info: Return dedicated error when program info is restricted

dylandreimerink · dylandreimerink · commit 27470e09981a · 2025-08-27T18:20:06.000+02:00
On systems where the `kernel.kptr_restrict` and
`net.core.bpf_jit_harden` sysctls are enabled, certain fields in the
program info may be restricted. When this is the case xlated and jitted
instruction, line info, and function info are unavailable.

When such fields are unavailable, we do get ..len fields set to non-zero
values, but the kernel will have not written any data to the pointers
provided.

At present when this happens we don't recognize this and attempt to
parse the empty buffers resulting in a `parse func info: offset 0:
type ID 0 is a *btf.Void, but expected a Func` error.

The only clue we have that this is happening is that the kernel will
zero out the insns pointer. This commit adds logic to detect when
this happens and then returns a dedicated `ErrInfoRestricted` error
so this case can be handled gracefully.

Signed-off-by: Dylan Reimerink &lt;dylan.reimerink@isovalent.com&gt;
diff --git a/info.go b/info.go
@@ -301,6 +301,8 @@ type ProgramInfo struct {
 	btf              btf.ID
 	loadTime         time.Duration
 
+	restricted bool
+
 	maps                 []MapID
 	insns                []byte
 	jitedSize            uint32
@@ -477,6 +479,14 @@ func newProgramInfoFromFd(fd *sys.FD) (*ProgramInfo, error) {
 		}
 	}
 
+	if info.XlatedProgLen > 0 && info2.XlatedProgInsns.IsNil() {
+		pi.restricted = true
+		pi.insns = nil
+		pi.lineInfos = nil
+		pi.funcInfos = nil
+		pi.jitedInfo = programJitedInfo{}
+	}
+
 	return &pi, nil
 }
 
@@ -556,6 +566,10 @@ func (pi *ProgramInfo) btfSpec() (*btf.Spec, error) {
 	return spec, nil
 }
 
+// ErrInfoRestricted when kernel.kptr_restrict and net.core.bpf_jit_harden are set, the kernel may restrict access
+// to certain bits of the program info.
+var ErrInfoRestricted = errors.New("program info restricted by combination of kernel.kptr_restrict and net.core.bpf_jit_harden")
+
 // LineInfos returns the BTF line information of the program.
 //
 // Available from 5.0.
@@ -564,6 +578,10 @@ func (pi *ProgramInfo) btfSpec() (*btf.Spec, error) {
 // ErrNotSupported if the program was created without BTF or if the kernel
 // doesn't support the field.
 func (pi *ProgramInfo) LineInfos() (btf.LineOffsets, error) {
+	if pi.restricted {
+		return nil, ErrInfoRestricted
+	}
+
 	if len(pi.lineInfos) == 0 {
 		return nil, fmt.Errorf("insufficient permissions or unsupported kernel: %w", ErrNotSupported)
 	}
@@ -606,6 +624,10 @@ func (pi *ProgramInfo) Instructions() (asm.Instructions, error) {
 		return nil, fmt.Errorf("read instructions: %w", internal.ErrNotSupportedOnOS)
 	}
 
+	if pi.restricted {
+		return nil, ErrInfoRestricted
+	}
+
 	// If the calling process is not BPF-capable or if the kernel doesn't
 	// support getting xlated instructions, the field will be zero.
 	if len(pi.insns) == 0 {
@@ -676,6 +698,10 @@ func (pi *ProgramInfo) Instructions() (asm.Instructions, error) {
 //
 // Available from 4.13. Reading this metadata requires CAP_BPF or equivalent.
 func (pi *ProgramInfo) JitedSize() (uint32, error) {
+	if pi.restricted {
+		return 0, ErrInfoRestricted
+	}
+
 	if pi.jitedSize == 0 {
 		return 0, fmt.Errorf("insufficient permissions, unsupported kernel, or JIT compiler disabled: %w", ErrNotSupported)
 	}
@@ -687,6 +713,10 @@ func (pi *ProgramInfo) JitedSize() (uint32, error) {
 //
 // Available from 4.13. Reading this metadata requires CAP_BPF or equivalent.
 func (pi *ProgramInfo) TranslatedSize() (int, error) {
+	if pi.restricted {
+		return 0, ErrInfoRestricted
+	}
+
 	insns := len(pi.insns)
 	if insns == 0 {
 		return 0, fmt.Errorf("insufficient permissions or unsupported kernel: %w", ErrNotSupported)
@@ -786,6 +816,10 @@ func (pi *ProgramInfo) JitedFuncLens() ([]uint32, bool) {
 // ErrNotSupported if the program was created without BTF or if the kernel
 // doesn't support the field.
 func (pi *ProgramInfo) FuncInfos() (btf.FuncOffsets, error) {
+	if pi.restricted {
+		return nil, ErrInfoRestricted
+	}
+
 	if len(pi.funcInfos) == 0 {
 		return nil, fmt.Errorf("insufficient permissions or unsupported kernel: %w", ErrNotSupported)
 	}
diff --git a/internal/sys/ptr.go b/internal/sys/ptr.go
@@ -28,6 +28,10 @@ type TypedPointer[T any] struct {
 	ptr Pointer
 }
 
+func (p TypedPointer[T]) IsNil() bool {
+	return p.ptr.IsNil()
+}
+
 // SlicePointer creates a [TypedPointer] from a slice.
 func SlicePointer[T comparable](s []T) TypedPointer[T] {
 	return TypedPointer[T]{ptr: UnsafeSlicePointer(s)}
diff --git a/internal/sys/ptr_64.go b/internal/sys/ptr_64.go
@@ -13,3 +13,7 @@ type Pointer struct {
 	structs.HostLayout
 	ptr unsafe.Pointer
 }
+
+func (p Pointer) IsNil() bool {
+	return p.ptr == nil
+}

Original file line number	Diff line number	Diff line change
`@@ -13,3 +13,7 @@ type Pointer struct {`
`13`	`13`	`structs.HostLayout`
`14`	`14`	`ptr unsafe.Pointer`
`15`	`15`	`}`
	`16`	`+`
	`17`	`+func (p Pointer) IsNil() bool {`
	`18`	`+ return p.ptr == nil`
	`19`	`+}`