diff --git a/unit_tests/falco/app/actions/test_load_config.cpp b/unit_tests/falco/app/actions/test_load_config.cpp index 3821a936..fabcb5f4 100644 --- a/unit_tests/falco/app/actions/test_load_config.cpp +++ b/unit_tests/falco/app/actions/test_load_config.cpp @@ -18,17 +18,182 @@ limitations under the License. #include "app_action_helpers.h" #include "falco_test_var.h" -TEST(ActionLoadConfig, check_depracated_falco_038_configs) -{ - auto action = falco::app::actions::load_config; +auto action = falco::app::actions::load_config; - // todo!: remove in 0.38.0 since we don't have anymore any precedence - { - falco::app::state s; - s.options.conf_filename = ENGINE_SELECTION_TEST_CONFIG; - EXPECT_ACTION_OK(action(s)); - EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 5); - EXPECT_TRUE(s.config->m_modern_ebpf.m_drop_failed_exit); - EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 3); - } +TEST(ActionLoadConfig, check_engine_config_is_correctly_parsed) +{ + falco::app::state s = {}; + s.options.conf_filename = NEW_ENGINE_CONFIG_CHANGED; + // TODO: understand why load_yaml is called more times + EXPECT_ACTION_OK(action(s)); + + // Check that the engine is the kmod + EXPECT_TRUE(s.config->m_engine_mode == engine_kind_t::KMOD); + + // Check that kmod params are the ones specified in the config + EXPECT_EQ(s.config->m_kmod.m_buf_size_preset, 2); + EXPECT_FALSE(s.config->m_kmod.m_drop_failed_exit); + + // Check that all other engine params are empty + EXPECT_TRUE(s.config->m_ebpf.m_probe_path.empty()); + EXPECT_EQ(s.config->m_ebpf.m_buf_size_preset, 0); + EXPECT_FALSE(s.config->m_ebpf.m_drop_failed_exit); + + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 0); + EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 0); + EXPECT_FALSE(s.config->m_modern_ebpf.m_drop_failed_exit); + + EXPECT_TRUE(s.config->m_replay.m_trace_file.empty()); + + EXPECT_TRUE(s.config->m_gvisor.m_config.empty()); + EXPECT_TRUE(s.config->m_gvisor.m_root.empty()); + + // Check that deprecated configs are not populated since we are using + // the new config. + EXPECT_EQ(s.config->m_syscall_buf_size_preset, 0); + EXPECT_EQ(s.config->m_cpus_for_each_syscall_buffer, 0); + EXPECT_FALSE(s.config->m_syscall_drop_failed_exit); +} + +// Equal to the one above but checks that the command line options are not parsed +TEST(ActionLoadConfig, check_command_line_options_are_not_used) +{ + falco::app::state s; + s.options.modern_bpf = true; + s.options.conf_filename = NEW_ENGINE_CONFIG_CHANGED; + EXPECT_ACTION_OK(action(s)); + + // Check that the engine is the kmod + EXPECT_TRUE(s.config->m_engine_mode == engine_kind_t::KMOD); + + // Check that kmod params are the ones specified in the config + EXPECT_EQ(s.config->m_kmod.m_buf_size_preset, 2); + EXPECT_FALSE(s.config->m_kmod.m_drop_failed_exit); + + // Check that all other engine params are empty + EXPECT_TRUE(s.config->m_ebpf.m_probe_path.empty()); + EXPECT_EQ(s.config->m_ebpf.m_buf_size_preset, 0); + EXPECT_FALSE(s.config->m_ebpf.m_drop_failed_exit); + + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 0); + EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 0); + EXPECT_FALSE(s.config->m_modern_ebpf.m_drop_failed_exit); + + EXPECT_TRUE(s.config->m_replay.m_trace_file.empty()); + + EXPECT_TRUE(s.config->m_gvisor.m_config.empty()); + EXPECT_TRUE(s.config->m_gvisor.m_root.empty()); + + // Check that deprecated configs are not populated since we are using + // the new config. + EXPECT_EQ(s.config->m_syscall_buf_size_preset, 0); + EXPECT_EQ(s.config->m_cpus_for_each_syscall_buffer, 0); + EXPECT_FALSE(s.config->m_syscall_drop_failed_exit); +} + +TEST(ActionLoadConfig, check_kmod_with_syscall_configs) +{ + falco::app::state s; + s.options.conf_filename = NEW_ENGINE_CONFIG_UNCHANGED; + EXPECT_ACTION_OK(action(s)); + + // Check that the engine is the kmod + EXPECT_TRUE(s.config->m_engine_mode == engine_kind_t::KMOD); + + // Kmod params should be populated with the syscall configs + // since the `engine` block is untouched. + EXPECT_EQ(s.config->m_kmod.m_buf_size_preset, 6); + EXPECT_TRUE(s.config->m_kmod.m_drop_failed_exit); + + // Check that all other engine params are empty + EXPECT_TRUE(s.config->m_ebpf.m_probe_path.empty()); + EXPECT_EQ(s.config->m_ebpf.m_buf_size_preset, 0); + EXPECT_FALSE(s.config->m_ebpf.m_drop_failed_exit); + + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 0); + EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 0); + EXPECT_FALSE(s.config->m_modern_ebpf.m_drop_failed_exit); + + EXPECT_TRUE(s.config->m_replay.m_trace_file.empty()); + + EXPECT_TRUE(s.config->m_gvisor.m_config.empty()); + EXPECT_TRUE(s.config->m_gvisor.m_root.empty()); + + // Check that deprecated configs are populated + EXPECT_EQ(s.config->m_syscall_buf_size_preset, 6); + EXPECT_EQ(s.config->m_cpus_for_each_syscall_buffer, 3); + EXPECT_TRUE(s.config->m_syscall_drop_failed_exit); +} + +TEST(ActionLoadConfig, check_override_command_line_modern) +{ + falco::app::state s; + // The comman line options should be correctly applied since the + // config is unchanged + s.options.modern_bpf = true; + s.options.conf_filename = NEW_ENGINE_CONFIG_UNCHANGED; + EXPECT_ACTION_OK(action(s)); + + // Check that the engine is the kmod + EXPECT_TRUE(s.is_modern_ebpf()); + + // Check that the modern ebpf engine uses the default syscall configs + // and not the ones in the `engine` block + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 3); + EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 6); + EXPECT_TRUE(s.config->m_modern_ebpf.m_drop_failed_exit); + + // Kmod params should be always populated since the kmod is the default + EXPECT_EQ(s.config->m_kmod.m_buf_size_preset, 6); + EXPECT_TRUE(s.config->m_kmod.m_drop_failed_exit); + + // Check that all other engine params are empty + EXPECT_TRUE(s.config->m_ebpf.m_probe_path.empty()); + EXPECT_EQ(s.config->m_ebpf.m_buf_size_preset, 0); + EXPECT_FALSE(s.config->m_ebpf.m_drop_failed_exit); + + EXPECT_TRUE(s.config->m_replay.m_trace_file.empty()); + + EXPECT_TRUE(s.config->m_gvisor.m_config.empty()); + EXPECT_TRUE(s.config->m_gvisor.m_root.empty()); + + // Check that deprecated configs are populated + EXPECT_EQ(s.config->m_syscall_buf_size_preset, 6); + EXPECT_EQ(s.config->m_cpus_for_each_syscall_buffer, 3); + EXPECT_TRUE(s.config->m_syscall_drop_failed_exit); +} + +TEST(ActionLoadConfig, check_override_command_line_gvisor) +{ + falco::app::state s; + // The comman line options should be correctly applied since the + // config is unchanged + s.options.gvisor_config = "config"; + s.options.conf_filename = NEW_ENGINE_CONFIG_UNCHANGED; + EXPECT_ACTION_OK(action(s)); + + // Check that the engine is the kmod + EXPECT_TRUE(s.is_gvisor()); + EXPECT_EQ(s.config->m_gvisor.m_config, "config"); + EXPECT_TRUE(s.config->m_gvisor.m_root.empty()); + + // Kmod params should be always populated since the kmod is the default + EXPECT_EQ(s.config->m_kmod.m_buf_size_preset, 6); + EXPECT_TRUE(s.config->m_kmod.m_drop_failed_exit); + + // Check that all other engine params are empty + EXPECT_TRUE(s.config->m_ebpf.m_probe_path.empty()); + EXPECT_EQ(s.config->m_ebpf.m_buf_size_preset, 0); + EXPECT_FALSE(s.config->m_ebpf.m_drop_failed_exit); + + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 0); + EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 0); + EXPECT_FALSE(s.config->m_modern_ebpf.m_drop_failed_exit); + + EXPECT_TRUE(s.config->m_replay.m_trace_file.empty()); + + // Check that deprecated configs are populated + EXPECT_EQ(s.config->m_syscall_buf_size_preset, 6); + EXPECT_EQ(s.config->m_cpus_for_each_syscall_buffer, 3); + EXPECT_TRUE(s.config->m_syscall_drop_failed_exit); } diff --git a/unit_tests/falco/test_configs/test_engine_selection_precedence.yaml b/unit_tests/falco/test_configs/new_engine_config_changed.yaml similarity index 73% rename from unit_tests/falco/test_configs/test_engine_selection_precedence.yaml rename to unit_tests/falco/test_configs/new_engine_config_changed.yaml index 994697de..bed9898f 100644 --- a/unit_tests/falco/test_configs/test_engine_selection_precedence.yaml +++ b/unit_tests/falco/test_configs/new_engine_config_changed.yaml @@ -21,31 +21,32 @@ ################ engine: - kind: modern-ebpf + kind: kmod kmod: - buf_size_preset: 4 + buf_size_preset: 2 # changed default value drop_failed_exit: false ebpf: probe: /path/to/probe.o - buf_size_preset: 4 + buf_size_preset: 4 drop_failed_exit: false modern-ebpf: - cpus_for_each_syscall_buffer: 1 - buf_size_preset: 5 # This should win over the other config + cpus_for_each_syscall_buffer: 2 + buf_size_preset: 4 drop_failed_exit: false replay: trace_file: /path/to/file.scap gvisor: - config: /path/to/gvisor.yaml - root: /gvisor/root + config: /path/to/gvisor_config.yaml + root: "" ####################################### # Falco performance tuning (advanced) # ####################################### -syscall_buf_size_preset: 4 +# These configs should be ignored since we have changed the `engine` config +syscall_buf_size_preset: 6 -syscall_drop_failed_exit: true # This should win over the other config +syscall_drop_failed_exit: true modern_bpf: - cpus_for_each_syscall_buffer: 3 # Should win this 3 over the 1 in the other config + cpus_for_each_syscall_buffer: 7 diff --git a/unit_tests/falco/test_configs/new_engine_config_unchanged.yaml b/unit_tests/falco/test_configs/new_engine_config_unchanged.yaml new file mode 100644 index 00000000..70998a06 --- /dev/null +++ b/unit_tests/falco/test_configs/new_engine_config_unchanged.yaml @@ -0,0 +1,53 @@ +# SPDX-License-Identifier: Apache-2.0 +# +# Copyright (C) 2023 The Falco Authors. +# +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +################ +# Falco engine # +################ + +# Unchanged +engine: + kind: kmod + kmod: + buf_size_preset: 4 + drop_failed_exit: false + ebpf: + probe: /path/to/probe.o + buf_size_preset: 4 + drop_failed_exit: false + modern-ebpf: + cpus_for_each_syscall_buffer: 2 + buf_size_preset: 4 + drop_failed_exit: false + replay: + trace_file: /path/to/file.scap + gvisor: + config: /path/to/gvisor_config.yaml + root: "" + +####################################### +# Falco performance tuning (advanced) # +####################################### + +# The `engine` config is unchanged so these configs are used +syscall_buf_size_preset: 6 + +syscall_drop_failed_exit: true + +modern_bpf: + cpus_for_each_syscall_buffer: 3 diff --git a/unit_tests/falco_test_var.h.in b/unit_tests/falco_test_var.h.in index 208fb67b..f8cfcab8 100644 --- a/unit_tests/falco_test_var.h.in +++ b/unit_tests/falco_test_var.h.in @@ -1,3 +1,4 @@ #pragma once -#define ENGINE_SELECTION_TEST_CONFIG "${CMAKE_SOURCE_DIR}/unit_tests/falco/test_configs/test_engine_selection_precedence.yaml" +#define NEW_ENGINE_CONFIG_CHANGED "${CMAKE_SOURCE_DIR}/unit_tests/falco/test_configs/new_engine_config_changed.yaml" +#define NEW_ENGINE_CONFIG_UNCHANGED "${CMAKE_SOURCE_DIR}/unit_tests/falco/test_configs/new_engine_config_unchanged.yaml" diff --git a/userspace/falco/configuration.cpp b/userspace/falco/configuration.cpp index f84360ab..d4b8ac42 100644 --- a/userspace/falco/configuration.cpp +++ b/userspace/falco/configuration.cpp @@ -184,7 +184,12 @@ void falco_configuration::load_engine_config(const std::string& config_name, con } // If we arrive here it means we have at least one change in the `engine` config. + // Please note that `load_config` is called more than one time during initialization + // so the last time wins m_changes_in_engine_config = true; + m_syscall_buf_size_preset = 0; + m_cpus_for_each_syscall_buffer = 0; + m_syscall_drop_failed_exit = false; } void falco_configuration::load_yaml(const std::string& config_name, const yaml_helper& config) diff --git a/userspace/falco/configuration.h b/userspace/falco/configuration.h index 82e222fc..24f808bb 100644 --- a/userspace/falco/configuration.h +++ b/userspace/falco/configuration.h @@ -172,9 +172,9 @@ public: // used to keep track if the `engine` config is used. bool m_changes_in_engine_config = false; // Index corresponding to the syscall buffer dimension. - uint16_t m_syscall_buf_size_preset = 4; + uint16_t m_syscall_buf_size_preset = 0; // Number of CPUs associated with a single ring buffer. - uint16_t m_cpus_for_each_syscall_buffer = 2; + uint16_t m_cpus_for_each_syscall_buffer = 0; bool m_syscall_drop_failed_exit = false; private: