From 0fd246f5b7604c305d3db18bf1e87b2ba5642099 Mon Sep 17 00:00:00 2001 From: William Findlay Date: Tue, 24 Oct 2023 15:27:54 -0400 Subject: [PATCH] tetragon: ensure struct alignment on startup Mismatches between the BPF and userspace API are often the cause of bizarre bugs that are difficult to debug. This might happen if a developer makes a change to one and forgets to update the other, or it might simply happen during development if the userspace and BPF targets go out of sync. This PR introduces alignment checks to the Tetragon startup process so that we can fail with a clear error message when such situations arise. Signed-off-by: William Findlay --- cmd/tetragon/main.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/cmd/tetragon/main.go b/cmd/tetragon/main.go index 69ccd3136a8..dbded2055b4 100644 --- a/cmd/tetragon/main.go +++ b/cmd/tetragon/main.go @@ -11,6 +11,7 @@ import ( pprofhttp "net/http/pprof" "os" "os/signal" + "path" "path/filepath" "runtime" "runtime/pprof" @@ -20,6 +21,7 @@ import ( "time" "github.com/cilium/tetragon/api/v1/tetragon" + "github.com/cilium/tetragon/pkg/alignchecker" "github.com/cilium/tetragon/pkg/bpf" "github.com/cilium/tetragon/pkg/btf" "github.com/cilium/tetragon/pkg/bugtool" @@ -72,6 +74,11 @@ var ( log = logger.GetLogger() ) +func checkStructAlignments() error { + path := path.Join(option.Config.HubbleLib, "bpf_alignchecker.o") + return alignchecker.CheckStructAlignments(path) +} + func getExportFilters() ([]*tetragon.Filter, []*tetragon.Filter, error) { allowList, err := filters.ParseFilterList(viper.GetString(option.KeyExportAllowlist), viper.GetBool(option.KeyEnablePidSetFilter)) if err != nil { @@ -178,6 +185,10 @@ func tetragonExecute() error { defaults.NetnsDir = viper.GetString(option.KeyNetnsDir) } + if err := checkStructAlignments(); err != nil { + return fmt.Errorf("struct alignment checks failed: %w", err) + } + checkprocfs.Check() // Setup file system mounts