You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is closely related to #2040. Our qemu builds are unable to pass the newer BPF token permission checks, causing it to use the reduced (4096) BPF instruction limit. We should update our qemu VM image building process to ensure that it's able to use the 1M instruction limit.
Logs
$ bazel run -c dbg src/stirling/source_connectors/socket_tracer:dns_trace_bpf_test_qemu_interactive
bash-5.2# src/stirling/source_connectors/socket_tracer/dns_trace_bpf_test
I20241009 14:21:07.577044 135 socket_trace_connector.cc:468] Kernel version greater than V5.1 detected (6.11.1), raised loop limit to 882 and chunk limit to 84
I20241009 14:21:07.578644 135 kernel_version.cc:82] Obtained Linux version string from `uname`: 6.11.1
I20241009 14:21:07.578760 135 linux_headers.cc:381] Detected kernel release (uname -r): 6.11.1
I20241009 14:21:07.580492 135 linux_headers.cc:202] Using Linux headers from: /lib/modules/6.11.1/build and /lib/modules/6.11.1/source.
I20241009 14:21:07.585541 135 bcc_wrapper.cc:166] Initializing BPF program ...
I20241009 14:22:06.109444 135 scoped_timer.h:48] Timer(init_bpf_program) : 58.52 s
bpf: Argument list too long. Program too large (18400 insns), at most 4096 insns
./src/stirling/source_connectors/socket_tracer/testing/socket_trace_bpf_test_fixture.h:54: Failure
Value of: IsOK(::px::StatusAdapter(source_->Init()))
Actual: false (Internal : Failed to load syscall__probe_ret_writev: -1)
Expected: true
I20241009 14:22:11.929546 135 container_runner.cc:53] podman rm -f dns_server_52108331944 &>/dev/null
[ FAILED ] DNSTraceTest.Capture (87555 ms)
[----------] 1 test from DNSTraceTest (87556 ms total)
[----------] Global test environment tear-down
[==========] 1 test from 1 test suite ran. (87557 ms total)
[ PASSED ] 0 tests.
[ FAILED ] 1 test, listed below:
[ FAILED ] DNSTraceTest.Capture
1 FAILED TEST
I20241009 14:22:12.809012 135 env.cc:51] Shutting down
The text was updated successfully, but these errors were encountered:
…er kernels (#2041)
Summary: Upgrade bcc and libbpf to fix BPF program compilation on 6.10
and later kernels
Bcc provides some
"[virtual](https://github.com/iovisor/bcc/blob/cb1ba20f4800f556dc940682ba7016c50bd0a3ac/src/cc/exported_files.cc#L28-L48)"
includes to BPF programs. The `compat/linux/virtual_bpf.h` file in
particular needs to be kept in sync with libbpf and matches the [header
guard](https://github.com/iovisor/bcc/blob/cb1ba20f4800f556dc940682ba7016c50bd0a3ac/src/cc/compat/linux/virtual_bpf.h#L9)
of the `include/uapi/linux/bpf.h` file. This means that while our linux
headers were updated, our older bcc install was inserting an older copy
of the `uapi/linux/bpf.h` file -- one that didn't contain the `bpf_wq`
declaration.
```
include/linux/bpf.h:348:10: error: invalid application of 'sizeof' to an incomplete type 'struct bpf_wq'
return sizeof(struct bpf_wq);
^ ~~~~~~~~~~~~~~~
include/linux/bpf.h:348:24: note: forward declaration of 'struct bpf_wq'
return sizeof(struct bpf_wq);
^
include/linux/bpf.h:377:10: error: invalid application of '__alignof' to an incomplete type 'struct bpf_wq'
return __alignof__(struct bpf_wq);
^ ~~~~~~~~~~~~~~~
include/linux/bpf.h:377:29: note: forward declaration of 'struct bpf_wq'
return __alignof__(struct bpf_wq);
```
Note: while this fixes the 6.10 compilation issue, our 6.10 qemu build
fails without disabling [this
logic](https://github.com/pixie-io/pixie/blob/3c41d554215528e688328aef94192e696db617dc/src/stirling/source_connectors/socket_tracer/socket_trace_connector.cc#L464-L472).
6.10 kernels added BPF token support. This changes the BPF permission
model slightly and causes the BPF instruction limit to be dependent on
the permissions of the BPF syscall caller ([linux
source](https://elixir.bootlin.com/linux/v6.11.1/source/kernel/bpf/syscall.c#L2757)).
This new BPF token logic coupled with our qemu setup, causes our 6.10
build to fallback to the 4096 instruction limit. I'll be addressing this
in #2040 and #2042. Those issues shouldn't block this change since that
loop limit code can be bypasses at runtime with our current cli flags.
Relevant Issues: Closes#2035
Type of change: /kind bugfix
Test Plan: Built 6.10 and 6.11 kernels and the associated linux headers
from #2036 and verified that a local qemu build passes
- [x] Verify `#ci:bpf-build-all-kernels` build passes
Changelog Message: Upgraded bcc and libbpf to support kernels 6.10 and
later
---------
Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
This is closely related to #2040. Our qemu builds are unable to pass the newer BPF token permission checks, causing it to use the reduced (4096) BPF instruction limit. We should update our qemu VM image building process to ensure that it's able to use the 1M instruction limit.
Logs
The text was updated successfully, but these errors were encountered: