diff --git a/unit_tests/falco/app/actions/app_action_helpers.h b/unit_tests/falco/app/actions/app_action_helpers.h new file mode 100644 index 00000000..7e5cf026 --- /dev/null +++ b/unit_tests/falco/app/actions/app_action_helpers.h @@ -0,0 +1,7 @@ +#pragma once +#include +#include +#include + +#define EXPECT_ACTION_OK(r) { EXPECT_TRUE(r.success); EXPECT_TRUE(r.proceed); EXPECT_EQ(r.errstr, ""); } +#define EXPECT_ACTION_FAIL(r) { EXPECT_FALSE(r.success); EXPECT_FALSE(r.proceed); EXPECT_NE(r.errstr, ""); } diff --git a/unit_tests/falco/app/actions/test_configure_interesting_sets.cpp b/unit_tests/falco/app/actions/test_configure_interesting_sets.cpp index 9fba18db..c98192bc 100644 --- a/unit_tests/falco/app/actions/test_configure_interesting_sets.cpp +++ b/unit_tests/falco/app/actions/test_configure_interesting_sets.cpp @@ -18,10 +18,7 @@ limitations under the License. #include #include -#include -#include - -#include +#include "app_action_helpers.h" #define ASSERT_NAMES_EQ(a, b) { \ EXPECT_EQ(_order(a).size(), _order(b).size()); \ diff --git a/unit_tests/falco/app/actions/test_configure_syscall_buffer_num.cpp b/unit_tests/falco/app/actions/test_configure_syscall_buffer_num.cpp new file mode 100644 index 00000000..ccba0e9e --- /dev/null +++ b/unit_tests/falco/app/actions/test_configure_syscall_buffer_num.cpp @@ -0,0 +1,55 @@ +/* +Copyright (C) 2023 The Falco Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless ASSERTd by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +#include "app_action_helpers.h" + +TEST(ActionConfigureSyscallBufferNum, variable_number_of_CPUs) +{ + auto action = falco::app::actions::configure_syscall_buffer_num; + + ssize_t online_cpus = sysconf(_SC_NPROCESSORS_ONLN); + if(online_cpus <= 0) + { + FAIL() << "cannot get the number of online CPUs from the system\n"; + } + + // not modern bpf engine, we do nothing + { + falco::app::state s; + s.options.modern_bpf = false; + EXPECT_ACTION_OK(action(s)); + } + + // modern bpf engine, with an invalid number of CPUs + // default `m_cpus_for_each_syscall_buffer` to online CPU number + { + falco::app::state s; + s.options.modern_bpf = true; + s.config->m_cpus_for_each_syscall_buffer = online_cpus + 1; + EXPECT_ACTION_OK(action(s)); + EXPECT_EQ(s.config->m_cpus_for_each_syscall_buffer, online_cpus); + } + + // modern bpf engine, with an valid number of CPUs + // we don't modify `m_cpus_for_each_syscall_buffer` + { + falco::app::state s; + s.options.modern_bpf = true; + s.config->m_cpus_for_each_syscall_buffer = online_cpus - 1; + EXPECT_ACTION_OK(action(s)); + EXPECT_EQ(s.config->m_cpus_for_each_syscall_buffer, online_cpus - 1); + } +} diff --git a/unit_tests/falco/app/actions/test_select_event_sources.cpp b/unit_tests/falco/app/actions/test_select_event_sources.cpp index cd83bb1e..f7dca588 100644 --- a/unit_tests/falco/app/actions/test_select_event_sources.cpp +++ b/unit_tests/falco/app/actions/test_select_event_sources.cpp @@ -14,12 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -#include -#include -#include - -#define EXPECT_ACTION_OK(r) { EXPECT_TRUE(r.success); EXPECT_TRUE(r.proceed); EXPECT_EQ(r.errstr, ""); } -#define EXPECT_ACTION_FAIL(r) { EXPECT_FALSE(r.success); EXPECT_FALSE(r.proceed); EXPECT_NE(r.errstr, ""); } +#include "app_action_helpers.h" TEST(ActionSelectEventSources, pre_post_conditions) { diff --git a/userspace/falco/CMakeLists.txt b/userspace/falco/CMakeLists.txt index 163f1ab0..79e4c4b8 100644 --- a/userspace/falco/CMakeLists.txt +++ b/userspace/falco/CMakeLists.txt @@ -42,6 +42,7 @@ set( app/actions/print_version.cpp app/actions/print_page_size.cpp app/actions/compute_syscall_buffer_size.cpp + app/actions/configure_syscall_buffer_num.cpp app/actions/select_event_sources.cpp app/actions/start_grpc_server.cpp app/actions/start_webserver.cpp diff --git a/userspace/falco/app/actions/actions.h b/userspace/falco/app/actions/actions.h index 0a2fcd7e..45477b4b 100644 --- a/userspace/falco/app/actions/actions.h +++ b/userspace/falco/app/actions/actions.h @@ -25,6 +25,7 @@ namespace actions { falco::app::run_result configure_interesting_sets(falco::app::state& s); falco::app::run_result configure_syscall_buffer_size(falco::app::state& s); +falco::app::run_result configure_syscall_buffer_num(falco::app::state& s); falco::app::run_result create_requested_paths(falco::app::state& s); falco::app::run_result create_signal_handlers(falco::app::state& s); falco::app::run_result daemonize(falco::app::state& s); diff --git a/userspace/falco/app/actions/configure_syscall_buffer_num.cpp b/userspace/falco/app/actions/configure_syscall_buffer_num.cpp new file mode 100644 index 00000000..dbe8d185 --- /dev/null +++ b/userspace/falco/app/actions/configure_syscall_buffer_num.cpp @@ -0,0 +1,42 @@ +/* +Copyright (C) 2023 The Falco Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +#include "actions.h" + +using namespace falco::app; +using namespace falco::app::actions; + +falco::app::run_result falco::app::actions::configure_syscall_buffer_num(falco::app::state& s) +{ + if(!s.options.modern_bpf) + { + return run_result::ok(); + } + + ssize_t online_cpus = sysconf(_SC_NPROCESSORS_ONLN); + if(online_cpus <= 0) + { + return run_result::fatal("cannot get the number of online CPUs from the system\n"); + } + + if(s.config->m_cpus_for_each_syscall_buffer > online_cpus) + { + falco_logger::log(LOG_WARNING, "you required a buffer every '" + std::to_string(s.config->m_cpus_for_each_syscall_buffer) + "' CPUs but there are only '" + std::to_string(online_cpus) + "' online CPUs. Falco changed the config to: one buffer every '" + std::to_string(online_cpus) + "' CPUs\n"); + s.config->m_cpus_for_each_syscall_buffer = online_cpus; + } + + return run_result::ok(); +} diff --git a/userspace/falco/app/app.cpp b/userspace/falco/app/app.cpp index 058bc1a2..6218078d 100644 --- a/userspace/falco/app/app.cpp +++ b/userspace/falco/app/app.cpp @@ -84,6 +84,7 @@ bool falco::app::run(falco::app::state& s, bool& restart, std::string& errstr) falco::app::actions::init_clients, falco::app::actions::configure_interesting_sets, falco::app::actions::configure_syscall_buffer_size, + falco::app::actions::configure_syscall_buffer_num, falco::app::actions::start_grpc_server, falco::app::actions::start_webserver, falco::app::actions::process_events,