Skip to content

Commit

Permalink
feat: Detect CAP_BPF when detect env
Browse files Browse the repository at this point in the history
If no capability to run bpf progs, we must check CAP_BPF asap.

Without this check, there will be many noisy logs before log "error:operation
not permitted", like gojue#678 (comment).

Signed-off-by: Leon Hwang <[email protected]>
  • Loading branch information
Asphaltt committed Dec 5, 2024
1 parent 140d873 commit 02682b1
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions cli/cmd/env_detection.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,14 @@
package cmd

import (
"errors"
"fmt"
"runtime"

"github.com/cilium/ebpf"
"github.com/cilium/ebpf/asm"
"golang.org/x/sys/unix"

"github.com/gojue/ecapture/pkg/util/kernel"
)

Expand All @@ -43,12 +48,38 @@ func detectKernel() error {
return nil
}

func detectBpfCap() error {
prog, err := ebpf.NewProgram(&ebpf.ProgramSpec{
Name: "uprobe_dummy",
Type: ebpf.Kprobe,
Instructions: asm.Instructions{
asm.Mov.Imm(asm.R0, 0),
asm.Return(),
},
License: "GPL",
})
if err != nil {
if errors.Is(err, unix.EPERM) {
return fmt.Errorf("the current user does not have CAP_BPF to load bpf programs. Please run as root or use sudo.")
}

return fmt.Errorf("failed to create bpf program: %v", err)
}
defer prog.Close()

return nil
}

func detectEnv() error {
// 环境检测

if err := detectKernel(); err != nil {
return err
}

if err := detectBpfCap(); err != nil {
return err
}

return nil
}

0 comments on commit 02682b1

Please sign in to comment.