tetragon: Add support to generate uprobe policy from binary

Adding support to generate uprobe policy that contains all function symbols from the bspecified binary, like: $ tetra tracingpolicy generate uprobes --binary /bin//bash | head -20 apiVersion: cilium.io/v1alpha1 kind: TracingPolicy metadata: creationTimestamp: "2024-01-14T22:33:21Z" name: uprobes spec: uprobes: - message: "" path: /bin//bash symbols: - rl_old_menu_complete - maybe_make_export_env - initialize_shell_builtins - extglob_pattern_p - dispose_cond_node - decode_prompt_string - show_var_attributes - push_var_context - buffered_ungetchar - isnetconn Signed-off-by: Jiri Olsa <jolsa@kernel.org>
cilium · Jan 17, 2024 · 64e5baf · 64e5baf
1 parent 6796419
commit 64e5baf
Show file tree

Hide file tree

Showing 2 changed files with 62 additions and 2 deletions.
diff --git a/cmd/tetra/tracingpolicy/generate/generate.go b/cmd/tetra/tracingpolicy/generate/generate.go
@@ -4,6 +4,8 @@
 package generate
 
 import (
+	"debug/elf"
+	"errors"
 	"log"
 	"os"
 
@@ -124,13 +126,64 @@ func New() *cobra.Command {
 	ftraceFlags := ftraceList.Flags()
 	ftraceFlags.StringVarP(&ftraceRegex, "regex", "r", "", "Use regex to limit the generated symbols")
 
+	var uprobesBinary string
+	uprobes := &cobra.Command{
+		Use:   "uprobes",
+		Short: "all binary symbols",
+		Run: func(cmd *cobra.Command, _ []string) {
+			if uprobesBinary == "" {
+				log.Fatalf("binary is not specified, please use --binary option")
+			}
+
+			file, err := elf.Open(uprobesBinary)
+			if err != nil {
+				log.Fatalf("failed to open '%s': %v", uprobesBinary, err)
+			}
+
+			syms, err := file.Symbols()
+			if err != nil && !errors.Is(err, elf.ErrNoSymbols) {
+				log.Fatalf("failed to get symtab for open '%s': %v", uprobesBinary, err)
+			}
+
+			dynsyms, err := file.DynamicSymbols()
+			if err != nil && !errors.Is(err, elf.ErrNoSymbols) {
+				log.Fatalf("failed to get dynsym for open '%s': %v", uprobesBinary, err)
+			}
+
+			syms = append(syms, dynsyms...)
+
+			tp := generate.NewTracingPolicy("uprobes")
+			uprobe := generate.AddUprobe(tp)
+
+			for _, sym := range syms {
+				if elf.ST_TYPE(sym.Info) != elf.STT_FUNC {
+					continue
+				}
+				if sym.Value == 0 {
+					continue
+				}
+				uprobe.Symbols = append(uprobe.Symbols, sym.Name)
+			}
+
+			uprobe.Path = uprobesBinary
+			b, err := yaml.Marshal(tp)
+			if err != nil {
+				log.Fatal(err)
+			}
+			os.Stdout.Write(b)
+		},
+	}
+
+	uprobesFlags := uprobes.Flags()
+	uprobesFlags.StringVarP(&uprobesBinary, "binary", "b", "", "Binary path")
+
 	cmd := &cobra.Command{
 		Use:   "generate",
 		Short: "generate tracing policies",
 	}
 	pflags := cmd.PersistentFlags()
 	pflags.StringVarP(&matchBinary, "match-binary", "m", "", "Add binary to matchBinaries selector")
 
-	cmd.AddCommand(empty, allSyscalls, allSyscallsList, ftraceList)
+	cmd.AddCommand(empty, allSyscalls, allSyscallsList, ftraceList, uprobes)
 	return cmd
 }
diff --git a/pkg/tracingpolicy/generate/generate.go b/pkg/tracingpolicy/generate/generate.go
@@ -12,7 +12,8 @@ import (
 func NewTracingPolicy(name string) *v1alpha1.TracingPolicy {
 	ret := v1alpha1.TracingPolicy{
 		TypeMeta: metav1.TypeMeta{
-			Kind: "TracingPolicy",
+			Kind:       "TracingPolicy",
+			APIVersion: "cilium.io/v1alpha1",
 		},
 		ObjectMeta: metav1.ObjectMeta{
 			Name: name,
@@ -31,3 +32,9 @@ func AddKprobe(tp *v1alpha1.TracingPolicy) *v1alpha1.KProbeSpec {
 	tp.Spec.KProbes = append(tp.Spec.KProbes, v1alpha1.KProbeSpec{})
 	return &tp.Spec.KProbes[idx]
 }
+
+func AddUprobe(tp *v1alpha1.TracingPolicy) *v1alpha1.UProbeSpec {
+	idx := len(tp.Spec.UProbes)
+	tp.Spec.UProbes = append(tp.Spec.UProbes, v1alpha1.UProbeSpec{})
+	return &tp.Spec.UProbes[idx]
+}