Skip to content

Instantly share code, notes, and snippets.

View mauriciovasquezbernal's full-sized avatar

Mauricio Vásquez mauriciovasquezbernal

89 followers · 8 following
View GitHub Profile
@mauriciovasquezbernal
mauriciovasquezbernal / gist:2af889da4ee1d098c96af8cbefc96770
Created March 19, 2024 18:50
trace dns verifier error
time="2024-03-19T13:42:16-05:00" level=debug msg="running gadget: verifier error: load program: permission denied:
; int ig_trace_dns(struct __sk_buff *skb)
0: (bf) r6 = r1
1: (bf) r3 = r10
;
2: (07) r3 += -28
; err = bpf_skb_load_bytes(skb, offsetof(struct ethhdr, h_proto),
3: (b7) r2 = 12
4: (b7) r4 = 2
@mauriciovasquezbernal
mauriciovasquezbernal / datasec_bug_reproducer.c
Last active February 27, 2023 16:24
// SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
/* Copyright (c) 2020 Facebook */
#include <stdio.h>
#include <unistd.h>
#include <sys/resource.h>
#include "bpf/libbpf.h"
#include "bpf/btf.h"
#include "assert.h"
static int libbpf_print_fn(enum libbpf_print_level level, const char *format, va_list args)
@mauriciovasquezbernal
mauriciovasquezbernal / traceexec.go
Created April 29, 2022 13:50
package main
import (
"fmt"
"github.com/cilium/ebpf/rlimit"
"github.com/kinvolk/inspektor-gadget/pkg/gadgets/execsnoop/tracer"
execsnooptracer "github.com/kinvolk/inspektor-gadget/pkg/gadgets/execsnoop/tracer/core"
"github.com/kinvolk/inspektor-gadget/pkg/gadgets/execsnoop/types"
)
@mauriciovasquezbernal
mauriciovasquezbernal / bcc.patch
Last active February 8, 2022 19:32
diff --git a/src/btf.c b/src/btf.c
index 9aa19c8..065ddc8 100644
--- a/src/btf.c
+++ b/src/btf.c
@@ -4627,6 +4627,8 @@ struct btf *btf__load_vmlinux_btf(void)
const char *path_fmt;
bool raw_btf;
} locations[] = {
+ /* try custom path first */
+ { "/tmp/vmlinux.btf", true /* raw BTF */ },
@mauriciovasquezbernal
mauriciovasquezbernal / download_btfhub.sh
Created August 12, 2021 18:58
Download btf info from btfhub
#! /bin/bash
set -e
set -x
source /etc/os-release
KERNEL=$(uname -r)
ARCH=$(uname -m)
URL="https://github.com/aquasecurity/btfhub/raw/main/$ID/$VERSION_ID/$ARCH/$KERNEL.btf.tar.xz"
@mauriciovasquezbernal
mauriciovasquezbernal / create_registration_entries.sh
Last active September 20, 2021 11:08
Cilium-SPIFFE help material
#/bin/bash
set -e
######## agents ########
# spire-agent
kubectl exec -n spire spire-server-0 -- \
/opt/spire/bin/spire-server entry create \
-node \
-spiffeID spiffe://example.org/ns/spire/sa/spire-agent \
@mauriciovasquezbernal
mauriciovasquezbernal / deny-all.yaml
Last active May 26, 2021 18:10
Cilium-SPIFFE integration tools
apiVersion: "cilium.io/v2"
kind: CiliumNetworkPolicy
metadata:
name: "deny-all-egress"
spec:
endpointSelector:
{}
egress:
- {}
@mauriciovasquezbernal
mauriciovasquezbernal / config.json
Created November 6, 2020 16:14
runc config.json for idmapped-mounts.
{
"ociVersion": "1.0.2-dev",
"annotations": {
"io.mauricio.name": "mauriciocontainer"
},
"process": {
"terminal": true,
"user": {
"uid": 0,
"gid": 0
@mauriciovasquezbernal
mauriciovasquezbernal / 001-default.yaml
Created October 2, 2020 12:53
User namespaces in Kubernetes
# Pod without userNamespaceMode, defaults to Host
apiVersion: v1
kind: Pod
metadata:
name: defaut-mode
spec:
containers:
- name: container1
image: busybox
command: ["sh"]
@mauriciovasquezbernal
mauriciovasquezbernal / bpf-1000 rules
Created August 26, 2020 14:26
__dev_queue_xmit
__dev_queue_xmit
ip_finish_output2
ip_do_fragment
ip_output
ip_send_skb
udp_send_skb.isra.51
udp_sendmsg
sock_sendmsg
sock_write_iter