legacy cgroup attachment functionality (needed for <= 5.6 kernels) #214
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
LGTM so far. I can't run the tests on a generic/ubuntu2004 box, unfortunately. vagrant@ubuntu2004:~/libbpfgo/selftest/cgroup-legacy$ uname -a
Linux ubuntu2004.localdomain 5.4.0-122-generic #138-Ubuntu SMP Wed Jun 22 15:00:31 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
vagrant@ubuntu2004:~/libbpfgo/selftest/cgroup-legacy$ pwd
/home/vagrant/libbpfgo/selftest/cgroup-legacy
vagrant@ubuntu2004:~/libbpfgo/selftest/cgroup-legacy$ git branch
* cgroup-attach-legacy
main
tinoco
vagrant@ubuntu2004:~/libbpfgo/selftest/cgroup-legacy$ make
make -C /home/vagrant/libbpfgo libbpfgo-static
make[1]: Entering directory '/home/vagrant/libbpfgo'
CC=clang \
CGO_CFLAGS="-I/home/vagrant/libbpfgo/output" \
CGO_LDFLAGS="-lelf -lz /home/vagrant/libbpfgo/output/libbpf.a" \
GOOS=linux GOARCH=amd64 \
go build \
-tags netgo -ldflags '-w -extldflags "-static"' \
.
make[1]: Leaving directory '/home/vagrant/libbpfgo'
make -C /home/vagrant/libbpfgo vmlinuxh
make[1]: Entering directory '/home/vagrant/libbpfgo'
make[1]: Leaving directory '/home/vagrant/libbpfgo'
clang -g -O2 -Wall -fpie -target bpf -D__TARGET_ARCH_amd64 -I../../output -c main.bpf.c -o main.bpf.o
In file included from main.bpf.c:3:
In file included from ../../output/bpf/bpf_helpers.h:11:
../../output/bpf/bpf_helper_defs.h:73:83: error: unknown type name '__u64'
static long (*bpf_map_update_elem)(void *map, const void *key, const void *value, __u64 flags) = (void *) 2;
^
../../output/bpf/bpf_helper_defs.h:97:42: error: unknown type name '__u32'
static long (*bpf_probe_read)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 4;
... |
If this is a Focal machine, please check tracee/packaging/Dockerfile.ubuntu-packaging file to see how to properly install needed toolchain (clang-12 needed, etc). |
grantseltzer
changed the title
rafaeldtinoco
commented
Aug 23, 2022
|
Tested with a vanilla 5.4 kernel and was able to attach to root cgroup on it. |
- Add AttachCgroupLegacy()
AttachCgroupLegacy attaches the BPFProg to a cgroup described by given
fd. It first tries to use the most recent attachment method and, if that
does not work, instead of failing it tries the legacy way: to attach the
cgroup eBPF program without previously creating a link. Related to
upstream kernel commit af6eea57437a ("bpf: Implement bpf_link-based
cgroup BPF program attachment").
- Add DetachCgroupLegacy()
DetachCgroupLegacy detaches the BPFProg from a cgroup described by given
fd. This is needed because in legacy attachment there is no BPFLink,
just a fake one (kernel did not support it, nor libbpf). This function
should be called by the (*BPFLink)->Destroy() function, since BPFLink is
emulated (so user don´t need to distinguish between regular and legacy
cgroup detachments).
Note: this test will be skipped for kernels >= 5.4 (because its original intent is to test the old attachment model, not the new one, already being tested by other test(s)).
|
The test still works in newer kernels but with a warning:
Because it is just testing the newer cgroup attachment type in those cases. When we run in kernels <= 5.4, then we get no warning and we test the interface for real. I thought about adding a flag to "force" using the legacy method but I don't think I should, so... it is what it is =). |
grantseltzer
approved these changes
Aug 24, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I'm still working on this. Will finish the selftest and try to REAL use cases before moving away from draft. But feel free to review the work so far. Thanks.