tetragon: Use symbols list in UProbeSpec

Currently we define uprobe with path/symbol path, which not
handy when you have more symbols from single path to probe.

Changing the spec so the uprobe is defined by path and array
of symbols, like:

 spec:
   uprobes:
   - path: /bin/bash
     symbols:
     - "_start"
     - "main"
       "builtin_help"

Signed-off-by: Jiri Olsa <jolsa@kernel.org>

examples/tracingpolicy/uprobe-binaries.yaml

@@ -5,7 +5,8 @@ metadata:
 spec:
   uprobes:
   - path: "/lib64/libc.so.6"
-    symbol: "malloc"
+    symbols:
+    - "malloc"
     selectors:
     - matchBinaries:
       - operator: "In"

examples/tracingpolicy/uprobe-host.yaml

@@ -5,4 +5,5 @@ metadata:
 spec:
   uprobes:
   - path: "/procRoot/1/root/usr/bin/bash"
-    symbol: "_start"
+    symbols:
+    - "_start"

examples/tracingpolicy/uprobe-pid.yaml

@@ -5,7 +5,8 @@ metadata:
 spec:
   uprobes:
   - path: "/bin/bash"
-    symbol: "readline"
+    symbols:
+    - "readline"
     selectors:
     - matchPIDs:
       - operator: In

examples/tracingpolicy/uprobe.yaml

@@ -5,4 +5,6 @@ metadata:
 spec:
   uprobes:
   - path: "/bin/bash"
-    symbol: "readline"
+    symbols:
+    - "readline"
+    - "main"

pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpolicies.yaml

@@ -1781,12 +1781,14 @@ spec:
                             type: array
                         type: object
                       type: array
-                    symbol:
-                      description: Name of the traced symbol
-                      type: string
+                    symbols:
+                      description: List of the traced symbols
+                      items:
+                        type: string
+                      type: array
                   required:
                   - path
-                  - symbol
+                  - symbols
                   type: object
                 type: array
             type: object

pkg/k8s/apis/cilium.io/client/crds/v1alpha1/cilium.io_tracingpoliciesnamespaced.yaml

@@ -1781,12 +1781,14 @@ spec:
                             type: array
                         type: object
                       type: array
-                    symbol:
-                      description: Name of the traced symbol
-                      type: string
+                    symbols:
+                      description: List of the traced symbols
+                      items:
+                        type: string
+                      type: array
                   required:
                   - path
-                  - symbol
+                  - symbols
                   type: object
                 type: array
             type: object

pkg/k8s/apis/cilium.io/v1alpha1/types.go

@@ -253,8 +253,8 @@ type TracepointSpec struct {
 type UProbeSpec struct {
 	// Name of the traced binary
 	Path string `json:"path"`
-	// Name of the traced symbol
-	Symbol string `json:"symbol"`
+	// List of the traced symbols
+	Symbols []string `json:"symbols"`
 	// +kubebuilder:validation:Optional
 	// A short message of 256 characters max that will be included
 	// in the event output to inform users what is going on.

pkg/sensors/tracing/genericuprobe.go

@@ -176,10 +176,7 @@ func createGenericUprobeSensor(
 		loadProgName = "bpf_generic_uprobe_v53.o"
 	}
 
-	for i := range uprobes {
-		spec := &uprobes[i]
-		config := &api.EventConfig{}
-
+	for _, spec := range uprobes {
 		var args []v1alpha1.KProbeArg
 
 		if err := isValidUprobeSelectors(spec.Selectors); err != nil {
@@ -199,46 +196,50 @@ func createGenericUprobeSensor(
 			logger.GetLogger().WithField("policy-name", policyName).Warnf("TracingPolicy 'message' field too long, truncated to %d characters", TpMaxMessageLen)
 		}
 
-		uprobeEntry := &genericUprobe{
-			tableId:    idtable.UninitializedEntryID,
-			config:     config,
-			path:       spec.Path,
-			symbol:     spec.Symbol,
-			selectors:  uprobeSelectorState,
-			policyName: policyName,
-			message:    msgField,
+		for _, sym := range spec.Symbols {
+			config := &api.EventConfig{}
+
+			uprobeEntry := &genericUprobe{
+				tableId:    idtable.UninitializedEntryID,
+				config:     config,
+				path:       spec.Path,
+				symbol:     sym,
+				selectors:  uprobeSelectorState,
+				policyName: policyName,
+				message:    msgField,
+			}
+
+			uprobeTable.AddEntry(uprobeEntry)
+			id := uprobeEntry.tableId.ID
+
+			uprobeEntry.pinPathPrefix = sensors.PathJoin(sensorPath, fmt.Sprintf("%d", id))
+			config.FuncId = uint32(id)
+
+			pinPath := uprobeEntry.pinPathPrefix
+			pinProg := sensors.PathJoin(pinPath, "prog")
+
+			attachData := &program.UprobeAttachData{
+				Path:   spec.Path,
+				Symbol: sym,
+			}
+
+			load := program.Builder(
+				path.Join(option.Config.HubbleLib, loadProgName),
+				"",
+				"uprobe/generic_uprobe",
+				pinProg,
+				"generic_uprobe").
+				SetAttachData(attachData).
+				SetLoaderData(uprobeEntry)
+
+			progs = append(progs, load)
+
+			configMap := program.MapBuilderPin("config_map", sensors.PathJoin(pinPath, "config_map"), load)
+			tailCalls := program.MapBuilderPin("uprobe_calls", sensors.PathJoin(pinPath, "up_calls"), load)
+			filterMap := program.MapBuilderPin("filter_map", sensors.PathJoin(pinPath, "filter_map"), load)
+			selMatchBinariesMap := program.MapBuilderPin("tg_mb_sel_opts", sensors.PathJoin(pinPath, "tg_mb_sel_opts"), load)
+			maps = append(maps, configMap, tailCalls, filterMap, selMatchBinariesMap)
 		}
-
-		uprobeTable.AddEntry(uprobeEntry)
-		id := uprobeEntry.tableId.ID
-
-		uprobeEntry.pinPathPrefix = sensors.PathJoin(sensorPath, fmt.Sprintf("%d", id))
-		config.FuncId = uint32(id)
-
-		pinPath := uprobeEntry.pinPathPrefix
-		pinProg := sensors.PathJoin(pinPath, "prog")
-
-		attachData := &program.UprobeAttachData{
-			Path:   spec.Path,
-			Symbol: spec.Symbol,
-		}
-
-		load := program.Builder(
-			path.Join(option.Config.HubbleLib, loadProgName),
-			"",
-			"uprobe/generic_uprobe",
-			pinProg,
-			"generic_uprobe").
-			SetAttachData(attachData).
-			SetLoaderData(uprobeEntry)
-
-		progs = append(progs, load)
-
-		configMap := program.MapBuilderPin("config_map", sensors.PathJoin(pinPath, "config_map"), load)
-		tailCalls := program.MapBuilderPin("uprobe_calls", sensors.PathJoin(pinPath, "up_calls"), load)
-		filterMap := program.MapBuilderPin("filter_map", sensors.PathJoin(pinPath, "filter_map"), load)
-		selMatchBinariesMap := program.MapBuilderPin("tg_mb_sel_opts", sensors.PathJoin(pinPath, "tg_mb_sel_opts"), load)
-		maps = append(maps, configMap, tailCalls, filterMap, selMatchBinariesMap)
 	}
 
 	return &sensors.Sensor{

pkg/sensors/tracing/uprobe_test.go

@@ -67,7 +67,8 @@ metadata:
 spec:
   uprobes:
   - path: "/bin/bash"
-    symbol: "main"
+    symbols:
+    - "main"
 `
 
 	var sens []*sensors.Sensor
@@ -98,7 +99,8 @@ metadata:
 spec:
   uprobes:
   - path: "` + testNop + `"
-    symbol: "main"
+    symbols:
+    - "main"
 `
 
 	nopConfigHook := []byte(nopHook)
@@ -148,7 +150,8 @@ metadata:
 spec:
   uprobes:
   - path: "` + path + `"
-    symbol: "uprobe_test_func"
+    symbols:
+    - "uprobe_test_func"
     selectors:
     - matchPIDs:
       - operator: In
@@ -209,7 +212,8 @@ metadata:
 spec:
   uprobes:
   - path: "` + libUprobe + `"
-    symbol: "uprobe_test_lib"
+    symbols:
+    - "uprobe_test_lib"
     selectors:
     - matchBinaries:
       - operator: "In"
@@ -280,8 +284,9 @@ metadata:
 spec:
   uprobes:
   - path: "` + testBin + `"
-    symbol: "do_uprobe"
     message: "Uprobe test"
+    symbols:
+    - "do_uprobe"
     selectors:
     - matchBinaries:
       - operator: "In"