New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Write to outer map fails due to no wrap around of version in snapshot #4019
Comments
also:
|
Hi @subkin13, thanks for bringing us your findings.
The tracee/pkg/policy/snapshots.go Lines 75 to 79 in a458fa9
is only to deal with uint wrap around. The version can and should be increased to the holder's limit, as it communicates the version number of these policies, even if we only have
This is true. I was tackling it in currently closed PRs. That will be solved soon.
I suppose you're right. I need to check if after the map creation the BTFFD is not required anymore. Let's deal with it in upcoming efforts. Thanks!
This is also true and was being tackled on the referred PR. Gonna close this and update #3239. Thanks a million. |
#3239 updated with findings. |
The code in
func (s *snapshots) Store(ps *Policies)
does not wrap s.lastVersion when it reaches maxSnapshots which eventually causes failure when writing to an outer map - seefunc (ps *Policies) createNewFilterMapsVersion(bpfModule *bpf.Module) error
Also the following code sets the minimal version to 1, it is never zero, so there is never write to cell #0 in the outer map. Is that on purpose?
Also -
prune func(*Policies) []error
is not initialized so the inner maps are never closed which will eventually cause fd leakThe text was updated successfully, but these errors were encountered: