Skip to content

Add security_path_notify test to PR workflow #3926

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 11, 2024
Merged

Add security_path_notify test to PR workflow #3926

merged 1 commit into from
Dec 11, 2024

Conversation

@oshaked1
Copy link
Contributor

@oshaked1 oshaked1 commented Mar 21, 2024

1. Explain what the PR does

Add test for security_path_notify event to PR workflow.

@oshaked1
Copy link
Contributor Author

oshaked1 commented Mar 21, 2024

The security_path_notify function was introduced in kernel version 5.4. Currently there is no method to conditionally load probes based on kernel version, so the test fails on incompatible kernels.

@geyslan
Copy link
Member

geyslan commented Apr 3, 2024

https://github.com/aquasecurity/tracee/actions/runs/8373435136/job/22926492619?pr=3926#step:5:1468

INFO: SECURITY_PATH_NOTIFY: FAILED, stderr from tracee:
{"level":"warn","ts":1711017749.6577032,"msg":"Cancelling event and its dependencies because of missing probe","missing probe":103,"event":"security_path_notify","error":"probes.(*TraceProbe).attach: symbol not found: security_path_notify"}

@oshaked1 is this PR a demonstration of the lack of probes loading by kernel version? If so, please open an issue referring this, so we can close it for now.

@AlonZivony is this related to your work on dependencies?

@AlonZivony
Copy link
Contributor

AlonZivony commented Apr 4, 2024

@AlonZivony is this related to your work on dependencies?

Yea, it is partly related.
We will need some mechanism to load only needed programs. It will use the dependencies mechanism that I created.
Afterwards we will use the fallback mechanism I want to merge using the dependencies mechanism to load other programs in the case of failure.

@yanivagman yanivagman marked this pull request as draft December 8, 2024 12:28
@oshaked1 oshaked1 force-pushed the security_path_notify branch from 060bd0a to cf8478e Compare December 11, 2024 09:46
@oshaked1 oshaked1 marked this pull request as ready for review December 11, 2024 09:47
yanivagman
yanivagman approved these changes Dec 11, 2024
View reviewed changes
Copy link
Collaborator

@yanivagman yanivagman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@yanivagman yanivagman merged commit 09e7d60 into aquasecurity:main Dec 11, 2024
31 checks passed
@oshaked1 oshaked1 deleted the security_path_notify branch December 12, 2024 11:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yanivagman yanivagman yanivagman approved these changes

Assignees

@oshaked1 oshaked1

Labels

area/build area/testing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@oshaked1 @geyslan @AlonZivony @yanivagman