ebpf: replace deprecated prog.Attach/prog.Detach#2903
Merged
Conversation
Caught by golangci-lint when enabling golint:
libcontainer/cgroups/ebpf/ebpf.go:35:12: SA1019: prog.Attach is deprecated: use link.RawAttachProgram instead. (staticcheck)
if err := prog.Attach(dirFD, ebpf.AttachCGroupDevice, unix.BPF_F_ALLOW_MULTI); err != nil {
^
libcontainer/cgroups/ebpf/ebpf.go:39:13: SA1019: prog.Detach is deprecated: use link.RawDetachProgram instead. (staticcheck)
if err := prog.Detach(dirFD, ebpf.AttachCGroupDevice, unix.BPF_F_ALLOW_MULTI); err != nil {
^
Worth noting that we currently call prog.Detach() with unix.BPF_F_ALLOW_MULTI;
https://github.com/golang/sys/blob/22da62e12c0cd9c1da93581e1113ca4d82a5be14/unix/zerrors_linux.go#L178
BPF_F_ALLOW_MULTI = 0x2
Looking at the source code for prog.Detach(); https://github.com/cilium/ebpf/blob/v0.4.0/prog.go#L579-L581,
this would _always_ produce an error:
if flags != 0 {
return errors.New("flags must be zero")
}
Note that the flags parameter is not used (except for that validation)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Member
Author
|
@AkihiroSuda @giuseppe @kolyshkin PTAL; please double check if I did the conversion correctly, and if my reading of the I see the |
Member
Author
AkihiroSuda
approved these changes
Apr 13, 2021
Contributor
|
Also, I agree with your analysis ( |
cyphar
approved these changes
Apr 14, 2021
Member
There was a problem hiding this comment.
Oh, good -- looking at RawDetachProgram it looks like this will mean we only detach the program we just inserted (though more broadly we still do the wrong thing on cgroup updates). This was not the case with our incorrect proper usage of Detach AFAICS.
LGTM.
saschagrunert
pushed a commit
to saschagrunert/runc
that referenced
this pull request
Apr 14, 2021
Sebastiaan van Stijn (1): ebpf: replace deprecated prog.Attach/prog.Detach LGTMs: AkihiroSuda kolyshkin cyphar Closes opencontainers#2903 Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
fixes #2699
Caught by golangci-lint when enabling golint:
Worth noting that we currently call prog.Detach() with unix.BPF_F_ALLOW_MULTI;
https://github.com/golang/sys/blob/22da62e12c0cd9c1da93581e1113ca4d82a5be14/unix/zerrors_linux.go#L178
this would always produce an error:
Note that the flags parameter is not used (except for that validation)