search

eBPFDevSecTools / opened

OPENED Tool to extract specific eBPF functions from large monoliths (tested on Katran, Mizar, Cilium..)
Apache License 2.0
12 stars 6 forks source link

Cilium function extraction test (list of functions can't be extracted) #21

Closed OwenZhang001122 closed 1 year ago

OwenZhang001122 commented 1 year ago

commented_OPENED_cilium_bpf_overlay.c:

  1. handle_ipv6
  2. tail_handle_ipv6
  3. handle_ipv4
  4. tail_handle_ipv4

commented_OPENED_cilium_cilium-probe-kernel-hz.c:

  1. main (we are not sure if this is a problem but since there are many main functions, probably still need a main for a specific file to see how it uses those functions?)

commented_OPENED_cilium_sockops_bpf_redir.c:

  1. bpf_redir_proxy

commented_OPENED_cilium_sockops_bpf_sockops.c:

  1. bpf_sock_ops_ipv4
  2. bpf_sock_ops_ipv6
  3. bpf_sockmap
sdsen commented 1 year ago

other failing functions

  1. sock4_connect
palanik1 commented 1 year ago

cqsearch is now working for the above functions..

OwenZhang001122 commented 1 year ago

For our side they are still not working though... the terminal just stuck on the cqsearch

Screen Shot 2022-12-06 at 8 25 01 PM
sdsen commented 1 year ago

@OwenZhang001122 can you ensure that you reinstall codequery ... by doing:

  1. git pull inside the codequery folder
  2. cd to build directory
  3. run ninja
  4. run ninja install
  5. If you remember from our last session, these steps are necessary as docker build is not working in your environment.
sdsen commented 1 year ago

closing as the issue doesnt occur in our test env. please reopen if it persists