build(deps): bump github.com/cilium/ebpf from 0.7.0 to 0.9.3

[dependabot]

Bumps github.com/cilium/ebpf from 0.7.0 to 0.9.3.

Release notes

Sourced from github.com/cilium/ebpf's releases.

v0.9.3 - Prevent livelocks loading BPF programs while profiling

This is a bugfix release for an endless loop that could occur when running a pprof session while loading a BPF program.

@​danobi published an article with a deep-dive into the problem: https://dxuuu.xyz/bpf-go-pprof.html.

If a thread receives a signal while blocked in BPF_PROG_LOAD, the verifier can cooperatively interrupt itself by checking pending signals for the thread and return -EAGAIN from the syscall to request userspace to retry.

During a Go pprof session, threads are routinely sent a SIGPROF to make them dump profiling information, which can lead to a runaway reaction if the program takes longer to verify than the interrupt frequency. To prevent this, the SIGPROF signal is now masked during BPF_PROG_LOAD.

What's Changed

• CI: test on 5.19 by @​lmb in cilium/ebpf#793
• prep work for BTF marshaling by @​lmb in cilium/ebpf#791
• cmd/bpf2go: test against clang-14 by default by @​lmb in cilium/ebpf#794
• btf: fix IntEncoding by @​lmb in cilium/ebpf#797
• bpf2go: use [16]byte instead of uint128 by @​Benjamin-Yim in cilium/ebpf#799
• Semaphore: remove manual Go installation, expedite 'cache restore' by @​ti-mo in cilium/ebpf#803
• Prevent pprof from causing BPF verifier livelocks by @​ti-mo in cilium/ebpf#805
• bpf2go: add flag for alternative filename stem by @​MarcusWichelmann in cilium/ebpf#770
• README: update to reflect the project's situation in H2 2022 by @​ti-mo in cilium/ebpf#804
• sys: use SIG_BLOCK and SIG_UNBLOCK from x/sys/unix by @​lmb in cilium/ebpf#807

New Contributors

• @​Benjamin-Yim made their first contribution in cilium/ebpf#799
• @​MarcusWichelmann made their first contribution in cilium/ebpf#770

Full Changelog: cilium/ebpf@v0.9.2...v0.9.3

v0.9.2

This release contains an important bugfix for users of Program.Test() and .Benchmark(). A kernel change was made that disallows empty packet buffers, with knock-on effects to BPF_PROG_RUN and, as a result, ebpf-go's detection routine for said feature. Users are strongly encouraged to upgrade. See #788 for more details.

The new features.HaveMapFlag() API was merged in this release, congrats @​paulcacheux!

Likewise, the link.K(ret)probeMulti() API was added by @​mmat11, bringing blazingly-fast bulk kprobe attachments to kernels 5.18 and newer.

Some improvements were made to verifier log handling. The VerifierError.Truncated flag can now reliably be used to determine if a program load should be retried due to the provided buffer size being too small. Use this to retry with incrementally growing log buffers for large or complex programs. The Log* fields in ProgramOptions are now thoroughly documented to this effect.

It also bumps the minimum Go version to 1.18, since 1.19 is now out.

What's Changed

• run-tests: show curl error messages by @​lmb in cilium/ebpf#738
• elf_reader: only read data from PROGBITS sections, ignore NOBITS by @​ti-mo in cilium/ebpf#740
• program: support tracing of kernel modules by @​lmb in cilium/ebpf#737
• CI: Test against kernel 5.18 by @​ti-mo in cilium/ebpf#668
• internal: fix VerifierError output with empty log by @​lmb in cilium/ebpf#743
• elf_reader: Allow strings read-only global data sections by @​dylandreimerink in cilium/ebpf#742
• CI: expose individual test results by @​lmb in cilium/ebpf#748
• Fix arm64 testsuite failures by @​lmb in cilium/ebpf#745
• link: (u|k)probe: don't treat EINVAL as os.ErrNotExist by @​ti-mo in cilium/ebpf#751
• features: remove EPERM wrapping exception, automatically wrap errors by @​ti-mo in cilium/ebpf#749

... (truncated)

Commits

• 8fceee5 internal/unix: add some documentation and tidy up stubs
• 7038129 sys: use SIG_BLOCK and SIG_UNBLOCK from x/sys/unix
• d0f3bfb README: update to reflect the project's situation in H2 2022
• 1f78277 bpf2go: add flag for alternative output stem
• e78a613 sys: mask SIGPROF during BPF_PROG_LOAD to prevent livelocks
• c384e23 sys: add (un)maskProfilerSignal to disable SIGPROF
• 0f5eeda sys: implement sigsetAdd
• 9dd7b53 x/sys: bump to 220927 for PthreadSigmask
• fd7d28b features: fix typo in createProgLoadAttr
• 682bccb Semaphore: remove manual Go installation, expedite 'cache restore'
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #60.