From 0cdbdf9215371e4bda113f66203bd17993050c29 Mon Sep 17 00:00:00 2001 From: Henri DF Date: Tue, 1 Mar 2016 10:49:19 -0800 Subject: [PATCH 1/3] minor include cleanups --- userspace/digwatch/formats.cpp | 5 ----- userspace/digwatch/formats.h | 7 ++++++- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/userspace/digwatch/formats.cpp b/userspace/digwatch/formats.cpp index 2c7d0f83..c2670960 100644 --- a/userspace/digwatch/formats.cpp +++ b/userspace/digwatch/formats.cpp @@ -1,10 +1,5 @@ #include "formats.h" -extern "C" { -#include "lua.h" -#include "lualib.h" -#include "lauxlib.h" -} sinsp* g_inspector; diff --git a/userspace/digwatch/formats.h b/userspace/digwatch/formats.h index 913c461c..1108c094 100644 --- a/userspace/digwatch/formats.h +++ b/userspace/digwatch/formats.h @@ -1,7 +1,12 @@ #pragma once #include "sinsp.h" -#include "lua_parser.h" + +extern "C" { +#include "lua.h" +#include "lualib.h" +#include "lauxlib.h" +} class sinsp_evt_formatter; From 3195c8abeaaf4ac8eadc93ab3151148b698cae75 Mon Sep 17 00:00:00 2001 From: Henri DF Date: Tue, 1 Mar 2016 11:56:40 -0800 Subject: [PATCH 2/3] formats.{cpp,h}: Get rid of global vars --- userspace/digwatch/digwatch.cpp | 7 +++---- userspace/digwatch/formats.cpp | 12 +++++------- userspace/digwatch/formats.h | 4 +++- 3 files changed, 11 insertions(+), 12 deletions(-) diff --git a/userspace/digwatch/digwatch.cpp b/userspace/digwatch/digwatch.cpp index fd0c47d9..f73e56e1 100644 --- a/userspace/digwatch/digwatch.cpp +++ b/userspace/digwatch/digwatch.cpp @@ -52,7 +52,6 @@ string lua_on_event = "on_event"; // void do_inspect(sinsp* inspector, digwatch_rules* rules, - digwatch_formats* formats, lua_State* ls) { int32_t res; @@ -119,7 +118,6 @@ int digwatch_init(int argc, char **argv) int result = EXIT_SUCCESS; sinsp* inspector = NULL; digwatch_rules* rules = NULL; - digwatch_formats* formats = NULL; int op; sinsp_evt::param_fmt event_buffer_format = sinsp_evt::PF_NORMAL; int long_index = 0; @@ -216,7 +214,9 @@ int digwatch_init(int argc, char **argv) luaL_openlibs(ls); rules = new digwatch_rules(inspector, ls, lua_main_filename, lua_dir); - formats = new digwatch_formats(inspector, ls); + + digwatch_formats::init(inspector, ls); + digwatch_fields::init(inspector, ls); rules->load_rules(rules_file); inspector->set_filter(rules->get_filter()); @@ -224,7 +224,6 @@ int digwatch_init(int argc, char **argv) do_inspect(inspector, rules, - formats, ls); inspector->close(); diff --git a/userspace/digwatch/formats.cpp b/userspace/digwatch/formats.cpp index c2670960..b6063f16 100644 --- a/userspace/digwatch/formats.cpp +++ b/userspace/digwatch/formats.cpp @@ -1,7 +1,7 @@ #include "formats.h" -sinsp* g_inspector; +sinsp* digwatch_formats::s_inspector = NULL; const static struct luaL_reg ll_digwatch [] = { @@ -10,13 +10,11 @@ const static struct luaL_reg ll_digwatch [] = {NULL,NULL} }; -digwatch_formats::digwatch_formats(sinsp* inspector, lua_State *ls) +void digwatch_formats::init(sinsp* inspector, lua_State *ls) { - g_inspector = inspector; + s_inspector = inspector; - m_ls = ls; - - luaL_openlib(m_ls, "digwatch", ll_digwatch, 0); + luaL_openlib(ls, "digwatch", ll_digwatch, 0); } int digwatch_formats::formatter(lua_State *ls) @@ -25,7 +23,7 @@ int digwatch_formats::formatter(lua_State *ls) sinsp_evt_formatter* formatter; try { - formatter = new sinsp_evt_formatter(g_inspector, format); + formatter = new sinsp_evt_formatter(s_inspector, format); } catch(sinsp_exception& e) { diff --git a/userspace/digwatch/formats.h b/userspace/digwatch/formats.h index 1108c094..3f9fc7cc 100644 --- a/userspace/digwatch/formats.h +++ b/userspace/digwatch/formats.h @@ -13,7 +13,7 @@ class sinsp_evt_formatter; class digwatch_formats { public: - digwatch_formats(sinsp* inspector, lua_State *ls); + static void init(sinsp* inspector, lua_State *ls); // formatter = digwatch.formatter(format_string) static int formatter(lua_State *ls); @@ -21,6 +21,8 @@ class digwatch_formats // formatted_string = digwatch.format_event(evt, formatter) static int format_event(lua_State *ls); + static sinsp* s_inspector; + private: lua_State* m_ls; }; From 26fcf3415d5c0de27e3804ea70a18cad69d40402 Mon Sep 17 00:00:00 2001 From: Henri DF Date: Tue, 1 Mar 2016 13:49:51 -0800 Subject: [PATCH 3/3] Add digwatch.fields() to Lua API --- userspace/digwatch/CMakeLists.txt | 2 +- userspace/digwatch/digwatch.cpp | 3 ++ userspace/digwatch/fields.cpp | 76 +++++++++++++++++++++++++++++++ userspace/digwatch/fields.h | 21 +++++++++ 4 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 userspace/digwatch/fields.cpp create mode 100644 userspace/digwatch/fields.h diff --git a/userspace/digwatch/CMakeLists.txt b/userspace/digwatch/CMakeLists.txt index 4b679be0..1736567c 100644 --- a/userspace/digwatch/CMakeLists.txt +++ b/userspace/digwatch/CMakeLists.txt @@ -10,7 +10,7 @@ include_directories(${PROJECT_SOURCE_DIR}/../sysdig/userspace/libscap) include_directories(${PROJECT_SOURCE_DIR}/../sysdig/userspace/libsinsp) include_directories("${PROJECT_BINARY_DIR}/userspace/digwatch") -add_executable(digwatch formats.cpp rules.cpp digwatch.cpp) +add_executable(digwatch formats.cpp fields.cpp rules.cpp digwatch.cpp) target_link_libraries(digwatch sinsp) diff --git a/userspace/digwatch/digwatch.cpp b/userspace/digwatch/digwatch.cpp index f73e56e1..9a02b85e 100644 --- a/userspace/digwatch/digwatch.cpp +++ b/userspace/digwatch/digwatch.cpp @@ -19,6 +19,7 @@ extern "C" { #include #include "rules.h" #include "formats.h" +#include "fields.h" #include "utils.h" @@ -218,6 +219,8 @@ int digwatch_init(int argc, char **argv) digwatch_formats::init(inspector, ls); digwatch_fields::init(inspector, ls); + digwatch_fields::init(inspector, ls); + rules->load_rules(rules_file); inspector->set_filter(rules->get_filter()); inspector->open(""); diff --git a/userspace/digwatch/fields.cpp b/userspace/digwatch/fields.cpp new file mode 100644 index 00000000..3285a8f7 --- /dev/null +++ b/userspace/digwatch/fields.cpp @@ -0,0 +1,76 @@ +#include "fields.h" +#include "chisel_api.h" +#include "filterchecks.h" + + +extern sinsp_filter_check_list g_filterlist; + +const static struct luaL_reg ll_digwatch [] = +{ + {"field", &digwatch_fields::field}, + {NULL,NULL} +}; + +sinsp* digwatch_fields::s_inspector = NULL; + +std::map digwatch_fields::s_fieldname_map; + + +void digwatch_fields::init(sinsp* inspector, lua_State *ls) +{ + s_inspector = inspector; + + luaL_openlib(ls, "digwatch", ll_digwatch, 0); +} + +int digwatch_fields::field(lua_State *ls) +{ + + sinsp_filter_check* chk=NULL; + + if (!lua_islightuserdata(ls, 1)) + { + string err = "invalid argument passed to digwatch.field()"; + fprintf(stderr, "%s\n", err.c_str()); + throw sinsp_exception("digwatch.field() error"); + } + sinsp_evt* evt = (sinsp_evt*)lua_topointer(ls, 1); + + string fieldname = luaL_checkstring(ls, 2); + + if (s_fieldname_map.count(fieldname) == 0) + { + + chk = g_filterlist.new_filter_check_from_fldname(fieldname, + s_inspector, + false); + + if(chk == NULL) + { + string err = "nonexistent fieldname passed to digwatch.field()" + string(fieldname); + fprintf(stderr, "%s\n", err.c_str()); + throw sinsp_exception("digwatch.field() error"); + } + + chk->parse_field_name(fieldname.c_str(), true); + s_fieldname_map[fieldname] = chk; + } + else + { + chk = s_fieldname_map[fieldname]; + } + + uint32_t vlen; + uint8_t* rawval = chk->extract(evt, &vlen); + + if(rawval != NULL) + { + return lua_cbacks::rawval_to_lua_stack(ls, rawval, chk->get_field_info(), vlen); + } + else + { + lua_pushnil(ls); + return 1; + } +} + diff --git a/userspace/digwatch/fields.h b/userspace/digwatch/fields.h new file mode 100644 index 00000000..a266bb56 --- /dev/null +++ b/userspace/digwatch/fields.h @@ -0,0 +1,21 @@ +#pragma once + +#include "sinsp.h" + +extern "C" { +#include "lua.h" +#include "lualib.h" +#include "lauxlib.h" +} + +class digwatch_fields +{ + public: + static void init(sinsp* inspector, lua_State *ls); + + // value = digwatch.field(evt, fieldname) + static int field(lua_State *ls); + + static sinsp* s_inspector; + static std::map s_fieldname_map; +};