new(driver): add sanity check for kmod and ebpf configure systems

[iurly]

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

/kind cleanup

/kind design

/kind documentation

/kind failing-test

/kind feature

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area API-version

/area build

/area CI

/area driver-kmod

/area driver-bpf

/area driver-modern-bpf

/area libscap-engine-bpf

/area libscap-engine-gvisor

/area libscap-engine-kmod

/area libscap-engine-modern-bpf

/area libscap-engine-nodriver

/area libscap-engine-noop

/area libscap-engine-source-plugin

/area libscap-engine-savefile

/area libscap

/area libpman

/area libsinsp

/area tests

/area proposals

Does this PR require a change in the driver versions?

/version driver-API-version-major

/version driver-API-version-minor

/version driver-API-version-patch

/version driver-SCHEMA-version-major

/version driver-SCHEMA-version-minor

/version driver-SCHEMA-version-patch

What this PR does / why we need it:

Both kmod and legacy eBPF have a configure system to evaluate whether the kernel enables certain features introduced by a certain kernel release, mainly to catch RedHat backporting cutting edge features on “their stable” kernels.

The approach consists in trying to build a stub module and if it goes through, claim the feature is supported. However, the build might fail for completely unrelated reasons, leading to a wrong assumption which will then cause the actual build to fail with cryptic compile errors.

This PR introduces a one-code-fits-all configure check named __SANITY which does essentially nothing and is therefore guaranteed to compile on every kernel, provided the build environment is sane. When this check fails, we let the whole build fail fast.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

NONE

[github-actions]

Perf diff from master - unit tests

     8.22%     +0.71%  [.] std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_release
     2.72%     +0.40%  [.] gzfile_read
     1.40%     +0.35%  [.] sinsp_parser::process_event
     0.58%     -0.33%  [.] scap_next
     3.83%     -0.30%  [.] next_event_from_file
     1.49%     -0.29%  [.] std::_Hashtable<long, std::pair<long const, std::shared_ptr<sinsp_threadinfo> >, std::allocator<std::pair<long const, std::shared_ptr<sinsp_threadinfo> > >, std::__detail::_Select1st, std::equal_to<long>, std::hash<long>, std::__detail::_Mod_range_hashing, std::__detail::_Default_ranged_hash, std::__detail::_Prime_rehash_policy, std::__detail::_Hashtable_traits<false, false, true> >::_M_find_before_node
    18.25%     -0.28%  [.] sinsp_threadinfo::get_main_thread
     0.40%     -0.25%  [.] sinsp_evt::is_filtered_out
     0.74%     +0.22%  [.] sinsp_evt_filter::sinsp_evt_filter
     1.98%     -0.21%  [.] sinsp_thread_manager::find_thread

Heap diff from master - unit tests

peak heap memory consumption: 0B
peak RSS (including heaptrack overhead): 0B
total memory leaked: 0B

Heap diff from master - scap file

peak heap memory consumption: 0B
peak RSS (including heaptrack overhead): 0B
total memory leaked: 0B

Benchmarks diff from master

Comparing gbench_data.json to /root/actions-runner/_work/libs/libs/build/gbench_data.json
Benchmark                                                         Time             CPU      Time Old      Time New       CPU Old       CPU New
----------------------------------------------------------------------------------------------------------------------------------------------
BM_sinsp_split_mean                                            +0.0080         +0.0078           150           152           150           152
BM_sinsp_split_median                                          +0.0046         +0.0044           151           151           151           151
BM_sinsp_split_stddev                                          +0.3849         +0.3863             1             1             1             1
BM_sinsp_split_cv                                              +0.3739         +0.3756             0             0             0             0
BM_sinsp_concatenate_paths_relative_path_mean                  -0.0643         -0.0644            63            59            63            59
BM_sinsp_concatenate_paths_relative_path_median                -0.0693         -0.0694            63            59            63            59
BM_sinsp_concatenate_paths_relative_path_stddev                -0.7955         -0.7956             1             0             1             0
BM_sinsp_concatenate_paths_relative_path_cv                    -0.7814         -0.7816             0             0             0             0
BM_sinsp_concatenate_paths_empty_path_mean                     -0.0008         -0.0009            24            24            24            24
BM_sinsp_concatenate_paths_empty_path_median                   -0.0003         -0.0004            24            24            24            24
BM_sinsp_concatenate_paths_empty_path_stddev                   +0.1044         +0.1101             0             0             0             0
BM_sinsp_concatenate_paths_empty_path_cv                       +0.1053         +0.1111             0             0             0             0
BM_sinsp_concatenate_paths_absolute_path_mean                  +0.0673         +0.0672            62            66            62            66
BM_sinsp_concatenate_paths_absolute_path_median                +0.0688         +0.0687            62            66            62            66
BM_sinsp_concatenate_paths_absolute_path_stddev                +0.7395         +0.7406             0             0             0             0
BM_sinsp_concatenate_paths_absolute_path_cv                    +0.6297         +0.6310             0             0             0             0
BM_sinsp_split_container_image_mean                            +0.0036         +0.0035           395           396           395           396
BM_sinsp_split_container_image_median                          +0.0001         -0.0001           396           396           396           396
BM_sinsp_split_container_image_stddev                          -0.2388         -0.2387             4             3             4             3
BM_sinsp_split_container_image_cv                              -0.2416         -0.2413             0             0             0             0

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 75.32%. Comparing base (0d94d2b) to head (8a62188).

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #2283   +/-   ##
=======================================
  Coverage   75.32%   75.32%           
=======================================
  Files         280      280           
  Lines       34556    34556           
  Branches     5902     5902           
=======================================
  Hits        26031    26031           
  Misses       8525     8525           

Flag	Coverage Δ
libsinsp	75.32% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[FedeDP]

Question: i think we should enforce the sanity check to be first one, right?
Also, i'd expect to see a line like:

[configure-bpf] Build system is sane

in the CI output (eg: https://github.com/falcosecurity/libs/actions/runs/13372344552/job/37343720272?pr=2283) but that's not the case.

[iurly]

Question: i think we should enforce the sanity check to be first one, right?

Uhm, yes that was my original idea but then I forgot about it. It's not extremely important but it makes sense.
Do you think it would be enough to rename it to something like 0__SANITY so that it's first in alphabetical order?

Also, i'd expect to see a line like:

[configure-bpf] Build system is sane

in the CI output (eg: falcosecurity/libs/actions/runs/13372344552/job/37343720272?pr=2283) but that's not the case.

You're right, the code is broken in its current state (just a misplaced endif I guess).
I'll make these couple of fixes and abuse the CI :-)

[FedeDP]

Yay much better now :D
You are just missing DCO and this LGTM!

[iurly]

Yay much better now :D You are just missing DCO and this LGTM!

Done!

[FedeDP]

/milestone next-driver

[FedeDP]

/approve

[poiana]

LGTM label has been added.

Git tree hash: 6ec67338dd861b918cfe12af21691446393825c1

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: FedeDP, iurly

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• driver/OWNERS [FedeDP]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment