From c017d03f557dd6d277f702349d089316f53c9b30 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Wed, 22 Jun 2022 15:25:57 +0200 Subject: [PATCH 01/11] chore(cmake/modules): indentation Signed-off-by: Leonardo Grasso --- cmake/modules/falcosecurity-libs.cmake | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/cmake/modules/falcosecurity-libs.cmake b/cmake/modules/falcosecurity-libs.cmake index 4f4a54370c9..c198e0bf9fb 100644 --- a/cmake/modules/falcosecurity-libs.cmake +++ b/cmake/modules/falcosecurity-libs.cmake @@ -30,13 +30,12 @@ else() # cd /path/to/build && cmake /path/to/source execute_process(COMMAND "${CMAKE_COMMAND}" -DFALCOSECURITY_LIBS_VERSION=${FALCOSECURITY_LIBS_VERSION} -DFALCOSECURITY_LIBS_CHECKSUM=${FALCOSECURITY_LIBS_CHECKSUM} - ${FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR} WORKING_DIRECTORY ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}) + ${FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR} WORKING_DIRECTORY ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}) # todo(leodido, fntlnz) > use the following one when CMake version will be >= 3.13 # execute_process(COMMAND "${CMAKE_COMMAND}" -B ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR} WORKING_DIRECTORY # "${FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR}") - execute_process(COMMAND "${CMAKE_COMMAND}" --build . WORKING_DIRECTORY "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}") set(FALCOSECURITY_LIBS_SOURCE_DIR "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}/falcosecurity-libs-prefix/src/falcosecurity-libs") endif() @@ -45,6 +44,7 @@ set(LIBS_PACKAGE_NAME "falcosecurity") add_definitions(-D_GNU_SOURCE) add_definitions(-DHAS_CAPTURE) + if(MUSL_OPTIMIZED_BUILD) add_definitions(-DMUSL_OPTIMIZED) endif() @@ -59,6 +59,7 @@ set(SCAP_HOST_ROOT_ENV_VAR_NAME "HOST_ROOT") if(NOT LIBSCAP_DIR) set(LIBSCAP_DIR "${FALCOSECURITY_LIBS_SOURCE_DIR}") endif() + set(LIBSINSP_DIR "${FALCOSECURITY_LIBS_SOURCE_DIR}") # explicitly disable the tests/examples of this dependency @@ -73,13 +74,13 @@ list(APPEND CMAKE_MODULE_PATH "${FALCOSECURITY_LIBS_SOURCE_DIR}/cmake/modules") include(CheckSymbolExists) check_symbol_exists(strlcpy "string.h" HAVE_STRLCPY) + if(HAVE_STRLCPY) - message(STATUS "Existing strlcpy found, will *not* use local definition by setting -DHAVE_STRLCPY.") - add_definitions(-DHAVE_STRLCPY) + message(STATUS "Existing strlcpy found, will *not* use local definition by setting -DHAVE_STRLCPY.") + add_definitions(-DHAVE_STRLCPY) else() - message(STATUS "No strlcpy found, will use local definition") + message(STATUS "No strlcpy found, will use local definition") endif() include(libscap) include(libsinsp) - From e6bca170595563d2bdf0b37243c8e4024e32a231 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Wed, 22 Jun 2022 15:30:53 +0200 Subject: [PATCH 02/11] chore(cmake/modules): duplicate git history (part 1) Signed-off-by: Leonardo Grasso --- .../CMakeLists.txt | 0 ...{falcosecurity-libs.cmake => driver.cmake} | 0 .../CMakeLists.txt.tmp | 27 ++++++ cmake/modules/falcosecurity-libs.cmake.tmp | 86 +++++++++++++++++++ 4 files changed, 113 insertions(+) rename cmake/modules/{falcosecurity-libs-repo => driver-repo}/CMakeLists.txt (100%) rename cmake/modules/{falcosecurity-libs.cmake => driver.cmake} (100%) create mode 100644 cmake/modules/falcosecurity-libs-repo/CMakeLists.txt.tmp create mode 100644 cmake/modules/falcosecurity-libs.cmake.tmp diff --git a/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt b/cmake/modules/driver-repo/CMakeLists.txt similarity index 100% rename from cmake/modules/falcosecurity-libs-repo/CMakeLists.txt rename to cmake/modules/driver-repo/CMakeLists.txt diff --git a/cmake/modules/falcosecurity-libs.cmake b/cmake/modules/driver.cmake similarity index 100% rename from cmake/modules/falcosecurity-libs.cmake rename to cmake/modules/driver.cmake diff --git a/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt.tmp b/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt.tmp new file mode 100644 index 00000000000..0b82aa90ca2 --- /dev/null +++ b/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt.tmp @@ -0,0 +1,27 @@ +# +# Copyright (C) 2020 The Falco Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the +# specific language governing permissions and limitations under the License. +# +cmake_minimum_required(VERSION 3.5.1) + +project(falcosecurity-libs-repo NONE) + +include(ExternalProject) +message(STATUS "Driver version: ${FALCOSECURITY_LIBS_VERSION}") + +ExternalProject_Add( + falcosecurity-libs + URL "https://github.com/falcosecurity/libs/archive/${FALCOSECURITY_LIBS_VERSION}.tar.gz" + URL_HASH "${FALCOSECURITY_LIBS_CHECKSUM}" + CONFIGURE_COMMAND "" + BUILD_COMMAND "" + INSTALL_COMMAND "" + TEST_COMMAND "") diff --git a/cmake/modules/falcosecurity-libs.cmake.tmp b/cmake/modules/falcosecurity-libs.cmake.tmp new file mode 100644 index 00000000000..c198e0bf9fb --- /dev/null +++ b/cmake/modules/falcosecurity-libs.cmake.tmp @@ -0,0 +1,86 @@ +# +# Copyright (C) 2021 The Falco Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the +# specific language governing permissions and limitations under the License. +# + +set(FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules/falcosecurity-libs-repo") +set(FALCOSECURITY_LIBS_CMAKE_WORKING_DIR "${CMAKE_BINARY_DIR}/falcosecurity-libs-repo") + +file(MAKE_DIRECTORY ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}) + +if(FALCOSECURITY_LIBS_SOURCE_DIR) + set(FALCOSECURITY_LIBS_VERSION "local") + message(STATUS "Using local falcosecurity/libs in '${FALCOSECURITY_LIBS_SOURCE_DIR}'") +else() + # The falcosecurity/libs git reference (branch name, commit hash, or tag) To update falcosecurity/libs version for the next release, change the + # default below In case you want to test against another falcosecurity/libs version just pass the variable - ie., `cmake + # -DFALCOSECURITY_LIBS_VERSION=dev ..` + if(NOT FALCOSECURITY_LIBS_VERSION) + set(FALCOSECURITY_LIBS_VERSION "075da069af359954122ed7b8a9fc98bc7bcf3116") + set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=4cfad3ff77afd3709cac92f244f38c998020156071138fb9edae2fb987954a84") + endif() + + # cd /path/to/build && cmake /path/to/source + execute_process(COMMAND "${CMAKE_COMMAND}" -DFALCOSECURITY_LIBS_VERSION=${FALCOSECURITY_LIBS_VERSION} -DFALCOSECURITY_LIBS_CHECKSUM=${FALCOSECURITY_LIBS_CHECKSUM} + ${FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR} WORKING_DIRECTORY ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}) + + # todo(leodido, fntlnz) > use the following one when CMake version will be >= 3.13 + + # execute_process(COMMAND "${CMAKE_COMMAND}" -B ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR} WORKING_DIRECTORY + # "${FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR}") + execute_process(COMMAND "${CMAKE_COMMAND}" --build . WORKING_DIRECTORY "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}") + set(FALCOSECURITY_LIBS_SOURCE_DIR "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}/falcosecurity-libs-prefix/src/falcosecurity-libs") +endif() + +set(LIBS_PACKAGE_NAME "falcosecurity") + +add_definitions(-D_GNU_SOURCE) +add_definitions(-DHAS_CAPTURE) + +if(MUSL_OPTIMIZED_BUILD) + add_definitions(-DMUSL_OPTIMIZED) +endif() + +set(DRIVER_VERSION "${FALCOSECURITY_LIBS_VERSION}") +set(DRIVER_NAME "falco") +set(DRIVER_PACKAGE_NAME "falco") +set(DRIVER_COMPONENT_NAME "falco-driver") +set(SCAP_BPF_PROBE_ENV_VAR_NAME "FALCO_BPF_PROBE") +set(SCAP_HOST_ROOT_ENV_VAR_NAME "HOST_ROOT") + +if(NOT LIBSCAP_DIR) + set(LIBSCAP_DIR "${FALCOSECURITY_LIBS_SOURCE_DIR}") +endif() + +set(LIBSINSP_DIR "${FALCOSECURITY_LIBS_SOURCE_DIR}") + +# explicitly disable the tests/examples of this dependency +set(CREATE_TEST_TARGETS OFF CACHE BOOL "") +set(BUILD_LIBSCAP_EXAMPLES OFF CACHE BOOL "") + +set(USE_BUNDLED_TBB ON CACHE BOOL "") +set(USE_BUNDLED_B64 ON CACHE BOOL "") +set(USE_BUNDLED_JSONCPP ON CACHE BOOL "") + +list(APPEND CMAKE_MODULE_PATH "${FALCOSECURITY_LIBS_SOURCE_DIR}/cmake/modules") + +include(CheckSymbolExists) +check_symbol_exists(strlcpy "string.h" HAVE_STRLCPY) + +if(HAVE_STRLCPY) + message(STATUS "Existing strlcpy found, will *not* use local definition by setting -DHAVE_STRLCPY.") + add_definitions(-DHAVE_STRLCPY) +else() + message(STATUS "No strlcpy found, will use local definition") +endif() + +include(libscap) +include(libsinsp) From 6cd1df9f046d09d42b165be703895227343973cf Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Wed, 22 Jun 2022 15:31:29 +0200 Subject: [PATCH 03/11] chore(cmake/modules): duplicate git history (part 2) Signed-off-by: Leonardo Grasso --- .../{CMakeLists.txt.tmp => CMakeLists.txt} | 0 .../{falcosecurity-libs.cmake.tmp => falcosecurity-libs.cmake} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename cmake/modules/falcosecurity-libs-repo/{CMakeLists.txt.tmp => CMakeLists.txt} (100%) rename cmake/modules/{falcosecurity-libs.cmake.tmp => falcosecurity-libs.cmake} (100%) diff --git a/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt.tmp b/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt similarity index 100% rename from cmake/modules/falcosecurity-libs-repo/CMakeLists.txt.tmp rename to cmake/modules/falcosecurity-libs-repo/CMakeLists.txt diff --git a/cmake/modules/falcosecurity-libs.cmake.tmp b/cmake/modules/falcosecurity-libs.cmake similarity index 100% rename from cmake/modules/falcosecurity-libs.cmake.tmp rename to cmake/modules/falcosecurity-libs.cmake From 95b399126fd6f02606797ee1a76665fff91b6e1d Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Wed, 22 Jun 2022 16:45:23 +0200 Subject: [PATCH 04/11] build(cmake/modules): divorce driver from falcosecurity-libs module Signed-off-by: Leonardo Grasso --- .../falcosecurity-libs-repo/CMakeLists.txt | 5 ++-- cmake/modules/falcosecurity-libs.cmake | 29 +++++++++---------- 2 files changed, 16 insertions(+), 18 deletions(-) diff --git a/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt b/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt index 0b82aa90ca2..692b8f0c4ba 100644 --- a/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt +++ b/cmake/modules/falcosecurity-libs-repo/CMakeLists.txt @@ -15,7 +15,7 @@ cmake_minimum_required(VERSION 3.5.1) project(falcosecurity-libs-repo NONE) include(ExternalProject) -message(STATUS "Driver version: ${FALCOSECURITY_LIBS_VERSION}") +message(STATUS "Libs version: ${FALCOSECURITY_LIBS_VERSION}") ExternalProject_Add( falcosecurity-libs @@ -24,4 +24,5 @@ ExternalProject_Add( CONFIGURE_COMMAND "" BUILD_COMMAND "" INSTALL_COMMAND "" - TEST_COMMAND "") + TEST_COMMAND "" +) diff --git a/cmake/modules/falcosecurity-libs.cmake b/cmake/modules/falcosecurity-libs.cmake index c198e0bf9fb..8f2b9de968a 100644 --- a/cmake/modules/falcosecurity-libs.cmake +++ b/cmake/modules/falcosecurity-libs.cmake @@ -16,26 +16,26 @@ set(FALCOSECURITY_LIBS_CMAKE_WORKING_DIR "${CMAKE_BINARY_DIR}/falcosecurity-libs file(MAKE_DIRECTORY ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}) +# explicitly disable the bundled driver, since we pull it separately +set(USE_BUNDLED_DRIVER OFF CACHE BOOL "") + if(FALCOSECURITY_LIBS_SOURCE_DIR) - set(FALCOSECURITY_LIBS_VERSION "local") - message(STATUS "Using local falcosecurity/libs in '${FALCOSECURITY_LIBS_SOURCE_DIR}'") + set(FALCOSECURITY_LIBS_VERSION "0.0.0-local") + message(STATUS "Using local version of falcosecurity/libs: '${FALCOSECURITY_LIBS_SOURCE_DIR}'") else() - # The falcosecurity/libs git reference (branch name, commit hash, or tag) To update falcosecurity/libs version for the next release, change the - # default below In case you want to test against another falcosecurity/libs version just pass the variable - ie., `cmake - # -DFALCOSECURITY_LIBS_VERSION=dev ..` + # FALCOSECURITY_LIBS_VERSION accepts a git reference (branch name, commit hash, or tag) to the falcosecurity/libs repository. + # In case you want to test against another falcosecurity/libs version (or branch, or commit) just pass the variable - + # ie., `cmake -DFALCOSECURITY_LIBS_VERSION=dev ..` if(NOT FALCOSECURITY_LIBS_VERSION) - set(FALCOSECURITY_LIBS_VERSION "075da069af359954122ed7b8a9fc98bc7bcf3116") - set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=4cfad3ff77afd3709cac92f244f38c998020156071138fb9edae2fb987954a84") + set(FALCOSECURITY_LIBS_VERSION "build/reorganize-driver-cmake-vars") + set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=6129b216e71e3e6f5708e7c7c7791c2352440c3e60e8a21d1d69aca6665fcaaf") endif() # cd /path/to/build && cmake /path/to/source execute_process(COMMAND "${CMAKE_COMMAND}" -DFALCOSECURITY_LIBS_VERSION=${FALCOSECURITY_LIBS_VERSION} -DFALCOSECURITY_LIBS_CHECKSUM=${FALCOSECURITY_LIBS_CHECKSUM} ${FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR} WORKING_DIRECTORY ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}) - # todo(leodido, fntlnz) > use the following one when CMake version will be >= 3.13 - - # execute_process(COMMAND "${CMAKE_COMMAND}" -B ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR} WORKING_DIRECTORY - # "${FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR}") + # cmake --build . execute_process(COMMAND "${CMAKE_COMMAND}" --build . WORKING_DIRECTORY "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}") set(FALCOSECURITY_LIBS_SOURCE_DIR "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}/falcosecurity-libs-prefix/src/falcosecurity-libs") endif() @@ -49,10 +49,6 @@ if(MUSL_OPTIMIZED_BUILD) add_definitions(-DMUSL_OPTIMIZED) endif() -set(DRIVER_VERSION "${FALCOSECURITY_LIBS_VERSION}") -set(DRIVER_NAME "falco") -set(DRIVER_PACKAGE_NAME "falco") -set(DRIVER_COMPONENT_NAME "falco-driver") set(SCAP_BPF_PROBE_ENV_VAR_NAME "FALCO_BPF_PROBE") set(SCAP_HOST_ROOT_ENV_VAR_NAME "HOST_ROOT") @@ -82,5 +78,6 @@ else() message(STATUS "No strlcpy found, will use local definition") endif() +include(driver) include(libscap) -include(libsinsp) +include(libsinsp) \ No newline at end of file From 6f00aa5976337f72ff3b523f6daffb040f93806c Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Wed, 22 Jun 2022 16:59:19 +0200 Subject: [PATCH 05/11] build(cmake/modules): dedicated cmake module for the driver Signed-off-by: Leonardo Grasso --- cmake/modules/driver-repo/CMakeLists.txt | 16 +++-- cmake/modules/driver.cmake | 82 +++++++----------------- 2 files changed, 32 insertions(+), 66 deletions(-) diff --git a/cmake/modules/driver-repo/CMakeLists.txt b/cmake/modules/driver-repo/CMakeLists.txt index 0b82aa90ca2..d1fe909153c 100644 --- a/cmake/modules/driver-repo/CMakeLists.txt +++ b/cmake/modules/driver-repo/CMakeLists.txt @@ -1,5 +1,5 @@ # -# Copyright (C) 2020 The Falco Authors. +# Copyright (C) 2022 The Falco Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at @@ -12,16 +12,18 @@ # cmake_minimum_required(VERSION 3.5.1) -project(falcosecurity-libs-repo NONE) +project(driver-repo NONE) include(ExternalProject) -message(STATUS "Driver version: ${FALCOSECURITY_LIBS_VERSION}") +message(STATUS "Driver version: ${DRIVER_VERSION}") ExternalProject_Add( - falcosecurity-libs - URL "https://github.com/falcosecurity/libs/archive/${FALCOSECURITY_LIBS_VERSION}.tar.gz" - URL_HASH "${FALCOSECURITY_LIBS_CHECKSUM}" + driver + URL "https://github.com/falcosecurity/libs/archive/${DRIVER_VERSION}.tar.gz" + URL_HASH "${DRIVER_CHECKSUM}" CONFIGURE_COMMAND "" BUILD_COMMAND "" INSTALL_COMMAND "" - TEST_COMMAND "") + TEST_COMMAND "" + PATCH_COMMAND sh -c "mv ./driver ../driver.tmp && rm -rf ./* && mv ../driver.tmp/* ." +) diff --git a/cmake/modules/driver.cmake b/cmake/modules/driver.cmake index c198e0bf9fb..c51cd849cc0 100644 --- a/cmake/modules/driver.cmake +++ b/cmake/modules/driver.cmake @@ -1,5 +1,5 @@ # -# Copyright (C) 2021 The Falco Authors. +# Copyright (C) 2022 The Falco Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at @@ -11,76 +11,40 @@ # specific language governing permissions and limitations under the License. # -set(FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules/falcosecurity-libs-repo") -set(FALCOSECURITY_LIBS_CMAKE_WORKING_DIR "${CMAKE_BINARY_DIR}/falcosecurity-libs-repo") +set(DRIVER_CMAKE_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules/driver-repo") +set(DRIVER_CMAKE_WORKING_DIR "${CMAKE_BINARY_DIR}/driver-repo") -file(MAKE_DIRECTORY ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}) +file(MAKE_DIRECTORY ${DRIVER_CMAKE_WORKING_DIR}) -if(FALCOSECURITY_LIBS_SOURCE_DIR) - set(FALCOSECURITY_LIBS_VERSION "local") - message(STATUS "Using local falcosecurity/libs in '${FALCOSECURITY_LIBS_SOURCE_DIR}'") +set(USE_BUNDLED_DRIVER OFF CACHE BOOL "") + +if(DRIVER_SOURCE_DIR) + set(DRIVER_VERSION "0.0.0-local") + message(STATUS "Using local version for driver: '${DRIVER_SOURCE_DIR}'") else() - # The falcosecurity/libs git reference (branch name, commit hash, or tag) To update falcosecurity/libs version for the next release, change the - # default below In case you want to test against another falcosecurity/libs version just pass the variable - ie., `cmake - # -DFALCOSECURITY_LIBS_VERSION=dev ..` - if(NOT FALCOSECURITY_LIBS_VERSION) - set(FALCOSECURITY_LIBS_VERSION "075da069af359954122ed7b8a9fc98bc7bcf3116") - set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=4cfad3ff77afd3709cac92f244f38c998020156071138fb9edae2fb987954a84") + # DRIVER_VERSION accepts a git reference (branch name, commit hash, or tag) to the falcosecurity/libs repository + # which contains the driver source code under the `/driver` directory. + # The chosen driver version must be compatible with the given FALCOSECURITY_LIBS_VERSION. + # In case you want to test against another driver version (or branch, or commit) just pass the variable - + # ie., `cmake -DDRIVER_VERSION=dev ..` + if(NOT DRIVER_VERSION) + set(DRIVER_VERSION "build/reorganize-driver-cmake-vars") + set(DRIVER_CHECKSUM "SHA256=52fae591af2ef1b6f881768cbd6a55a7b951727d11c01c8a325215059e593502") endif() # cd /path/to/build && cmake /path/to/source - execute_process(COMMAND "${CMAKE_COMMAND}" -DFALCOSECURITY_LIBS_VERSION=${FALCOSECURITY_LIBS_VERSION} -DFALCOSECURITY_LIBS_CHECKSUM=${FALCOSECURITY_LIBS_CHECKSUM} - ${FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR} WORKING_DIRECTORY ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}) - - # todo(leodido, fntlnz) > use the following one when CMake version will be >= 3.13 + execute_process(COMMAND "${CMAKE_COMMAND}" -DDRIVER_VERSION=${DRIVER_VERSION} -DDRIVER_CHECKSUM=${DRIVER_CHECKSUM} + ${DRIVER_CMAKE_SOURCE_DIR} WORKING_DIRECTORY ${DRIVER_CMAKE_WORKING_DIR}) - # execute_process(COMMAND "${CMAKE_COMMAND}" -B ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR} WORKING_DIRECTORY - # "${FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR}") - execute_process(COMMAND "${CMAKE_COMMAND}" --build . WORKING_DIRECTORY "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}") - set(FALCOSECURITY_LIBS_SOURCE_DIR "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}/falcosecurity-libs-prefix/src/falcosecurity-libs") + # cmake --build . + execute_process(COMMAND "${CMAKE_COMMAND}" --build . WORKING_DIRECTORY "${DRIVER_CMAKE_WORKING_DIR}") + set(DRIVER_SOURCE_DIR "${DRIVER_CMAKE_WORKING_DIR}/driver-prefix/src/driver") endif() -set(LIBS_PACKAGE_NAME "falcosecurity") - add_definitions(-D_GNU_SOURCE) -add_definitions(-DHAS_CAPTURE) - -if(MUSL_OPTIMIZED_BUILD) - add_definitions(-DMUSL_OPTIMIZED) -endif() -set(DRIVER_VERSION "${FALCOSECURITY_LIBS_VERSION}") set(DRIVER_NAME "falco") set(DRIVER_PACKAGE_NAME "falco") set(DRIVER_COMPONENT_NAME "falco-driver") -set(SCAP_BPF_PROBE_ENV_VAR_NAME "FALCO_BPF_PROBE") -set(SCAP_HOST_ROOT_ENV_VAR_NAME "HOST_ROOT") - -if(NOT LIBSCAP_DIR) - set(LIBSCAP_DIR "${FALCOSECURITY_LIBS_SOURCE_DIR}") -endif() - -set(LIBSINSP_DIR "${FALCOSECURITY_LIBS_SOURCE_DIR}") - -# explicitly disable the tests/examples of this dependency -set(CREATE_TEST_TARGETS OFF CACHE BOOL "") -set(BUILD_LIBSCAP_EXAMPLES OFF CACHE BOOL "") - -set(USE_BUNDLED_TBB ON CACHE BOOL "") -set(USE_BUNDLED_B64 ON CACHE BOOL "") -set(USE_BUNDLED_JSONCPP ON CACHE BOOL "") - -list(APPEND CMAKE_MODULE_PATH "${FALCOSECURITY_LIBS_SOURCE_DIR}/cmake/modules") - -include(CheckSymbolExists) -check_symbol_exists(strlcpy "string.h" HAVE_STRLCPY) - -if(HAVE_STRLCPY) - message(STATUS "Existing strlcpy found, will *not* use local definition by setting -DHAVE_STRLCPY.") - add_definitions(-DHAVE_STRLCPY) -else() - message(STATUS "No strlcpy found, will use local definition") -endif() -include(libscap) -include(libsinsp) +add_subdirectory(${DRIVER_SOURCE_DIR} ${PROJECT_BINARY_DIR}/driver) \ No newline at end of file From aa46181c62ac46e6570d50dc25f41a6728b3eeb3 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Thu, 23 Jun 2022 10:46:38 +0200 Subject: [PATCH 06/11] build: temporarily bump libs and driver Note that another bump is required before releasing Falco, since this commit uses alpha versions. Signed-off-by: Leonardo Grasso --- cmake/modules/driver.cmake | 4 ++-- cmake/modules/falcosecurity-libs.cmake | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cmake/modules/driver.cmake b/cmake/modules/driver.cmake index c51cd849cc0..8b249c817e6 100644 --- a/cmake/modules/driver.cmake +++ b/cmake/modules/driver.cmake @@ -28,8 +28,8 @@ else() # In case you want to test against another driver version (or branch, or commit) just pass the variable - # ie., `cmake -DDRIVER_VERSION=dev ..` if(NOT DRIVER_VERSION) - set(DRIVER_VERSION "build/reorganize-driver-cmake-vars") - set(DRIVER_CHECKSUM "SHA256=52fae591af2ef1b6f881768cbd6a55a7b951727d11c01c8a325215059e593502") + set(DRIVER_VERSION "1.0.0-alpha2+driver") + set(DRIVER_CHECKSUM "SHA256=25bf8a7d45adc101137285e796e4dbbf71d012fb47d8e93827a432b98ea618ef") endif() # cd /path/to/build && cmake /path/to/source diff --git a/cmake/modules/falcosecurity-libs.cmake b/cmake/modules/falcosecurity-libs.cmake index 8f2b9de968a..d7540cde0ae 100644 --- a/cmake/modules/falcosecurity-libs.cmake +++ b/cmake/modules/falcosecurity-libs.cmake @@ -27,8 +27,8 @@ else() # In case you want to test against another falcosecurity/libs version (or branch, or commit) just pass the variable - # ie., `cmake -DFALCOSECURITY_LIBS_VERSION=dev ..` if(NOT FALCOSECURITY_LIBS_VERSION) - set(FALCOSECURITY_LIBS_VERSION "build/reorganize-driver-cmake-vars") - set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=6129b216e71e3e6f5708e7c7c7791c2352440c3e60e8a21d1d69aca6665fcaaf") + set(FALCOSECURITY_LIBS_VERSION "0.7.0-alpha2") + set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=4a62071043aa50cdd29016c7dc041b401f8fa551271ec7b3ba01a537e5eb8bce") endif() # cd /path/to/build && cmake /path/to/source From c7ab0854a8207143d734149e9f021a430eecbe8c Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Thu, 23 Jun 2022 11:36:08 +0200 Subject: [PATCH 07/11] update(userspace/falco): do not print driver version by default Since now each Falco version is compatible with a range of driver version and not just one. Signed-off-by: Leonardo Grasso --- userspace/falco/app_actions/load_config.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/userspace/falco/app_actions/load_config.cpp b/userspace/falco/app_actions/load_config.cpp index 769b6938ae5..b883ecf36fd 100644 --- a/userspace/falco/app_actions/load_config.cpp +++ b/userspace/falco/app_actions/load_config.cpp @@ -26,7 +26,7 @@ application::run_result application::load_config() falco_logger::set_time_format_iso_8601(m_state->config->m_time_format_iso_8601); // log after config init because config determines where logs go - falco_logger::log(LOG_INFO, "Falco version " + std::string(FALCO_VERSION) + " (driver version " + std::string(DRIVER_VERSION) + ")\n"); + falco_logger::log(LOG_INFO, "Falco version " + std::string(FALCO_VERSION) + "\n"); falco_logger::log(LOG_INFO, "Falco initialized with configuration file " + m_options.conf_filename + "\n"); } else From 2a5c4070afcfe0ef8835dcacadd31aad6222c782 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Thu, 23 Jun 2022 11:36:46 +0200 Subject: [PATCH 08/11] update(userspace/falco): add more info to `--version` output Signed-off-by: Leonardo Grasso --- userspace/falco/app_actions/print_version.cpp | 19 ++++++++++++++++++- userspace/falco/config_falco.h.in | 2 ++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/userspace/falco/app_actions/print_version.cpp b/userspace/falco/app_actions/print_version.cpp index 4db1f81e856..5ada34a6c9f 100644 --- a/userspace/falco/app_actions/print_version.cpp +++ b/userspace/falco/app_actions/print_version.cpp @@ -23,8 +23,25 @@ application::run_result application::print_version() { if(m_options.print_version_info) { + auto s = new sinsp(); printf("Falco version: %s\n", FALCO_VERSION); - printf("Driver version: %s\n", DRIVER_VERSION); + printf("Libs version: %s\n", FALCOSECURITY_LIBS_VERSION); + printf("Plugin API: %s\n", s->get_plugin_api_version()); + + // todo(leogr): move string conversion to scap + auto driver_api_version = s->get_scap_api_version(); + unsigned long driver_api_major = PPM_API_VERSION_MAJOR(driver_api_version); + unsigned long driver_api_minor = PPM_API_VERSION_MINOR(driver_api_version); + unsigned long driver_api_patch = PPM_API_VERSION_PATCH(driver_api_version); + auto driver_schema_version = s->get_scap_api_version(); + unsigned long driver_schema_major = PPM_API_VERSION_MAJOR(driver_schema_version); + unsigned long driver_schema_minor = PPM_API_VERSION_MINOR(driver_schema_version); + unsigned long driver_schema_patch = PPM_API_VERSION_PATCH(driver_schema_version); + printf("Driver:\n"); + printf(" API version: %ld.%ld.%ld\n", driver_api_major, driver_api_minor, driver_api_patch); + printf(" Schema version: %ld.%ld.%ld\n", driver_schema_major, driver_schema_minor, driver_schema_patch); + printf(" Default driver: %s\n", DRIVER_VERSION); + return run_result::exit(); } return run_result::ok(); diff --git a/userspace/falco/config_falco.h.in b/userspace/falco/config_falco.h.in index 2d58f7523c1..4b319c24a2b 100644 --- a/userspace/falco/config_falco.h.in +++ b/userspace/falco/config_falco.h.in @@ -30,5 +30,7 @@ limitations under the License. #define FALCO_INSTALL_CONF_FILE "/etc/falco/falco.yaml" #define FALCO_ENGINE_PLUGINS_DIR "${FALCO_ABSOLUTE_SHARE_DIR}/plugins/" +#define FALCOSECURITY_LIBS_VERSION "${FALCOSECURITY_LIBS_VERSION}" + #define DRIVER_NAME "@DRIVER_NAME@" #define DRIVER_VERSION "@DRIVER_VERSION@" \ No newline at end of file From 09fd8c440e101bf9de7cecfcfa2cf7f20023a5e1 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Thu, 23 Jun 2022 11:53:28 +0200 Subject: [PATCH 09/11] chore(cmake/modules): remove leftover Co-authored-by: Federico Di Pierro Signed-off-by: Leonardo Grasso --- cmake/modules/driver.cmake | 2 -- 1 file changed, 2 deletions(-) diff --git a/cmake/modules/driver.cmake b/cmake/modules/driver.cmake index 8b249c817e6..da002fb9373 100644 --- a/cmake/modules/driver.cmake +++ b/cmake/modules/driver.cmake @@ -16,8 +16,6 @@ set(DRIVER_CMAKE_WORKING_DIR "${CMAKE_BINARY_DIR}/driver-repo") file(MAKE_DIRECTORY ${DRIVER_CMAKE_WORKING_DIR}) -set(USE_BUNDLED_DRIVER OFF CACHE BOOL "") - if(DRIVER_SOURCE_DIR) set(DRIVER_VERSION "0.0.0-local") message(STATUS "Using local version for driver: '${DRIVER_SOURCE_DIR}'") From fce934b57d6d97a0e5d415feb3abdf7f684c65f6 Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Thu, 23 Jun 2022 12:06:48 +0200 Subject: [PATCH 10/11] fix(userspace/falco/app_actions/print_version.cpp): ensure destructor gets invoked Signed-off-by: Leonardo Grasso Co-authored-by: Jason Dellaluce --- userspace/falco/app_actions/print_version.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/userspace/falco/app_actions/print_version.cpp b/userspace/falco/app_actions/print_version.cpp index 5ada34a6c9f..5108707b9e6 100644 --- a/userspace/falco/app_actions/print_version.cpp +++ b/userspace/falco/app_actions/print_version.cpp @@ -23,7 +23,7 @@ application::run_result application::print_version() { if(m_options.print_version_info) { - auto s = new sinsp(); + std::unique_ptr s(new sinsp()); printf("Falco version: %s\n", FALCO_VERSION); printf("Libs version: %s\n", FALCOSECURITY_LIBS_VERSION); printf("Plugin API: %s\n", s->get_plugin_api_version()); From cfaa34ac5e04795a8b8ebe79bbbc9d62e0e7971a Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Thu, 23 Jun 2022 12:08:01 +0200 Subject: [PATCH 11/11] fix(userspace/falco/app_actions/print_version.cpp): correct getter call for schema version Signed-off-by: Leonardo Grasso Co-authored-by: Jason Dellaluce --- userspace/falco/app_actions/print_version.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/userspace/falco/app_actions/print_version.cpp b/userspace/falco/app_actions/print_version.cpp index 5108707b9e6..ee745680ad5 100644 --- a/userspace/falco/app_actions/print_version.cpp +++ b/userspace/falco/app_actions/print_version.cpp @@ -33,7 +33,7 @@ application::run_result application::print_version() unsigned long driver_api_major = PPM_API_VERSION_MAJOR(driver_api_version); unsigned long driver_api_minor = PPM_API_VERSION_MINOR(driver_api_version); unsigned long driver_api_patch = PPM_API_VERSION_PATCH(driver_api_version); - auto driver_schema_version = s->get_scap_api_version(); + auto driver_schema_version = s->get_scap_schema_version(); unsigned long driver_schema_major = PPM_API_VERSION_MAJOR(driver_schema_version); unsigned long driver_schema_minor = PPM_API_VERSION_MINOR(driver_schema_version); unsigned long driver_schema_patch = PPM_API_VERSION_PATCH(driver_schema_version);