diff --git a/CMakeLists.txt b/CMakeLists.txt index f2e72b67..99a64fbb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,27 +1,29 @@ # # Copyright (C) 2019 The Falco Authors. # +# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at # -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 # -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the +# specific language governing permissions and limitations under the License. # cmake_minimum_required(VERSION 3.5.1) project(falco) -if(NOT SYSDIG_DIR) - get_filename_component(SYSDIG_DIR "${PROJECT_SOURCE_DIR}/../sysdig" REALPATH) +option(USE_BUNDLED_DEPS "Bundle hard to find dependencies into the Falco binary" OFF) + +include(ProcessorCount) +processorcount(PROCESSOR_COUNT) +if(NOT PROCESSOR_COUNT EQUAL 0) + set(PROCESSOUR_COUNT_MAKE_FLAG -j${PROCESSOR_COUNT}) endif() +# if(NOT SYSDIG_DIR) get_filename_component(SYSDIG_DIR "${PROJECT_SOURCE_DIR}/../sysdig" REALPATH) endif() + # Custom CMake modules list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules") list(APPEND CMAKE_MODULE_PATH "${SYSDIG_DIR}/cmake/modules") @@ -30,26 +32,28 @@ option(BUILD_WARNINGS_AS_ERRORS "Enable building with -Wextra -Werror flags") option(USE_BUNDLED_DEPS "Enable bundled dependencies instead of using the system ones" OFF) if(NOT DEFINED FALCO_ETC_DIR) - set(FALCO_ETC_DIR "/etc/falco") + set(FALCO_ETC_DIR "/etc/falco") endif() if(NOT DRAIOS_DEBUG_FLAGS) - set(DRAIOS_DEBUG_FLAGS "-D_DEBUG") + set(DRAIOS_DEBUG_FLAGS "-D_DEBUG") endif() string(TOLOWER "${CMAKE_BUILD_TYPE}" CMAKE_BUILD_TYPE) -if (CMAKE_BUILD_TYPE STREQUAL "debug") - set(KBUILD_FLAGS "${DRAIOS_DEBUG_FLAGS} ${DRAIOS_FEATURE_FLAGS}") +if(CMAKE_BUILD_TYPE STREQUAL "debug") + set(KBUILD_FLAGS "${DRAIOS_DEBUG_FLAGS} ${DRAIOS_FEATURE_FLAGS}") else() - set(CMAKE_BUILD_TYPE "release") - set(KBUILD_FLAGS "${DRAIOS_FEATURE_FLAGS}") + set(CMAKE_BUILD_TYPE "release") + set(KBUILD_FLAGS "${DRAIOS_FEATURE_FLAGS}") endif() set(CMAKE_COMMON_FLAGS "-Wall -ggdb ${DRAIOS_FEATURE_FLAGS}") if(BUILD_WARNINGS_AS_ERRORS) - set(CMAKE_SUPPRESSED_WARNINGS "-Wno-unused-parameter -Wno-unused-variable -Wno-unused-but-set-variable -Wno-missing-field-initializers -Wno-sign-compare -Wno-type-limits -Wno-implicit-fallthrough -Wno-format-truncation") - set(CMAKE_COMMON_FLAGS "${CMAKE_COMMON_FLAGS} -Wextra -Werror ${CMAKE_SUPPRESSED_WARNINGS}") + set(CMAKE_SUPPRESSED_WARNINGS + "-Wno-unused-parameter -Wno-unused-variable -Wno-unused-but-set-variable -Wno-missing-field-initializers -Wno-sign-compare -Wno-type-limits -Wno-implicit-fallthrough -Wno-format-truncation" + ) + set(CMAKE_COMMON_FLAGS "${CMAKE_COMMON_FLAGS} -Wextra -Werror ${CMAKE_SUPPRESSED_WARNINGS}") endif() set(CMAKE_C_FLAGS "${CMAKE_COMMON_FLAGS}") @@ -64,7 +68,7 @@ set(CMAKE_CXX_FLAGS_RELEASE "-O3 -fno-strict-aliasing -DNDEBUG") add_definitions(-DPLATFORM_NAME="${CMAKE_SYSTEM_NAME}") add_definitions(-DK8S_DISABLE_THREAD) if(CMAKE_SYSTEM_NAME MATCHES "Linux") - add_definitions(-DHAS_CAPTURE) + add_definitions(-DHAS_CAPTURE) endif() # Create the falco version variable according to git index @@ -81,11 +85,7 @@ if(NOT FALCO_VERSION) set(FALCO_VERSION "0.${FALCO_VERSION}") else() set(FALCO_VERSION "${FALCO_TAG}") - string(REGEX - REPLACE "^v([0-9]+)(\\.[0-9]+)(\\.[0-9]+)?" - "\\1\\2\\3" - FALCO_VERSION - ${FALCO_VERSION}) + string(REGEX REPLACE "^v([0-9]+)(\\.[0-9]+)(\\.[0-9]+)?" "\\1\\2\\3" FALCO_VERSION ${FALCO_VERSION}) endif() endif() message(STATUS "Falco version: ${FALCO_VERSION}") @@ -94,8 +94,10 @@ set(PACKAGE_NAME "falco") set(PROBE_VERSION "${FALCO_VERSION}") set(PROBE_NAME "falco-probe") set(PROBE_DEVICE_NAME "falco") -if (CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT) - set(CMAKE_INSTALL_PREFIX /usr CACHE PATH "Default install path" FORCE) +if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT) + set(CMAKE_INSTALL_PREFIX + /usr + CACHE PATH "Default install path" FORCE) endif() set(CMD_MAKE make) @@ -114,32 +116,32 @@ set(JSONCPP_LIB_SRC "${JSONCPP_SRC}/jsoncpp.cpp") set(NJSON_SRC "${PROJECT_BINARY_DIR}/njson-prefix/src/njson") message(STATUS "Using bundled nlohmann-json in '${NJSON_SRC}'") set(NJSON_INCLUDE "${NJSON_SRC}/single_include") -ExternalProject_Add(njson - URL "https://s3.amazonaws.com/download.draios.com/dependencies/njson-3.3.0.tar.gz" - URL_MD5 "e26760e848656a5da400662e6c5d999a" - CONFIGURE_COMMAND "" - BUILD_COMMAND "" - INSTALL_COMMAND "") +ExternalProject_Add( + njson + URL "https://s3.amazonaws.com/download.draios.com/dependencies/njson-3.3.0.tar.gz" + URL_MD5 "e26760e848656a5da400662e6c5d999a" + CONFIGURE_COMMAND "" + BUILD_COMMAND "" + INSTALL_COMMAND "") -# curses -# we pull this in because libsinsp won't build without it +# curses we pull this in because libsinsp won't build without it set(CURSES_NEED_NCURSES TRUE) find_package(Curses REQUIRED) message(STATUS "Found ncurses: include: ${CURSES_INCLUDE_DIR}, lib: ${CURSES_LIBRARIES}") - # libb64 set(B64_SRC "${PROJECT_BINARY_DIR}/b64-prefix/src/b64") message(STATUS "Using bundled b64 in '${B64_SRC}'") set(B64_INCLUDE "${B64_SRC}/include") set(B64_LIB "${B64_SRC}/src/libb64.a") -ExternalProject_Add(b64 - URL "https://s3.amazonaws.com/download.draios.com/dependencies/libb64-1.2.src.zip" - URL_MD5 "a609809408327117e2c643bed91b76c5" - CONFIGURE_COMMAND "" - BUILD_COMMAND ${CMD_MAKE} - BUILD_IN_SOURCE 1 - INSTALL_COMMAND "") +ExternalProject_Add( + b64 + URL "https://s3.amazonaws.com/download.draios.com/dependencies/libb64-1.2.src.zip" + URL_MD5 "a609809408327117e2c643bed91b76c5" + CONFIGURE_COMMAND "" + BUILD_COMMAND ${CMD_MAKE} + BUILD_IN_SOURCE 1 + INSTALL_COMMAND "") # yaml-cpp include(yaml-cpp) @@ -148,11 +150,11 @@ include(yaml-cpp) find_package(OpenSSL REQUIRED) message(STATUS "Found OpenSSL: include: ${OPENSSL_INCLUDE_DIR}, lib: ${OPENSSL_LIBRARIES}") -find_program (OPENSSL_BINARY openssl) +find_program(OPENSSL_BINARY openssl) if(NOT OPENSSL_BINARY) - message(FATAL_ERROR "Couldn't find the openssl command line in PATH") + message(FATAL_ERROR "Couldn't find the openssl command line in PATH") else() - message(STATUS "Found openssl binary: ${OPENSSL_BINARY}") + message(STATUS "Found openssl binary: ${OPENSSL_BINARY}") endif() # libcurl @@ -163,13 +165,14 @@ set(LUAJIT_SRC "${PROJECT_BINARY_DIR}/luajit-prefix/src/luajit/src") message(STATUS "Using bundled LuaJIT in '${LUAJIT_SRC}'") set(LUAJIT_INCLUDE "${LUAJIT_SRC}") set(LUAJIT_LIB "${LUAJIT_SRC}/libluajit.a") -ExternalProject_Add(luajit - URL "https://s3.amazonaws.com/download.draios.com/dependencies/LuaJIT-2.0.3.tar.gz" - URL_MD5 "f14e9104be513913810cd59c8c658dc0" - CONFIGURE_COMMAND "" - BUILD_COMMAND ${CMD_MAKE} - BUILD_IN_SOURCE 1 - INSTALL_COMMAND "") +ExternalProject_Add( + luajit + URL "https://s3.amazonaws.com/download.draios.com/dependencies/LuaJIT-2.0.3.tar.gz" + URL_MD5 "f14e9104be513913810cd59c8c658dc0" + CONFIGURE_COMMAND "" + BUILD_COMMAND ${CMD_MAKE} + BUILD_IN_SOURCE 1 + INSTALL_COMMAND "") # Lpeg set(LPEG_SRC "${PROJECT_BINARY_DIR}/lpeg-prefix/src/lpeg") @@ -178,21 +181,22 @@ message(STATUS "Using bundled lpeg in '${LPEG_SRC}'") set(LPEG_DEPENDENCIES "") list(APPEND LPEG_DEPENDENCIES "luajit") -ExternalProject_Add(lpeg - DEPENDS ${LPEG_DEPENDENCIES} - URL "https://s3.amazonaws.com/download.draios.com/dependencies/lpeg-1.0.0.tar.gz" - URL_MD5 "0aec64ccd13996202ad0c099e2877ece" - BUILD_COMMAND LUA_INCLUDE=${LUAJIT_INCLUDE} "${PROJECT_SOURCE_DIR}/scripts/build-lpeg.sh" "${LPEG_SRC}/build" - BUILD_IN_SOURCE 1 - CONFIGURE_COMMAND "" - INSTALL_COMMAND "") +ExternalProject_Add( + lpeg + DEPENDS ${LPEG_DEPENDENCIES} + URL "https://s3.amazonaws.com/download.draios.com/dependencies/lpeg-1.0.0.tar.gz" + URL_MD5 "0aec64ccd13996202ad0c099e2877ece" + BUILD_COMMAND LUA_INCLUDE=${LUAJIT_INCLUDE} "${PROJECT_SOURCE_DIR}/scripts/build-lpeg.sh" "${LPEG_SRC}/build" + BUILD_IN_SOURCE 1 + CONFIGURE_COMMAND "" + INSTALL_COMMAND "") # libyaml find_library(LIBYAML_LIB NAMES libyaml.so) if(LIBYAML_LIB) - message(STATUS "Found libyaml: lib: ${LIBYAML_LIB}") + message(STATUS "Found libyaml: lib: ${LIBYAML_LIB}") else() - message(FATAL_ERROR "Couldn't find system libyaml") + message(FATAL_ERROR "Couldn't find system libyaml") endif() # lyaml @@ -202,15 +206,16 @@ message(STATUS "Using bundled lyaml in '${LYAML_SRC}'") set(LYAML_DEPENDENCIES "") list(APPEND LYAML_DEPENDENCIES "luajit") -ExternalProject_Add(lyaml - DEPENDS ${LYAML_DEPENDENCIES} - URL "https://s3.amazonaws.com/download.draios.com/dependencies/lyaml-release-v6.0.tar.gz" - URL_MD5 "dc3494689a0dce7cf44e7a99c72b1f30" - BUILD_COMMAND ${CMD_MAKE} - BUILD_IN_SOURCE 1 - CONFIGURE_COMMAND ./configure --enable-static LIBS=-lyaml LUA_INCLUDE=-I${LUAJIT_INCLUDE} LUA=${LUAJIT_SRC}/luajit - INSTALL_COMMAND sh -c "cp -R ${PROJECT_BINARY_DIR}/lyaml-prefix/src/lyaml/lib/* ${PROJECT_SOURCE_DIR}/userspace/engine/lua") - +ExternalProject_Add( + lyaml + DEPENDS ${LYAML_DEPENDENCIES} + URL "https://s3.amazonaws.com/download.draios.com/dependencies/lyaml-release-v6.0.tar.gz" + URL_MD5 "dc3494689a0dce7cf44e7a99c72b1f30" + BUILD_COMMAND ${CMD_MAKE} + BUILD_IN_SOURCE 1 + CONFIGURE_COMMAND ./configure --enable-static LIBS=-lyaml LUA_INCLUDE=-I${LUAJIT_INCLUDE} LUA=${LUAJIT_SRC}/luajit + INSTALL_COMMAND sh -c + "cp -R ${PROJECT_BINARY_DIR}/lyaml-prefix/src/lyaml/lib/* ${PROJECT_SOURCE_DIR}/userspace/engine/lua") # Intel TBB set(TBB_SRC "${PROJECT_BINARY_DIR}/tbb-prefix/src/tbb") @@ -219,15 +224,15 @@ message(STATUS "Using bundled tbb in '${TBB_SRC}'") set(TBB_INCLUDE_DIR "${TBB_SRC}/include/") set(TBB_LIB "${TBB_SRC}/build/lib_release/libtbb.a") -ExternalProject_Add(tbb - URL "https://github.com/intel/tbb/archive/2018_U5.tar.gz" - URL_MD5 "ff3ae09f8c23892fbc3008c39f78288f" - CONFIGURE_COMMAND "" - BUILD_COMMAND ${CMD_MAKE} tbb_build_dir=${TBB_SRC}/build tbb_build_prefix=lib extra_inc=big_iron.inc - BUILD_IN_SOURCE 1 - BUILD_BYPRODUCTS ${TBB_LIB} - INSTALL_COMMAND "") - +ExternalProject_Add( + tbb + URL "https://github.com/intel/tbb/archive/2018_U5.tar.gz" + URL_MD5 "ff3ae09f8c23892fbc3008c39f78288f" + CONFIGURE_COMMAND "" + BUILD_COMMAND ${CMD_MAKE} tbb_build_dir=${TBB_SRC}/build tbb_build_prefix=lib extra_inc=big_iron.inc + BUILD_IN_SOURCE 1 + BUILD_BYPRODUCTS ${TBB_LIB} + INSTALL_COMMAND "") # civetweb set(CIVETWEB_SRC "${PROJECT_BINARY_DIR}/civetweb-prefix/src/civetweb/") @@ -235,31 +240,34 @@ set(CIVETWEB_LIB "${CIVETWEB_SRC}/install/lib/libcivetweb.a") set(CIVETWEB_INCLUDE_DIR "${CIVETWEB_SRC}/install/include") message(STATUS "Using bundled civetweb in '${CIVETWEB_SRC}'") -ExternalProject_Add(civetweb - URL "https://github.com/civetweb/civetweb/archive/v1.11.tar.gz" - URL_MD5 "b6d2175650a27924bccb747cbe084cd4" - CONFIGURE_COMMAND ${CMAKE_COMMAND} -E make_directory ${CIVETWEB_SRC}/install/lib - COMMAND ${CMAKE_COMMAND} -E make_directory ${CIVETWEB_SRC}/install/include - BUILD_IN_SOURCE 1 - BUILD_COMMAND ${CMD_MAKE} COPT="-DNO_FILES" WITH_CPP=1 - INSTALL_COMMAND ${CMD_MAKE} install-lib install-headers PREFIX=${CIVETWEB_SRC}/install "WITH_CPP=1 OPENSSL_API_1_1") +ExternalProject_Add( + civetweb + URL "https://github.com/civetweb/civetweb/archive/v1.11.tar.gz" + URL_MD5 "b6d2175650a27924bccb747cbe084cd4" + CONFIGURE_COMMAND ${CMAKE_COMMAND} -E make_directory ${CIVETWEB_SRC}/install/lib + COMMAND ${CMAKE_COMMAND} -E make_directory ${CIVETWEB_SRC}/install/include + BUILD_IN_SOURCE 1 + BUILD_COMMAND ${CMD_MAKE} COPT="-DNO_FILES" WITH_CPP=1 + INSTALL_COMMAND ${CMD_MAKE} install-lib install-headers PREFIX=${CIVETWEB_SRC}/install "WITH_CPP=1 OPENSSL_API_1_1") # c-ares # TODO(fntlnz, leodido): c-ares is only needed for grpc? In case remove here! find_path(CARES_INCLUDE NAMES ares.h) find_library(CARES_LIB NAMES libcares.so) if(CARES_INCLUDE AND CARES_LIB) - message(STATUS "Found c-ares: include: ${CARES_INCLUDE}, lib: ${CARES_LIB}") + message(STATUS "Found c-ares: include: ${CARES_INCLUDE}, lib: ${CARES_LIB}") else() - message(FATAL_ERROR "Couldn't find system c-ares") + message(FATAL_ERROR "Couldn't find system c-ares") endif() # gRPC include(gRPC) +# sysdig +include(sysdig) + # Installation -install(FILES falco.yaml - DESTINATION "${FALCO_ETC_DIR}") +install(FILES falco.yaml DESTINATION "${FALCO_ETC_DIR}") include(Coverage) @@ -272,16 +280,6 @@ add_subdirectory(rules) # Dockerfiles add_subdirectory(docker) -# Driver -add_subdirectory("${SYSDIG_DIR}/driver" "${PROJECT_BINARY_DIR}/driver") -include(FindMakedev) - -# libscap -add_subdirectory("${SYSDIG_DIR}/userspace/libscap" "${PROJECT_BINARY_DIR}/userspace/libscap") - -# libsinsp -add_subdirectory("${SYSDIG_DIR}/userspace/libsinsp" "${PROJECT_BINARY_DIR}/userspace/libsinsp") - # shared build variables set(FALCO_SINSP_LIBRARY sinsp) set(FALCO_SHARE_DIR share/falco)