src/python: fix filtering by containers when kfunc are supported
The filtering by mount namespace logic has to access
current_task->nsproxy->mnt_ns->ns.inum to get the mount namespace id. Before
this commit, that line was written in C natural syntax and we're relying on the
BCC rewriter to transform that to valid eBPF code by emitting some
bpf_probe_read calls.
This support was not working when using opensnoop in systems supporting kfuncs
because in this case the BCC rewriter doesn't transform that line and the
verifier claims about an invalid memory access:
7: (85) call bpf_get_current_task#35; return
current_task->nsproxy->mnt_ns->ns.inum; 8: (79) r1 = *(u64 *)(r0 +2896) R0
invalid mem access 'inv'
This commit fixes that by explicitly using bpf_probe_kernel_read() instead of
the C natural syntax.
Signed-off-by: Mauricio Vásquez <mauricio@kinvolk.io>