mirror of
https://github.com/gravitational/teleport
synced 2024-10-19 08:43:58 +00:00
Create separate build tags for different arch (#21086)
Test ARM64 assets build Use all available cores when building Clang Add test trigger Update assets buildbox name Build all dependencies on ARM64 including BPF
This commit is contained in:
parent
91eb3c6bbc
commit
1b0b30e447
14
Makefile
14
Makefile
|
@ -82,14 +82,15 @@ BPF_MESSAGE := without-BPF-support
|
|||
# have compilation issues that require fixing.
|
||||
with_bpf := no
|
||||
ifeq ("$(OS)","linux")
|
||||
ifeq ("$(ARCH)","amd64")
|
||||
# True if $ARCH == amd64 || $ARCH == arm64
|
||||
ifneq (,$(filter "$(ARCH)","amd64" "arm64"))
|
||||
ifneq ("$(wildcard /usr/libbpf-${LIBBPF_VER}/include/bpf/bpf.h)","")
|
||||
with_bpf := yes
|
||||
BPF_TAG := bpf
|
||||
BPF_MESSAGE := with-BPF-support
|
||||
CLANG ?= $(shell which clang || which clang-10)
|
||||
LLVM_STRIP ?= $(shell which llvm-strip || which llvm-strip-10)
|
||||
KERNEL_ARCH := $(shell uname -m | sed 's/x86_64/x86/')
|
||||
KERNEL_ARCH := $(shell uname -m | sed 's/x86_64/x86/g; s/aarch64/arm64/g')
|
||||
INCLUDES :=
|
||||
ER_BPF_BUILDDIR := lib/bpf/bytecode
|
||||
RS_BPF_BUILDDIR := lib/restrictedsession/bytecode
|
||||
|
@ -241,7 +242,8 @@ IS_NATIVE_BUILD ?= $(if $(filter $(ARCH), $(shell go env GOARCH)),"yes","no")
|
|||
|
||||
# Set CGOFLAG and BUILDFLAGS as needed for the OS/ARCH.
|
||||
ifeq ("$(OS)","linux")
|
||||
ifeq ("$(ARCH)","amd64")
|
||||
# True if $ARCH == amd64 || $ARCH == arm64
|
||||
ifneq (,$(filter "$(ARCH)","amd64" "arm64"))
|
||||
# Link static version of libraries required by Teleport (bpf, pcsc) to reduce system dependencies. Avoid dependencies on dynamic libraries if we already link the static version using --as-needed.
|
||||
CGOFLAG = CGO_ENABLED=1 CGO_CFLAGS="-I/usr/libbpf-${LIBBPF_VER}/include" CGO_LDFLAGS="-Wl,-Bstatic $(STATIC_LIBS) -Wl,-Bdynamic -Wl,--as-needed"
|
||||
CGOFLAG_TSH = CGO_ENABLED=1 CGO_LDFLAGS="-Wl,-Bstatic $(STATIC_LIBS_TSH) -Wl,-Bdynamic -Wl,--as-needed"
|
||||
|
@ -250,12 +252,6 @@ else ifeq ("$(ARCH)","arm")
|
|||
CGOFLAG = CGO_ENABLED=1 CC=arm-linux-gnueabihf-gcc
|
||||
# Add -debugtramp=2 to work around 24 bit CALL/JMP instruction offset.
|
||||
BUILDFLAGS = $(ADDFLAGS) -ldflags '-w -s -debugtramp=2' -trimpath
|
||||
else ifeq ("$(ARCH)","arm64")
|
||||
# ARM64 requires CGO but does not need to do any special linkage due to its reduced featureset
|
||||
CGOFLAG = CGO_ENABLED=1
|
||||
|
||||
# If we 're not guaranteed to be building natively on an arm64 system, then we'll
|
||||
# need to configure the cross compiler.
|
||||
ifeq ($(IS_NATIVE_BUILD),"no")
|
||||
CGOFLAG += CC=aarch64-linux-gnu-gcc
|
||||
endif
|
||||
|
|
102104
bpf/arm64/vmlinux.h
Normal file
102104
bpf/arm64/vmlinux.h
Normal file
File diff suppressed because it is too large
Load diff
|
@ -111,6 +111,9 @@ int tracepoint__syscalls__sys_exit_creat(struct trace_event_raw_sys_exit *tp)
|
|||
return exit_open(tp->ret);
|
||||
}
|
||||
|
||||
// ARM64 does not implement sys_enter_open only sys_enter_openat. x86 implements it for legacy reasons.
|
||||
#ifndef __TARGET_ARCH_arm64
|
||||
|
||||
SEC("tp/syscalls/sys_enter_open")
|
||||
int tracepoint__syscalls__sys_enter_open(struct trace_event_raw_sys_enter *tp)
|
||||
{
|
||||
|
@ -120,6 +123,8 @@ int tracepoint__syscalls__sys_enter_open(struct trace_event_raw_sys_enter *tp)
|
|||
return enter_open(filename, flags);
|
||||
};
|
||||
|
||||
#endif // __aarch64__
|
||||
|
||||
SEC("tp/syscalls/sys_exit_open")
|
||||
int tracepoint__syscalls__sys_exit_open(struct trace_event_raw_sys_exit *tp)
|
||||
{
|
||||
|
|
121066
bpf/vmlinux.h
121066
bpf/vmlinux.h
File diff suppressed because it is too large
Load diff
121047
bpf/x86/vmlinux.h
Normal file
121047
bpf/x86/vmlinux.h
Normal file
File diff suppressed because it is too large
Load diff
|
@ -21,6 +21,7 @@ package bpf
|
|||
|
||||
import (
|
||||
_ "embed"
|
||||
"runtime"
|
||||
"unsafe"
|
||||
|
||||
"github.com/aquasecurity/libbpfgo"
|
||||
|
@ -110,7 +111,12 @@ func startOpen(bufferSize int) (*open, error) {
|
|||
return nil, trace.Wrap(err)
|
||||
}
|
||||
|
||||
syscalls := []string{"open", "openat", "openat2"}
|
||||
syscalls := []string{"openat", "openat2"}
|
||||
|
||||
if runtime.GOARCH != "arm64" {
|
||||
// open is not implemented on arm64.
|
||||
syscalls = append(syscalls, "open")
|
||||
}
|
||||
|
||||
for _, syscall := range syscalls {
|
||||
if err = AttachSyscallTracepoint(o.module, syscall); err != nil {
|
||||
|
|
Loading…
Reference in a new issue