From be16af7fe0d466e4035ac1cf6b8ec619c0ce4431 Mon Sep 17 00:00:00 2001 From: Andrea Terzolo Date: Sat, 18 Nov 2023 15:51:21 +0100 Subject: [PATCH] cleanup: rename `cpus_for_each_syscall_buffer` Signed-off-by: Andrea Terzolo --- falco.yaml | 25 ++++++++++++------- .../test_configure_syscall_buffer_num.cpp | 8 +++--- .../falco/app/actions/test_load_config.cpp | 10 ++++---- .../new_engine_config_changed.yaml | 4 +-- .../new_engine_config_unchanged.yaml | 4 +-- .../actions/configure_syscall_buffer_num.cpp | 6 ++--- .../falco/app/actions/helpers_inspector.cpp | 4 +-- userspace/falco/app/actions/load_config.cpp | 2 +- userspace/falco/configuration.cpp | 2 +- userspace/falco/configuration.h | 2 +- 10 files changed, 37 insertions(+), 30 deletions(-) diff --git a/falco.yaml b/falco.yaml index cde3bbe4..b115b9f9 100644 --- a/falco.yaml +++ b/falco.yaml @@ -173,21 +173,28 @@ rules_file: engine: kind: kmod kmod: - buf_size_preset: 4 # Overridden by deprecated syscall_buf_size_preset if set - drop_failed_exit: false # Overridden by deprecated syscall_drop_failed_exit if set + buf_size_preset: 4 + drop_failed_exit: false ebpf: + # path to the elf file to load. probe: /path/to/probe.o - buf_size_preset: 4 # Overridden by deprecated syscall_buf_size_preset if set - drop_failed_exit: false # Overridden by deprecated syscall_drop_failed_exit if set + buf_size_preset: 4 + drop_failed_exit: false modern-ebpf: - cpus_for_each_syscall_buffer: 2 # Overridden by deprecated cpus_for_each_syscall_buffer if set - buf_size_preset: 4 # Overridden by deprecated syscall_buf_size_preset if set - drop_failed_exit: false # Overridden by deprecated syscall_drop_failed_exit if set + cpus_for_each_buffer: 2 ## todo! rename it without syscall + buf_size_preset: 4 + drop_failed_exit: false replay: + # path to the trace file to replay. trace_file: /path/to/file.scap gvisor: - config: /path/to/gvisor.yaml - root: /gvisor/root + # A Falco-compatible configuration file can be generated with + # '--gvisor-generate-config' and utilized for both runsc and Falco. + config: /path/to/gvisor_config.yaml + # Set gVisor root directory for storage of container state when used + # in conjunction with 'gvisor.config'. The 'gvisor.root' to be passed + # is the one usually passed to 'runsc --root' flag. + root: "" ################# # Falco plugins # diff --git a/unit_tests/falco/app/actions/test_configure_syscall_buffer_num.cpp b/unit_tests/falco/app/actions/test_configure_syscall_buffer_num.cpp index ddbea31d..0b1c65fb 100644 --- a/unit_tests/falco/app/actions/test_configure_syscall_buffer_num.cpp +++ b/unit_tests/falco/app/actions/test_configure_syscall_buffer_num.cpp @@ -39,9 +39,9 @@ TEST(ActionConfigureSyscallBufferNum, variable_number_of_CPUs) { falco::app::state s; s.config->m_engine_mode = engine_kind_t::MODERN_EBPF; - s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer = online_cpus + 1; + s.config->m_modern_ebpf.m_cpus_for_each_buffer = online_cpus + 1; EXPECT_ACTION_OK(action(s)); - EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, online_cpus); + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_buffer, online_cpus); } // modern ebpf engine, with a valid number of CPUs @@ -49,8 +49,8 @@ TEST(ActionConfigureSyscallBufferNum, variable_number_of_CPUs) { falco::app::state s; s.config->m_engine_mode = engine_kind_t::MODERN_EBPF; - s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer = online_cpus - 1; + s.config->m_modern_ebpf.m_cpus_for_each_buffer = online_cpus - 1; EXPECT_ACTION_OK(action(s)); - EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, online_cpus - 1); + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_buffer, online_cpus - 1); } } diff --git a/unit_tests/falco/app/actions/test_load_config.cpp b/unit_tests/falco/app/actions/test_load_config.cpp index fabcb5f4..f1a1c22a 100644 --- a/unit_tests/falco/app/actions/test_load_config.cpp +++ b/unit_tests/falco/app/actions/test_load_config.cpp @@ -39,7 +39,7 @@ TEST(ActionLoadConfig, check_engine_config_is_correctly_parsed) EXPECT_EQ(s.config->m_ebpf.m_buf_size_preset, 0); EXPECT_FALSE(s.config->m_ebpf.m_drop_failed_exit); - EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 0); + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_buffer, 0); EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 0); EXPECT_FALSE(s.config->m_modern_ebpf.m_drop_failed_exit); @@ -75,7 +75,7 @@ TEST(ActionLoadConfig, check_command_line_options_are_not_used) EXPECT_EQ(s.config->m_ebpf.m_buf_size_preset, 0); EXPECT_FALSE(s.config->m_ebpf.m_drop_failed_exit); - EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 0); + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_buffer, 0); EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 0); EXPECT_FALSE(s.config->m_modern_ebpf.m_drop_failed_exit); @@ -110,7 +110,7 @@ TEST(ActionLoadConfig, check_kmod_with_syscall_configs) EXPECT_EQ(s.config->m_ebpf.m_buf_size_preset, 0); EXPECT_FALSE(s.config->m_ebpf.m_drop_failed_exit); - EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 0); + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_buffer, 0); EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 0); EXPECT_FALSE(s.config->m_modern_ebpf.m_drop_failed_exit); @@ -139,7 +139,7 @@ TEST(ActionLoadConfig, check_override_command_line_modern) // Check that the modern ebpf engine uses the default syscall configs // and not the ones in the `engine` block - EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 3); + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_buffer, 3); EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 6); EXPECT_TRUE(s.config->m_modern_ebpf.m_drop_failed_exit); @@ -186,7 +186,7 @@ TEST(ActionLoadConfig, check_override_command_line_gvisor) EXPECT_EQ(s.config->m_ebpf.m_buf_size_preset, 0); EXPECT_FALSE(s.config->m_ebpf.m_drop_failed_exit); - EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, 0); + EXPECT_EQ(s.config->m_modern_ebpf.m_cpus_for_each_buffer, 0); EXPECT_EQ(s.config->m_modern_ebpf.m_buf_size_preset, 0); EXPECT_FALSE(s.config->m_modern_ebpf.m_drop_failed_exit); diff --git a/unit_tests/falco/test_configs/new_engine_config_changed.yaml b/unit_tests/falco/test_configs/new_engine_config_changed.yaml index bed9898f..e0db0d74 100644 --- a/unit_tests/falco/test_configs/new_engine_config_changed.yaml +++ b/unit_tests/falco/test_configs/new_engine_config_changed.yaml @@ -30,7 +30,7 @@ engine: buf_size_preset: 4 drop_failed_exit: false modern-ebpf: - cpus_for_each_syscall_buffer: 2 + cpus_for_each_buffer: 2 buf_size_preset: 4 drop_failed_exit: false replay: @@ -49,4 +49,4 @@ syscall_buf_size_preset: 6 syscall_drop_failed_exit: true modern_bpf: - cpus_for_each_syscall_buffer: 7 + cpus_for_each_buffer: 7 diff --git a/unit_tests/falco/test_configs/new_engine_config_unchanged.yaml b/unit_tests/falco/test_configs/new_engine_config_unchanged.yaml index 70998a06..bb21b2e5 100644 --- a/unit_tests/falco/test_configs/new_engine_config_unchanged.yaml +++ b/unit_tests/falco/test_configs/new_engine_config_unchanged.yaml @@ -31,7 +31,7 @@ engine: buf_size_preset: 4 drop_failed_exit: false modern-ebpf: - cpus_for_each_syscall_buffer: 2 + cpus_for_each_buffer: 2 buf_size_preset: 4 drop_failed_exit: false replay: @@ -50,4 +50,4 @@ syscall_buf_size_preset: 6 syscall_drop_failed_exit: true modern_bpf: - cpus_for_each_syscall_buffer: 3 + cpus_for_each_buffer: 3 diff --git a/userspace/falco/app/actions/configure_syscall_buffer_num.cpp b/userspace/falco/app/actions/configure_syscall_buffer_num.cpp index aed2534c..b4498422 100644 --- a/userspace/falco/app/actions/configure_syscall_buffer_num.cpp +++ b/userspace/falco/app/actions/configure_syscall_buffer_num.cpp @@ -34,10 +34,10 @@ falco::app::run_result falco::app::actions::configure_syscall_buffer_num(falco:: return run_result::fatal("cannot get the number of online CPUs from the system\n"); } - if(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer > online_cpus) + if(s.config->m_modern_ebpf.m_cpus_for_each_buffer > online_cpus) { - falco_logger::log(falco_logger::level::WARNING, "you required a buffer every '" + std::to_string(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer) + "' CPUs but there are only '" + std::to_string(online_cpus) + "' online CPUs. Falco changed the config to: one buffer every '" + std::to_string(online_cpus) + "' CPUs\n"); - s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer = online_cpus; + falco_logger::log(falco_logger::level::WARNING, "you required a buffer every '" + std::to_string(s.config->m_modern_ebpf.m_cpus_for_each_buffer) + "' CPUs but there are only '" + std::to_string(online_cpus) + "' online CPUs. Falco changed the config to: one buffer every '" + std::to_string(online_cpus) + "' CPUs\n"); + s.config->m_modern_ebpf.m_cpus_for_each_buffer = online_cpus; } #endif return run_result::ok(); diff --git a/userspace/falco/app/actions/helpers_inspector.cpp b/userspace/falco/app/actions/helpers_inspector.cpp index 92e5f34b..80c4113d 100644 --- a/userspace/falco/app/actions/helpers_inspector.cpp +++ b/userspace/falco/app/actions/helpers_inspector.cpp @@ -96,8 +96,8 @@ falco::app::run_result falco::app::actions::open_live_inspector( else if(s.is_modern_ebpf()) /* modern BPF engine. */ { falco_logger::log(falco_logger::level::INFO, "Opening '" + source + "' source with modern BPF probe."); - falco_logger::log(falco_logger::level::INFO, "One ring buffer every '" + std::to_string(s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer) + "' CPUs."); - inspector->open_modern_bpf(s.syscall_buffer_bytes_size, s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer, true, s.selected_sc_set); + falco_logger::log(falco_logger::level::INFO, "One ring buffer every '" + std::to_string(s.config->m_modern_ebpf.m_cpus_for_each_buffer) + "' CPUs."); + inspector->open_modern_bpf(s.syscall_buffer_bytes_size, s.config->m_modern_ebpf.m_cpus_for_each_buffer, true, s.selected_sc_set); } else if(s.is_ebpf()) /* BPF engine. */ { diff --git a/userspace/falco/app/actions/load_config.cpp b/userspace/falco/app/actions/load_config.cpp index 6022eb70..1fe2da64 100644 --- a/userspace/falco/app/actions/load_config.cpp +++ b/userspace/falco/app/actions/load_config.cpp @@ -56,7 +56,7 @@ static falco::app::run_result apply_deprecated_options(falco::app::state& s) s.config->m_engine_mode = engine_kind_t::MODERN_EBPF; s.config->m_modern_ebpf.m_drop_failed_exit = s.config->m_syscall_drop_failed_exit; s.config->m_modern_ebpf.m_buf_size_preset = s.config->m_syscall_buf_size_preset; - s.config->m_modern_ebpf.m_cpus_for_each_syscall_buffer = s.config->m_cpus_for_each_syscall_buffer; + s.config->m_modern_ebpf.m_cpus_for_each_buffer = s.config->m_cpus_for_each_syscall_buffer; } if (!s.options.gvisor_config.empty()) { diff --git a/userspace/falco/configuration.cpp b/userspace/falco/configuration.cpp index d4b8ac42..813d0817 100644 --- a/userspace/falco/configuration.cpp +++ b/userspace/falco/configuration.cpp @@ -159,7 +159,7 @@ void falco_configuration::load_engine_config(const std::string& config_name, con m_ebpf.m_drop_failed_exit = config.get_scalar("engine.ebpf.drop_failed_exit", default_drop_failed_exit); break; case engine_kind_t::MODERN_EBPF: - m_modern_ebpf.m_cpus_for_each_syscall_buffer = config.get_scalar("engine.modern-ebpf.cpus_for_each_syscall_buffer", default_cpus_for_each_syscall_buffer); + m_modern_ebpf.m_cpus_for_each_buffer = config.get_scalar("engine.modern-ebpf.cpus_for_each_buffer", default_cpus_for_each_syscall_buffer); m_modern_ebpf.m_buf_size_preset = config.get_scalar("engine.modern-ebpf.buf_size_preset", default_buf_size_preset); m_modern_ebpf.m_drop_failed_exit = config.get_scalar("engine.modern-ebpf.drop_failed_exit", default_drop_failed_exit); break; diff --git a/userspace/falco/configuration.h b/userspace/falco/configuration.h index 24f808bb..c72a07bf 100644 --- a/userspace/falco/configuration.h +++ b/userspace/falco/configuration.h @@ -74,7 +74,7 @@ public: typedef struct { public: - uint16_t m_cpus_for_each_syscall_buffer; + uint16_t m_cpus_for_each_buffer; int16_t m_buf_size_preset; bool m_drop_failed_exit; } modern_ebpf_config;