From 496f82b77e012d91a41be3432c99737f274e3825 Mon Sep 17 00:00:00 2001 From: Jiri Olsa Date: Sat, 23 Dec 2023 23:21:36 +0000 Subject: [PATCH] tetragon: Add support to generate uprobe policy from binary Signed-off-by: Jiri Olsa --- cmd/tetra/tracingpolicy/generate/generate.go | 51 +++++++++++++++++++- pkg/tracingpolicy/generate/generate.go | 9 +++- 2 files changed, 58 insertions(+), 2 deletions(-) diff --git a/cmd/tetra/tracingpolicy/generate/generate.go b/cmd/tetra/tracingpolicy/generate/generate.go index 01c49ea0bbd..cef1053f3ed 100644 --- a/cmd/tetra/tracingpolicy/generate/generate.go +++ b/cmd/tetra/tracingpolicy/generate/generate.go @@ -4,6 +4,8 @@ package generate import ( + "debug/elf" + "errors" "log" "os" @@ -124,6 +126,53 @@ func New() *cobra.Command { ftraceFlags := ftraceList.Flags() ftraceFlags.StringVarP(&ftraceRegex, "regex", "r", "", "Use regex to limit the generated symbols") + var uprobesBinary string + uprobes := &cobra.Command{ + Use: "uprobes", + Short: "all binary symbols", + Run: func(cmd *cobra.Command, _ []string) { + file, err := elf.Open(uprobesBinary) + if err != nil { + log.Fatalf("failed to open '%s': %s", uprobesBinary, err) + } + + syms, err := file.Symbols() + if err != nil && !errors.Is(err, elf.ErrNoSymbols) { + log.Fatalf("failed to get symtab for open '%s': %s", uprobesBinary, err) + } + + dynsyms, err := file.DynamicSymbols() + if err != nil && !errors.Is(err, elf.ErrNoSymbols) { + log.Fatalf("failed to get dynsym for open '%s': %s", uprobesBinary, err) + } + + syms = append(syms, dynsyms...) + + tp := generate.NewTracingPolicy("uprobes") + uprobe := generate.AddUprobe(tp) + + for _, sym := range syms { + if elf.ST_TYPE(sym.Info) != elf.STT_FUNC { + continue + } + if sym.Value == 0 { + continue + } + uprobe.Symbols = append(uprobe.Symbols, sym.Name) + } + + uprobe.Path = uprobesBinary + b, err := yaml.Marshal(tp) + if err != nil { + log.Fatal(err) + } + os.Stdout.Write(b) + }, + } + + uprobesFlags := uprobes.Flags() + uprobesFlags.StringVarP(&uprobesBinary, "binary", "b", "", "Binary path") + cmd := &cobra.Command{ Use: "generate", Short: "generate tracing policies", @@ -131,6 +180,6 @@ func New() *cobra.Command { pflags := cmd.PersistentFlags() pflags.StringVarP(&matchBinary, "match-binary", "m", "", "Add binary to matchBinaries selector") - cmd.AddCommand(empty, allSyscalls, allSyscallsList, ftraceList) + cmd.AddCommand(empty, allSyscalls, allSyscallsList, ftraceList, uprobes) return cmd } diff --git a/pkg/tracingpolicy/generate/generate.go b/pkg/tracingpolicy/generate/generate.go index 96d84f4be41..1347fb43b2f 100644 --- a/pkg/tracingpolicy/generate/generate.go +++ b/pkg/tracingpolicy/generate/generate.go @@ -12,7 +12,8 @@ import ( func NewTracingPolicy(name string) *v1alpha1.TracingPolicy { ret := v1alpha1.TracingPolicy{ TypeMeta: metav1.TypeMeta{ - Kind: "TracingPolicy", + Kind: "TracingPolicy", + APIVersion: "cilium.io/v1alpha1", }, ObjectMeta: metav1.ObjectMeta{ Name: name, @@ -31,3 +32,9 @@ func AddKprobe(tp *v1alpha1.TracingPolicy) *v1alpha1.KProbeSpec { tp.Spec.KProbes = append(tp.Spec.KProbes, v1alpha1.KProbeSpec{}) return &tp.Spec.KProbes[idx] } + +func AddUprobe(tp *v1alpha1.TracingPolicy) *v1alpha1.UProbeSpec { + idx := len(tp.Spec.UProbes) + tp.Spec.UProbes = append(tp.Spec.UProbes, v1alpha1.UProbeSpec{}) + return &tp.Spec.UProbes[idx] +}