github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-12 14:08:27 +00:00
Code Issues Projects Releases Wiki Activity

update(userspace/engine): support plugin version requirement alternatives in rule loader

Browse Source 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
This commit is contained in:
Jason Dellaluce 2022-09-05 07:32:23 +00:00 committed by poiana
parent 934ae2f1a6
commit 6e0971f1e1
2 changed files with 31 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
userspace/engine/rule_loader.cpp
View File

@ -836,7 +836,7 @@ void rule_loader::clear()
m_required_plugin_versions.clear(); m_required_plugin_versions.clear();
} }
const std::map<std::string, std::set<std::string>> rule_loader::required_plugin_versions() const const std::vector<rule_loader::plugin_version_info::requirement_alternatives>& rule_loader::required_plugin_versions() const
{ {
return m_required_plugin_versions; return m_required_plugin_versions;
} }
@ -851,11 +851,21 @@ void rule_loader::define(configuration& cfg, engine_version_info& info)
void rule_loader::define(configuration& cfg, plugin_version_info& info) void rule_loader::define(configuration& cfg, plugin_version_info& info)
{ {
sinsp_version plugin_version(info.version); std::unordered_set<std::string> plugin_names;
THROW(!plugin_version.m_valid, "Invalid required version '" + info.version for (const auto& req : info.alternatives)
+ "' for plugin '" + info.name + "'", {
info.ctx); sinsp_version plugin_version(req.version);
m_required_plugin_versions[info.name].insert(info.version); THROW(!plugin_version.m_valid,
"Invalid required version '" + req.version
+ "' for plugin '" + req.name + "'",
info.ctx);
THROW(plugin_names.find(req.name) != plugin_names.end(),
"Defined multiple alternative version requirements for plugin '"
+ req.name + "'",
info.ctx);
plugin_names.insert(req.name);
}
m_required_plugin_versions.push_back(info.alternatives);
} }
void rule_loader::define(configuration& cfg, list_info& info) void rule_loader::define(configuration& cfg, list_info& info)

19
userspace/engine/rule_loader.h
View File

@ -182,6 +182,18 @@ public:
*/ */
struct plugin_version_info struct plugin_version_info
{ {
struct requirement
{
requirement() = default;
requirement(const std::string n, const std::string v):
name(n), version(v) { }
std::string name;
std::string version;
};
typedef std::vector<requirement> requirement_alternatives;
// This differs from the other _info structs by having // This differs from the other _info structs by having
// a default constructor. This allows it to be used // a default constructor. This allows it to be used
// by falco_engine, which aliases the type. // by falco_engine, which aliases the type.
@ -190,8 +202,7 @@ public:
~plugin_version_info() = default; ~plugin_version_info() = default;
context ctx; context ctx;
std::string name; requirement_alternatives alternatives;
std::string version;
}; };
/*! /*!
@ -303,7 +314,7 @@ public:
\brief Returns the set of all required versions for each plugin according \brief Returns the set of all required versions for each plugin according
to the internal definitions. to the internal definitions.
*/ */
virtual const std::map<std::string, std::set<std::string>> required_plugin_versions() const; virtual const std::vector<plugin_version_info::requirement_alternatives>& required_plugin_versions() const;
/*! /*!
\brief Defines an info block. If a similar info block is found \brief Defines an info block. If a similar info block is found
@ -348,5 +359,5 @@ private:
indexed_vector<rule_info> m_rule_infos; indexed_vector<rule_info> m_rule_infos;
indexed_vector<macro_info> m_macro_infos; indexed_vector<macro_info> m_macro_infos;
indexed_vector<list_info> m_list_infos; indexed_vector<list_info> m_list_infos;
std::map<std::string, std::set<std::string>> m_required_plugin_versions; std::vector<plugin_version_info::requirement_alternatives> m_required_plugin_versions;
}; };