Hello community, here is the log from the commit of package bcc for openSUSE:Factory checked in at 2020-06-04 17:55:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/bcc (Old) and /work/SRC/openSUSE:Factory/.bcc.new.3606 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bcc" Thu Jun 4 17:55:50 2020 rev:38 rq:811327 version:0.14.0 Changes: -------- --- /work/SRC/openSUSE:Factory/bcc/bcc.changes 2020-04-23 18:32:41.664346781 +0200 +++ /work/SRC/openSUSE:Factory/.bcc.new.3606/bcc.changes 2020-06-04 17:56:10.872954343 +0200 @@ -1,0 +2,7 @@ +Thu Jun 4 07:31:29 UTC 2020 - Gary Ching-Pang Lin <[email protected]> + +- Add bcc-bsc1172493-Make-reading-blacklist-optional.patch to make + reading kprobe blacklist optional so that the bcc scripts can + work with the locked down kernel (bsc#1172493) + +------------------------------------------------------------------- New: ---- bcc-bsc1172493-Make-reading-blacklist-optional.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bcc.spec ++++++ --- /var/tmp/diff_new_pack.Gs12kQ/_old 2020-06-04 17:56:11.416956016 +0200 +++ /var/tmp/diff_new_pack.Gs12kQ/_new 2020-06-04 17:56:11.420956028 +0200 @@ -37,6 +37,7 @@ URL: https://github.com/iovisor/bcc Source: https://github.com/iovisor/bcc/archive/v%{version}.tar.gz Source1: https://github.com/libbpf/libbpf/archive/v%{libbpf_version}.tar.gz +Patch1: bcc-bsc1172493-Make-reading-blacklist-optional.patch ExcludeArch: ppc s390 BuildRequires: bison BuildRequires: cmake >= 2.8.7 @@ -131,6 +132,8 @@ %prep %setup -q -D -n %{name}-%{version} +%patch1 -p1 + pushd src/cc/libbpf tar xf %{SOURCE1} --strip 1 popd ++++++ bcc-bsc1172493-Make-reading-blacklist-optional.patch ++++++ >From 5558e36bd97ace7bc3efe3a70d0c9d4fc0d34e2a Mon Sep 17 00:00:00 2001 From: Ivan Babrou <[email protected]> Date: Fri, 29 May 2020 15:33:25 -0700 Subject: [PATCH] Make reading blacklist from debugfs optional With lockdown enabled one sees the following: ``` $ sudo /usr/share/bcc/tools/funccount -Ti 1 run_timer_softirq [Errno 1] Operation not permitted: '/sys/kernel/debug/tracing/../kprobes/blacklist' ``` Which is accompanied by the following in `dmesg`: ``` [Fri May 29 22:12:47 2020] Lockdown: funccount: debugfs access is restricted; see man kernel_lockdown.7 ``` Since blacklist is not a required feature, let's make reading from it optional, so that bcc can work out of the box. --- src/python/bcc/__init__.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/src/python/bcc/__init__.py b/src/python/bcc/__init__.py index 8496ee62..749ebfe5 100644 --- a/src/python/bcc/__init__.py +++ b/src/python/bcc/__init__.py @@ -546,8 +546,15 @@ class BPF(object): @staticmethod def get_kprobe_functions(event_re): - with open("%s/../kprobes/blacklist" % TRACEFS, "rb") as blacklist_f: - blacklist = set([line.rstrip().split()[1] for line in blacklist_f]) + blacklist_file = "%s/../kprobes/blacklist" % TRACEFS + try: + with open(blacklist_file, "rb") as blacklist_f: + blacklist = set([line.rstrip().split()[1] for line in blacklist_f]) + except IOError as e: + if e.errno != errno.EPERM: + raise e + blacklist = set([]) + fns = [] in_init_section = 0 @@ -607,7 +614,7 @@ class BPF(object): global _num_open_probes del self.kprobe_fds[name] _num_open_probes -= 1 - + def _add_uprobe_fd(self, name, fd): global _num_open_probes self.uprobe_fds[name] = fd @@ -643,7 +650,7 @@ class BPF(object): if name.startswith(prefix): return self.get_syscall_fnname(name[len(prefix):]) return name - + def attach_kprobe(self, event=b"", event_off=0, fn_name=b"", event_re=b""): event = _assert_is_bytes(event) fn_name = _assert_is_bytes(fn_name) -- 2.25.1
