Failed to attach uprobe uprobe/getaddrinfo

[onny]

Getting this error on NixOS (unstable) with OpenSnitch 1.6.2

• Kernel version: 6.1.44
• All opensnitchd -check-requirements checks are positive

ERR  EBPF-DNS: Failed to attach uprobe uprobe/getaddrinfo : cannot write "p:p___nix_store_1x4ijm9r1a88qk7zcmbbfza324gx1aac_glibc_2_37_8_lib_libc_so_6_eddd0_gobpf_647 /nix/store/1x4ijm9r1a88qk7zcmbbfza324gx1aac-glibc-2.37-8/lib/libc.so.6:0xeddd0\n" to uprobe_events: write /sys/kernel/debug/tracing/uprobe_events: invalid argument
found /nix/store/1x4ijm9r1a88qk7zcmbbfza324gx1aac-glibc-2.37-8/lib/libc.so.6
WAR  EBPF-DNS: Unable to attach ebpf listener: cannot write "p:p___nix_store_1x4ijm9r1a88qk7zcmbbfza324gx1aac_glibc_2_37_8_lib_libc_so_6_eddd0_gobpf_647 /nix/store/1x4ijm9r1a88qk7zcmbbfza324gx1aac-glibc-2.37-8/lib/libc.so.6:0xeddd0\n" to uprobe_events: write /sys/kernel/debug/tracing/uprobe_events: invalid argument
ERR  EBPF-DNS: Failed to attach uprobe uretprobe/gethostbyname : cannot write "r:r___nix_store_1x4ijm9r1a88qk7zcmbbfza324gx1aac_glibc_2_37_8_lib_libc_so_6_117ff0_gobpf_623 /nix/store/1x4ijm9r1a88qk7zcmbbfza324gx1aac-glibc-2.37-8/lib/libc.so.6:0x117ff0\n" to uprobe_events: write /sys/kernel/debug/tracing/uprobe_events: invalid argument
WAR  EBPF-DNS: Unable to attach ebpf listener: cannot write "r:r___nix_store_1x4ijm9r1a88qk7zcmbbfza324gx1aac_glibc_2_37_8_lib_libc_so_6_117ff0_gobpf_623 /nix/store/1x4ijm9r1a88qk7zcmbbfza324gx1aac-glibc-2.37-8/lib/libc.so.6:0x117ff0\n" to uprobe_events: write /sys/kernel/debug/tracing/uprobe_events: invalid argument

[gustavo-iniguez-goya]

Hi @onny ,

Please, post the following information:

• System architecture (uname -m)

• Output of ~ $ grep UPROBE /boot/config-$(uname -r)

• Does it always fail? or is random?

• What's the content of /sys/kernel/debug/tracing/uprobe_events before starting the daemon and while it's running?

• Stop the daemon, and launch it manually as follow as root:
  ~ # opensnitchd -rules-path /etc/opensnitchd/rules/

  and see if there's any error with the tag "EBPF-DNS" printed to stderr. These errors are not logged to the file opensnitchd.log.

[onny]

Thank you for your fast response :)

Hi @onny ,

Please, post the following information:

System architecture (uname -m)

[root@nixos nixpkgs]# uname -m
x86_64

Output of ~ $ grep UPROBE /boot/config-$(uname -r)

[root@nixos nixpkgs]# zcat /proc/config.gz | grep UPROBE
CONFIG_ARCH_SUPPORTS_UPROBES=y
CONFIG_UPROBES=y
CONFIG_UPROBE_EVENTS=y

Does it always fail? or is random?

Always while starting the daemon via systemd

What's the content of /sys/kernel/debug/tracing/uprobe_events before starting the daemon and while it's running?

Always empty

Stop the daemon, and launch it manually as follow as root:
~ # opensnitchd -rules-path /etc/opensnitchd/rules/
and see if there's any error with the tag "EBPF-DNS" printed to stderr. These errors are not logged to the file opensnitchd.log.

Errors still appear

[2023-08-13 09:23:21]  IMP  Starting opensnitch-daemon v1.6.1
[2023-08-13 09:23:21]  INF  Loading rules from /var/lib/opensnitch/rules ...
OK: libnetfiler_queue supports nfq_get_uid
OK: libnetfiler_queue supports nfq_get_uid
found /nix/store/1x4ijm9r1a88qk7zcmbbfza324gx1aac-glibc-2.37-8/lib/libc.so.6
[2023-08-13 09:23:21]  ERR  EBPF-DNS: Failed to attach uprobe uretprobe/gethostbyname : cannot write "r:r___nix_store_1x4ijm9r1a88qk7zcmbbfza324gx1aac_glibc_2_37_8_lib_libc_so_6_117ff0_gobpf_953 /nix/store/1x4ijm9r1a88qk7zcmbbfza324gx1aac-glibc-2.37-8/lib/libc.so.6:0x117ff0\n" to uprobe_events: write /sys/kernel/debug/tracing/uprobe_events: invalid argument
[2023-08-13 09:23:21]  WAR  EBPF-DNS: Unable to attach ebpf listener: cannot write "r:r___nix_store_1x4ijm9r1a88qk7zcmbbfza324gx1aac_glibc_2_37_8_lib_libc_so_6_117ff0_gobpf_953 /nix/store/1x4ijm9r1a88qk7zcmbbfza324gx1aac-glibc-2.37-8/lib/libc.so.6:0x117ff0\n" to uprobe_events: write /sys/kernel/debug/tracing/uprobe_events: invalid argument

[onny]

After fixing loading opensnitch-dns.ko these errors appear again:

Jan 04 10:24:05 nixos opensnitchd[746]: found /nix/store/9y8pmvk8gdwwznmkzxa6pwyah52xy3nk-glibc-2.38-27/lib/libc.so.6
Jan 04 10:24:05 nixos opensnitchd[746]: [2024-01-04 10:24:05]  ERR  EBPF-DNS: Failed to attach uprobe uretprobe/gethostbyname : cannot write "r:r___nix_store_9y8pmvk8gdwwznmkzxa6pwyah52xy3nk_glibc_2_38_27_lib_libc_so_6_11deb0_gobpf_746 /nix/store/9y8pmvk8gdwwznmkzxa6pwyah52xy3nk-glibc-2.38-27/lib/libc.so.6:0x11deb0\n" to uprobe_events: write /sys/kernel/debug/tracing/uprobe_events: invalid argument
Jan 04 10:24:05 nixos opensnitchd[746]: [2024-01-04 10:24:05]  WAR  EBPF-DNS: Unable to attach ebpf listener: cannot write "r:r___nix_store_9y8pmvk8gdwwznmkzxa6pwyah52xy3nk_glibc_2_38_27_lib_libc_so_6_11deb0_gobpf_746 /nix/store/9y8pmvk8gdwwznmkzxa6pwyah52xy3nk-glibc-2.38-27/lib/libc.so.6:0x11deb0\n" to uprobe_events: write /sys/kernel/debug/tracing/uprobe_events: invalid argument

[gustavo-iniguez-goya]

hey @onny ,

I've been debugging lately the uprobes and I've fixed some errors, but none of them will help with your error I think.

By the way is /nix/store/1x4ijm9r1a88qk7zcmbbfza324gx1aac-glibc-2.37-8/ mounted with overlayfs?

On the other hand, could you monitor the file /sys/kernel/tracing/error_log to see if any error is sent when the "invalid argument" occurs?