oci-seccomp-bpf-hook
oci-seccomp-bpf-hook copied to clipboard
Fails to build with current bcc
bcc added two additional parameters to bcc_func_load
which aren't passed here:
[ 141s] GO111MODULE=on go build -mod=vendor -mod=vendor -o bin/oci-seccomp-bpf-hook -ldflags "-X main.version=v1.2.6" github.com/containers/oci-seccomp-bpf-hook
[ 141s] # github.com/iovisor/gobpf/bcc
[ 141s] vendor/github.com/iovisor/gobpf/bcc/module.go:230:28: not enough arguments in call to _C2func_bcc_func_load
[ 141s] have (unsafe.Pointer, _Ctype_int, *_Ctype_char, *_Ctype_struct_bpf_insn, _Ctype_int, *_Ctype_char, _Ctype_uint, _Ctype_int, *_Ctype_char, _Ctype_uint, nil)
[ 141s] want (unsafe.Pointer, _Ctype_int, *_Ctype_char, *_Ctype_struct_bpf_insn, _Ctype_int, *_Ctype_char, _Ctype_uint, _Ctype_int, *_Ctype_char, _Ctype_uint, *_Ctype_char, _Ctype_int)
[ 141s] make: *** [Makefile:49: binary] Error 2
Unfortunately it looks like gobpf is dead: https://github.com/iovisor/gobpf/pull/311
Thanks for reaching out, @Vogtinator!
I suggest to wait a bit more on https://github.com/iovisor/gobpf/pull/311.
We may need to prioritize getting https://github.com/containers/oci-seccomp-bpf-hook/issues/93 done. Cc: @saschagrunert
Libbpf 1.0.0 has been released a couple of days ago which seems to be a great road to stabilization: https://github.com/libbpf/libbpf/releases/tag/v1.0.0
I think we can start working on it when https://github.com/aquasecurity/libbpfgo/pull/216 got merged (and released).
the libbpfgo change has been merged but I'm not sure we can count on a release (haven't explicitly asked yet) -- would pinning against the latest commit for this repo be something to consider, or should I try to be annoying over there? As far as I can see we're already using arbitrary commits for seccomp and runtime-spec
Thanks for the ping! I am OK vendoring a non-release commit.
Thanks, opened #104 with gobpf version bump!