feat: make PPME_SYSCALL_EXECVE_19_X "scap converter"-managed

[ekoops]

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

/kind cleanup

/kind design

/kind documentation

/kind failing-test

/kind test

/kind feature

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area API-version

/area build

/area CI

/area driver-kmod

/area driver-bpf

/area driver-modern-bpf

/area libscap-engine-bpf

/area libscap-engine-gvisor

/area libscap-engine-kmod

/area libscap-engine-modern-bpf

/area libscap-engine-nodriver

/area libscap-engine-noop

/area libscap-engine-source-plugin

/area libscap-engine-savefile

/area libscap

/area libpman

/area libsinsp

/area tests

/area proposals

Does this PR require a change in the driver versions?

/version driver-API-version-major

/version driver-API-version-minor

/version driver-API-version-patch

/version driver-SCHEMA-version-major

/version driver-SCHEMA-version-minor

/version driver-SCHEMA-version-patch

What this PR does / why we need it:

This PR lets the scap converter managing all the possible variations of PPME_SYSCALL_EXECVE_19_X event, adapting the userspace code to handle possible empty values coming from the conversion.

The PPME_SYSCALL_EXECVE_19_E event is stil sent to sinsp, as its filename parameter value is still used as a fallback if the trusted_exepath parameter is not present in the exit event (only happing for scap-converted events), and we cannot implement this fallback logic in the scap-converter.

Moreover, it fixes some execve and execveat tests and aligns comments to the new one-line style in the kernel drivers and tests.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

/milestone 0.22.0

Does this PR introduce a user-facing change?:

NONE

[github-actions]

Please double check driver/SCHEMA_VERSION file. See versioning.

/hold

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ekoops

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [ekoops]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 78.02%. Comparing base (92703f2) to head (3fc1402).
Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2544      +/-   ##
==========================================
- Coverage   78.05%   78.02%   -0.03%     
==========================================
  Files         292      292              
  Lines       32157    32143      -14     
  Branches     4692     4703      +11     
==========================================
- Hits        25099    25079      -20     
- Misses       7058     7064       +6     

Flag	Coverage Δ
libsinsp	78.02% <100.00%> (-0.03%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Perf diff from master - unit tests

   100.00%    -99.65%  [.] 0x000000000007ce90

Heap diff from master - unit tests

peak heap memory consumption: -3.47K
peak RSS (including heaptrack overhead): 0B
total memory leaked: -280.08K

Heap diff from master - scap file

peak heap memory consumption: -2.87K
peak RSS (including heaptrack overhead): 0B
total memory leaked: 0B

Benchmarks diff from master

Comparing gbench_data.json to /root/actions-runner/_work/libs/libs/build/gbench_data.json
Benchmark                                                         Time             CPU      Time Old      Time New       CPU Old       CPU New
----------------------------------------------------------------------------------------------------------------------------------------------
BM_sinsp_split_mean                                            +0.0134         +0.0135           146           148           146           148
BM_sinsp_split_median                                          +0.0214         +0.0215           146           149           146           149
BM_sinsp_split_stddev                                          +2.8699         +2.8695             1             3             1             3
BM_sinsp_split_cv                                              +2.8187         +2.8179             0             0             0             0
BM_sinsp_concatenate_paths_relative_path_mean                  -0.0510         -0.0509            60            57            60            57
BM_sinsp_concatenate_paths_relative_path_median                -0.0567         -0.0566            60            57            60            57
BM_sinsp_concatenate_paths_relative_path_stddev                -0.8502         -0.8500             1             0             1             0
BM_sinsp_concatenate_paths_relative_path_cv                    -0.8422         -0.8419             0             0             0             0
BM_sinsp_concatenate_paths_empty_path_mean                     -0.0355         -0.0354            25            24            25            24
BM_sinsp_concatenate_paths_empty_path_median                   -0.0323         -0.0322            25            24            25            24
BM_sinsp_concatenate_paths_empty_path_stddev                   -0.8039         -0.8046             0             0             0             0
BM_sinsp_concatenate_paths_empty_path_cv                       -0.7967         -0.7974             0             0             0             0
BM_sinsp_concatenate_paths_absolute_path_mean                  +0.0228         +0.0229            56            57            56            57
BM_sinsp_concatenate_paths_absolute_path_median                +0.0220         +0.0221            56            57            56            57
BM_sinsp_concatenate_paths_absolute_path_stddev                -0.0641         -0.0626             1             1             1             1
BM_sinsp_concatenate_paths_absolute_path_cv                    -0.0849         -0.0835             0             0             0             0

[ekoops]

Not bumping the driver schema version is currently a practice we are following as we will bump it in a single shot once we are done with the #2427 initiative.
/hold cancel

[poiana]

LGTM label has been added.

Details

Git tree hash: de156227c6ea2dbd8778ff670eb44bb4ead66f67