fix: add a check on online CPUs

Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>

unit_tests/falco/app/actions/app_action_helpers.h

@@ -0,0 +1,7 @@
+#pragma once
+#include <gtest/gtest.h>
+#include <falco/app/state.h>
+#include <falco/app/actions/actions.h>
+
+#define EXPECT_ACTION_OK(r)     { EXPECT_TRUE(r.success); EXPECT_TRUE(r.proceed); EXPECT_EQ(r.errstr, ""); }
+#define EXPECT_ACTION_FAIL(r)   { EXPECT_FALSE(r.success); EXPECT_FALSE(r.proceed); EXPECT_NE(r.errstr, ""); }

unit_tests/falco/app/actions/test_configure_interesting_sets.cpp

@@ -18,10 +18,7 @@ limitations under the License.
 #include <falco_engine.h>
 
 #include <falco/app/app.h>
-#include <falco/app/state.h>
-#include <falco/app/actions/actions.h>
-
-#include <gtest/gtest.h>
+#include "app_action_helpers.h"
 
 #define ASSERT_NAMES_EQ(a, b) { \
 	EXPECT_EQ(_order(a).size(), _order(b).size()); \

unit_tests/falco/app/actions/test_configure_syscall_buffer_num.cpp

@@ -0,0 +1,55 @@
+/*
+Copyright (C) 2023 The Falco Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless ASSERTd by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+#include "app_action_helpers.h"
+
+TEST(ActionConfigureSyscallBufferNum, variable_number_of_CPUs)
+{
+	auto action = falco::app::actions::configure_syscall_buffer_num;
+
+	ssize_t online_cpus = sysconf(_SC_NPROCESSORS_ONLN);
+	if(online_cpus <= 0)
+	{
+		FAIL() << "cannot get the number of online CPUs from the system\n";
+	}
+
+	// not modern bpf engine, we do nothing
+	{
+		falco::app::state s;
+		s.options.modern_bpf = false;
+		EXPECT_ACTION_OK(action(s));
+	}
+
+	// modern bpf engine, with an invalid number of CPUs
+	// default `m_cpus_for_each_syscall_buffer` to online CPU number
+	{
+		falco::app::state s;
+		s.options.modern_bpf = true;
+		s.config->m_cpus_for_each_syscall_buffer = online_cpus + 1;
+		EXPECT_ACTION_OK(action(s));
+		EXPECT_EQ(s.config->m_cpus_for_each_syscall_buffer, online_cpus);
+	}
+
+	// modern bpf engine, with an valid number of CPUs
+	// we don't modify `m_cpus_for_each_syscall_buffer`
+	{
+		falco::app::state s;
+		s.options.modern_bpf = true;
+		s.config->m_cpus_for_each_syscall_buffer = online_cpus - 1;
+		EXPECT_ACTION_OK(action(s));
+		EXPECT_EQ(s.config->m_cpus_for_each_syscall_buffer, online_cpus - 1);
+	}
+}

unit_tests/falco/app/actions/test_select_event_sources.cpp

@@ -14,12 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-#include <gtest/gtest.h>
-#include <falco/app/state.h>
-#include <falco/app/actions/actions.h>
-
-#define EXPECT_ACTION_OK(r)     { EXPECT_TRUE(r.success); EXPECT_TRUE(r.proceed); EXPECT_EQ(r.errstr, ""); }
-#define EXPECT_ACTION_FAIL(r)   { EXPECT_FALSE(r.success); EXPECT_FALSE(r.proceed); EXPECT_NE(r.errstr, ""); }
+#include "app_action_helpers.h"
 
 TEST(ActionSelectEventSources, pre_post_conditions)
 {

userspace/falco/CMakeLists.txt

@@ -42,6 +42,7 @@ set(
   app/actions/print_version.cpp
   app/actions/print_page_size.cpp
   app/actions/compute_syscall_buffer_size.cpp
+  app/actions/configure_syscall_buffer_num.cpp
   app/actions/select_event_sources.cpp
   app/actions/start_grpc_server.cpp
   app/actions/start_webserver.cpp

userspace/falco/app/actions/actions.h

@@ -25,6 +25,7 @@ namespace actions {
 
 falco::app::run_result configure_interesting_sets(falco::app::state& s);
 falco::app::run_result configure_syscall_buffer_size(falco::app::state& s);
+falco::app::run_result configure_syscall_buffer_num(falco::app::state& s);
 falco::app::run_result create_requested_paths(falco::app::state& s);
 falco::app::run_result create_signal_handlers(falco::app::state& s);
 falco::app::run_result daemonize(falco::app::state& s);

userspace/falco/app/actions/configure_syscall_buffer_num.cpp

@@ -0,0 +1,42 @@
+/*
+Copyright (C) 2023 The Falco Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+#include "actions.h"
+
+using namespace falco::app;
+using namespace falco::app::actions;
+
+falco::app::run_result falco::app::actions::configure_syscall_buffer_num(falco::app::state& s)
+{
+	if(!s.options.modern_bpf)
+	{
+		return run_result::ok();
+	}
+
+	ssize_t online_cpus = sysconf(_SC_NPROCESSORS_ONLN);
+	if(online_cpus <= 0)
+	{
+		return run_result::fatal("cannot get the number of online CPUs from the system\n");
+	}
+
+	if(s.config->m_cpus_for_each_syscall_buffer > online_cpus)
+	{
+		falco_logger::log(LOG_WARNING, "you required a buffer every '" + std::to_string(s.config->m_cpus_for_each_syscall_buffer) + "' CPUs but there are only '" + std::to_string(online_cpus) + "' online CPUs. Falco changed the config to: one buffer every '" + std::to_string(online_cpus) + "' CPUs\n");
+		s.config->m_cpus_for_each_syscall_buffer = online_cpus;
+	}
+
+	return run_result::ok();
+}

userspace/falco/app/app.cpp

@@ -84,6 +84,7 @@ bool falco::app::run(falco::app::state& s, bool& restart, std::string& errstr)
 		falco::app::actions::init_clients,
 		falco::app::actions::configure_interesting_sets,
 		falco::app::actions::configure_syscall_buffer_size,
+		falco::app::actions::configure_syscall_buffer_num,
 		falco::app::actions::start_grpc_server,
 		falco::app::actions::start_webserver,
 		falco::app::actions::process_events,