libbpf-starter-template 创建 bpf prog 构建失败 #19
Description
现象
eBPF prog 代码:
#define TASK_COMM_LEN 16
// 该 prog 用于拦截 do_unlinkat 系统调用,当删除文件时,打印文件名和进程名
SEC("kprobe/do_unlinkat")
int BPF_KPROBE(do_unlinkat, int dfd, struct filename *name)
{
const char *filename;
__u64 pid_tgid = bpf_get_current_pid_tgid();
__u32 pid = (pid_tgid << 32) >> 32;
__u32 tgid = pid_tgid >> 32;
char comm[TASK_COMM_LEN];
long ret;
filename = BPF_CORE_READ(name, name);
ret = bpf_get_current_comm(&comm, TASK_COMM_LEN);
if(ret)
{
bpf_printk("Failed to get current task name, pid = %d\n", pid);
return 1;
}
bpf_printk("KPROBE ENTRY pid = %d, filename = %s\n", pid, filename);
return 8;
} 构建报错:
# cd src
# make
BPF .output/bootstrap.bpf.o
bootstrap.bpf.c:116:16: error: A call to built-in function '__stack_chk_fail' is not supported.
int BPF_KPROBE(do_unlinkat, int dfd, struct filename *name)
^
1 error generated.复现
- 使用模版创建 bpf 项目,参考文档:https://github.com/eunomia-bpf/bpf-developer-tutorial/blob/main/README.zh.md
- 将上述 eBPF prog 代码增加到
src/bootstrap.bpf.c文件中。 - 进入 src 目录执行
make,复现上述构建失败现象。