Capabilities plugin breaks linux support for kernels without kernel_cap_struct
#985
Comments
|
The reporter on slack was treu if we need to follow up... 5:) |
|
Redhat kernel 6.3 that's interesting. That was exactly what I was looking for. Sure, leave it with me. |
|
The problem is that in 6.3 kernel_cap_struct became an anonymous struct
with a kernel_cap_t typedef.
…On Thu, 20 July 2023, 11:13 am ikelos, ***@***.***> wrote:
The reporter on slack was treu if we need to follow up... 5:)
—
Reply to this email directly, view it on GitHub
<#985 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACNRMVGXV54ONWWQJJV3VULXRDZFPANCNFSM6AAAAAA2RDSXX4>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
Ok, I've installed Fedora 38 with 6.3.12-200.fc38.x86_64 and built the ISF. As of kernel 6.3, there is no more typedef struct kernel_cap_struct {
__u32 cap[_KERNEL_CAPABILITY_U32S];
} kernel_cap_t;After kernels 6.3: typedef struct { u64 val; } kernel_cap_t;Even if this type were added using AttributeError: StructType has no attribute: symbol_table_name1!unnamed_350bf69f5aefed8e.get_capabilities... which makes sense. I wonder why this is not already an issue with other types using the same style of declaration. I may be wrong but I don't think we are taking the typedef information from DWARF. In order to be able to work with typedef'ed anonymous types I think we should associate (or maybe just rename) the unnamed type internal name to the typedef name. self.optional_set_type_class("kernel_cap_struct", extensions.kernel_cap_struct) # For kernels < 6.3
self.optional_set_type_class("kernel_cap_t", extensions.kernel_cap_struct) # For kernels >= 6.3 |
…arf2json mentioned in this ticket.
|
@ikelos As soon as |
…arf2json mentioned in this ticket.
|
Hmmm, thanks for getting to the bottom of it and getting a solution for dwarf2json! We may also need to find a way to let plugins request a specific version of an ISF file, which might be trickier, but I'll start having a think about it (technically, they should all be versioned)... 5:S |
|
No worries. They already had a solution for it. But it's basically what I explained above. |
|
I created a PR in dwarf2json to address this issue. @gcmoreira Can you take a look and confirm if this commit solves the issue? |
|
@mkonshie the fix in |
|
Thanks for confirming. The PR has been merged. |
|
Awesome, thanks @mkonshie . |
|
Hiya, I've let treu know on slack. There's still a bit of work about detecting when things may be broken from a previous version of dwarf2json, but that's not a high priority at the moment. |
We've had a report from a user that their linux plugins were failing with the following vebose output:
This seems to be because the
kernel_cap_structisn't present in the symbol table. At the moment we're not sure whether the symbol table was made correctly, or if the symbol really isn't there. However, it might be prudent to allow for kernels that are too old or don't have the symbol, to continue loading by marking that symbol structures as optional. The line in question is here and could be changed tooptional_set_type_classbut would then require checking in the plugin that the structure exists and graceful error message if it doesn't.@gcmoreira, any chance you could look into this please?
The text was updated successfully, but these errors were encountered: