From da99686ab0e59eb0309829500135d8c755c19f3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gustavo=20I=C3=B1iguez=20Goia?= Date: Sun, 28 Jan 2024 01:14:15 +0100 Subject: [PATCH] clean dns ebpf hooks on exit We were not reacting to common exit signals, only to kill/interrupt signals, so the DNS uprobes were never properly removed. Each uprobe has the PID of the daemon in the identifier, so in theory, there shouldn't be conflicts, but better clean our probes on exit. previous to this commit with the daemon running (and lot of starts/stops): ~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l 367 after stopping the daemon: ~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l 364 ~ # > /sys/kernel/debug/tracing/uprobe_events ~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l 0 ~ # cp opensnitchd-new /usr/bin/opensnitchd ; service opensnitchd start ~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l 3 ~ # service opensnitchd stop ~ # cat /sys/kernel/debug/tracing/uprobe_events |wc -l 0 (cherry picked from commit 785500cd088ae13d2cea11cc0f37b3648a7a4e36) --- daemon/dns/ebpfhook.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/daemon/dns/ebpfhook.go b/daemon/dns/ebpfhook.go index b91dcf8c95..83a37df28f 100644 --- a/daemon/dns/ebpfhook.go +++ b/daemon/dns/ebpfhook.go @@ -10,6 +10,7 @@ import ( "os" "os/signal" "strings" + "syscall" "time" "github.com/evilsocket/opensnitch/daemon/core" @@ -149,7 +150,12 @@ func ListenerEbpf(ebpfModPath string) error { } sig := make(chan os.Signal, 1) exitChannel := make(chan bool) - signal.Notify(sig, os.Interrupt, os.Kill) + signal.Notify(sig, + syscall.SIGHUP, + syscall.SIGINT, + syscall.SIGTERM, + syscall.SIGKILL, + syscall.SIGQUIT) for i := 0; i < 5; i++ { go spawnDNSWorker(i, channel, exitChannel)