Regression on v0.11.0 when re-enabling TracingPolicy with sensors API

[inliquid]

What happened?

I got a regression with Tetragon v0.10.0 -> v0.11.0, there is policy for tcp connect events:

apiVersion: cilium.io/v1alpha1
kind: TracingPolicy
metadata:
  name: connect
spec:
  kprobes:
  - args:
    - index: 0
      returnCopy: false
      type: sock
    call: tcp_connect
    return: false
    syscall: false
  - args:
    - index: 0
      returnCopy: false
      type: sock
    call: tcp_close
    return: false
    syscall: false
  - args:
    - index: 0
      returnCopy: false
      type: sock
    - index: 2
      returnCopy: false
      type: int
    call: tcp_sendmsg
    return: false
    syscall: false

And if I disable it with tetra sensors disable connect and try to re-enable: tetra sensors enable connect it returns an error and stays disabled:

# tetra sensors enable connect
failed to enable sensor connect: rpc error: code = Unknown desc = sensor gkp-sensor-1 from collection connect failed to load: failed prog /var/lib/tetragon/bpf_generic_kprobe_v53.o kern_version 328939 loadInstance: getting entry from genericKprobeTable failed with: invalid id (ID=0/invalid entry)

Tetragon logs:

time="2023-09-18T18:40:00Z" level=warning msg="Server EnableSensor request failed" error="sensor gkp-sensor-1 from collection connect failed to load: failed prog /var/lib/tetragon/bpf_generic_kprobe_v53.o kern_version 328939 loadInstance: getting entry from genericKprobeTable failed with: invalid id (ID=0/invalid entry)" sensor.name=connect

This all worked well with Tetragon v0.10.0, never had an issue with re-enabling this policy.

Tetragon Version

# tetra version
CLI version: v0.11.0

Kernel Version

$ uname -a
Linux mint-vm 5.4.0-155-generic #172-Ubuntu SMP Fri Jul 7 16:10:02 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

Kubernetes Version

$ kubectl version
WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short.  Use --output=yaml|json to get the full version.
Client Version: version.Info{Major:"1", Minor:"27", GitVersion:"v1.27.4", GitCommit:"fa3d7990104d7c1f16943a67f11b154b71f6a132", GitTreeState:"clean", BuildDate:"2023-07-19T12:20:54Z", GoVersion:"go1.20.6", Compiler:"gc", Platform:"linux/amd64"}
Kustomize Version: v5.0.1
Server Version: version.Info{Major:"1", Minor:"26", GitVersion:"v1.26.3", GitCommit:"9e644106593f3f4aa98f8a84b23db5fa378900bd", GitTreeState:"clean", BuildDate:"2023-03-30T06:34:50Z", GoVersion:"go1.19.7", Compiler:"gc", Platform:"linux/amd64"}

Bugtool

tetragon-bugtool.tar.gz

Relevant log output

No response

Anything else?

No response

[mtardy]

Hey, sorry I didn't reply immediately on this issue, we had a discussion in the Tetragon Slack channel.

I think this might be related to #1385, I overlooked the enable/disable interface I'm sorry, I'll try to fix it quickly.

[mtardy]

Hey @inliquid, this should be fixed now in latest (and next release) and we should backport this to 0.11. Just to mention that I added the tetra tracingpolicy disable/enable so you can avoid using the whole sensor interface. Everything is available under the tracingpolicy interface (and actually more than sensor, since you can add tracing policy, and not sensors directly).

Sorry for the delay and I hope this helps.

[inliquid]

Thanks @mtardy! Sounds great, I will re-implement enable/disable logic using updated interface then.

and we should backport this to 0.11

So should helm upgrade do the thing?

[mtardy]

Thanks @mtardy! Sounds great, I will re-implement enable/disable logic using updated interface then.

and we should backport this to 0.11

So should helm upgrade do the thing?

we don't have a release yet but this should be part of next release, and also of next 0.11.x release, see backport here #1604. To have the fix without waiting you need to run latest, so basically use ci images or built it yourself.