github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-12 14:08:27 +00:00
Code Issues Projects Releases Wiki Activity

update(userspace/engine): support plugin version requirement alternatives in rule loader

Browse Source 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
This commit is contained in:
Jason Dellaluce 2022-09-05 07:32:23 +00:00 committed by poiana
parent 934ae2f1a6
commit 6e0971f1e1
2 changed files with 31 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
userspace/engine/rule_loader.cpp
View File

@ -836,7 +836,7 @@ void rule_loader::clear()
m_required_plugin_versions.clear();
}
const std::map<std::string, std::set<std::string>> rule_loader::required_plugin_versions() const
const std::vector<rule_loader::plugin_version_info::requirement_alternatives>& rule_loader::required_plugin_versions() const
{
return m_required_plugin_versions;
}
@ -851,11 +851,21 @@ void rule_loader::define(configuration& cfg, engine_version_info& info)
void rule_loader::define(configuration& cfg, plugin_version_info& info)
{
sinsp_version plugin_version(info.version);
THROW(!plugin_version.m_valid, "Invalid required version '" + info.version
+ "' for plugin '" + info.name + "'",
std::unordered_set<std::string> plugin_names;
for (const auto& req : info.alternatives)
{
sinsp_version plugin_version(req.version);
THROW(!plugin_version.m_valid,
"Invalid required version '" + req.version
+ "' for plugin '" + req.name + "'",
info.ctx);
m_required_plugin_versions[info.name].insert(info.version);
THROW(plugin_names.find(req.name) != plugin_names.end(),
"Defined multiple alternative version requirements for plugin '"
+ req.name + "'",
info.ctx);
plugin_names.insert(req.name);
}
m_required_plugin_versions.push_back(info.alternatives);
}
void rule_loader::define(configuration& cfg, list_info& info)

19
userspace/engine/rule_loader.h
View File

@ -182,6 +182,18 @@ public:
*/
struct plugin_version_info
{
struct requirement
{
requirement() = default;
requirement(const std::string n, const std::string v):
name(n), version(v) { }
std::string name;
std::string version;
};
typedef std::vector<requirement> requirement_alternatives;
// This differs from the other _info structs by having
// a default constructor. This allows it to be used
// by falco_engine, which aliases the type.
@ -190,8 +202,7 @@ public:
~plugin_version_info() = default;
context ctx;
std::string name;
std::string version;
requirement_alternatives alternatives;
};
/*!
@ -303,7 +314,7 @@ public:
\brief Returns the set of all required versions for each plugin according
to the internal definitions.
*/
virtual const std::map<std::string, std::set<std::string>> required_plugin_versions() const;
virtual const std::vector<plugin_version_info::requirement_alternatives>& required_plugin_versions() const;
/*!
\brief Defines an info block. If a similar info block is found
@ -348,5 +359,5 @@ private:
indexed_vector<rule_info> m_rule_infos;
indexed_vector<macro_info> m_macro_infos;
indexed_vector<list_info> m_list_infos;
std::map<std::string, std::set<std::string>> m_required_plugin_versions;
std::vector<plugin_version_info::requirement_alternatives> m_required_plugin_versions;
};