From d5dbba70ee6ca7c1d5e057794d609cb32a29c8aa Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Thu, 30 Nov 2023 09:48:56 +0100 Subject: [PATCH] chore(pkg/driver): do not fail if /sys/kernel/debug fails to be mounted. Also check if `/sys/kernel/debug/tracing` exists. Signed-off-by: Federico Di Pierro --- go.mod | 2 +- go.sum | 4 ++-- pkg/driver/type/bpf.go | 11 ++++++++++- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index a39e2dbd..55893e58 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/distribution/distribution/v3 v3.0.0-20230608105614-4501a6e06d3b github.com/docker/cli v24.0.7+incompatible github.com/docker/docker v24.0.7+incompatible - github.com/falcosecurity/driverkit v0.15.5-0.20231108173325-1babd00be84f + github.com/falcosecurity/driverkit v0.16.0 github.com/go-oauth2/oauth2/v4 v4.5.2 github.com/golang-jwt/jwt v3.2.2+incompatible github.com/google/go-containerregistry v0.16.1 diff --git a/go.sum b/go.sum index 0f44252c..34e6158a 100644 --- a/go.sum +++ b/go.sum @@ -333,8 +333,8 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/falcosecurity/driverkit v0.15.5-0.20231108173325-1babd00be84f h1:J18YO8qW1vHbFpue+ga0KS8vjXmF7Wkqd2juqFotcB0= -github.com/falcosecurity/driverkit v0.15.5-0.20231108173325-1babd00be84f/go.mod h1:vGGEx4jQFuTCYdPn70Pb7d3PjrgBULCKhOlW/serJTw= +github.com/falcosecurity/driverkit v0.16.0 h1:riTkoDVJjoO00kojzm9rNvXu0aQs3phWp+4+VJjt+Ws= +github.com/falcosecurity/driverkit v0.16.0/go.mod h1:vGGEx4jQFuTCYdPn70Pb7d3PjrgBULCKhOlW/serJTw= github.com/fasthttp-contrib/websocket v0.0.0-20160511215533-1f3b11f56072/go.mod h1:duJ4Jxv5lDcvg4QuQr0oowTf7dz4/CR8NtyCooz9HL8= github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= diff --git a/pkg/driver/type/bpf.go b/pkg/driver/type/bpf.go index 11845bba..3457cf36 100644 --- a/pkg/driver/type/bpf.go +++ b/pkg/driver/type/bpf.go @@ -24,6 +24,7 @@ import ( "golang.org/x/net/context" "k8s.io/utils/mount" + "github.com/falcosecurity/falcoctl/internal/utils" "github.com/falcosecurity/falcoctl/pkg/output" ) @@ -45,9 +46,17 @@ func (b *bpf) Cleanup(printer *output.Printer, _ string) error { // since these releases still did not support raw tracepoints. // BPF_PROG_TYPE_RAW_TRACEPOINT was introduced in 4.17 indeed: // https://github.com/torvalds/linux/commit/c4f6699dfcb8558d138fe838f741b2c10f416cf9 + exists, _ := utils.FileExists("/sys/kernel/debug/tracing") + if exists { + return nil + } printer.Logger.Info("Mounting debugfs for bpf driver.") mounter := mount.New("/bin/mount") - return mounter.Mount("debugfs", "/sys/kernel/debug", "debugfs", []string{"nodev"}) + // We don't fail if this fails; let's try to build a probe anyway. + if err := mounter.Mount("debugfs", "/sys/kernel/debug", "debugfs", []string{"nodev"}); err != nil { + printer.Logger.Warn("Failed to mount debugfs.", printer.Logger.Args("err", err)) + } + return nil } func (b *bpf) Load(_ *output.Printer, _ string, _ bool) error {