Hello community, here is the log from the commit of package bcc for openSUSE:Leap:15.2 checked in at 2020-06-06 15:47:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/bcc (Old) and /work/SRC/openSUSE:Leap:15.2/.bcc.new.3606 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bcc" Sat Jun 6 15:47:58 2020 rev:58 rq:811974 version:0.12.0 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/bcc/bcc.changes 2020-01-15 14:48:22.989340287 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.bcc.new.3606/bcc.changes 2020-06-06 15:48:03.175967812 +0200 @@ -1,0 +2,7 @@ +Thu Jun 4 05:48:57 UTC 2020 - Gary Ching-Pang Lin <[email protected]> + +- Add bcc-bsc1172493-Make-reading-blacklist-optional.patch to make + reading kprobe blacklist optional so that the bcc scripts can + work with the locked down kernel (bsc#1172493) + +------------------------------------------------------------------- New: ---- bcc-bsc1172493-Make-reading-blacklist-optional.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bcc.spec ++++++ --- /var/tmp/diff_new_pack.V87r6v/_old 2020-06-06 15:48:03.823970107 +0200 +++ /var/tmp/diff_new_pack.V87r6v/_new 2020-06-06 15:48:03.823970107 +0200 @@ -39,6 +39,7 @@ Source1: https://github.com/libbpf/libbpf/archive/v%{libbpf_version}.tar.gz Patch1: support-clang9.patch Patch2: bcc-fix-test_map_in_map.patch +Patch3: bcc-bsc1172493-Make-reading-blacklist-optional.patch ExcludeArch: ppc s390 BuildRequires: bison BuildRequires: cmake >= 2.8.7 @@ -151,6 +152,7 @@ %patch1 -p1 %endif %patch2 -p1 +%patch3 -p1 pushd src/cc/libbpf tar xf %{SOURCE1} --strip 1 ++++++ bcc-bsc1172493-Make-reading-blacklist-optional.patch ++++++ >From 5558e36bd97ace7bc3efe3a70d0c9d4fc0d34e2a Mon Sep 17 00:00:00 2001 From: Ivan Babrou <[email protected]> Date: Fri, 29 May 2020 15:33:25 -0700 Subject: [PATCH] Make reading blacklist from debugfs optional With lockdown enabled one sees the following: ``` $ sudo /usr/share/bcc/tools/funccount -Ti 1 run_timer_softirq [Errno 1] Operation not permitted: '/sys/kernel/debug/tracing/../kprobes/blacklist' ``` Which is accompanied by the following in `dmesg`: ``` [Fri May 29 22:12:47 2020] Lockdown: funccount: debugfs access is restricted; see man kernel_lockdown.7 ``` Since blacklist is not a required feature, let's make reading from it optional, so that bcc can work out of the box. --- src/python/bcc/__init__.py | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/src/python/bcc/__init__.py b/src/python/bcc/__init__.py index 8496ee62..749ebfe5 100644 --- a/src/python/bcc/__init__.py +++ b/src/python/bcc/__init__.py @@ -546,8 +546,15 @@ class BPF(object): @staticmethod def get_kprobe_functions(event_re): - with open("%s/../kprobes/blacklist" % TRACEFS, "rb") as blacklist_f: - blacklist = set([line.rstrip().split()[1] for line in blacklist_f]) + blacklist_file = "%s/../kprobes/blacklist" % TRACEFS + try: + with open(blacklist_file, "rb") as blacklist_f: + blacklist = set([line.rstrip().split()[1] for line in blacklist_f]) + except IOError as e: + if e.errno != errno.EPERM: + raise e + blacklist = set([]) + fns = [] in_init_section = 0 @@ -607,7 +614,7 @@ class BPF(object): global _num_open_probes del self.kprobe_fds[name] _num_open_probes -= 1 - + def _add_uprobe_fd(self, name, fd): global _num_open_probes self.uprobe_fds[name] = fd @@ -643,7 +650,7 @@ class BPF(object): if name.startswith(prefix): return self.get_syscall_fnname(name[len(prefix):]) return name - + def attach_kprobe(self, event=b"", event_off=0, fn_name=b"", event_re=b""): event = _assert_is_bytes(event) fn_name = _assert_is_bytes(fn_name) -- 2.25.1
