bytedance / netcap

Apache License 2.0
632 stars 81 forks source link

"unbounded memory access" when use "/netcap skb -f icmp_rcv@1" #9

Open zhangzju opened 1 month ago

zhangzju commented 1 month ago

enviroment

kernel:Linux n37-049-131 5.4.0-149-generic #166-Ubuntu SMP Tue Apr 18 16:51:45 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux os: Ubuntu 20.04.6 LTS \n \l bcc version: libbcc_bpf.so.0 -> libbcc_bpf.so.0.31.0 libcc1.so.0 -> libcc1.so.0.0.0 libbcc.so.0 -> libbcc.so.0.31.0

how to reproduce

  1. compile bcc latest version, follow https://github.com/iovisor/bcc/blob/master/INSTALL.md#debian---source
  2. clone netcap source: git clone https://github.com/bytedance/netcap.git
  3. get latest gobpf version: go list -m github.com/iovisor/gobpf@master
  4. change gobpf dependency version,add github.com/iovisor/gobpf v0.2.1-0.20221005153822-16120a1bf4d4 to require section of go.mod.
  5. build netcap, just make all
  6. test netcap with sudo ./netcap skb -f icmp_rcv@1

details

seems fail to load ebpf prog to kernel, verifier reject with 2024/09/26 11:16:21 Dump err: error loading BPF program: permission denied

82: (85) call bpf_probe_read#4 R0=inv(id=0) R1_w=map_value(id=0,off=40,ks=4,vs=296,imm=0) R2_w=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R3_w=inv(id=0) R6=inv(id=0) R7=map_value(id=0,off=0,ks=4,vs=296,imm=0) R8_w=inv(id=0) R9_w=inv(id=0) R10=fp0 fp-8=mmmm???? fp-16=mmmmmmmm fp-24=mmmmmmmm fp-32=mmmmmmmm fp-40=ctx fp-48=mmmmmmmm fp-56=mmmmmmmm R2 unbounded memory access, use 'var &= const' or 'if (var < const)'

zf1575192187 commented 1 month ago

Fix it. https://github.com/bytedance/netcap/pull/10