"IsSigned":false},{"FieldStr":"int common_pid","Field":null,"Offset":4,"Size":4,"IsSigned":true},{"FieldStr":"int __syscall_nr","Field":null,"Offset":8,"Size":4,"IsSigned":true},{"FieldStr":"unsigned int fd","Field":null,"Offset":16,"Size":8,"IsSigned":false},{"FieldStr":"char * buf","Field":null,"Offset":24,"Size":8,"IsSigned":false},{"FieldStr":"size_t count","Field":null,"Offset":32,"Size":8,"IsSigned":false}]}},"Spec":{"subsystem":"syscalls","event":"sys_enter_read","args":[{"index":5,"type":"fd","sizeArgIndex":0,"returnCopy":false},{"index":6,"type":"char_buf","sizeArgIndex":8,"returnCopy":false},{"index":7,"type":"size_t","sizeArgIndex":0,"returnCopy":false}],"selectors":[{"matchPIDs":null,"matchArgs":null,"matchActions":null,"matchReturnArgs":null,"matchBinaries":null,"matchNamespaces":null,"matchNamespaceChanges":null,"matchCapabilities":null,"matchCapabilityChanges":null}]}}]

the Spec of each element of genericTracepointTable.arr becomes sys_enter_read, the last one in tracepoints array.
image

@Y-dc
Copy link
Author

Y-dc commented Nov 30, 2022

@Y-dc I see that golanglint-ci is used https://github.com/cilium/tetragon/blob/main/.golangci.yml But it doesn't use exportloopref check which should catch such bugs.

I suggest to enable all linters which covers bugs section https://golangci-lint.run/usage/linters/

@anjmao i think that is better!

@Y-dc
Copy link
Author

Y-dc commented Nov 30, 2022

Linters exportloopref: https://github.com/kyoh86/exportloopref

kkourt
kkourt approved these changes Dec 1, 2022
View reviewed changes
Copy link
Contributor

@kkourt kkourt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice catch, thanks!

Enabling the linter also makes sense to me!

@Y-dc Y-dc mentioned this pull request Dec 2, 2022
Closed
@kkourt kkourt merged commit 6d27100 into cilium:main Dec 5, 2022
@kkourt kkourt added kind/bug Something isn't working needs-backport/0.8 This PR needs backporting to 0.8 labels Dec 5, 2022
@tixxdz tixxdz mentioned this pull request Jan 25, 2023
Merged
@tixxdz tixxdz added backport-pending/0.8 The backport for this PR is in progress backport-done/0.8 PR backport to 0.8 complete. and removed needs-backport/0.8 This PR needs backporting to 0.8 backport-pending/0.8 The backport for this PR is in progress labels Jan 25, 2023
@mtardy mtardy mentioned this pull request Apr 3, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kkourt kkourt kkourt approved these changes

@jrfastab jrfastab Awaiting requested review from jrfastab jrfastab is a code owner automatically assigned from cilium/tetragon

Assignees
No one assigned
Labels
backport-done/0.8 PR backport to 0.8 complete. kind/bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

bug: tracepoint sensor creation not as expected
5 participants
@Y-dc @olsajiri @anjmao @kkourt @tixxdz