Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[backport v1.1] pkg/sensors: reduce ratelimit map memory footprint #2582

Merged
merged 5 commits into from
Jun 20, 2024
Merged

[backport v1.1] pkg/sensors: reduce ratelimit map memory footprint #2582

merged 5 commits into from
Jun 20, 2024

Conversation

mtardy
Copy link
Member

@mtardy mtardy commented Jun 19, 2024
edited
Loading

Backport of #2551 and #2583

Reduce the kernel memory footprint (accounted by the cgroup memory controller) of the ratelimit feature when unused (around ~10MB per kprobe).

mtardy and others added 4 commits June 19, 2024 11:52
@mtardy
bpf: remove rate limit maps and structs for kernel <5.3
8d0ef14 
[ upstream commit ed824b3 ]

Since the rate limit feature is only available for LARGE_BPF_PROG, let's
remove the unnecessary map and the struct from the small BPF progs.

Signed-off-by: Mahe Tardy <[email protected]>
@mtardy
pkg/sensors: pin the ratelimit_map to the fs
bb614c4 
[ upstream commit 38ab012 ]

Signed-off-by: Mahe Tardy <[email protected]>
@mtardy
pkg/sensors: reduce ratelimit map memory footprint
560f802 
[ upstream commit 850410b ]

For every ratelimit map loaded, we add ~10MB of kernel memory, and each
kprobe added was adding a ratelimit map. We now only load that map if
the user used the rateLimit field in a matchActions to reduce the memory
footprint of this feature when unused.

Signed-off-by: Mahe Tardy <[email protected]>
@kevsecurity @mtardy
pkg/sensors: add rate limit test
e8d83e7 
[ upstream commit 1eea47b ]

Add a NoRateLimit test and a RateLimitTest.

Signed-off-by: Kevin Sheldrake <[email protected]>
@mtardy mtardy added the kind/backport This PR provides functionality previously merged into master. label Jun 19, 2024
@mtardy mtardy requested a review from a team as a code owner June 19, 2024 09:55
@mtardy mtardy requested review from willfindlay and removed request for a team June 19, 2024 09:55
@mtardy mtardy added the release-note/bug This PR fixes an issue in a previous release of Tetragon. label Jun 19, 2024
@mtardy mtardy marked this pull request as draft June 19, 2024 10:11
@mtardy
pkg/sensors: fix for ratelimit_map wrong path pinning
126335e 
[ upstream commit a1a2499 ]

Commit 38ab012 pinned the ratelimit_map
to the fs but used sensorPath instead pinPath since this is a per kprobe
map and not a per sensor map.

Signed-off-by: Mahe Tardy <[email protected]>
@mtardy mtardy marked this pull request as ready for review June 19, 2024 11:13
@kkourt kkourt merged commit d77bd80 into v1.1 Jun 20, 2024
42 checks passed
@kkourt kkourt deleted the pr/mtardy/backport-v1.1-ratelimit-memory branch June 20, 2024 08:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kkourt kkourt kkourt approved these changes

@willfindlay willfindlay Awaiting requested review from willfindlay willfindlay is a code owner automatically assigned from cilium/tetragon

Assignees
No one assigned
Labels
kind/backport This PR provides functionality previously merged into master. release-note/bug This PR fixes an issue in a previous release of Tetragon.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mtardy @kkourt @kevsecurity