diff --git a/Makefile b/Makefile
index b88f7cc82e42491c23c868aa1a6e2870c47264c2..a715544ac4edc2fa7476e830b3966da8eb5e9e72 100644
--- a/Makefile
+++ b/Makefile
@@ -30,7 +30,7 @@ ifneq ($(CLEAN_BUILD),)
endif
LOCAL_GENERATOR_IMAGE ?= ebpf-generator:latest
-CILIUM_EBPF_VERSION := v0.17.1
+CILIUM_EBPF_VERSION := v0.17.2
GOLANGCI_LINT_VERSION = v1.61.0
GO_VERSION = "1.23.4"
PROTOC_VERSION = "3.19.4"
diff --git a/go.mod b/go.mod
index c4971c49e7e7da0f784e4222b2fecf0d1c15bbfc..8495612e6621fb7bd2242462ee10e6eebce748dc 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ toolchain go1.23.5
require (
github.com/caarlos0/env/v6 v6.10.1
- github.com/cilium/ebpf v0.17.1
+ github.com/cilium/ebpf v0.17.2
github.com/fsnotify/fsnotify v1.8.0
github.com/gavv/monotime v0.0.0-20190418164738-30dba4353424
github.com/gopacket/gopacket v1.3.1
diff --git a/go.sum b/go.sum
index bfe8bc712c90f8f30535cf2079f860192f59443f..4343005f5de419d42b51640c0cb9ee3d3885bbaa 100644
--- a/go.sum
+++ b/go.sum
@@ -142,8 +142,8 @@ github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
-github.com/cilium/ebpf v0.17.1 h1:G8mzU81R2JA1nE5/8SRubzqvBMmAmri2VL8BIZPWvV0=
-github.com/cilium/ebpf v0.17.1/go.mod h1:vay2FaYSmIlv3r8dNACd4mW/OCaZLJKJOo+IHBvCIO8=
+github.com/cilium/ebpf v0.17.2 h1:IQTaTVu0vKA8WTemFuBnxW9YbAwMkJVKHsNHW4lHv/g=
+github.com/cilium/ebpf v0.17.2/go.mod h1:9X5VAsIOck/nCAp0+nCSVzub1Q7x+zKXXItTMYfNE+E=
github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag=
github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I=
github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
diff --git a/pkg/tracer/tracer.go b/pkg/tracer/tracer.go
index 843786928f56a3084307366825fb571ae5ca1c42..a7e160ad303089add2a502f70e3c3a0e42d908a1 100644
--- a/pkg/tracer/tracer.go
+++ b/pkg/tracer/tracer.go
@@ -112,6 +112,11 @@ type FlowFetcherConfig struct {
FilterConfig []*FilterConfig
}
+type variablesMapping struct {
+ key string
+ value interface{}
+}
+
// nolint:golint,cyclop
func NewFlowFetcher(cfg *FlowFetcherConfig) (*FlowFetcher, error) {
var pktDropsLink, networkEventsMonitoringLink, rttFentryLink, rttKprobeLink link.Link
@@ -151,64 +156,8 @@ func NewFlowFetcher(cfg *FlowFetcherConfig) (*FlowFetcher, error) {
spec.Maps[m].Pinning = 0
}
- traceMsgs := 0
- if cfg.Debug {
- traceMsgs = 1
- }
-
- enableRtt := 0
- if cfg.EnableRTT {
- enableRtt = 1
- }
-
- enableDNSTracking := 0
- dnsTrackerPort := uint16(dnsDefaultPort)
- if cfg.EnableDNSTracker {
- enableDNSTracking = 1
- if cfg.DNSTrackerPort != 0 {
- dnsTrackerPort = cfg.DNSTrackerPort
- }
- }
-
- if enableDNSTracking == 0 {
- spec.Maps[dnsLatencyMap].MaxEntries = 1
- }
-
- enableFlowFiltering := 0
- hasFilterSampling := uint8(0)
- if filter != nil {
- enableFlowFiltering = 1
- hasFilterSampling = filter.hasSampling()
- } else {
- spec.Maps[filterMap].MaxEntries = 1
- spec.Maps[peerFilterMap].MaxEntries = 1
- }
- enableNetworkEventsMonitoring := 0
- if cfg.EnableNetworkEventsMonitoring {
- enableNetworkEventsMonitoring = 1
- }
- networkEventsMonitoringGroupID := defaultNetworkEventsGroupID
- if cfg.NetworkEventsMonitoringGroupID > 0 {
- networkEventsMonitoringGroupID = cfg.NetworkEventsMonitoringGroupID
- }
- enablePktTranslation := 0
- if cfg.EnablePktTranslation {
- enablePktTranslation = 1
- }
- if err := spec.RewriteConstants(map[string]interface{}{
- // When adding constants here, remember to delete them in NewPacketFetcher
- constSampling: uint32(cfg.Sampling),
- constHasFilterSampling: hasFilterSampling,
- constTraceMessages: uint8(traceMsgs),
- constEnableRtt: uint8(enableRtt),
- constEnableDNSTracking: uint8(enableDNSTracking),
- constDNSTrackingPort: dnsTrackerPort,
- constEnableFlowFiltering: uint8(enableFlowFiltering),
- constEnableNetworkEventsMonitoring: uint8(enableNetworkEventsMonitoring),
- constNetworkEventsMonitoringGroupID: uint8(networkEventsMonitoringGroupID),
- constEnablePktTranslation: uint8(enablePktTranslation),
- }); err != nil {
- return nil, fmt.Errorf("rewriting BPF constants definition: %w", err)
+ if err := configureFlowSpecVariables(spec, cfg, filter); err != nil {
+ return nil, fmt.Errorf("loading flow spec variables: %w", err)
}
oldKernel := kernel.IsKernelOlderThan("5.14.0")
@@ -1354,12 +1303,15 @@ func NewPacketFetcher(cfg *FlowFetcherConfig) (*PacketFetcher, error) {
if cfg.EnablePCA {
pcaEnable = 1
}
+ variables := []variablesMapping{
+ {constSampling, uint32(cfg.Sampling)},
+ {constPcaEnable, uint8(pcaEnable)},
+ }
- if err := spec.RewriteConstants(map[string]interface{}{
- constSampling: uint32(cfg.Sampling),
- constPcaEnable: uint8(pcaEnable),
- }); err != nil {
- return nil, fmt.Errorf("rewriting BPF constants definition: %w", err)
+ for _, mapping := range variables {
+ if err := setVariable(spec, mapping.key, mapping.value); err != nil {
+ return nil, fmt.Errorf("failed to set variable %s: %w", mapping.key, err)
+ }
}
// remove pinning from all maps
@@ -1837,3 +1789,74 @@ func (p *PacketFetcher) LookupAndDeleteMap(met *metrics.Metrics) map[int][]*byte
return packets
}
+
+func setVariable(spec *cilium.CollectionSpec, key string, value interface{}) error {
+ if err := spec.Variables[key].Set(value); err != nil {
+ return fmt.Errorf("setting %s: %w", key, err)
+ }
+ return nil
+}
+
+func configureFlowSpecVariables(spec *cilium.CollectionSpec, cfg *FlowFetcherConfig, filter *Filter) error {
+ traceMsgs := 0
+ if cfg.Debug {
+ traceMsgs = 1
+ }
+ enableRtt := 0
+ if cfg.EnableRTT {
+ enableRtt = 1
+ }
+ enableDNSTracking := 0
+ dnsTrackerPort := uint16(dnsDefaultPort)
+ if cfg.EnableDNSTracker {
+ enableDNSTracking = 1
+ if cfg.DNSTrackerPort != 0 {
+ dnsTrackerPort = cfg.DNSTrackerPort
+ }
+ }
+ if enableDNSTracking == 0 {
+ spec.Maps[dnsLatencyMap].MaxEntries = 1
+ }
+ enableFlowFiltering := 0
+ hasFilterSampling := uint8(0)
+ if filter != nil {
+ enableFlowFiltering = 1
+ hasFilterSampling = filter.hasSampling()
+ } else {
+ spec.Maps[filterMap].MaxEntries = 1
+ spec.Maps[peerFilterMap].MaxEntries = 1
+ }
+ enableNetworkEventsMonitoring := 0
+ if cfg.EnableNetworkEventsMonitoring {
+ enableNetworkEventsMonitoring = 1
+ }
+ networkEventsMonitoringGroupID := defaultNetworkEventsGroupID
+ if cfg.NetworkEventsMonitoringGroupID > 0 {
+ networkEventsMonitoringGroupID = cfg.NetworkEventsMonitoringGroupID
+ }
+ enablePktTranslation := 0
+ if cfg.EnablePktTranslation {
+ enablePktTranslation = 1
+ }
+ // When adding constants here, remember to delete them in NewPacketFetcher
+ variables := []variablesMapping{
+ {constSampling, uint32(cfg.Sampling)},
+ {constHasFilterSampling, hasFilterSampling},
+ {constTraceMessages, uint8(traceMsgs)},
+ {constEnableRtt, uint8(enableRtt)},
+ {constEnableDNSTracking, uint8(enableDNSTracking)},
+ {constDNSTrackingPort, dnsTrackerPort},
+ {constEnableFlowFiltering, uint8(enableFlowFiltering)},
+ {constEnableNetworkEventsMonitoring, uint8(enableNetworkEventsMonitoring)},
+ {constNetworkEventsMonitoringGroupID, uint8(networkEventsMonitoringGroupID)},
+ {constEnablePktTranslation, uint8(enablePktTranslation)},
+ }
+
+ for _, mapping := range variables {
+ if err := setVariable(spec, mapping.key, mapping.value); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
diff --git a/vendor/github.com/cilium/ebpf/.golangci.yaml b/vendor/github.com/cilium/ebpf/.golangci.yaml
index 366d4893f204b676e67885f15422d12bf451cc7b..8298e59ed809418ddbd5427dbc425b56dfb23e02 100644
--- a/vendor/github.com/cilium/ebpf/.golangci.yaml
+++ b/vendor/github.com/cilium/ebpf/.golangci.yaml
@@ -11,9 +11,21 @@ linters:
- typecheck
- unused
- gofmt
+ - depguard
linters-settings:
goimports:
# A comma-separated list of prefixes, which, if set, checks import paths
# with the given prefixes are grouped after 3rd-party packages.
# Default: ""
local-prefixes: github.com/cilium/ebpf
+ depguard:
+ rules:
+ no-x-sys-unix:
+ files:
+ # Filenames are matched against absolute paths, include **/ at the start.
+ - '!**/internal/unix/*.go'
+ - '!**/examples/**/*.go'
+ - '!**/docs/**/*.go'
+ deny:
+ - pkg: golang.org/x/sys/unix
+ desc: use internal/unix instead
diff --git a/vendor/github.com/cilium/ebpf/asm/func.go b/vendor/github.com/cilium/ebpf/asm/func.go
index 84a40b2277f04e5c0b56d31519e96b0f4eb36d0b..7a59acf383014b0bf214850919442a14a8c6c610 100644
--- a/vendor/github.com/cilium/ebpf/asm/func.go
+++ b/vendor/github.com/cilium/ebpf/asm/func.go
@@ -5,10 +5,6 @@ package asm
// BuiltinFunc is a built-in eBPF function.
type BuiltinFunc int32
-func (_ BuiltinFunc) Max() BuiltinFunc {
- return maxBuiltinFunc - 1
-}
-
// eBPF built-in functions
//
// You can regenerate this list using the following gawk script:
@@ -237,8 +233,6 @@ const (
FnUserRingbufDrain
FnCgrpStorageGet
FnCgrpStorageDelete
-
- maxBuiltinFunc
)
// Call emits a function call.
diff --git a/vendor/github.com/cilium/ebpf/asm/func_string.go b/vendor/github.com/cilium/ebpf/asm/func_string.go
index 47150bc4f2d2c5ca72a78509680766833578c6a9..6c4ba3789263eae3fc4bfdbd02e2426415aecebe 100644
--- a/vendor/github.com/cilium/ebpf/asm/func_string.go
+++ b/vendor/github.com/cilium/ebpf/asm/func_string.go
@@ -220,12 +220,11 @@ func _() {
_ = x[FnUserRingbufDrain-209]
_ = x[FnCgrpStorageGet-210]
_ = x[FnCgrpStorageDelete-211]
- _ = x[maxBuiltinFunc-212]
}
-const _BuiltinFunc_name = "FnUnspecFnMapLookupElemFnMapUpdateElemFnMapDeleteElemFnProbeReadFnKtimeGetNsFnTracePrintkFnGetPrandomU32FnGetSmpProcessorIdFnSkbStoreBytesFnL3CsumReplaceFnL4CsumReplaceFnTailCallFnCloneRedirectFnGetCurrentPidTgidFnGetCurrentUidGidFnGetCurrentCommFnGetCgroupClassidFnSkbVlanPushFnSkbVlanPopFnSkbGetTunnelKeyFnSkbSetTunnelKeyFnPerfEventReadFnRedirectFnGetRouteRealmFnPerfEventOutputFnSkbLoadBytesFnGetStackidFnCsumDiffFnSkbGetTunnelOptFnSkbSetTunnelOptFnSkbChangeProtoFnSkbChangeTypeFnSkbUnderCgroupFnGetHashRecalcFnGetCurrentTaskFnProbeWriteUserFnCurrentTaskUnderCgroupFnSkbChangeTailFnSkbPullDataFnCsumUpdateFnSetHashInvalidFnGetNumaNodeIdFnSkbChangeHeadFnXdpAdjustHeadFnProbeReadStrFnGetSocketCookieFnGetSocketUidFnSetHashFnSetsockoptFnSkbAdjustRoomFnRedirectMapFnSkRedirectMapFnSockMapUpdateFnXdpAdjustMetaFnPerfEventReadValueFnPerfProgReadValueFnGetsockoptFnOverrideReturnFnSockOpsCbFlagsSetFnMsgRedirectMapFnMsgApplyBytesFnMsgCorkBytesFnMsgPullDataFnBindFnXdpAdjustTailFnSkbGetXfrmStateFnGetStackFnSkbLoadBytesRelativeFnFibLookupFnSockHashUpdateFnMsgRedirectHashFnSkRedirectHashFnLwtPushEncapFnLwtSeg6StoreBytesFnLwtSeg6AdjustSrhFnLwtSeg6ActionFnRcRepeatFnRcKeydownFnSkbCgroupIdFnGetCurrentCgroupIdFnGetLocalStorageFnSkSelectReuseportFnSkbAncestorCgroupIdFnSkLookupTcpFnSkLookupUdpFnSkReleaseFnMapPushElemFnMapPopElemFnMapPeekElemFnMsgPushDataFnMsgPopDataFnRcPointerRelFnSpinLockFnSpinUnlockFnSkFullsockFnTcpSockFnSkbEcnSetCeFnGetListenerSockFnSkcLookupTcpFnTcpCheckSyncookieFnSysctlGetNameFnSysctlGetCurrentValueFnSysctlGetNewValueFnSysctlSetNewValueFnStrtolFnStrtoulFnSkStorageGetFnSkStorageDeleteFnSendSignalFnTcpGenSyncookieFnSkbOutputFnProbeReadUserFnProbeReadKernelFnProbeReadUserStrFnProbeReadKernelStrFnTcpSendAckFnSendSignalThreadFnJiffies64FnReadBranchRecordsFnGetNsCurrentPidTgidFnXdpOutputFnGetNetnsCookieFnGetCurrentAncestorCgroupIdFnSkAssignFnKtimeGetBootNsFnSeqPrintfFnSeqWriteFnSkCgroupIdFnSkAncestorCgroupIdFnRingbufOutputFnRingbufReserveFnRingbufSubmitFnRingbufDiscardFnRingbufQueryFnCsumLevelFnSkcToTcp6SockFnSkcToTcpSockFnSkcToTcpTimewaitSockFnSkcToTcpRequestSockFnSkcToUdp6SockFnGetTaskStackFnLoadHdrOptFnStoreHdrOptFnReserveHdrOptFnInodeStorageGetFnInodeStorageDeleteFnDPathFnCopyFromUserFnSnprintfBtfFnSeqPrintfBtfFnSkbCgroupClassidFnRedirectNeighFnPerCpuPtrFnThisCpuPtrFnRedirectPeerFnTaskStorageGetFnTaskStorageDeleteFnGetCurrentTaskBtfFnBprmOptsSetFnKtimeGetCoarseNsFnImaInodeHashFnSockFromFileFnCheckMtuFnForEachMapElemFnSnprintfFnSysBpfFnBtfFindByNameKindFnSysCloseFnTimerInitFnTimerSetCallbackFnTimerStartFnTimerCancelFnGetFuncIpFnGetAttachCookieFnTaskPtRegsFnGetBranchSnapshotFnTraceVprintkFnSkcToUnixSockFnKallsymsLookupNameFnFindVmaFnLoopFnStrncmpFnGetFuncArgFnGetFuncRetFnGetFuncArgCntFnGetRetvalFnSetRetvalFnXdpGetBuffLenFnXdpLoadBytesFnXdpStoreBytesFnCopyFromUserTaskFnSkbSetTstampFnImaFileHashFnKptrXchgFnMapLookupPercpuElemFnSkcToMptcpSockFnDynptrFromMemFnRingbufReserveDynptrFnRingbufSubmitDynptrFnRingbufDiscardDynptrFnDynptrReadFnDynptrWriteFnDynptrDataFnTcpRawGenSyncookieIpv4FnTcpRawGenSyncookieIpv6FnTcpRawCheckSyncookieIpv4FnTcpRawCheckSyncookieIpv6FnKtimeGetTaiNsFnUserRingbufDrainFnCgrpStorageGetFnCgrpStorageDeletemaxBuiltinFunc"
+const _BuiltinFunc_name = "FnUnspecFnMapLookupElemFnMapUpdateElemFnMapDeleteElemFnProbeReadFnKtimeGetNsFnTracePrintkFnGetPrandomU32FnGetSmpProcessorIdFnSkbStoreBytesFnL3CsumReplaceFnL4CsumReplaceFnTailCallFnCloneRedirectFnGetCurrentPidTgidFnGetCurrentUidGidFnGetCurrentCommFnGetCgroupClassidFnSkbVlanPushFnSkbVlanPopFnSkbGetTunnelKeyFnSkbSetTunnelKeyFnPerfEventReadFnRedirectFnGetRouteRealmFnPerfEventOutputFnSkbLoadBytesFnGetStackidFnCsumDiffFnSkbGetTunnelOptFnSkbSetTunnelOptFnSkbChangeProtoFnSkbChangeTypeFnSkbUnderCgroupFnGetHashRecalcFnGetCurrentTaskFnProbeWriteUserFnCurrentTaskUnderCgroupFnSkbChangeTailFnSkbPullDataFnCsumUpdateFnSetHashInvalidFnGetNumaNodeIdFnSkbChangeHeadFnXdpAdjustHeadFnProbeReadStrFnGetSocketCookieFnGetSocketUidFnSetHashFnSetsockoptFnSkbAdjustRoomFnRedirectMapFnSkRedirectMapFnSockMapUpdateFnXdpAdjustMetaFnPerfEventReadValueFnPerfProgReadValueFnGetsockoptFnOverrideReturnFnSockOpsCbFlagsSetFnMsgRedirectMapFnMsgApplyBytesFnMsgCorkBytesFnMsgPullDataFnBindFnXdpAdjustTailFnSkbGetXfrmStateFnGetStackFnSkbLoadBytesRelativeFnFibLookupFnSockHashUpdateFnMsgRedirectHashFnSkRedirectHashFnLwtPushEncapFnLwtSeg6StoreBytesFnLwtSeg6AdjustSrhFnLwtSeg6ActionFnRcRepeatFnRcKeydownFnSkbCgroupIdFnGetCurrentCgroupIdFnGetLocalStorageFnSkSelectReuseportFnSkbAncestorCgroupIdFnSkLookupTcpFnSkLookupUdpFnSkReleaseFnMapPushElemFnMapPopElemFnMapPeekElemFnMsgPushDataFnMsgPopDataFnRcPointerRelFnSpinLockFnSpinUnlockFnSkFullsockFnTcpSockFnSkbEcnSetCeFnGetListenerSockFnSkcLookupTcpFnTcpCheckSyncookieFnSysctlGetNameFnSysctlGetCurrentValueFnSysctlGetNewValueFnSysctlSetNewValueFnStrtolFnStrtoulFnSkStorageGetFnSkStorageDeleteFnSendSignalFnTcpGenSyncookieFnSkbOutputFnProbeReadUserFnProbeReadKernelFnProbeReadUserStrFnProbeReadKernelStrFnTcpSendAckFnSendSignalThreadFnJiffies64FnReadBranchRecordsFnGetNsCurrentPidTgidFnXdpOutputFnGetNetnsCookieFnGetCurrentAncestorCgroupIdFnSkAssignFnKtimeGetBootNsFnSeqPrintfFnSeqWriteFnSkCgroupIdFnSkAncestorCgroupIdFnRingbufOutputFnRingbufReserveFnRingbufSubmitFnRingbufDiscardFnRingbufQueryFnCsumLevelFnSkcToTcp6SockFnSkcToTcpSockFnSkcToTcpTimewaitSockFnSkcToTcpRequestSockFnSkcToUdp6SockFnGetTaskStackFnLoadHdrOptFnStoreHdrOptFnReserveHdrOptFnInodeStorageGetFnInodeStorageDeleteFnDPathFnCopyFromUserFnSnprintfBtfFnSeqPrintfBtfFnSkbCgroupClassidFnRedirectNeighFnPerCpuPtrFnThisCpuPtrFnRedirectPeerFnTaskStorageGetFnTaskStorageDeleteFnGetCurrentTaskBtfFnBprmOptsSetFnKtimeGetCoarseNsFnImaInodeHashFnSockFromFileFnCheckMtuFnForEachMapElemFnSnprintfFnSysBpfFnBtfFindByNameKindFnSysCloseFnTimerInitFnTimerSetCallbackFnTimerStartFnTimerCancelFnGetFuncIpFnGetAttachCookieFnTaskPtRegsFnGetBranchSnapshotFnTraceVprintkFnSkcToUnixSockFnKallsymsLookupNameFnFindVmaFnLoopFnStrncmpFnGetFuncArgFnGetFuncRetFnGetFuncArgCntFnGetRetvalFnSetRetvalFnXdpGetBuffLenFnXdpLoadBytesFnXdpStoreBytesFnCopyFromUserTaskFnSkbSetTstampFnImaFileHashFnKptrXchgFnMapLookupPercpuElemFnSkcToMptcpSockFnDynptrFromMemFnRingbufReserveDynptrFnRingbufSubmitDynptrFnRingbufDiscardDynptrFnDynptrReadFnDynptrWriteFnDynptrDataFnTcpRawGenSyncookieIpv4FnTcpRawGenSyncookieIpv6FnTcpRawCheckSyncookieIpv4FnTcpRawCheckSyncookieIpv6FnKtimeGetTaiNsFnUserRingbufDrainFnCgrpStorageGetFnCgrpStorageDelete"
-var _BuiltinFunc_index = [...]uint16{0, 8, 23, 38, 53, 64, 76, 89, 104, 123, 138, 153, 168, 178, 193, 212, 230, 246, 264, 277, 289, 306, 323, 338, 348, 363, 380, 394, 406, 416, 433, 450, 466, 481, 497, 512, 528, 544, 568, 583, 596, 608, 624, 639, 654, 669, 683, 700, 714, 723, 735, 750, 763, 778, 793, 808, 828, 847, 859, 875, 894, 910, 925, 939, 952, 958, 973, 990, 1000, 1022, 1033, 1049, 1066, 1082, 1096, 1115, 1133, 1148, 1158, 1169, 1182, 1202, 1219, 1238, 1259, 1272, 1285, 1296, 1309, 1321, 1334, 1347, 1359, 1373, 1383, 1395, 1407, 1416, 1429, 1446, 1460, 1479, 1494, 1517, 1536, 1555, 1563, 1572, 1586, 1603, 1615, 1632, 1643, 1658, 1675, 1693, 1713, 1725, 1743, 1754, 1773, 1794, 1805, 1821, 1849, 1859, 1875, 1886, 1896, 1908, 1928, 1943, 1959, 1974, 1990, 2004, 2015, 2030, 2044, 2066, 2087, 2102, 2116, 2128, 2141, 2156, 2173, 2193, 2200, 2214, 2227, 2241, 2259, 2274, 2285, 2297, 2311, 2327, 2346, 2365, 2378, 2396, 2410, 2424, 2434, 2450, 2460, 2468, 2487, 2497, 2508, 2526, 2538, 2551, 2562, 2579, 2591, 2610, 2624, 2639, 2659, 2668, 2674, 2683, 2695, 2707, 2722, 2733, 2744, 2759, 2773, 2788, 2806, 2820, 2833, 2843, 2864, 2880, 2895, 2917, 2938, 2960, 2972, 2985, 2997, 3021, 3045, 3071, 3097, 3112, 3130, 3146, 3165, 3179}
+var _BuiltinFunc_index = [...]uint16{0, 8, 23, 38, 53, 64, 76, 89, 104, 123, 138, 153, 168, 178, 193, 212, 230, 246, 264, 277, 289, 306, 323, 338, 348, 363, 380, 394, 406, 416, 433, 450, 466, 481, 497, 512, 528, 544, 568, 583, 596, 608, 624, 639, 654, 669, 683, 700, 714, 723, 735, 750, 763, 778, 793, 808, 828, 847, 859, 875, 894, 910, 925, 939, 952, 958, 973, 990, 1000, 1022, 1033, 1049, 1066, 1082, 1096, 1115, 1133, 1148, 1158, 1169, 1182, 1202, 1219, 1238, 1259, 1272, 1285, 1296, 1309, 1321, 1334, 1347, 1359, 1373, 1383, 1395, 1407, 1416, 1429, 1446, 1460, 1479, 1494, 1517, 1536, 1555, 1563, 1572, 1586, 1603, 1615, 1632, 1643, 1658, 1675, 1693, 1713, 1725, 1743, 1754, 1773, 1794, 1805, 1821, 1849, 1859, 1875, 1886, 1896, 1908, 1928, 1943, 1959, 1974, 1990, 2004, 2015, 2030, 2044, 2066, 2087, 2102, 2116, 2128, 2141, 2156, 2173, 2193, 2200, 2214, 2227, 2241, 2259, 2274, 2285, 2297, 2311, 2327, 2346, 2365, 2378, 2396, 2410, 2424, 2434, 2450, 2460, 2468, 2487, 2497, 2508, 2526, 2538, 2551, 2562, 2579, 2591, 2610, 2624, 2639, 2659, 2668, 2674, 2683, 2695, 2707, 2722, 2733, 2744, 2759, 2773, 2788, 2806, 2820, 2833, 2843, 2864, 2880, 2895, 2917, 2938, 2960, 2972, 2985, 2997, 3021, 3045, 3071, 3097, 3112, 3130, 3146, 3165}
func (i BuiltinFunc) String() string {
if i < 0 || i >= BuiltinFunc(len(_BuiltinFunc_index)-1) {
diff --git a/vendor/github.com/cilium/ebpf/attachtype_string.go b/vendor/github.com/cilium/ebpf/attachtype_string.go
index bece896bb6119128cec2c8c8f39b4af03a5b4f7e..84445a325621fa8cb65374f65dc11e4c72dde554 100644
--- a/vendor/github.com/cilium/ebpf/attachtype_string.go
+++ b/vendor/github.com/cilium/ebpf/attachtype_string.go
@@ -52,6 +52,7 @@ func _() {
_ = x[AttachSkReuseportSelectOrMigrate-40]
_ = x[AttachPerfEvent-41]
_ = x[AttachTraceKprobeMulti-42]
+ _ = x[AttachTraceKprobeSession-56]
_ = x[AttachLSMCgroup-43]
_ = x[AttachStructOps-44]
_ = x[AttachNetfilter-45]
@@ -67,9 +68,9 @@ func _() {
_ = x[AttachNetkitPeer-55]
}
-const _AttachType_name = "NoneCGroupInetEgressCGroupInetSockCreateCGroupSockOpsSkSKBStreamParserSkSKBStreamVerdictCGroupDeviceSkMsgVerdictCGroupInet4BindCGroupInet6BindCGroupInet4ConnectCGroupInet6ConnectCGroupInet4PostBindCGroupInet6PostBindCGroupUDP4SendmsgCGroupUDP6SendmsgLircMode2FlowDissectorCGroupSysctlCGroupUDP4RecvmsgCGroupUDP6RecvmsgCGroupGetsockoptCGroupSetsockoptTraceRawTpTraceFEntryTraceFExitModifyReturnLSMMacTraceIterCgroupInet4GetPeernameCgroupInet6GetPeernameCgroupInet4GetSocknameCgroupInet6GetSocknameXDPDevMapCgroupInetSockReleaseXDPCPUMapSkLookupXDPSkSKBVerdictSkReuseportSelectSkReuseportSelectOrMigratePerfEventTraceKprobeMultiLSMCgroupStructOpsNetfilterTCXIngressTCXEgressTraceUprobeMultiCgroupUnixConnectCgroupUnixSendmsgCgroupUnixRecvmsgCgroupUnixGetpeernameCgroupUnixGetsocknameNetkitPrimaryNetkitPeer"
+const _AttachType_name = "NoneCGroupInetEgressCGroupInetSockCreateCGroupSockOpsSkSKBStreamParserSkSKBStreamVerdictCGroupDeviceSkMsgVerdictCGroupInet4BindCGroupInet6BindCGroupInet4ConnectCGroupInet6ConnectCGroupInet4PostBindCGroupInet6PostBindCGroupUDP4SendmsgCGroupUDP6SendmsgLircMode2FlowDissectorCGroupSysctlCGroupUDP4RecvmsgCGroupUDP6RecvmsgCGroupGetsockoptCGroupSetsockoptTraceRawTpTraceFEntryTraceFExitModifyReturnLSMMacTraceIterCgroupInet4GetPeernameCgroupInet6GetPeernameCgroupInet4GetSocknameCgroupInet6GetSocknameXDPDevMapCgroupInetSockReleaseXDPCPUMapSkLookupXDPSkSKBVerdictSkReuseportSelectSkReuseportSelectOrMigratePerfEventTraceKprobeMultiLSMCgroupStructOpsNetfilterTCXIngressTCXEgressTraceUprobeMultiCgroupUnixConnectCgroupUnixSendmsgCgroupUnixRecvmsgCgroupUnixGetpeernameCgroupUnixGetsocknameNetkitPrimaryNetkitPeerTraceKprobeSession"
-var _AttachType_index = [...]uint16{0, 4, 20, 40, 53, 70, 88, 100, 112, 127, 142, 160, 178, 197, 216, 233, 250, 259, 272, 284, 301, 318, 334, 350, 360, 371, 381, 393, 399, 408, 430, 452, 474, 496, 505, 526, 535, 543, 546, 558, 575, 601, 610, 626, 635, 644, 653, 663, 672, 688, 705, 722, 739, 760, 781, 794, 804}
+var _AttachType_index = [...]uint16{0, 4, 20, 40, 53, 70, 88, 100, 112, 127, 142, 160, 178, 197, 216, 233, 250, 259, 272, 284, 301, 318, 334, 350, 360, 371, 381, 393, 399, 408, 430, 452, 474, 496, 505, 526, 535, 543, 546, 558, 575, 601, 610, 626, 635, 644, 653, 663, 672, 688, 705, 722, 739, 760, 781, 794, 804, 822}
func (i AttachType) String() string {
if i >= AttachType(len(_AttachType_index)-1) {
diff --git a/vendor/github.com/cilium/ebpf/collection.go b/vendor/github.com/cilium/ebpf/collection.go
index 1bda110a4014ede8cab43532db4ee3761bfa3f28..a7b6cb31bf5dc8cdb07d44d53730870054873204 100644
--- a/vendor/github.com/cilium/ebpf/collection.go
+++ b/vendor/github.com/cilium/ebpf/collection.go
@@ -411,15 +411,10 @@ func newCollectionLoader(coll *CollectionSpec, opts *CollectionOptions) (*collec
}
// Check for existing MapSpecs in the CollectionSpec for all provided replacement maps.
- for name, m := range opts.MapReplacements {
- spec, ok := coll.Maps[name]
- if !ok {
+ for name := range opts.MapReplacements {
+ if _, ok := coll.Maps[name]; !ok {
return nil, fmt.Errorf("replacement map %s not found in CollectionSpec", name)
}
-
- if err := spec.Compatible(m); err != nil {
- return nil, fmt.Errorf("using replacement map %s: %w", spec.Name, err)
- }
}
if err := populateKallsyms(coll.Programs); err != nil {
@@ -494,7 +489,22 @@ func (cl *collectionLoader) loadMap(mapName string) (*Map, error) {
return nil, fmt.Errorf("missing map %s", mapName)
}
+ mapSpec = mapSpec.Copy()
+
+ // Defer setting the mmapable flag on maps until load time. This avoids the
+ // MapSpec having different flags on some kernel versions. Also avoid running
+ // syscalls during ELF loading, so platforms like wasm can also parse an ELF.
+ if isDataSection(mapSpec.Name) && haveMmapableMaps() == nil {
+ mapSpec.Flags |= sys.BPF_F_MMAPABLE
+ }
+
if replaceMap, ok := cl.opts.MapReplacements[mapName]; ok {
+ // Check compatibility with the replacement map after setting
+ // feature-dependent map flags.
+ if err := mapSpec.Compatible(replaceMap); err != nil {
+ return nil, fmt.Errorf("using replacement map %s: %w", mapSpec.Name, err)
+ }
+
// Clone the map to avoid closing user's map later on.
m, err := replaceMap.Clone()
if err != nil {
@@ -505,13 +515,6 @@ func (cl *collectionLoader) loadMap(mapName string) (*Map, error) {
return m, nil
}
- // Defer setting the mmapable flag on maps until load time. This avoids the
- // MapSpec having different flags on some kernel versions. Also avoid running
- // syscalls during ELF loading, so platforms like wasm can also parse an ELF.
- if isDataSection(mapSpec.Name) && haveMmapableMaps() == nil {
- mapSpec.Flags |= sys.BPF_F_MMAPABLE
- }
-
m, err := newMapWithOptions(mapSpec, cl.opts.Maps)
if err != nil {
return nil, fmt.Errorf("map %s: %w", mapName, err)
diff --git a/vendor/github.com/cilium/ebpf/elf_sections.go b/vendor/github.com/cilium/ebpf/elf_sections.go
index 4b58251d9ab42752400257b5224cd7d4e93508a1..43dcfb103ee08e2c0f3517c072fb3705e1c26965 100644
--- a/vendor/github.com/cilium/ebpf/elf_sections.go
+++ b/vendor/github.com/cilium/ebpf/elf_sections.go
@@ -18,6 +18,7 @@ var elfSectionDefs = []libbpfElfSectionDef{
{"uretprobe.s+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_SLEEPABLE},
{"kprobe.multi+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_KPROBE_MULTI, _SEC_NONE},
{"kretprobe.multi+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_KPROBE_MULTI, _SEC_NONE},
+ {"kprobe.session+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_KPROBE_SESSION, _SEC_NONE},
{"uprobe.multi+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_UPROBE_MULTI, _SEC_NONE},
{"uretprobe.multi+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_UPROBE_MULTI, _SEC_NONE},
{"uprobe.multi.s+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_UPROBE_MULTI, _SEC_SLEEPABLE},
@@ -69,6 +70,7 @@ var elfSectionDefs = []libbpfElfSectionDef{
{"sockops", sys.BPF_PROG_TYPE_SOCK_OPS, sys.BPF_CGROUP_SOCK_OPS, _SEC_ATTACHABLE_OPT},
{"sk_skb/stream_parser", sys.BPF_PROG_TYPE_SK_SKB, sys.BPF_SK_SKB_STREAM_PARSER, _SEC_ATTACHABLE_OPT},
{"sk_skb/stream_verdict", sys.BPF_PROG_TYPE_SK_SKB, sys.BPF_SK_SKB_STREAM_VERDICT, _SEC_ATTACHABLE_OPT},
+ {"sk_skb/verdict", sys.BPF_PROG_TYPE_SK_SKB, sys.BPF_SK_SKB_VERDICT, _SEC_ATTACHABLE_OPT},
{"sk_skb", sys.BPF_PROG_TYPE_SK_SKB, 0, _SEC_NONE},
{"sk_msg", sys.BPF_PROG_TYPE_SK_MSG, sys.BPF_SK_MSG_VERDICT, _SEC_ATTACHABLE_OPT},
{"lirc_mode2", sys.BPF_PROG_TYPE_LIRC_MODE2, sys.BPF_LIRC_MODE2, _SEC_ATTACHABLE_OPT},
diff --git a/vendor/github.com/cilium/ebpf/internal/epoll/poller.go b/vendor/github.com/cilium/ebpf/internal/epoll/poller.go
index 733e839be7b97fc4645a9b86d906a6ffb168b7c8..76bfa77e9091f6a79bff94c43f2118ccc1a2b232 100644
--- a/vendor/github.com/cilium/ebpf/internal/epoll/poller.go
+++ b/vendor/github.com/cilium/ebpf/internal/epoll/poller.go
@@ -1,3 +1,5 @@
+//go:build linux
+
package epoll
import (
diff --git a/vendor/github.com/cilium/ebpf/internal/feature.go b/vendor/github.com/cilium/ebpf/internal/feature.go
index 6399be08514bb4a0e7c901305f62bb41b40d94c3..6f64822e11d6277ce850d86410f9b14af5708ea7 100644
--- a/vendor/github.com/cilium/ebpf/internal/feature.go
+++ b/vendor/github.com/cilium/ebpf/internal/feature.go
@@ -93,7 +93,7 @@ func NewFeatureTest(name string, fn FeatureTestFn, versions ...string) func() er
break
}
- if runtime.GOOS == "linux" && !strings.ContainsRune(version, ':') {
+ if OnLinux && !strings.ContainsRune(version, ':') {
// Allow version numbers without a GOOS prefix on Linux.
ft.Version = version
break
diff --git a/vendor/github.com/cilium/ebpf/internal/goos.go b/vendor/github.com/cilium/ebpf/internal/goos.go
new file mode 100644
index 0000000000000000000000000000000000000000..0569d5ce0bc6a84482f2be74a04892a8fcde6eba
--- /dev/null
+++ b/vendor/github.com/cilium/ebpf/internal/goos.go
@@ -0,0 +1,7 @@
+package internal
+
+import "runtime"
+
+const (
+ OnLinux = runtime.GOOS == "linux"
+)
diff --git a/vendor/github.com/cilium/ebpf/internal/kallsyms/kallsyms.go b/vendor/github.com/cilium/ebpf/internal/kallsyms/kallsyms.go
index f93d785849c54c17adc5b58d536390e1343ed62a..2cdfb56a584d5f7f8914df82e02155ab6a49a673 100644
--- a/vendor/github.com/cilium/ebpf/internal/kallsyms/kallsyms.go
+++ b/vendor/github.com/cilium/ebpf/internal/kallsyms/kallsyms.go
@@ -8,6 +8,8 @@ import (
"slices"
"strconv"
"strings"
+
+ "github.com/cilium/ebpf/internal"
)
var errAmbiguousKsym = errors.New("multiple kernel symbols with the same name")
@@ -47,6 +49,10 @@ func Module(name string) (string, error) {
// Any symbols missing in the kernel are ignored. Returns an error if multiple
// symbols with a given name were found.
func AssignModules(symbols map[string]string) error {
+ if !internal.OnLinux {
+ return fmt.Errorf("read /proc/kallsyms: %w", internal.ErrNotSupportedOnOS)
+ }
+
if len(symbols) == 0 {
return nil
}
@@ -71,6 +77,7 @@ func AssignModules(symbols map[string]string) error {
if err != nil {
return err
}
+ defer f.Close()
if err := assignModules(f, request); err != nil {
return fmt.Errorf("assigning symbol modules: %w", err)
@@ -161,6 +168,10 @@ func Address(symbol string) (uint64, error) {
// Any symbols missing in the kernel are ignored. Returns an error if multiple
// addresses were found for a symbol.
func AssignAddresses(symbols map[string]uint64) error {
+ if !internal.OnLinux {
+ return fmt.Errorf("read /proc/kallsyms: %w", internal.ErrNotSupportedOnOS)
+ }
+
if len(symbols) == 0 {
return nil
}
@@ -185,6 +196,7 @@ func AssignAddresses(symbols map[string]uint64) error {
if err != nil {
return err
}
+ defer f.Close()
if err := assignAddresses(f, request); err != nil {
return fmt.Errorf("loading symbol addresses: %w", err)
diff --git a/vendor/github.com/cilium/ebpf/internal/linux/auxv.go b/vendor/github.com/cilium/ebpf/internal/linux/auxv.go
index 98bb5d83cade52cd21a16578126b00c9ce485fd2..07d5efee0277e8e429af0d0b35318baf50fdaff7 100644
--- a/vendor/github.com/cilium/ebpf/internal/linux/auxv.go
+++ b/vendor/github.com/cilium/ebpf/internal/linux/auxv.go
@@ -2,8 +2,11 @@ package linux
import (
"errors"
+ "fmt"
"io"
_ "unsafe"
+
+ "github.com/cilium/ebpf/internal"
)
type auxvPairReader interface {
@@ -47,6 +50,10 @@ func (r *auxvRuntimeReader) ReadAuxvPair() (uint64, uint64, error) {
}
func newAuxvRuntimeReader() (auxvPairReader, error) {
+ if !internal.OnLinux {
+ return nil, fmt.Errorf("read auxv from runtime: %w", internal.ErrNotSupportedOnOS)
+ }
+
data := runtime_getAuxv()
if len(data)%2 != 0 {
diff --git a/vendor/github.com/cilium/ebpf/internal/sys/types.go b/vendor/github.com/cilium/ebpf/internal/sys/types.go
index 88001c319eb98365d5b11b9088266aae782fd17a..82f3492a83d8c49dd475739af07cc72486ea0394 100644
--- a/vendor/github.com/cilium/ebpf/internal/sys/types.go
+++ b/vendor/github.com/cilium/ebpf/internal/sys/types.go
@@ -26,6 +26,7 @@ const (
BPF_FIB_LKUP_RET_UNREACHABLE = 2
BPF_FIB_LKUP_RET_UNSUPP_LWT = 6
BPF_FIB_LOOKUP_DIRECT = 1
+ BPF_FIB_LOOKUP_MARK = 32
BPF_FIB_LOOKUP_OUTPUT = 2
BPF_FIB_LOOKUP_SKIP_NEIGH = 4
BPF_FIB_LOOKUP_SRC = 16
@@ -68,6 +69,7 @@ const (
BPF_F_NO_COMMON_LRU = 2
BPF_F_NO_PREALLOC = 1
BPF_F_NO_TUNNEL_KEY = 16
+ BPF_F_NO_USER_CONV = 262144
BPF_F_NUMA_NODE = 4
BPF_F_PATH_FD = 16384
BPF_F_PEER = 4
@@ -77,17 +79,20 @@ const (
BPF_F_RDONLY_PROG = 128
BPF_F_RECOMPUTE_CSUM = 1
BPF_F_REUSE_STACKID = 1024
+ BPF_F_SEGV_ON_FAULT = 131072
BPF_F_SEQ_NUMBER = 8
BPF_F_SKIP_FIELD_MASK = 255
BPF_F_STACK_BUILD_ID = 32
BPF_F_SYSCTL_BASE_NAME = 1
BPF_F_TIMER_ABS = 1
BPF_F_TIMER_CPU_PIN = 2
+ BPF_F_TOKEN_FD = 65536
BPF_F_TUNINFO_FLAGS = 16
BPF_F_TUNINFO_IPV6 = 1
BPF_F_UPROBE_MULTI_RETURN = 1
BPF_F_USER_BUILD_ID = 2048
BPF_F_USER_STACK = 256
+ BPF_F_VTYPE_BTF_OBJ_FD = 32768
BPF_F_WRONLY = 16
BPF_F_WRONLY_PROG = 256
BPF_F_ZERO_CSUM_TX = 2
@@ -117,6 +122,9 @@ const (
BPF_RINGBUF_BUSY_BIT = 2147483648
BPF_RINGBUF_DISCARD_BIT = 1073741824
BPF_RINGBUF_HDR_SZ = 8
+ BPF_SKB_CLOCK_MONOTONIC = 1
+ BPF_SKB_CLOCK_REALTIME = 0
+ BPF_SKB_CLOCK_TAI = 2
BPF_SKB_TSTAMP_DELIVERY_MONO = 1
BPF_SKB_TSTAMP_UNSPEC = 0
BPF_SK_LOOKUP_F_NO_REUSEPORT = 2
@@ -146,8 +154,6 @@ const (
BPF_SOCK_OPS_VOID = 0
BPF_SOCK_OPS_WRITE_HDR_OPT_CB = 15
BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG = 64
- BPF_STRUCT_OPS_TYPE_bpf_dummy_ops = 0
- BPF_STRUCT_OPS_TYPE_tcp_congestion_ops = 1
BPF_TASK_ITER_ALL_PROCS = 0
BPF_TASK_ITER_ALL_THREADS = 1
BPF_TASK_ITER_PROC_THREADS = 2
@@ -236,7 +242,8 @@ const (
BPF_CGROUP_UNIX_GETSOCKNAME AttachType = 53
BPF_NETKIT_PRIMARY AttachType = 54
BPF_NETKIT_PEER AttachType = 55
- __MAX_BPF_ATTACH_TYPE AttachType = 56
+ BPF_TRACE_KPROBE_SESSION AttachType = 56
+ __MAX_BPF_ATTACH_TYPE AttachType = 57
)
type Cmd uint32
@@ -279,6 +286,8 @@ const (
BPF_ITER_CREATE Cmd = 33
BPF_LINK_DETACH Cmd = 34
BPF_PROG_BIND_MAP Cmd = 35
+ BPF_TOKEN_CREATE Cmd = 36
+ __MAX_BPF_CMD Cmd = 37
)
type FunctionId uint32
@@ -523,7 +532,8 @@ const (
BPF_LINK_TYPE_TCX LinkType = 11
BPF_LINK_TYPE_UPROBE_MULTI LinkType = 12
BPF_LINK_TYPE_NETKIT LinkType = 13
- __MAX_BPF_LINK_TYPE LinkType = 14
+ BPF_LINK_TYPE_SOCKMAP LinkType = 14
+ __MAX_BPF_LINK_TYPE LinkType = 15
)
type MapType uint32
@@ -564,6 +574,8 @@ const (
BPF_MAP_TYPE_BLOOM_FILTER MapType = 30
BPF_MAP_TYPE_USER_RINGBUF MapType = 31
BPF_MAP_TYPE_CGRP_STORAGE MapType = 32
+ BPF_MAP_TYPE_ARENA MapType = 33
+ __MAX_BPF_MAP_TYPE MapType = 34
)
type ObjType uint32
@@ -623,6 +635,7 @@ const (
BPF_PROG_TYPE_SK_LOOKUP ProgType = 30
BPF_PROG_TYPE_SYSCALL ProgType = 31
BPF_PROG_TYPE_NETFILTER ProgType = 32
+ __MAX_BPF_PROG_TYPE ProgType = 33
)
type RetCode uint32
@@ -719,7 +732,7 @@ type MapInfo struct {
BtfId uint32
BtfKeyTypeId TypeID
BtfValueTypeId TypeID
- _ [4]byte
+ BtfVmlinuxId uint32
MapExtra uint64
}
@@ -816,6 +829,8 @@ type BtfLoadAttr struct {
BtfLogSize uint32
BtfLogLevel uint32
BtfLogTrueSize uint32
+ BtfFlags uint32
+ BtfTokenFd int32
}
func BtfLoad(attr *BtfLoadAttr) (*FD, error) {
@@ -1069,6 +1084,8 @@ type MapCreateAttr struct {
BtfValueTypeId TypeID
BtfVmlinuxValueTypeId TypeID
MapExtra uint64
+ ValueTypeBtfObjFd int32
+ MapTokenFd int32
}
func MapCreate(attr *MapCreateAttr) (*FD, error) {
@@ -1362,6 +1379,8 @@ type ProgLoadAttr struct {
CoreRelos Pointer
CoreReloRecSize uint32
LogTrueSize uint32
+ ProgTokenFd int32
+ _ [4]byte
}
func ProgLoad(attr *ProgLoadAttr) (*FD, error) {
@@ -1419,6 +1438,7 @@ type RawTracepointOpenAttr struct {
Name Pointer
ProgFd uint32
_ [4]byte
+ Cookie uint64
}
func RawTracepointOpen(attr *RawTracepointOpenAttr) (*FD, error) {
@@ -1460,19 +1480,20 @@ type KprobeLinkInfo struct {
Offset uint32
Addr uint64
Missed uint64
- _ [8]byte
+ Cookie uint64
}
type KprobeMultiLinkInfo struct {
- Type LinkType
- Id LinkID
- ProgId uint32
- _ [4]byte
- Addrs Pointer
- Count uint32
- Flags uint32
- Missed uint64
- _ [24]byte
+ Type LinkType
+ Id LinkID
+ ProgId uint32
+ _ [4]byte
+ Addrs Pointer
+ Count uint32
+ Flags uint32
+ Missed uint64
+ Cookies uint64
+ _ [16]byte
}
type NetNsLinkInfo struct {
diff --git a/vendor/github.com/cilium/ebpf/internal/tracefs/kprobe.go b/vendor/github.com/cilium/ebpf/internal/tracefs/kprobe.go
index 062bef9ec37fb8d6fc609cc6749db70bc46dce44..bdadf4d8eadbf0aa8d143ecf15e3e4d0c85e3b6f 100644
--- a/vendor/github.com/cilium/ebpf/internal/tracefs/kprobe.go
+++ b/vendor/github.com/cilium/ebpf/internal/tracefs/kprobe.go
@@ -113,6 +113,10 @@ func sanitizeTracefsPath(path ...string) (string, error) {
// but may be also be available at /sys/kernel/debug/tracing if debugfs is mounted.
// The available tracefs paths will depends on distribution choices.
var getTracefsPath = sync.OnceValues(func() (string, error) {
+ if !internal.OnLinux {
+ return "", fmt.Errorf("tracefs: %w", internal.ErrNotSupportedOnOS)
+ }
+
for _, p := range []struct {
path string
fsType int64
diff --git a/vendor/github.com/cilium/ebpf/internal/unix/error.go b/vendor/github.com/cilium/ebpf/internal/unix/error.go
new file mode 100644
index 0000000000000000000000000000000000000000..48017c1009c517246a30554aa98f62fc27892b1b
--- /dev/null
+++ b/vendor/github.com/cilium/ebpf/internal/unix/error.go
@@ -0,0 +1,23 @@
+package unix
+
+import (
+ "fmt"
+ "runtime"
+ "strings"
+
+ "github.com/cilium/ebpf/internal"
+)
+
+// errNonLinux returns an error which wraps [internal.ErrNotSupportedOnOS] and
+// includes the name of the calling function.
+func errNonLinux() error {
+ name := "unknown"
+ pc, _, _, ok := runtime.Caller(1)
+ if ok {
+ name = runtime.FuncForPC(pc).Name()
+ if pos := strings.LastIndexByte(name, '.'); pos != -1 {
+ name = name[pos+1:]
+ }
+ }
+ return fmt.Errorf("unix: %s: %w", name, internal.ErrNotSupportedOnOS)
+}
diff --git a/vendor/github.com/cilium/ebpf/internal/unix/strings_other.go b/vendor/github.com/cilium/ebpf/internal/unix/strings_other.go
new file mode 100644
index 0000000000000000000000000000000000000000..49e1fe21720298725c8ba98b9c32ee88ceded958
--- /dev/null
+++ b/vendor/github.com/cilium/ebpf/internal/unix/strings_other.go
@@ -0,0 +1,11 @@
+//go:build !linux && !windows
+
+package unix
+
+func BytePtrFromString(s string) (*byte, error) {
+ return nil, errNonLinux()
+}
+
+func ByteSliceToString(s []byte) string {
+ return ""
+}
diff --git a/vendor/github.com/cilium/ebpf/internal/unix/strings_windows.go b/vendor/github.com/cilium/ebpf/internal/unix/strings_windows.go
new file mode 100644
index 0000000000000000000000000000000000000000..7e3d4da7773548dd1f5efb0d5cca7825810d7be2
--- /dev/null
+++ b/vendor/github.com/cilium/ebpf/internal/unix/strings_windows.go
@@ -0,0 +1,19 @@
+package unix
+
+import (
+ "syscall"
+
+ "golang.org/x/sys/windows"
+)
+
+func BytePtrFromString(s string) (*byte, error) {
+ p, err := windows.BytePtrFromString(s)
+ if err == syscall.EINVAL {
+ err = EINVAL
+ }
+ return p, err
+}
+
+func ByteSliceToString(s []byte) string {
+ return windows.ByteSliceToString(s)
+}
diff --git a/vendor/github.com/cilium/ebpf/internal/unix/types_other.go b/vendor/github.com/cilium/ebpf/internal/unix/types_other.go
index 06cc3a096630081dc74203258e7328c883000425..806c6e567c970e617dbd53ff8d7146c9df1a8589 100644
--- a/vendor/github.com/cilium/ebpf/internal/unix/types_other.go
+++ b/vendor/github.com/cilium/ebpf/internal/unix/types_other.go
@@ -3,13 +3,9 @@
package unix
import (
- "fmt"
- "runtime"
"syscall"
)
-var errNonLinux = fmt.Errorf("unsupported platform %s/%s", runtime.GOOS, runtime.GOARCH)
-
// Errnos are distinct and non-zero.
const (
ENOENT syscall.Errno = iota + 1
@@ -142,23 +138,23 @@ func Syscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err syscall.Errno) {
}
func PthreadSigmask(how int, set, oldset *Sigset_t) error {
- return errNonLinux
+ return errNonLinux()
}
func FcntlInt(fd uintptr, cmd, arg int) (int, error) {
- return -1, errNonLinux
+ return -1, errNonLinux()
}
func IoctlSetInt(fd int, req uint, value int) error {
- return errNonLinux
+ return errNonLinux()
}
func Statfs(path string, buf *Statfs_t) error {
- return errNonLinux
+ return errNonLinux()
}
func Close(fd int) (err error) {
- return errNonLinux
+ return errNonLinux()
}
type EpollEvent struct {
@@ -168,23 +164,23 @@ type EpollEvent struct {
}
func EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
- return 0, errNonLinux
+ return 0, errNonLinux()
}
func EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
- return errNonLinux
+ return errNonLinux()
}
func Eventfd(initval uint, flags int) (fd int, err error) {
- return 0, errNonLinux
+ return 0, errNonLinux()
}
func Write(fd int, p []byte) (n int, err error) {
- return 0, errNonLinux
+ return 0, errNonLinux()
}
func EpollCreate1(flag int) (fd int, err error) {
- return 0, errNonLinux
+ return 0, errNonLinux()
}
type PerfEventMmapPage struct {
@@ -214,15 +210,15 @@ type PerfEventMmapPage struct {
}
func SetNonblock(fd int, nonblocking bool) (err error) {
- return errNonLinux
+ return errNonLinux()
}
func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
- return []byte{}, errNonLinux
+ return []byte{}, errNonLinux()
}
func Munmap(b []byte) (err error) {
- return errNonLinux
+ return errNonLinux()
}
type PerfEventAttr struct {
@@ -247,7 +243,7 @@ type PerfEventAttr struct {
}
func PerfEventOpen(attr *PerfEventAttr, pid int, cpu int, groupFd int, flags int) (fd int, err error) {
- return 0, errNonLinux
+ return 0, errNonLinux()
}
type Utsname struct {
@@ -256,7 +252,7 @@ type Utsname struct {
}
func Uname(buf *Utsname) (err error) {
- return errNonLinux
+ return errNonLinux()
}
func Getpid() int {
@@ -268,35 +264,27 @@ func Gettid() int {
}
func Tgkill(tgid int, tid int, sig syscall.Signal) (err error) {
- return errNonLinux
-}
-
-func BytePtrFromString(s string) (*byte, error) {
- return nil, errNonLinux
-}
-
-func ByteSliceToString(s []byte) string {
- return ""
+ return errNonLinux()
}
func Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) error {
- return errNonLinux
+ return errNonLinux()
}
func Prlimit(pid, resource int, new, old *Rlimit) error {
- return errNonLinux
+ return errNonLinux()
}
func Open(path string, mode int, perm uint32) (int, error) {
- return -1, errNonLinux
+ return -1, errNonLinux()
}
func Fstat(fd int, stat *Stat_t) error {
- return errNonLinux
+ return errNonLinux()
}
func SetsockoptInt(fd, level, opt, value int) error {
- return errNonLinux
+ return errNonLinux()
}
type CPUSet struct{}
@@ -304,9 +292,9 @@ type CPUSet struct{}
func (*CPUSet) Set(int) {}
func SchedSetaffinity(pid int, set *CPUSet) error {
- return errNonLinux
+ return errNonLinux()
}
func SchedGetaffinity(pid int, set *CPUSet) error {
- return errNonLinux
+ return errNonLinux()
}
diff --git a/vendor/github.com/cilium/ebpf/link/kprobe_multi.go b/vendor/github.com/cilium/ebpf/link/kprobe_multi.go
index 094cb0538cb992ad6a3604dbcb21452346a1cd6a..f19f9f4c732176728e940ba84912871ef7875446 100644
--- a/vendor/github.com/cilium/ebpf/link/kprobe_multi.go
+++ b/vendor/github.com/cilium/ebpf/link/kprobe_multi.go
@@ -37,6 +37,14 @@ type KprobeMultiOptions struct {
// Each Cookie is assigned to the Symbol or Address specified at the
// corresponding slice index.
Cookies []uint64
+
+ // Session must be true when attaching Programs with the
+ // [ebpf.AttachTraceKprobeSession] attach type.
+ //
+ // This makes a Kprobe execute on both function entry and return. The entry
+ // program can share a cookie value with the return program and can decide
+ // whether the return program gets executed.
+ Session bool
}
// KprobeMulti attaches the given eBPF program to the entry point of a given set
@@ -82,9 +90,14 @@ func kprobeMulti(prog *ebpf.Program, opts KprobeMultiOptions, flags uint32) (Lin
return nil, fmt.Errorf("Cookies must be exactly Symbols or Addresses in length: %w", errInvalidInput)
}
+ attachType := sys.BPF_TRACE_KPROBE_MULTI
+ if opts.Session {
+ attachType = sys.BPF_TRACE_KPROBE_SESSION
+ }
+
attr := &sys.LinkCreateKprobeMultiAttr{
ProgFd: uint32(prog.FD()),
- AttachType: sys.BPF_TRACE_KPROBE_MULTI,
+ AttachType: attachType,
KprobeMultiFlags: flags,
}
@@ -103,21 +116,31 @@ func kprobeMulti(prog *ebpf.Program, opts KprobeMultiOptions, flags uint32) (Lin
}
fd, err := sys.LinkCreateKprobeMulti(attr)
+ if err == nil {
+ return &kprobeMultiLink{RawLink{fd, ""}}, nil
+ }
+
if errors.Is(err, unix.ESRCH) {
return nil, fmt.Errorf("couldn't find one or more symbols: %w", os.ErrNotExist)
}
- if errors.Is(err, unix.EINVAL) {
- return nil, fmt.Errorf("%w (missing kernel symbol or prog's AttachType not AttachTraceKprobeMulti?)", err)
- }
- if err != nil {
+ if opts.Session {
+ if haveFeatErr := haveBPFLinkKprobeSession(); haveFeatErr != nil {
+ return nil, haveFeatErr
+ }
+ } else {
if haveFeatErr := haveBPFLinkKprobeMulti(); haveFeatErr != nil {
return nil, haveFeatErr
}
- return nil, err
}
- return &kprobeMultiLink{RawLink{fd, ""}}, nil
+ // Check EINVAL after running feature probes, since it's also returned when
+ // the kernel doesn't support the multi/session attach types.
+ if errors.Is(err, unix.EINVAL) {
+ return nil, fmt.Errorf("%w (missing kernel symbol or prog's AttachType not %s?)", err, ebpf.AttachType(attachType))
+ }
+
+ return nil, err
}
type kprobeMultiLink struct {
@@ -189,3 +212,44 @@ var haveBPFLinkKprobeMulti = internal.NewFeatureTest("bpf_link_kprobe_multi", fu
return nil
}, "5.18")
+
+var haveBPFLinkKprobeSession = internal.NewFeatureTest("bpf_link_kprobe_session", func() error {
+ prog, err := ebpf.NewProgram(&ebpf.ProgramSpec{
+ Name: "probe_kps_link",
+ Type: ebpf.Kprobe,
+ Instructions: asm.Instructions{
+ asm.Mov.Imm(asm.R0, 0),
+ asm.Return(),
+ },
+ AttachType: ebpf.AttachTraceKprobeSession,
+ License: "MIT",
+ })
+ if errors.Is(err, unix.E2BIG) {
+ // Kernel doesn't support AttachType field.
+ return internal.ErrNotSupported
+ }
+ if err != nil {
+ return err
+ }
+ defer prog.Close()
+
+ fd, err := sys.LinkCreateKprobeMulti(&sys.LinkCreateKprobeMultiAttr{
+ ProgFd: uint32(prog.FD()),
+ AttachType: sys.BPF_TRACE_KPROBE_SESSION,
+ Count: 1,
+ Syms: sys.NewStringSlicePointer([]string{"vprintk"}),
+ })
+ switch {
+ case errors.Is(err, unix.EINVAL):
+ return internal.ErrNotSupported
+ // If CONFIG_FPROBE isn't set.
+ case errors.Is(err, unix.EOPNOTSUPP):
+ return internal.ErrNotSupported
+ case err != nil:
+ return err
+ }
+
+ fd.Close()
+
+ return nil
+}, "6.10")
diff --git a/vendor/github.com/cilium/ebpf/linker.go b/vendor/github.com/cilium/ebpf/linker.go
index 6f97af27840c5b1761fe6eaa50de905b780d71c4..024b72bbc829676dc2b9b204d7b4cd896abdd926 100644
--- a/vendor/github.com/cilium/ebpf/linker.go
+++ b/vendor/github.com/cilium/ebpf/linker.go
@@ -207,13 +207,19 @@ func flattenPrograms(progs map[string]*ProgramSpec, names []string) {
// dependencies of each program.
func flattenInstructions(name string, progs map[string]*ProgramSpec, refs map[*ProgramSpec][]string) asm.Instructions {
prog := progs[name]
+ progRefs := refs[prog]
+
+ if len(progRefs) == 0 {
+ // No references, nothing to do.
+ return prog.Instructions
+ }
insns := make(asm.Instructions, len(prog.Instructions))
copy(insns, prog.Instructions)
// Add all direct references of prog to the list of to be linked programs.
- pending := make([]string, len(refs[prog]))
- copy(pending, refs[prog])
+ pending := make([]string, len(progRefs))
+ copy(pending, progRefs)
// All references for which we've appended instructions.
linked := make(map[string]bool)
diff --git a/vendor/github.com/cilium/ebpf/perf/reader.go b/vendor/github.com/cilium/ebpf/perf/reader.go
index 3c3d5694280da3c876c4acc1b33f292921fe95c7..113148bb021214b51574d637edba62e040ef2b23 100644
--- a/vendor/github.com/cilium/ebpf/perf/reader.go
+++ b/vendor/github.com/cilium/ebpf/perf/reader.go
@@ -1,3 +1,5 @@
+//go:build linux
+
package perf
import (
diff --git a/vendor/github.com/cilium/ebpf/perf/ring.go b/vendor/github.com/cilium/ebpf/perf/ring.go
index 63555f323b03e1b03f688acc835f8cf783dc3765..426f7e1546e7692c7458d07a8d7b7a8b0bf618c7 100644
--- a/vendor/github.com/cilium/ebpf/perf/ring.go
+++ b/vendor/github.com/cilium/ebpf/perf/ring.go
@@ -1,3 +1,5 @@
+//go:build linux
+
package perf
import (
diff --git a/vendor/github.com/cilium/ebpf/prog.go b/vendor/github.com/cilium/ebpf/prog.go
index 4f3ce43bfae2c89ed04ccbad7fae738e162a29ce..8fcae6a3fbe69a68e5e3f1e4b52318a12b400f3d 100644
--- a/vendor/github.com/cilium/ebpf/prog.go
+++ b/vendor/github.com/cilium/ebpf/prog.go
@@ -169,7 +169,7 @@ func (ps *ProgramSpec) Tag() (string, error) {
// ProgramSpec.AttachTo, if any. Returns an empty string if the symbol is not
// present or not part of a kernel module.
func (ps *ProgramSpec) kernelModule() (string, error) {
- if ps.AttachTo == "" && ps.targetsKernelModule() {
+ if ps.targetsKernelModule() {
return kallsyms.Module(ps.AttachTo)
}
diff --git a/vendor/github.com/cilium/ebpf/ringbuf/reader.go b/vendor/github.com/cilium/ebpf/ringbuf/reader.go
index 11ef93b40b7ab896c46903d76cf0801a235a74a9..202738e279759094f594cba5b9e5b160699c2059 100644
--- a/vendor/github.com/cilium/ebpf/ringbuf/reader.go
+++ b/vendor/github.com/cilium/ebpf/ringbuf/reader.go
@@ -1,3 +1,5 @@
+//go:build linux
+
package ringbuf
import (
diff --git a/vendor/github.com/cilium/ebpf/ringbuf/ring.go b/vendor/github.com/cilium/ebpf/ringbuf/ring.go
index 8f75bba89508bf4e66aa2645db47249bb1221033..c78a76f65bc42c8234488361d89a95389cf94108 100644
--- a/vendor/github.com/cilium/ebpf/ringbuf/ring.go
+++ b/vendor/github.com/cilium/ebpf/ringbuf/ring.go
@@ -1,3 +1,5 @@
+//go:build linux
+
package ringbuf
import (
diff --git a/vendor/github.com/cilium/ebpf/types.go b/vendor/github.com/cilium/ebpf/types.go
index 211b308bbc78cbe8cb5836376385b1d1f3a2dde6..d7fb00509deaca28118c8e8b4c5275ca3684c16c 100644
--- a/vendor/github.com/cilium/ebpf/types.go
+++ b/vendor/github.com/cilium/ebpf/types.go
@@ -236,6 +236,7 @@ const (
AttachSkReuseportSelectOrMigrate = AttachType(sys.BPF_SK_REUSEPORT_SELECT_OR_MIGRATE)
AttachPerfEvent = AttachType(sys.BPF_PERF_EVENT)
AttachTraceKprobeMulti = AttachType(sys.BPF_TRACE_KPROBE_MULTI)
+ AttachTraceKprobeSession = AttachType(sys.BPF_TRACE_KPROBE_SESSION)
AttachLSMCgroup = AttachType(sys.BPF_LSM_CGROUP)
AttachStructOps = AttachType(sys.BPF_STRUCT_OPS)
AttachNetfilter = AttachType(sys.BPF_NETFILTER)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index a70850cd8c5d05adb551b647e1f5282a276631e3..ab9a689286f84d34731f10e5c3e27221f4104ee4 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -42,7 +42,7 @@ github.com/cenkalti/rpc2/jsonrpc
# github.com/cespare/xxhash/v2 v2.3.0
## explicit; go 1.11
github.com/cespare/xxhash/v2
-# github.com/cilium/ebpf v0.17.1
+# github.com/cilium/ebpf v0.17.2
## explicit; go 1.22
github.com/cilium/ebpf
github.com/cilium/ebpf/asm