[CWS] drop the runtime compilation constants provider

DataDog · Dec 20, 2024 · bd1182f · bd1182f
1 parent 21f4c0e
commit bd1182f
Show file tree

Hide file tree

Showing 6 changed files with 1 addition and 262 deletions.
diff --git a/pkg/config/setup/system_probe.go b/pkg/config/setup/system_probe.go
@@ -377,7 +377,6 @@ func InitSystemProbeConfig(cfg pkgconfigmodel.Config) {
 	eventMonitorBindEnv(cfg, join(evNS, "event_stream.buffer_size"))
 	eventMonitorBindEnvAndSetDefault(cfg, join(evNS, "envs_with_value"), []string{"LD_PRELOAD", "LD_LIBRARY_PATH", "PATH", "HISTSIZE", "HISTFILESIZE", "GLIBC_TUNABLES"})
 	eventMonitorBindEnvAndSetDefault(cfg, join(evNS, "runtime_compilation.enabled"), false)
-	eventMonitorBindEnv(cfg, join(evNS, "runtime_compilation.compiled_constants_enabled"))
 	eventMonitorBindEnvAndSetDefault(cfg, join(evNS, "network.enabled"), true)
 	eventMonitorBindEnvAndSetDefault(cfg, join(evNS, "network.ingress.enabled"), false)
 	eventMonitorBindEnvAndSetDefault(cfg, join(evNS, "network.raw_packet.enabled"), false)

diff --git a/pkg/security/probe/config/config.go b/pkg/security/probe/config/config.go
@@ -101,9 +101,6 @@ type Config struct {
 	// RuntimeCompilationEnabled defines if the runtime-compilation is enabled
 	RuntimeCompilationEnabled bool
 
-	// EnableRuntimeCompiledConstants defines if the runtime compilation based constant fetcher is enabled
-	RuntimeCompiledConstantsEnabled bool
-
 	// RuntimeCompiledConstantsIsSet is set if the runtime compiled constants option is user-set
 	RuntimeCompiledConstantsIsSet bool
 
@@ -190,9 +187,7 @@ func NewConfig() (*Config, error) {
 		EventServerBurst: pkgconfigsetup.SystemProbe().GetInt(join(evNS, "event_server.burst")),
 
 		// runtime compilation
-		RuntimeCompilationEnabled:       getBool("runtime_compilation.enabled"),
-		RuntimeCompiledConstantsEnabled: getBool("runtime_compilation.compiled_constants_enabled"),
-		RuntimeCompiledConstantsIsSet:   isSet("runtime_compilation.compiled_constants_enabled"),
+		RuntimeCompilationEnabled: getBool("runtime_compilation.enabled"),
 	}
 
 	if err := c.sanitize(); err != nil {
@@ -225,10 +220,6 @@ func (c *Config) sanitize() error {
 		c.RuntimeCompilationEnabled = false
 	}
 
-	if !c.RuntimeCompilationEnabled {
-		c.RuntimeCompiledConstantsEnabled = false
-	}
-
 	if c.EventStreamBufferSize%os.Getpagesize() != 0 || c.EventStreamBufferSize&(c.EventStreamBufferSize-1) != 0 {
 		return fmt.Errorf("runtime_security_config.event_stream.buffer_size must be a power of 2 and a multiple of %d", os.Getpagesize())
 	}

diff --git a/pkg/security/probe/constantfetch/available.go b/pkg/security/probe/constantfetch/available.go
@@ -29,11 +29,6 @@ func GetAvailableConstantFetchers(config *config.Config, kv *kernel.Version, sta
 		fetchers = append(fetchers, coreFetcher)
 	}
 
-	if config.RuntimeCompiledConstantsEnabled {
-		rcConstantFetcher := NewRuntimeCompilationConstantFetcher(&config.Config, statsdClient)
-		fetchers = append(fetchers, rcConstantFetcher)
-	}
-
 	btfhubFetcher, err := NewBTFHubConstantFetcher(kv)
 	if err != nil {
 		seclog.Debugf("failed to create btfhub constant fetcher: %v", err)

diff --git a/pkg/security/probe/constantfetch/runtime_compiled.go b/pkg/security/probe/constantfetch/runtime_compiled.go
diff --git a/pkg/security/probe/probe_ebpf.go b/pkg/security/probe/probe_ebpf.go
@@ -2010,8 +2010,6 @@ func NewEBPFProbe(probe *Probe, config *config.Config, opts Opts) (*EBPFProbe, e
 
 	p.supportsBPFSendSignal = p.kernelVersion.SupportBPFSendSignal()
 
-	p.ensureConfigDefaults()
-
 	p.monitors = NewEBPFMonitors(p)
 
 	p.numCPU, err = utils.NumCPU()
@@ -2268,13 +2266,6 @@ func (p *EBPFProbe) GetProfileManagers() *SecurityProfileManagers {
 	return p.profileManagers
 }
 
-func (p *EBPFProbe) ensureConfigDefaults() {
-	// enable runtime compiled constants on COS by default
-	if !p.config.Probe.RuntimeCompiledConstantsIsSet && p.kernelVersion.IsCOSKernel() {
-		p.config.Probe.RuntimeCompiledConstantsEnabled = true
-	}
-}
-
 const (
 	netStructHasProcINum uint64 = 0
 	netStructHasNS       uint64 = 1

diff --git a/pkg/security/tests/constants_test.go b/pkg/security/tests/constants_test.go
@@ -19,20 +19,6 @@ import (
 	"github.com/DataDog/datadog-agent/pkg/security/probe/constantfetch"
 )
 
-var BTFHubVsRcPossiblyMissingConstants = []string{
-	constantfetch.OffsetNameNFConnStructCTNet,
-	constantfetch.OffsetNameIoKiocbStructCtx,
-	constantfetch.OffsetNameMountMntID,
-}
-
-var RCVsFallbackPossiblyMissingConstants = []string{
-	constantfetch.OffsetNameIoKiocbStructCtx,
-	constantfetch.OffsetNameTaskStructPID,
-	constantfetch.OffsetNameTaskStructPIDLink,
-	constantfetch.OffsetNameDeviceStructNdNet,
-	constantfetch.OffsetNameMountMntID,
-}
-
 var BTFHubVsFallbackPossiblyMissingConstants = []string{
 	constantfetch.OffsetNameNFConnStructCTNet,
 	constantfetch.OffsetNameTaskStructPID,
@@ -69,40 +55,6 @@ func TestOctogonConstants(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	_, secconfig, err := genTestConfigs(dir, testOpts{})
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	t.Run("rc-vs-fallback", func(t *testing.T) {
-		checkKernelCompatibility(t, "SLES kernels", func(kv *kernel.Version) bool {
-			return kv.IsSLESKernel() || (kv.IsAmazonLinux2023Kernel() && (testEnvironment == DockerEnvironment))
-		})
-
-		fallbackFetcher := constantfetch.NewFallbackConstantFetcher(kv)
-		rcFetcher := constantfetch.NewRuntimeCompilationConstantFetcher(&secconfig.Probe.Config, nil)
-
-		assertConstantsEqual(t, rcFetcher, fallbackFetcher, kv, RCVsFallbackPossiblyMissingConstants)
-	})
-
-	t.Run("btfhub-vs-rc", func(t *testing.T) {
-		checkKernelCompatibility(t, "SLES kernels", func(kv *kernel.Version) bool {
-			return kv.IsSLESKernel() || (kv.IsAmazonLinux2023Kernel() && (testEnvironment == DockerEnvironment))
-		})
-
-		btfhubFetcher, err := constantfetch.NewBTFHubConstantFetcher(kv)
-		if err != nil {
-			t.Skipf("btfhub constant fetcher is not available: %v", err)
-		}
-		if !btfhubFetcher.HasConstantsInStore() {
-			t.Skip("btfhub has no constant for this OS")
-		}
-
-		rcFetcher := constantfetch.NewRuntimeCompilationConstantFetcher(&secconfig.Probe.Config, nil)
-
-		assertConstantsEqual(t, rcFetcher, btfhubFetcher, kv, BTFHubVsRcPossiblyMissingConstants)
-	})
-
 	t.Run("btfhub-vs-fallback", func(t *testing.T) {
 		btfhubFetcher, err := constantfetch.NewBTFHubConstantFetcher(kv)
 		if err != nil {
@@ -116,17 +68,6 @@ func TestOctogonConstants(t *testing.T) {
 
 		assertConstantsEqual(t, btfhubFetcher, fallbackFetcher, kv, BTFHubVsFallbackPossiblyMissingConstants)
 	})
-
-	t.Run("guesser-vs-rc", func(t *testing.T) {
-		checkKernelCompatibility(t, "SLES kernels", func(kv *kernel.Version) bool {
-			return kv.IsSLESKernel() || (kv.IsAmazonLinux2023Kernel() && (testEnvironment == DockerEnvironment))
-		})
-
-		rcFetcher := constantfetch.NewRuntimeCompilationConstantFetcher(&secconfig.Probe.Config, nil)
-		ogFetcher := constantfetch.NewOffsetGuesserFetcher(secconfig.Probe, kv)
-
-		assertConstantContains(t, rcFetcher, ogFetcher, kv, nil)
-	})
 }
 
 func getFighterConstants(champion, challenger constantfetch.ConstantFetcher, kv *kernel.Version) (map[string]uint64, map[string]uint64, error) {