From b56da24f6acdf74e33664d50d7e7958919f4aa13 Mon Sep 17 00:00:00 2001 From: Rolf Neugebauer Date: Fri, 6 Jan 2017 16:43:43 +0000 Subject: [PATCH 1/4] docs: add --pid=host to ebpf command line. A lot of the `iovisor/bcc` tools take a pid as a command line option and using `--pid=host` allows you to use `$(pgrep foo)` Signed-off-by: Rolf Neugebauer --- docs/ebpf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/ebpf.md b/docs/ebpf.md index 7d8ec8ab0..7f9057aa2 100644 --- a/docs/ebpf.md +++ b/docs/ebpf.md @@ -11,7 +11,7 @@ benchmarks etc. You probably want to run with -`docker run -it -v /sys/kernel/debug:/sys/kernel/debug --privileged mobylinux/ebpf:tag sh` for +`docker run -it -v /sys/kernel/debug:/sys/kernel/debug --privileged --pid=host mobylinux/ebpf:tag sh` for interactive use as some things use debugfs. You need at least `CAP_SYS_ADMIN` to do anything. There are examples in `bcc/examples` that should generally just work, I have tried several of the Lua ones. From 8ed1408b193791cc084ba4c6605b2aae4e998d5c Mon Sep 17 00:00:00 2001 From: Rolf Neugebauer Date: Fri, 6 Jan 2017 16:49:38 +0000 Subject: [PATCH 2/4] ebpf: set LD_LIBRARY_PATH in container This is needed for the python tools to find libbcc.so Signed-off-by: Rolf Neugebauer --- alpine/base/ebpf/Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/alpine/base/ebpf/Dockerfile b/alpine/base/ebpf/Dockerfile index fb9f5485e..fb7c29c0b 100644 --- a/alpine/base/ebpf/Dockerfile +++ b/alpine/base/ebpf/Dockerfile @@ -21,3 +21,5 @@ RUN mkdir -p bcc/build && cd bcc/build && \ make && \ make install RUN mkdir -p /usr/local/share/lua/5.1/ && cd ljsyscall && cp -a *.lua syscall /usr/local/share/lua/5.1/ + +ENV LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/usr/lib64 From fe533386f0f3b761707a9fb52dce36f27e664f4a Mon Sep 17 00:00:00 2001 From: Rolf Neugebauer Date: Fri, 6 Jan 2017 16:52:16 +0000 Subject: [PATCH 3/4] docs: add a note about kernel symbols to the ebpf documentation Signed-off-by: Rolf Neugebauer --- docs/ebpf.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/ebpf.md b/docs/ebpf.md index 7f9057aa2..ed5a893a7 100644 --- a/docs/ebpf.md +++ b/docs/ebpf.md @@ -15,3 +15,8 @@ You probably want to run with interactive use as some things use debugfs. You need at least `CAP_SYS_ADMIN` to do anything. There are examples in `bcc/examples` that should generally just work, I have tried several of the Lua ones. + +Some of the `iovisor/bcc` samples try to access the kernel symbols. For them to work correctly you should also execute: +```sh +echo 0 > /proc/sys/kernel/kptr_restrict +``` From be37d7b0fa80254596da921b428b93233ad0b1d9 Mon Sep 17 00:00:00 2001 From: Rolf Neugebauer Date: Fri, 6 Jan 2017 18:06:05 +0000 Subject: [PATCH 4/4] ebpf: fix ebpf compile error Some/most of the samples/tools throw and error, e.g.: LLVM ERROR: Cannot select: 0x56049b79dcb0: ch,glue = BPFISD::CALL 0x56049a93ad60, TargetExternalSymbol:i64'__stack_chk_fail' 0x56049b391500: i64 = TargetExternalSymbol'__stack_chk_fail' In function: waker bcc-stack-protector.patch adds -fno-stack-protector to the CFLAGS which fixes this error. Signed-off-by: Rolf Neugebauer --- alpine/base/ebpf/Dockerfile | 4 ++-- alpine/base/ebpf/Makefile | 2 +- alpine/base/ebpf/bcc-stack-protector.patch | 10 ++++++++++ 3 files changed, 13 insertions(+), 3 deletions(-) create mode 100644 alpine/base/ebpf/bcc-stack-protector.patch diff --git a/alpine/base/ebpf/Dockerfile b/alpine/base/ebpf/Dockerfile index fb7c29c0b..4eddcf4de 100644 --- a/alpine/base/ebpf/Dockerfile +++ b/alpine/base/ebpf/Dockerfile @@ -6,7 +6,7 @@ COPY cdefs.h /usr/include/sys/ ADD kernel-headers.tar / ADD kernel-dev.tar / ADD kernel-modules.tar / -ADD 100-musl-compat.patch decl.patch intl.patch bcc-gnuism.patch ./ +ADD 100-musl-compat.patch decl.patch intl.patch bcc-gnuism.patch bcc-stack-protector.patch ./ RUN cat elfutils-$ELFUTILS_VERSION.tar.bz2 | tar xjf - RUN cd elfutils-$ELFUTILS_VERSION && \ patch -p1 < ../100-musl-compat.patch && \ @@ -15,7 +15,7 @@ RUN cd elfutils-$ELFUTILS_VERSION && \ automake && \ ./configure --prefix=/usr CFLAGS=-Wno-strict-aliasing && \ make -C libelf && make -C libelf install -RUN cd bcc && patch -p0 < ../bcc-gnuism.patch +RUN cd bcc && patch -p0 < ../bcc-gnuism.patch && patch -p0 < ../bcc-stack-protector.patch RUN mkdir -p bcc/build && cd bcc/build && \ cmake .. -DCMAKE_INSTALL_PREFIX=/usr -DLUAJIT_INCLUDE_DIR=/usr/include/luajit-2.1 && \ make && \ diff --git a/alpine/base/ebpf/Makefile b/alpine/base/ebpf/Makefile index ea07c0043..b575503ac 100644 --- a/alpine/base/ebpf/Makefile +++ b/alpine/base/ebpf/Makefile @@ -2,7 +2,7 @@ KERNEL_FILES=-C ../../kernel/x86_64 kernel-headers.tar kernel-dev.tar kernel-mod default: ebpf.tag -ebpf.tag: Dockerfile 100-musl-compat.patch bcc-gnuism.patch decl.patch intl.patch temp_failure.patch cdefs.h error.h +ebpf.tag: Dockerfile 100-musl-compat.patch bcc-gnuism.patch bcc-stack-protector.patch decl.patch intl.patch temp_failure.patch cdefs.h error.h BUILD=$$( tar cf - $^ $(KERNEL_FILES) | docker build -q - ) && [ -n "$$BUILD" ] && echo "Built $$BUILD" && \ echo $$BUILD > $@ diff --git a/alpine/base/ebpf/bcc-stack-protector.patch b/alpine/base/ebpf/bcc-stack-protector.patch new file mode 100644 index 000000000..c33c91d49 --- /dev/null +++ b/alpine/base/ebpf/bcc-stack-protector.patch @@ -0,0 +1,10 @@ +--- src/cc/frontends/clang/kbuild_helper.cc ++++ src/cc/frontends/clang/kbuild_helper.cc +@@ -89,6 +89,7 @@ int KBuildHelper::get_flags(const char *uname_machine, vector *cflags) { + cflags->push_back("-D__HAVE_BUILTIN_BSWAP64__"); + cflags->push_back("-Wno-unused-value"); + cflags->push_back("-Wno-pointer-sign"); ++ cflags->push_back("-fno-stack-protector"); + + return 0; + }