From 785500cd088ae13d2cea11cc0f37b3648a7a4e36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gustavo=20I=C3=B1iguez=20Goia?= <gooffy1@gmail.com>
Date: Sun, 28 Jan 2024 01:10:00 +0100
Subject: [PATCH] clean dns ebpf hooks on exit

We were not reacting to common exit signals, only to kill/interrupt
signals, so the DNS uprobes were never properly removed. Each uprobe
has the PID of the daemon in the identifier, so in theory, there
shouldn't be conflicts, but better clean our probes on exit.

previous to this commit with the daemon running
(and lot of starts/stops):

~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l
367

after stopping the daemon:
~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l
364

~ # > /sys/kernel/debug/tracing/uprobe_events
~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l
0

~ # cp opensnitchd-new /usr/bin/opensnitchd ; service opensnitchd start
~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l
3
~ # service opensnitchd stop
~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l
0
---
 daemon/dns/ebpfhook.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/daemon/dns/ebpfhook.go b/daemon/dns/ebpfhook.go
index d1288710e4..e3449887ad 100644
--- a/daemon/dns/ebpfhook.go
+++ b/daemon/dns/ebpfhook.go
@@ -10,6 +10,7 @@ import (
 	"os"
 	"os/signal"
 	"strings"
+	"syscall"
 	"time"
 
 	"github.com/evilsocket/opensnitch/daemon/core"
@@ -149,7 +150,12 @@ func ListenerEbpf(ebpfModPath string) error {
 	}
 	sig := make(chan os.Signal, 1)
 	exitChannel := make(chan bool)
-	signal.Notify(sig, os.Interrupt, os.Kill)
+	signal.Notify(sig,
+		syscall.SIGHUP,
+		syscall.SIGINT,
+		syscall.SIGTERM,
+		syscall.SIGKILL,
+		syscall.SIGQUIT)
 
 	for i := 0; i < 5; i++ {
 		go spawnDNSWorker(i, channel, exitChannel)