From 6732d0ab0aa7347c4aad6ca95d4221595e69ed57 Mon Sep 17 00:00:00 2001
From: Lorenz Bauer <i@lmb.io>
Date: Tue, 25 Oct 2022 15:18:01 +0000
Subject: [PATCH] internal: detect if /proc/self/auxv is not readable due to
 file caps

As reported by Daniel Xu, setting capabilities on an executable file
will prevent reading /proc/self/auxv since the file is owned by root.
The work arounds to this have various trade offs, so the best we can
do is tell the user why we failed and hope they check out our
discussion or create an issue.

See https://github.com/cilium/ebpf/pull/823
---
 internal/vdso.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/internal/vdso.go b/internal/vdso.go
index ae4821de2..aaffa3cb8 100644
--- a/internal/vdso.go
+++ b/internal/vdso.go
@@ -23,6 +23,9 @@ func vdsoVersion() (uint32, error) {
 	// to the process. Go does not expose that data, so we must read it from procfs.
 	// https://man7.org/linux/man-pages/man3/getauxval.3.html
 	av, err := os.Open("/proc/self/auxv")
+	if errors.Is(err, unix.EACCES) {
+		return 0, fmt.Errorf("opening auxv: %w (process may not be dumpable due to file capabilities)", err)
+	}
 	if err != nil {
 		return 0, fmt.Errorf("opening auxv: %w", err)
 	}