-
Notifications
You must be signed in to change notification settings - Fork 165
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API versioning for user/kernel boundary #39
Conversation
Skipping CI for Draft Pull Request. |
Issues go stale after 90d of inactivity. Mark the issue as fresh with Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle stale |
Stale issues rot after 30d of inactivity. Mark the issue as fresh with Rotten issues close after an additional 30d of inactivity. If this issue is safe to close now please do so with Provide feedback via https://github.com/falcosecurity/community. /lifecycle rotten |
d1e0f1e
to
7a1b461
Compare
Rotten issues close after 30d of inactivity. Reopen the issue with Mark the issue as fresh with Provide feedback via https://github.com/falcosecurity/community. |
@poiana: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/reopen |
@leogr: Reopened this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just some thoughts about naming (see my comments below).
I also have the same question @FedeDP wrote in this comment 👇
#39 (review)
Otherwise, SGTM 👏
4f903f7
to
22e9d39
Compare
@leogr, honestly I'd rather not introduce the new naming here, even in new APIs. I'm all for a subsequent PR that renames everything at once that we merge soon after (nobody should start depending on the I'm open to discussion if you have strong opinions about it though |
👍 agreed. If you want, I can make the PR for the renaming once this gets merged. |
2ef3ea4
to
8d70834
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
/approve
LGTM label has been added. Git tree hash: 34e54e57f0ecd42927fea2ff9a641ca9e37deb21
|
This allows reusing eBPF probes across different consumers (and consumer versions) as long as the API is compatible. It also adds validation of API versions in the non-eBPF kernel probes, which was a long-standing omission. Since the actual interface evolved slowly, it generally worked fine, but in some rare cases it could easily end up with a kernel panic. Signed-off-by: Grzegorz Nosek <grzegorz.nosek@sysdig.com>
If fcntl(F_SETFD, FD_CLOEXEC) failed in scap_open_live_int, we returned from the function with the fd still open (scap_close only closes the fds which have a mmapped buffer attached). Signed-off-by: Grzegorz Nosek <grzegorz.nosek@sysdig.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/approve
This feature is a huge step forward for this project.
@gnosek huge thank you! 🙏
LGTM label has been added. Git tree hash: 45a54ab12ef309a57c2e89db359be5e2fead9168
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: FedeDP, gnosek, leogr The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
Any specific area of the project related to this PR?
/area build
/area driver-kmod
/area driver-ebpf
/area libscap
What this PR does / why we need it:
This PR implements the API versioning proposal.
It basically:
probe_version
equality check with a semver(like) check on the contents of theprobe_api_version
section; this allows us to reuse eBPF probes across consumer/libs versions as long as they support the same APIscap_open_live_int()
; there was no such check beforeIt also takes care to reject probes predating API versioning.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: