Skip to content

Commit

Permalink
chore(pkg/driver): do not fail if /sys/kernel/debug fails to be mounted.
Browse files Browse the repository at this point in the history
Also check if `/sys/kernel/debug/tracing` exists.

Signed-off-by: Federico Di Pierro <[email protected]>
  • Loading branch information
FedeDP authored and poiana committed Nov 30, 2023
1 parent 610e851 commit a39b5ac
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 4 deletions.
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ require (
github.com/distribution/distribution/v3 v3.0.0-20230608105614-4501a6e06d3b
github.com/docker/cli v24.0.7+incompatible
github.com/docker/docker v24.0.7+incompatible
github.com/falcosecurity/driverkit v0.15.5-0.20231108173325-1babd00be84f
github.com/falcosecurity/driverkit v0.16.0
github.com/go-oauth2/oauth2/v4 v4.5.2
github.com/golang-jwt/jwt v3.2.2+incompatible
github.com/google/go-containerregistry v0.16.1
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -333,8 +333,8 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m
github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po=
github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/falcosecurity/driverkit v0.15.5-0.20231108173325-1babd00be84f h1:J18YO8qW1vHbFpue+ga0KS8vjXmF7Wkqd2juqFotcB0=
github.com/falcosecurity/driverkit v0.15.5-0.20231108173325-1babd00be84f/go.mod h1:vGGEx4jQFuTCYdPn70Pb7d3PjrgBULCKhOlW/serJTw=
github.com/falcosecurity/driverkit v0.16.0 h1:riTkoDVJjoO00kojzm9rNvXu0aQs3phWp+4+VJjt+Ws=
github.com/falcosecurity/driverkit v0.16.0/go.mod h1:vGGEx4jQFuTCYdPn70Pb7d3PjrgBULCKhOlW/serJTw=
github.com/fasthttp-contrib/websocket v0.0.0-20160511215533-1f3b11f56072/go.mod h1:duJ4Jxv5lDcvg4QuQr0oowTf7dz4/CR8NtyCooz9HL8=
github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
Expand Down
11 changes: 10 additions & 1 deletion pkg/driver/type/bpf.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import (
"golang.org/x/net/context"
"k8s.io/utils/mount"

"github.com/falcosecurity/falcoctl/internal/utils"
"github.com/falcosecurity/falcoctl/pkg/output"
)

Expand All @@ -45,9 +46,17 @@ func (b *bpf) Cleanup(printer *output.Printer, _ string) error {
// since these releases still did not support raw tracepoints.
// BPF_PROG_TYPE_RAW_TRACEPOINT was introduced in 4.17 indeed:
// https://github.com/torvalds/linux/commit/c4f6699dfcb8558d138fe838f741b2c10f416cf9
exists, _ := utils.FileExists("/sys/kernel/debug/tracing")
if exists {
return nil
}
printer.Logger.Info("Mounting debugfs for bpf driver.")
mounter := mount.New("/bin/mount")
return mounter.Mount("debugfs", "/sys/kernel/debug", "debugfs", []string{"nodev"})
// We don't fail if this fails; let's try to build a probe anyway.
if err := mounter.Mount("debugfs", "/sys/kernel/debug", "debugfs", []string{"nodev"}); err != nil {
printer.Logger.Warn("Failed to mount debugfs.", printer.Logger.Args("err", err))
}
return nil
}

func (b *bpf) Load(_ *output.Printer, _ string, _ bool) error {
Expand Down

0 comments on commit a39b5ac

Please sign in to comment.