Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support 32-bit ARM (aarch32) syscalls #2898

Merged
merged 10 commits into from
Sep 19, 2024
Merged

support 32-bit ARM (aarch32) syscalls #2898

merged 10 commits into from
Sep 19, 2024

Conversation

kkourt
Copy link
Contributor

@kkourt kkourt commented Sep 9, 2024
edited
Loading

This PR adds support for dealing with 32-bit ARM syscalls on arm64.
See patches.

tracing: support 32-bit ARM (aarch32) syscalls

@kkourt kkourt changed the title restructure handling of i386 syscalls support 32-bit ARM (aarch32) syscalls Sep 9, 2024
@netlify Netlify
Copy link

netlify bot commented Sep 9, 2024
edited
Loading

Deploy Preview for tetragon ready!

Name Link
🔨 Latest commit 051f50e
🔍 Latest deploy log https://app.netlify.com/sites/tetragon/deploys/66ebd4edf37fa60008e24883
😎 Deploy Preview https://deploy-preview-2898--tetragon.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@kkourt kkourt added the release-note/minor This PR introduces a minor user-visible change label Sep 9, 2024
@kkourt kkourt force-pushed the pr/kkourt/syscalls-arm32 branch 14 times, most recently from a69eab3 to 691603b Compare September 13, 2024 07:26
@kkourt
Copy link
Contributor Author

kkourt commented Sep 13, 2024

Checkpatch failure is on existing code:

  CHECK:CAMELCASE: Avoid CamelCase: <is32BitSyscall>
  #50: FILE: bpf/process/generic_calls.h:155:
  +		e->sel.is32BitSyscall = flags & (1 << TIF_32BIT);

@kkourt kkourt marked this pull request as ready for review September 13, 2024 09:54
@kkourt kkourt requested review from mtardy, a team and willfindlay as code owners September 13, 2024 09:54
@kkourt kkourt requested a review from olsajiri September 13, 2024 09:55
mtardy
mtardy approved these changes Sep 17, 2024
View reviewed changes
Copy link
Member

@mtardy mtardy left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good, to be fair the first commit is tricky to review, the list code is a bit hard to read (apart from new syscall_list.go). Do we have tests that cover policies with list usage?

.github/workflows/gotests.yml Show resolved Hide resolved
pkg/sensors/tracing/lists.go Outdated Show resolved Hide resolved
pkg/sensors/tracing/enforcer.go Outdated Show resolved Hide resolved
willfindlay
willfindlay approved these changes Sep 17, 2024
View reviewed changes
Copy link
Contributor

@willfindlay willfindlay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM overall. Just a couple nits, aside from the typos @mtardy already pointed out. Pre-approving now.

docs/content/en/docs/concepts/tracing-policy/hooks.md Show resolved Hide resolved
pkg/observer/observertesthelper/observer_test_helper.go Show resolved Hide resolved
pkg/sensors/tracing/syscall_list.go Outdated Show resolved Hide resolved
@kkourt
restructure i386 syscalls code in syscall lists
c386ebe 
syscall lists are used so that we can have a common place to define:
syscall ids for the tracepoint hook filtering, and syscall function
symbols for the enforcer.

The previous implementation of i386 syscalls in these lists was using
the fact that (most) of the i386 syscalls are implemented using
functions prefixed by __ia32_sys. This, however, is not true for ARM
where most system calls have the same implementation for aarch32 and
aarch64 and their prefix is __arm64. This means that for arm, we cannot
determine the ABI of a system call from its function.

Morover, x86_64 has two 32-bit abis: i386 and x32, and we might,
eventually, want to add supoprt the latter.

This patch reworks the code of the syscall lists. In syscall lists,
users can now use the abi/ prefix (e.g., i386/) to specify system calls
under a specific ABI.

The commits adds a new SyscallVal type which represents values in a
system call list. For this type, we imlement the two required methods:
 - ID(): get the id of the system call to pass in BPF
 - Symbol(): get the symbol that corresponds to the implementation of
   the syscall

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt
SyscallVal: add some simple tests
dc3ce82 
Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt
observer_test_helper: properly clenup base sensor
323a835 
During a test failure, where loading a sensor failed, the next test
would also fail because the base sensor existed already.

Fix this by registering a cleanup function to unload the base sensor
rogjt after we load it.

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt
misc: rename dup test policies
3b3ca88 
Rename some of the policies to better reflect the tests.

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt
testEnforcer: refactor test helper
cdb798c 
refactor the enforcer tester so that it can accept more than two
arguments. Also, allow for having different check functions for each
command. Finally, pass the test context from where the check actually
happens.

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt
tester-progs: build enforcer-tester-32 for ARM
b82a158 
Requires arm-linux-gnuabihf-gcc cross-compiler.

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt
gh: install gcc for 32-bit ARM
af52ce5 
Also, do a single apt-get update.

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt
syscallinfo: add ARM32 syscall ids
8bba71f 
Also, don't constrain building i386 ids in amd64. This will be used
later in tests.

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt
arm64: support 32-bit syscalls
fd94b63 
This commit adds support for 32-bit syscalls in arm64. The commit, using
what was added in previous patches, adds support for an arm32 ABI.
(Tecnically, I believe the ABI should have been named aarch32 ABI, but
arm32 seems clearer)

Most of the 32-bit system calls use the same function as their 64-bit
counterparts. So for now we just add a __arm64  prefix to get the
symbol. For cases where this does not work, users would have to add the
specific symbol on their own.

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt
enforcer_tests: test arm32 syscalls
051f50e 
Previously, the 32-bit syscall enforcer tests were only done in amd64
because we did not supported 32-bit syscalls in arm64. This patch
modifies these tests to also test arm64 32-bit calls.

Signed-off-by: Kornilios Kourtis <kornilios@isovalent.com>
@kkourt kkourt force-pushed the pr/kkourt/syscalls-arm32 branch from 691603b to 051f50e Compare September 19, 2024 07:38
@kkourt
Copy link
Contributor Author

kkourt commented Sep 19, 2024

Thanks for the reviews!
I believe all the feedback is addressed, merging.

@kkourt kkourt merged commit 0d2fa1d into main Sep 19, 2024
50 of 51 checks passed
@kkourt kkourt deleted the pr/kkourt/syscalls-arm32 branch September 19, 2024 09:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@olsajiri olsajiri olsajiri approved these changes

@mtardy mtardy mtardy approved these changes

@willfindlay willfindlay willfindlay approved these changes

Assignees
No one assigned
Labels
release-note/minor This PR introduces a minor user-visible change
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kkourt @mtardy @willfindlay @olsajiri