Skip to content

fix(driver/bpf): fixed a couple of verifier issues. #942

fix(driver/bpf): fixed a couple of verifier issues.

fix(driver/bpf): fixed a couple of verifier issues. #942

Workflow file for this run

name: libsinsp e2e CI
on:
pull_request:
push:
branches:
- master
- 'release/**'
workflow_dispatch:
# Checks if any concurrent jobs under the same pull request or branch are being executed
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build-test-e2e:
name: build-test-e2e-${{ matrix.arch }} 😇 (bundled_deps)
runs-on: ${{ (matrix.arch == 'arm64' && 'actuated-arm64-8cpu-16gb') || 'ubuntu-22.04' }}
strategy:
matrix:
arch: [amd64, arm64]
fail-fast: false
steps:
- name: Checkout Libs ⤵️
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- name: Install deps ⛓️
run: |
sudo apt-get update && sudo apt-get install -y --no-install-recommends \
ca-certificates \
cmake \
build-essential \
clang-14 llvm-14 \
git \
clang \
ccache \
llvm \
pkg-config \
autoconf \
automake \
libtool \
libelf-dev \
wget \
libc-ares-dev \
libbpf-dev \
libcap-dev \
libcurl4-openssl-dev \
libssl-dev \
libtbb-dev \
libjq-dev \
libjsoncpp-dev \
libgrpc++-dev \
protobuf-compiler-grpc \
libgtest-dev \
libprotobuf-dev
sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-14 90
sudo update-alternatives --install /usr/bin/llvm-strip llvm-strip /usr/bin/llvm-strip-14 90
sudo update-alternatives --install /usr/bin/llc llc /usr/bin/llc-14 90
sudo .github/install-deps.sh
git clone https://github.com/libbpf/bpftool.git --branch v7.3.0 --single-branch
cd bpftool
git submodule update --init
cd src && sudo make install
- name: Install kernel headers (actuated)
uses: self-actuated/get-kernel-sources@201eed7d915ac0a6021fb402cde5be7a6b945b59
if: matrix.arch == 'arm64'
- name: Install kernel headers and gcc
if: matrix.arch == 'amd64'
run: |
sudo apt install -y --no-install-recommends linux-headers-$(uname -r) gcc-multilib g++-multilib
- name: Run sccache-cache
uses: mozilla-actions/[email protected]
- name: Build e2e tests 🏗️
env:
SCCACHE_GHA_ENABLED: "true"
run: |
mkdir -p build
cd build && \
cmake \
-DCMAKE_C_COMPILER_LAUNCHER=sccache \
-DCMAKE_CXX_COMPILER_LAUNCHER=sccache \
-DBUILD_BPF=ON \
-DUSE_BUNDLED_DEPS=ON \
-DUSE_ASAN=ON \
-DUSE_UBSAN=ON \
-DENABLE_LIBSINSP_E2E_TESTS=ON \
-DBUILD_LIBSCAP_MODERN_BPF=ON \
-DBUILD_LIBSCAP_GVISOR=OFF \
-DUSE_BUNDLED_LIBBPF=ON \
-DUSE_BUNDLED_GTEST=ON \
..
make -j6 libsinsp_e2e_tests
sudo rm -vfr test/libsinsp_e2e/resources/_proc
cd ..
- name: Cache build
uses: actions/cache/[email protected]
if: always()
id: cache
with:
path: build
key: build-e2e-${{ matrix.arch }}-${{ github.run_id }}
test-e2e:
name: test-e2e-${{ matrix.arch }}-${{ matrix.driver.name }} 😇 (bundled_deps)
needs: [build-test-e2e]
runs-on: ${{ (matrix.arch == 'arm64' && 'actuated-arm64-8cpu-16gb') || 'ubuntu-22.04' }}
strategy:
matrix:
arch: [amd64, arm64]
driver: [ {name: kmod, option: -k}, {name: bpf, option: -b}, {name: modern-bpf, option: -m} ]
fail-fast: false
steps:
- name: Checkout Libs ⤵️
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- name: Restore build
id: cache
uses: actions/cache/[email protected]
with:
path: build
key: build-e2e-${{ matrix.arch }}-${{ github.run_id }}
restore-keys: build-e2e-
- name: Fix kernel mmap rnd bits
# Asan in llvm 14 provided in ubuntu 22.04 is incompatible with
# high-entropy ASLR in much newer kernels that GitHub runners are
# using leading to random crashes: https://reviews.llvm.org/D148280
run: sudo sysctl vm.mmap_rnd_bits=28
- name: Update apt index
run: |
sudo apt update
- name: Install multilib
if: matrix.arch == 'amd64'
run: |
sudo apt install -y --no-install-recommends gcc-multilib g++-multilib
- name: Install deps
run: |
sudo apt install -y --no-install-recommends clang gcc llvm build-essential cmake python2
- name: Install kernel headers (actuated)
uses: self-actuated/get-kernel-sources@201eed7d915ac0a6021fb402cde5be7a6b945b59
if: matrix.arch == 'arm64'
- name: Install kernel headers and gcc
if: matrix.arch == 'amd64'
run: |
sudo apt install -y --no-install-recommends linux-headers-$(uname -r) gcc-multilib g++-multilib
# We have no guarantees that the kernel version is the same for the
# different workers, so we rebuild the drivers.
- name: Rebuild drivers
run: |
pushd build
make -B driver bpf
pushd test/libsinsp_e2e/resources/
sudo tar xzf fake-proc.tar.gz
popd
popd
- name: Run e2e tests with ${{ matrix.driver.name }} 🏎️
if: matrix.arch == 'amd64'
env:
UBSAN_OPTIONS: print_stacktrace=1
run: |
cd build/test/libsinsp_e2e/
sudo -E ./libsinsp_e2e_tests ${{ matrix.driver.option }}
# the actuated arm64 workers doesn't have the CONFIG_QFMT_V2 flag
# which is needed for the quotactl_ok test (cmd=QQUOTA_ON + id=QFMT_VFS_V0).
- name: Run e2e tests with ${{ matrix.driver.name }} 🏎️
if: matrix.arch == 'arm64'
env:
UBSAN_OPTIONS: print_stacktrace=1
run: |
cd build/test/libsinsp_e2e/
sudo -E ./libsinsp_e2e_tests ${{ matrix.driver.option }} --gtest_filter=-sys_call_test.quotactl_ok