fix(dropreason): Check ftrace_enabled required for fexit programs

[SRodi]

Description

Adds a check for /proc/sys/kernel/ftrace_enabled before deciding to use fexit eBPF programs. When ftrace is disabled, the plugin will fall back to kprobes.

Changes

• Added IsFtraceEnabled() helper function in pkg/plugin/common/common_linux.go that reads /proc/sys/kernel/ftrace_enabled
• Updated getEbpfPayload() to check ftrace status and log it
• Modified resolvePayload() to accept ftraceEnabled parameter and only use fexit programs when ftrace is enabled (in addition to existing kernel version/architecture requirements)
• Updated documentation to clarify that fexit programs require ftrace to be enabled

Behavior

• Before: Plugin would attempt to use fexit programs based only on kernel version and architecture, potentially failing when ftrace is disabled
• After: Plugin checks ftrace status and gracefully falls back to kprobes when ftrace is disabled

Related Issue

If this pull request is related to any issue, please mention it here. Additionally, make sure that the issue is assigned to you before submitting this pull request.

Checklist

• I have read the contributing documentation.
• I signed and signed-off the commits (git commit -S -s ...). See this documentation on signing commits.
• I have correctly attributed the author(s) of the code.
• I have tested the changes locally.
• I have followed the project's style guidelines.
• I have updated the documentation, if necessary.
• I have added tests, if applicable.

Screenshots (if applicable) or Testing Completed

Verified on kernel 6.6.0 with both ftrace enabled and disabled scenarios. When ftrace is enabled fexit programs are used. When ftrace is disabled, the plugin uses kprobes/kretprobes.

Additional Notes

Add any additional notes or context about the pull request here.

---

Please refer to the CONTRIBUTING.md file for more information on how to contribute to this project.

[mereta]

Looks good to me!

[alexcastilio]

LGTM