From 1dd8a94de6a041846a9aa29bde08f3400dcd2fa7 Mon Sep 17 00:00:00 2001 From: William Findlay Date: Thu, 12 Oct 2023 10:03:38 -0400 Subject: [PATCH 1/4] tools: remove alignchecker binary Later patches in this series will refactor alignchecker so that we use it as a gotest only rather than building a standalone binary. Remove the binary. Signed-off-by: William Findlay --- tools/alignchecker/main.go | 32 -------------------------------- 1 file changed, 32 deletions(-) delete mode 100644 tools/alignchecker/main.go diff --git a/tools/alignchecker/main.go b/tools/alignchecker/main.go deleted file mode 100644 index 44f36e84127..00000000000 --- a/tools/alignchecker/main.go +++ /dev/null @@ -1,32 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// Copyright Authors of Tetragon - -package main - -import ( - "fmt" - "os" - - checker "github.com/cilium/tetragon/pkg/alignchecker" -) - -func main() { - bpfObjPath := "bpf/objs/bpf_alignchecker.o" - - if len(os.Args) != 2 { - fmt.Fprintf(os.Stderr, "usage: %s \n", os.Args[0]) - fmt.Fprintf(os.Stderr, "using: %s as object file\n", bpfObjPath) - } else { - bpfObjPath = os.Args[1] - } - - if _, err := os.Stat(bpfObjPath); err != nil { - fmt.Fprintf(os.Stderr, "Cannot check alignment against %s: %s\n", bpfObjPath, err) - os.Exit(1) - } - if err := checker.CheckStructAlignments(bpfObjPath); err != nil { - fmt.Fprintf(os.Stderr, "C and Go structs alignment check failed: %s\n", err) - os.Exit(1) - } - fmt.Fprintf(os.Stdout, "OK\n") -} From c6e292f5162d59ef007f5fd43c633ffc7bbca033 Mon Sep 17 00:00:00 2001 From: William Findlay Date: Thu, 12 Oct 2023 10:08:22 -0400 Subject: [PATCH 2/4] alignchecker: reorganize slightly Signed-off-by: William Findlay --- pkg/alignchecker/alignchecker.go | 49 ++++++++++----------------- pkg/alignchecker/alignchecker_test.go | 12 +++---- 2 files changed, 22 insertions(+), 39 deletions(-) diff --git a/pkg/alignchecker/alignchecker.go b/pkg/alignchecker/alignchecker.go index 59d7c6a40f6..5a7092a5fc3 100644 --- a/pkg/alignchecker/alignchecker.go +++ b/pkg/alignchecker/alignchecker.go @@ -1,17 +1,17 @@ // SPDX-License-Identifier: Apache-2.0 // Copyright Authors of Tetragon + package alignchecker import ( - "github.com/cilium/tetragon/pkg/api/confapi" + "github.com/cilium/cilium/pkg/alignchecker" + "github.com/cilium/tetragon/pkg/api/processapi" "github.com/cilium/tetragon/pkg/api/testapi" "github.com/cilium/tetragon/pkg/api/tracingapi" "github.com/cilium/tetragon/pkg/sensors/cgroup/cgrouptrackmap" "github.com/cilium/tetragon/pkg/sensors/config/confmap" "github.com/cilium/tetragon/pkg/sensors/exec/execvemap" - - check "github.com/cilium/cilium/pkg/alignchecker" ) // CheckStructAlignments checks whether size and offsets of the C and Go @@ -24,39 +24,24 @@ import ( // `align:"field_name_in_c_struct". In the case of unnamed union field, such // union fields can be referred with special tags - `align:"$union0"`, // `align:"$union1"`, etc. -func CheckStructAlignments(path string) error { - // Validate alignments of C and Go equivalent structs - toCheck := map[string][]any{ +func CheckStructAlignments(pathToObj string) error { + alignments := map[string][]any{ // from perf_event_output - "msg_exit": {processapi.MsgExitEvent{}}, - "msg_test": {testapi.MsgTestEvent{}}, - "msg_execve_key": {processapi.MsgExecveKey{}}, - "execve_map_value": {execvemap.ExecveValue{}}, - "event_config": {tracingapi.EventConfig{}}, - "tetragon_conf": {confapi.TetragonConf{}}, - "cgroup_tracking_value": {processapi.MsgCgroupData{}}, - "msg_cgroup_event": {processapi.MsgCgroupEvent{}}, - "msg_cred": {tracingapi.MsgGenericCred{}}, - "msg_cred_minimal": {processapi.MsgGenericCredMinimal{}}, - } - - confMap := map[string][]any{ + "msg_exit": {processapi.MsgExitEvent{}}, + "msg_test": {testapi.MsgTestEvent{}}, + "msg_execve_key": {processapi.MsgExecveKey{}}, + "execve_map_value": {execvemap.ExecveValue{}}, + "msg_cgroup_event": {processapi.MsgCgroupEvent{}}, + "msg_cred": {tracingapi.MsgGenericCred{}}, + "msg_cred_minimal": {processapi.MsgGenericCredMinimal{}}, + + // configuration + "event_config": {tracingapi.EventConfig{}}, "tetragon_conf": {confmap.TetragonConfValue{}}, - } - cgrpmap := map[string][]any{ + // cgroup "cgroup_tracking_value": {cgrouptrackmap.CgrpTrackingValue{}}, } - err := check.CheckStructAlignments(path, toCheck, true) - if err != nil { - return err - } - - err = check.CheckStructAlignments(path, confMap, true) - if err != nil { - return err - } - - return check.CheckStructAlignments(path, cgrpmap, true) + return alignchecker.CheckStructAlignments(pathToObj, alignments, true) } diff --git a/pkg/alignchecker/alignchecker_test.go b/pkg/alignchecker/alignchecker_test.go index fedbd9e3496..9977da446cf 100644 --- a/pkg/alignchecker/alignchecker_test.go +++ b/pkg/alignchecker/alignchecker_test.go @@ -9,6 +9,7 @@ import ( "testing" tus "github.com/cilium/tetragon/pkg/testutils/sensors" + "github.com/stretchr/testify/assert" ) var tetragonLib string @@ -22,12 +23,9 @@ func init() { } } -func TestStructAlignments(t *testing.T) { +func Test_Alignments(t *testing.T) { bpfObjPath := filepath.Join(tetragonLib, "bpf_alignchecker.o") - if _, err := os.Stat(bpfObjPath); err != nil { - t.Fatalf("Cannot check alignment against %s: %s\n", bpfObjPath, err) - } - if err := CheckStructAlignments(bpfObjPath); err != nil { - t.Fatalf("C and Go structs alignment check failed: %s\n", err) - } + + err := CheckStructAlignments(bpfObjPath) + assert.NoError(t, err, "structs must align") } From ffe4b9a22e1557967eef75357598b810635e86f3 Mon Sep 17 00:00:00 2001 From: William Findlay Date: Thu, 12 Oct 2023 10:12:11 -0400 Subject: [PATCH 3/4] bpf/alignchecker: give structs names that match their types This should make it easier to add new structs going forward without worrying about changing numbering. Signed-off-by: William Findlay --- bpf/alignchecker/bpf_alignchecker.c | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/bpf/alignchecker/bpf_alignchecker.c b/bpf/alignchecker/bpf_alignchecker.c index 18196b0917f..1f1ff8fbaa8 100644 --- a/bpf/alignchecker/bpf_alignchecker.c +++ b/bpf/alignchecker/bpf_alignchecker.c @@ -7,18 +7,19 @@ #include "process/retprobe_map.h" #include "process/types/basic.h" -struct msg_generic_kprobe _1; -struct msg_execve_event _2; -struct msg_exit _3; -struct msg_test _4; -struct msg_cgroup_event _5; -struct msg_cred _6; -struct msg_cred_minimal _7; +// event messages +struct msg_generic_kprobe _msg_generic_kprobe; +struct msg_execve_event _msg_execve_event; +struct msg_exit _msg_exit; +struct msg_test _msg_test; +struct msg_cgroup_event _msg_cgroup_event; +struct msg_cred _msg_cred; +struct msg_cred_minimal _msg_cred_minimal; // from maps -struct event _8; -struct msg_execve_key _9; -struct execve_map_value _10; -struct event_config _11; -struct tetragon_conf _12; -struct cgroup_tracking_value _13; +struct event _event; +struct msg_execve_key _msg_execve_key; +struct execve_map_value _execve_map_value; +struct event_config _event_config; +struct tetragon_conf _tetragon_conf; +struct cgroup_tracking_value _cgroup_tracking_value; From aa7ab8f1025e780aa26d1d5ef8d28cc0435b89e0 Mon Sep 17 00:00:00 2001 From: William Findlay Date: Thu, 12 Oct 2023 10:14:41 -0400 Subject: [PATCH 4/4] makefile: change alignchecker target to compile gotest Signed-off-by: William Findlay --- .gitignore | 2 +- Makefile | 11 ++++++----- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index cb7087528f8..d3f7b05c6e2 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,7 @@ /bin lib/* /tetragon -/tetragon-alignchecker +/alignchecker /tetragon-bench /tetragon-operator /tetra diff --git a/Makefile b/Makefile index f9523b1e580..f85dfbeba0d 100644 --- a/Makefile +++ b/Makefile @@ -87,7 +87,7 @@ endif GO_BUILD = CGO_ENABLED=0 GOARCH=$(GOARCH) $(GO) build $(GO_BUILD_FLAGS) .PHONY: all -all: tetragon-bpf tetragon tetra tetragon-alignchecker test-compile tester-progs protoc-gen-go-tetragon tetragon-bench +all: tetragon-bpf tetragon tetra test-compile tester-progs protoc-gen-go-tetragon tetragon-bench -include Makefile.docker -include Makefile.cli @@ -160,7 +160,7 @@ tetragon-bpf-container: verify: tetragon-bpf sudo contrib/verify/verify.sh bpf/objs -.PHONY: tetragon tetra tetragon-operator tetragon-alignchecker tetragon-bench +.PHONY: tetragon tetra tetragon-operator tetragon-bench tetragon: $(GO_BUILD) ./cmd/tetragon/ @@ -173,8 +173,9 @@ tetragon-bench: tetragon-operator: $(GO_BUILD) -o $@ ./operator -tetragon-alignchecker: - $(GO_BUILD) -o $@ ./tools/alignchecker/ +.PHONY: alignchecker +alignchecker: + $(GO) test -c ./pkg/alignchecker -o alignchecker .PHONY: ksyms ksyms: @@ -206,7 +207,7 @@ vendor: .PHONY: clean clean: cli-clean tarball-clean $(MAKE) -C ./bpf clean - rm -f go-tests/*.test ./ksyms ./tetragon ./tetragon-operator ./tetra ./tetragon-alignchecker + rm -f go-tests/*.test ./ksyms ./tetragon ./tetragon-operator ./tetra ./alignchecker rm -f contrib/sigkill-tester/sigkill-tester contrib/namespace-tester/test_ns contrib/capabilities-tester/test_caps $(MAKE) -C $(TESTER_PROGS_DIR) clean