Fix the eBPF verifier error on ARM64

2025-08-16 07:36:04 +00:00 · 2022-06-15 22:29:37 +03:00 · 2022-06-15 22:29:37 +03:00 · 82befd14bb
commit 82befd14bb
parent 18ccfaf4d7
5 changed files with 15 additions and 8 deletions
--- a/tap/tlstapper/bpf/common.c
+++ b/tap/tlstapper/bpf/common.c
@ -80,10 +80,6 @@ static __always_inline void send_chunk(struct pt_regs *ctx, __u8* buffer, __u64
 }

 static __always_inline void output_ssl_chunk(struct pt_regs *ctx, struct ssl_info* info, int count_bytes, __u64 id, __u32 flags) {
-    if (count_bytes <= 0) {
-        return;
-    }
-
    if (count_bytes > (CHUNK_SIZE * MAX_CHUNKS_PER_OPERATION)) {
        log_error(ctx, LOG_ERROR_BUFFER_TOO_BIG, id, count_bytes, 0l);
        return;
--- a/tap/tlstapper/bpf/go_uprobes.c
+++ b/tap/tlstapper/bpf/go_uprobes.c
@ -93,6 +93,10 @@ static __always_inline void go_crypto_tls_uprobe(struct pt_regs *ctx, struct bpf
    info.buffer = (void*)GO_ABI_INTERNAL_PT_REGS_R4(ctx);
    info.fd = go_crypto_tls_get_fd_from_tcp_conn(ctx);

+    if (info.buffer_len <= 0) {
+        return;
+    }
+
    // GO_ABI_INTERNAL_PT_REGS_GP is Goroutine address
    __u64 pid_fp = pid << 32 | GO_ABI_INTERNAL_PT_REGS_GP(ctx);
    long err = bpf_map_update_elem(go_context, &pid_fp, &info, BPF_ANY);
--- a/tap/tlstapper/bpf/openssl_uprobes.c
+++ b/tap/tlstapper/bpf/openssl_uprobes.c
@ -101,6 +101,9 @@ static __always_inline void ssl_uretprobe(struct pt_regs *ctx, struct bpf_map_de
 	}

    int count_bytes = get_count_bytes(ctx, &info, id);
+    if (count_bytes <= 0) {
+        return;
+    }

 	output_ssl_chunk(ctx, &info, count_bytes, id, flags);
 }
--- a/tap/tlstapper/go_offsets.go
+++ b/tap/tlstapper/go_offsets.go
@ -112,7 +112,11 @@ func getOffsets(filePath string) (offsets map[string]*goExtendedOffset, err erro
 		return
 	}

-	syms, err := se.Symbols()
+	var syms []elf.Symbol
+	syms, err = se.Symbols()
+	if err != nil {
+		return
+	}
 	for _, sym := range syms {
 		offset := sym.Value

@ -147,7 +151,7 @@ func getOffsets(filePath string) (offsets map[string]*goExtendedOffset, err erro
 		// collect the bytes of the symbol
 		symBytes := textSectionData[symStartingIndex:symEndingIndex]

-		// disasemble the symbol
+		// disassemble the symbol
 		var instructions []gapstone.Instruction
 		instructions, err = engine.Disasm(symBytes, sym.Value, 0)
 		if err != nil {
--- a/tap/tlstapper/tls_tapper.go
+++ b/tap/tlstapper/tls_tapper.go
@ -161,14 +161,14 @@ func setupRLimit() error {
 }

 func (t *TlsTapper) tapSsllibPid(pid uint32, sslLibrary string, namespace string) error {
-	logger.Log.Infof("Tapping TLS (pid: %v) (sslLibrary: %v)", pid, sslLibrary)
-
 	newSsl := sslHooks{}

 	if err := newSsl.installUprobes(&t.bpfObjects, sslLibrary); err != nil {
 		return err
 	}

+	logger.Log.Infof("Tapping TLS (pid: %v) (sslLibrary: %v)", pid, sslLibrary)
+
 	t.sslHooksStructs = append(t.sslHooksStructs, newSsl)

 	t.poller.addPid(pid, namespace)