From bfc0021cdd96c9f0c13e2a2fb2c5fde3016af8ec Mon Sep 17 00:00:00 2001 From: Leonardo Grasso Date: Thu, 22 Apr 2021 16:54:21 +0200 Subject: [PATCH] build: update build system to support libs cmake modules Signed-off-by: Leonardo Grasso --- CMakeLists.txt | 43 ++---- cmake/modules/OpenSSL.cmake | 45 ------ cmake/modules/b64.cmake | 27 ---- cmake/modules/cURL.cmake | 76 --------- .../patch/luajit.patch | 18 +-- cmake/modules/falcosecurity-libs.cmake | 52 +++---- cmake/modules/gRPC.cmake | 145 ------------------ cmake/modules/jq.cmake | 54 ------- cmake/modules/luajit.cmake | 31 ++-- userspace/engine/CMakeLists.txt | 10 +- userspace/falco/CMakeLists.txt | 1 - userspace/falco/falco.cpp | 1 - 12 files changed, 62 insertions(+), 441 deletions(-) delete mode 100644 cmake/modules/OpenSSL.cmake delete mode 100644 cmake/modules/b64.cmake delete mode 100644 cmake/modules/cURL.cmake delete mode 100644 cmake/modules/gRPC.cmake delete mode 100644 cmake/modules/jq.cmake diff --git a/CMakeLists.txt b/CMakeLists.txt index 37647bd7..a0e43e95 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -110,6 +110,12 @@ set(CMD_MAKE make) include(ExternalProject) +# LuaJIT +include(luajit) + +# libs +include(falcosecurity-libs) + # jq include(jq) @@ -125,12 +131,6 @@ ExternalProject_Add( BUILD_COMMAND "" INSTALL_COMMAND "") -# curses -# We pull this in because libsinsp won't build without it -set(CURSES_NEED_NCURSES TRUE) -find_package(Curses REQUIRED) -message(STATUS "Found ncurses: include: ${CURSES_INCLUDE_DIR}, lib: ${CURSES_LIBRARIES}") - # b64 include(b64) @@ -139,15 +139,12 @@ include(yaml-cpp) if(NOT MINIMAL_BUILD) # OpenSSL - include(OpenSSL) + include(openssl) # libcurl - include(cURL) + include(curl) endif() -# LuaJIT -include(luajit) - # Lpeg include(lpeg) @@ -158,21 +155,7 @@ include(libyaml) include(lyaml) # One TBB -set(TBB_SRC "${PROJECT_BINARY_DIR}/tbb-prefix/src/tbb") - -message(STATUS "Using bundled tbb in '${TBB_SRC}'") - -set(TBB_INCLUDE_DIR "${TBB_SRC}/include/") -set(TBB_LIB "${TBB_SRC}/build/lib_release/libtbb.a") -ExternalProject_Add( - tbb - URL "https://github.com/oneapi-src/oneTBB/archive/2018_U5.tar.gz" - URL_HASH "SHA256=b8dbab5aea2b70cf07844f86fa413e549e099aa3205b6a04059ca92ead93a372" - CONFIGURE_COMMAND "" - BUILD_COMMAND ${CMD_MAKE} tbb_build_dir=${TBB_SRC}/build tbb_build_prefix=lib extra_inc=big_iron.inc - BUILD_IN_SOURCE 1 - BUILD_BYPRODUCTS ${TBB_LIB} - INSTALL_COMMAND "") +include(tbb) if(NOT MINIMAL_BUILD) # civetweb @@ -196,13 +179,13 @@ endif() include(DownloadStringViewLite) if(NOT MINIMAL_BUILD) + include(zlib) + include(cares) + include(protobuf) # gRPC - include(gRPC) + include(grpc) endif() -# libs -include(falcosecurity-libs) - # Installation install(FILES falco.yaml DESTINATION "${FALCO_ETC_DIR}") diff --git a/cmake/modules/OpenSSL.cmake b/cmake/modules/OpenSSL.cmake deleted file mode 100644 index f7cbea0f..00000000 --- a/cmake/modules/OpenSSL.cmake +++ /dev/null @@ -1,45 +0,0 @@ -# -# Copyright (C) 2020 The Falco Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the -# specific language governing permissions and limitations under the License. -# -mark_as_advanced(OPENSSL_BINARY) -if(NOT USE_BUNDLED_DEPS) - find_package(OpenSSL REQUIRED) - message(STATUS "Found openssl: include: ${OPENSSL_INCLUDE_DIR}, lib: ${OPENSSL_LIBRARIES}") - find_program(OPENSSL_BINARY openssl) - if(NOT OPENSSL_BINARY) - message(FATAL_ERROR "Couldn't find the openssl command line in PATH") - else() - message(STATUS "Found openssl: binary: ${OPENSSL_BINARY}") - endif() -else() - mark_as_advanced(OPENSSL_BUNDLE_DIR OPENSSL_INSTALL_DIR OPENSSL_INCLUDE_DIR - OPENSSL_LIBRARY_SSL OPENSSL_LIBRARY_CRYPTO) - set(OPENSSL_BUNDLE_DIR "${PROJECT_BINARY_DIR}/openssl-prefix/src/openssl") - set(OPENSSL_INSTALL_DIR "${OPENSSL_BUNDLE_DIR}/target") - set(OPENSSL_INCLUDE_DIR "${PROJECT_BINARY_DIR}/openssl-prefix/src/openssl/include") - set(OPENSSL_LIBRARY_SSL "${OPENSSL_INSTALL_DIR}/lib/libssl.a") - set(OPENSSL_LIBRARY_CRYPTO "${OPENSSL_INSTALL_DIR}/lib/libcrypto.a") - set(OPENSSL_BINARY "${OPENSSL_INSTALL_DIR}/bin/openssl") - - message(STATUS "Using bundled openssl in '${OPENSSL_BUNDLE_DIR}'") - - ExternalProject_Add( - openssl - # START CHANGE for CVE-2017-3735, CVE-2017-3731, CVE-2017-3737, CVE-2017-3738, CVE-2017-3736 - URL "https://github.com/openssl/openssl/archive/OpenSSL_1_0_2n.tar.gz" - URL_HASH "SHA256=4f4bc907caff1fee6ff8593729e5729891adcee412049153a3bb4db7625e8364" - # END CHANGE for CVE-2017-3735, CVE-2017-3731, CVE-2017-3737, CVE-2017-3738, CVE-2017-3736 - CONFIGURE_COMMAND ./config no-shared --prefix=${OPENSSL_INSTALL_DIR} - BUILD_COMMAND ${CMD_MAKE} - BUILD_IN_SOURCE 1 - INSTALL_COMMAND ${CMD_MAKE} install) -endif() diff --git a/cmake/modules/b64.cmake b/cmake/modules/b64.cmake deleted file mode 100644 index 48cfb645..00000000 --- a/cmake/modules/b64.cmake +++ /dev/null @@ -1,27 +0,0 @@ -# -# Copyright (C) 2020 The Falco Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the -# specific language governing permissions and limitations under the License. -# - -set(B64_SRC "${PROJECT_BINARY_DIR}/b64-prefix/src/b64") -message(STATUS "Using bundled b64 in '${B64_SRC}'") -set(B64_INCLUDE "${B64_SRC}/include") -set(B64_LIB "${B64_SRC}/src/libb64.a") -externalproject_add( - b64 - URL "https://github.com/libb64/libb64/archive/ce864b17ea0e24a91e77c7dd3eb2d1ac4175b3f0.tar.gz" - URL_HASH "SHA256=d07173e66f435e5c77dbf81bd9313f8d0e4a3b4edd4105a62f4f8132ba932811" - CONFIGURE_COMMAND "" - BUILD_COMMAND ${CMD_MAKE} - BUILD_IN_SOURCE 1 - BUILD_BYPRODUCTS ${B64_LIB} - INSTALL_COMMAND "" -) diff --git a/cmake/modules/cURL.cmake b/cmake/modules/cURL.cmake deleted file mode 100644 index 72ad48f6..00000000 --- a/cmake/modules/cURL.cmake +++ /dev/null @@ -1,76 +0,0 @@ -# -# Copyright (C) 2020 The Falco Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the -# specific language governing permissions and limitations under the License. -# - -if(NOT USE_BUNDLED_DEPS) - find_package(CURL REQUIRED) - message(STATUS "Found CURL: include: ${CURL_INCLUDE_DIR}, lib: ${CURL_LIBRARIES}") -else() - set(CURL_BUNDLE_DIR "${PROJECT_BINARY_DIR}/curl-prefix/src/curl") - set(CURL_INCLUDE_DIR "${CURL_BUNDLE_DIR}/include/") - set(CURL_LIBRARIES "${CURL_BUNDLE_DIR}/lib/.libs/libcurl.a") - - set(CURL_SSL_OPTION "--with-ssl=${OPENSSL_INSTALL_DIR}") - message(STATUS "Using bundled curl in '${CURL_BUNDLE_DIR}'") - message(STATUS "Using SSL for curl in '${CURL_SSL_OPTION}'") - - externalproject_add( - curl - DEPENDS openssl - # START CHANGE for CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-1000007 - URL "https://github.com/curl/curl/releases/download/curl-7_61_0/curl-7.61.0.tar.bz2" - URL_HASH "SHA256=5f6f336921cf5b84de56afbd08dfb70adeef2303751ffb3e570c936c6d656c9c" - # END CHANGE for CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-1000007 - CONFIGURE_COMMAND - ./configure - ${CURL_SSL_OPTION} - --disable-shared - --enable-optimize - --disable-curldebug - --disable-rt - --enable-http - --disable-ftp - --disable-file - --disable-ldap - --disable-ldaps - --disable-rtsp - --disable-telnet - --disable-tftp - --disable-pop3 - --disable-imap - --disable-smb - --disable-smtp - --disable-gopher - --disable-sspi - --disable-ntlm-wb - --disable-tls-srp - --without-winssl - --without-darwinssl - --without-polarssl - --without-cyassl - --without-nss - --without-axtls - --without-ca-path - --without-ca-bundle - --without-libmetalink - --without-librtmp - --without-winidn - --without-libidn2 - --without-libpsl - --without-nghttp2 - --without-libssh2 - --disable-threaded-resolver - --without-brotli - BUILD_COMMAND ${CMD_MAKE} - BUILD_IN_SOURCE 1 - INSTALL_COMMAND "") -endif() diff --git a/cmake/modules/falcosecurity-libs-repo/patch/luajit.patch b/cmake/modules/falcosecurity-libs-repo/patch/luajit.patch index b96ae0cf..dc406de0 100644 --- a/cmake/modules/falcosecurity-libs-repo/patch/luajit.patch +++ b/cmake/modules/falcosecurity-libs-repo/patch/luajit.patch @@ -1,7 +1,7 @@ -diff --git a/userspace/libsinsp/chisel.cpp b/userspace/libsinsp/chisel.cpp +diff --git a/userspace/chisel/chisel.cpp b/userspace/chisel/chisel.cpp index 0a6e3cf8..0c2e255a 100644 ---- a/userspace/libsinsp/chisel.cpp -+++ b/userspace/libsinsp/chisel.cpp +--- a/userspace/chisel/chisel.cpp ++++ b/userspace/chisel/chisel.cpp @@ -98,7 +98,7 @@ void lua_stackdump(lua_State *L) // Lua callbacks /////////////////////////////////////////////////////////////////////////////// @@ -29,10 +29,10 @@ index 0a6e3cf8..0c2e255a 100644 { {"field", &lua_cbacks::field}, {"get_num", &lua_cbacks::get_num}, -diff --git a/userspace/libsinsp/lua_parser.cpp b/userspace/libsinsp/lua_parser.cpp +diff --git a/userspace/chisel/lua_parser.cpp b/userspace/chisel/lua_parser.cpp index 0e26617d..78810d96 100644 ---- a/userspace/libsinsp/lua_parser.cpp -+++ b/userspace/libsinsp/lua_parser.cpp +--- a/userspace/chisel/lua_parser.cpp ++++ b/userspace/chisel/lua_parser.cpp @@ -32,7 +32,7 @@ extern "C" { #include "lauxlib.h" } @@ -42,10 +42,10 @@ index 0e26617d..78810d96 100644 { {"rel_expr", &lua_parser_cbacks::rel_expr}, {"bool_op", &lua_parser_cbacks::bool_op}, -diff --git a/userspace/libsinsp/lua_parser_api.cpp b/userspace/libsinsp/lua_parser_api.cpp +diff --git a/userspace/chisel/lua_parser_api.cpp b/userspace/chisel/lua_parser_api.cpp index c89e9126..c3d8008a 100644 ---- a/userspace/libsinsp/lua_parser_api.cpp -+++ b/userspace/libsinsp/lua_parser_api.cpp +--- a/userspace/chisel/lua_parser_api.cpp ++++ b/userspace/chisel/lua_parser_api.cpp @@ -266,7 +266,7 @@ int lua_parser_cbacks::rel_expr(lua_State *ls) string err = "Got non-table as in-expression operand\n"; throw sinsp_exception("parser API error"); diff --git a/cmake/modules/falcosecurity-libs.cmake b/cmake/modules/falcosecurity-libs.cmake index 2b109c01..0ace2e2a 100644 --- a/cmake/modules/falcosecurity-libs.cmake +++ b/cmake/modules/falcosecurity-libs.cmake @@ -14,25 +14,15 @@ set(FALCOSECURITY_LIBS_CMAKE_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules/falcosecurity-libs-repo") set(FALCOSECURITY_LIBS_CMAKE_WORKING_DIR "${CMAKE_BINARY_DIR}/falcosecurity-libs-repo") -# this needs to be here at the top -if(USE_BUNDLED_DEPS) - # explicitly force this dependency to use the bundled OpenSSL - if(NOT MINIMAL_BUILD) - set(USE_BUNDLED_OPENSSL ON) - endif() - set(USE_BUNDLED_JQ ON) -endif() - file(MAKE_DIRECTORY ${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}) # The falcosecurity/libs git reference (branch name, commit hash, or tag) To update falcosecurity/libs version for the next release, change the # default below In case you want to test against another falcosecurity/libs version just pass the variable - ie., `cmake # -DFALCOSECURITY_LIBS_VERSION=dev ..` if(NOT FALCOSECURITY_LIBS_VERSION) - set(FALCOSECURITY_LIBS_VERSION "bf2bc1e2aa21e1ec65c77caf449de77d0487fb79") - set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=3d1a56a322b6f5300ae4ce2cf82b03f30535cbe49f7b1943762596fa13be7050") + set(FALCOSECURITY_LIBS_VERSION "build/upgrade-deps") + set(FALCOSECURITY_LIBS_CHECKSUM "SHA256=087837c7d8c4a2756b2f2110e53eb8218c603d8dc8e98155a9d072ed1112502b") endif() -set(PROBE_VERSION "${FALCOSECURITY_LIBS_VERSION}") # cd /path/to/build && cmake /path/to/source execute_process(COMMAND "${CMAKE_COMMAND}" -DFALCOSECURITY_LIBS_VERSION=${FALCOSECURITY_LIBS_VERSION} -DFALCOSECURITY_LIBS_CHECKSUM=${FALCOSECURITY_LIBS_CHECKSUM} @@ -46,33 +36,29 @@ execute_process(COMMAND "${CMAKE_COMMAND}" -DFALCOSECURITY_LIBS_VERSION=${FALCOS execute_process(COMMAND "${CMAKE_COMMAND}" --build . WORKING_DIRECTORY "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}") set(FALCOSECURITY_LIBS_SOURCE_DIR "${FALCOSECURITY_LIBS_CMAKE_WORKING_DIR}/falcosecurity-libs-prefix/src/falcosecurity-libs") -# jsoncpp -set(JSONCPP_SRC "${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libsinsp/third-party/jsoncpp") -set(JSONCPP_INCLUDE "${JSONCPP_SRC}") -set(JSONCPP_LIB_SRC "${JSONCPP_SRC}/jsoncpp.cpp") - -# Add driver directory -add_subdirectory("${FALCOSECURITY_LIBS_SOURCE_DIR}/driver" "${PROJECT_BINARY_DIR}/driver") - -# Add libscap directory add_definitions(-D_GNU_SOURCE) add_definitions(-DHAS_CAPTURE) -add_definitions(-DNOCURSESUI) if(MUSL_OPTIMIZED_BUILD) add_definitions(-DMUSL_OPTIMIZED) endif() -add_subdirectory("${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libscap" "${PROJECT_BINARY_DIR}/userspace/libscap") -# Add libsinsp directory -add_subdirectory("${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libsinsp" "${PROJECT_BINARY_DIR}/userspace/libsinsp") -add_dependencies(sinsp tbb b64 luajit) +set(PROBE_VERSION "${FALCOSECURITY_LIBS_VERSION}") + +if(NOT LIBSCAP_DIR) + set(LIBSCAP_DIR "${FALCOSECURITY_LIBS_SOURCE_DIR}") +endif() +set(LIBSINSP_DIR "${FALCOSECURITY_LIBS_SOURCE_DIR}") # explicitly disable the tests of this dependency -set(CREATE_TEST_TARGETS OFF) +set(CREATE_TEST_TARGETS OFF CACHE BOOL "") -if(USE_BUNDLED_DEPS) - add_dependencies(scap jq) - if(NOT MINIMAL_BUILD) - add_dependencies(scap curl grpc) - endif() -endif() +# todo(leogr): although Falco does not actually depend on chisels, we need this for the lua_parser. +# Hopefully, we can switch off this in the future +set(WITH_CHISEL ON CACHE BOOL "") + +set(USE_BUNDLED_TBB ON CACHE BOOL "") + +list(APPEND CMAKE_MODULE_PATH "${FALCOSECURITY_LIBS_SOURCE_DIR}/cmake/modules") + +include(libscap) +include(libsinsp) diff --git a/cmake/modules/gRPC.cmake b/cmake/modules/gRPC.cmake deleted file mode 100644 index aae9e274..00000000 --- a/cmake/modules/gRPC.cmake +++ /dev/null @@ -1,145 +0,0 @@ -# -# Copyright (C) 2020 The Falco Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the -# specific language governing permissions and limitations under the License. -# - -if(NOT USE_BUNDLED_DEPS) - # zlib - include(FindZLIB) - set(ZLIB_INCLUDE "${ZLIB_INCLUDE_DIRS}") - set(ZLIB_LIB "${ZLIB_LIBRARIES}") - - if(ZLIB_INCLUDE AND ZLIB_LIB) - message(STATUS "Found zlib: include: ${ZLIB_INCLUDE}, lib: ${ZLIB_LIB}") - endif() - - # c-ares - mark_as_advanced(CARES_INCLUDE CARES_LIB) - find_path(CARES_INCLUDE NAMES ares.h) - find_library(CARES_LIB NAMES libcares.so) - if(CARES_INCLUDE AND CARES_LIB) - message(STATUS "Found c-ares: include: ${CARES_INCLUDE}, lib: ${CARES_LIB}") - else() - message(FATAL_ERROR "Couldn't find system c-ares") - endif() - - # protobuf - mark_as_advanced(PROTOC PROTOBUF_INCLUDE PROTOBUF_LIB) - find_program(PROTOC NAMES protoc) - find_path(PROTOBUF_INCLUDE NAMES google/protobuf/message.h) - find_library(PROTOBUF_LIB NAMES libprotobuf.so) - if(PROTOC - AND PROTOBUF_INCLUDE - AND PROTOBUF_LIB) - message(STATUS "Found protobuf: compiler: ${PROTOC}, include: ${PROTOBUF_INCLUDE}, lib: ${PROTOBUF_LIB}") - else() - message(FATAL_ERROR "Couldn't find system protobuf") - endif() - - # gpr - mark_as_advanced(GPR_LIB) - find_library(GPR_LIB NAMES gpr) - - if(GPR_LIB) - message(STATUS "Found gpr lib: ${GPR_LIB}") - else() - message(FATAL_ERROR "Couldn't find system gpr") - endif() - - # gRPC todo(fntlnz, leodido): check that gRPC version is greater or equal than 1.8.0 - mark_as_advanced(GRPC_INCLUDE GRPC_SRC - GRPC_LIB GRPC_LIBS_ABSOLUTE GRPCPP_LIB GRPC_CPP_PLUGIN) - find_path(GRPCXX_INCLUDE NAMES grpc++/grpc++.h) - if(GRPCXX_INCLUDE) - set(GRPC_INCLUDE ${GRPCXX_INCLUDE}) - unset(GRPCXX_INCLUDE CACHE) - else() - find_path(GRPCPP_INCLUDE NAMES grpcpp/grpcpp.h) - set(GRPC_INCLUDE ${GRPCPP_INCLUDE}) - unset(GRPCPP_INCLUDE CACHE) - add_definitions(-DGRPC_INCLUDE_IS_GRPCPP=1) - endif() - find_library(GRPC_LIB NAMES grpc) - find_library(GRPCPP_LIB NAMES grpc++) - if(GRPC_INCLUDE - AND GRPC_LIB - AND GRPCPP_LIB) - message(STATUS "Found grpc: include: ${GRPC_INCLUDE}, C lib: ${GRPC_LIB}, C++ lib: ${GRPCPP_LIB}") - else() - message(FATAL_ERROR "Couldn't find system grpc") - endif() - find_program(GRPC_CPP_PLUGIN grpc_cpp_plugin) - if(NOT GRPC_CPP_PLUGIN) - message(FATAL_ERROR "System grpc_cpp_plugin not found") - endif() - -else() - find_package(PkgConfig) - if(NOT PKG_CONFIG_FOUND) - message(FATAL_ERROR "pkg-config binary not found") - endif() - message(STATUS "Found pkg-config executable: ${PKG_CONFIG_EXECUTABLE}") - set(GRPC_SRC "${PROJECT_BINARY_DIR}/grpc-prefix/src/grpc") - set(GRPC_INCLUDE "${GRPC_SRC}/include") - set(GRPC_LIBS_ABSOLUTE "${GRPC_SRC}/libs/opt") - set(GRPC_LIB "${GRPC_LIBS_ABSOLUTE}/libgrpc.a") - set(GRPCPP_LIB "${GRPC_LIBS_ABSOLUTE}/libgrpc++.a") - set(GRPC_CPP_PLUGIN "${GRPC_SRC}/bins/opt/grpc_cpp_plugin") - - # we tell gRPC to compile protobuf for us because when a gRPC package is not available, like on CentOS, it's very - # likely that protobuf will be very outdated - set(PROTOBUF_INCLUDE "${GRPC_SRC}/third_party/protobuf/src") - set(PROTOC "${PROTOBUF_INCLUDE}/protoc") - set(PROTOBUF_LIB "${GRPC_LIBS_ABSOLUTE}/protobuf/libprotobuf.a") - # we tell gRPC to compile zlib for us because when a gRPC package is not available, like on CentOS, it's very likely - # that zlib will be very outdated - set(ZLIB_INCLUDE "${GRPC_SRC}/third_party/zlib") - set(ZLIB_LIB "${GRPC_LIBS_ABSOLUTE}/libz.a") - # we tell gRPC to compile c-ares for us because when a gRPC package is not available, like on CentOS, it's very likely - # that c-ares will be very outdated - set(CARES_INCLUDE "${GRPC_SRC}/third_party/cares" "${GRPC_SRC}/third_party/cares/cares") - set(CARES_LIB "${GRPC_LIBS_ABSOLUTE}/libares.a") - - message(STATUS "Using bundled gRPC in '${GRPC_SRC}'") - message( - STATUS - "Bundled gRPC comes with protobuf: compiler: ${PROTOC}, include: ${PROTOBUF_INCLUDE}, lib: ${PROTOBUF_LIB}") - message(STATUS "Bundled gRPC comes with zlib: include: ${ZLIB_INCLUDE}, lib: ${ZLIB_LIB}}") - message(STATUS "Bundled gRPC comes with cares: include: ${CARES_INCLUDE}, lib: ${CARES_LIB}}") - message(STATUS "Bundled gRPC comes with gRPC C++ plugin: include: ${GRPC_CPP_PLUGIN}") - - get_filename_component(PROTOC_DIR ${PROTOC} PATH) - - ExternalProject_Add( - grpc - DEPENDS openssl - GIT_REPOSITORY https://github.com/grpc/grpc.git - GIT_TAG v1.32.0 - GIT_SUBMODULES "third_party/protobuf third_party/zlib third_party/cares/cares third_party/abseil-cpp third_party/re2" - BUILD_IN_SOURCE 1 - BUILD_BYPRODUCTS ${GRPC_LIB} ${GRPCPP_LIB} - INSTALL_COMMAND "" - CONFIGURE_COMMAND "" - BUILD_COMMAND - CFLAGS=-Wno-implicit-fallthrough - HAS_SYSTEM_ZLIB=false - HAS_SYSTEM_PROTOBUF=false - HAS_SYSTEM_CARES=false - HAS_EMBEDDED_OPENSSL_ALPN=false - HAS_SYSTEM_OPENSSL_ALPN=true - PKG_CONFIG_PATH=${OPENSSL_BUNDLE_DIR} - PKG_CONFIG=${PKG_CONFIG_EXECUTABLE} - PATH=${PROTOC_DIR}:$ENV{PATH} - make - static_cxx - static_c - grpc_cpp_plugin) -endif() diff --git a/cmake/modules/jq.cmake b/cmake/modules/jq.cmake deleted file mode 100644 index 09736302..00000000 --- a/cmake/modules/jq.cmake +++ /dev/null @@ -1,54 +0,0 @@ -# -# Copyright (C) 2020 The Falco Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the -# specific language governing permissions and limitations under the License. -# -mark_as_advanced(JQ_INCLUDE JQ_LIB) -if (NOT USE_BUNDLED_DEPS) - find_path(JQ_INCLUDE jq.h PATH_SUFFIXES jq) - find_library(JQ_LIB NAMES jq) - if (JQ_INCLUDE AND JQ_LIB) - message(STATUS "Found jq: include: ${JQ_INCLUDE}, lib: ${JQ_LIB}") - else () - message(FATAL_ERROR "Couldn't find system jq") - endif () -else () - set(JQ_SRC "${PROJECT_BINARY_DIR}/jq-prefix/src/jq") - message(STATUS "Using bundled jq in '${JQ_SRC}'") - set(JQ_INCLUDE "${JQ_SRC}/target/include") - set(JQ_INSTALL_DIR "${JQ_SRC}/target") - set(JQ_LIB "${JQ_INSTALL_DIR}/lib/libjq.a") - set(ONIGURUMA_LIB "${JQ_INSTALL_DIR}/lib/libonig.a") - message(STATUS "Bundled jq: include: ${JQ_INCLUDE}, lib: ${JQ_LIB}") - - # Why we mirror jq here? - # - # In their readme, jq claims that you don't have - # to do autoreconf -fi when downloading a released tarball. - # - # However, they forgot to push the released makefiles - # into their release tarbal. - # - # For this reason, we have to mirror their release after - # doing the configuration ourselves. - # - # This is needed because many distros do not ship the right - # version of autoreconf, making virtually impossible to build Falco on them. - # Read more about it here: - # https://github.com/stedolan/jq/issues/2061#issuecomment-593445920 - ExternalProject_Add( - jq - URL "https://download.falco.org/dependencies/jq-1.6.tar.gz" - URL_HASH "SHA256=787518068c35e244334cc79b8e56b60dbab352dff175b7f04a94f662b540bfd9" - CONFIGURE_COMMAND ./configure --disable-maintainer-mode --enable-all-static --disable-dependency-tracking --with-oniguruma=builtin --prefix=${JQ_INSTALL_DIR} - BUILD_COMMAND ${CMD_MAKE} LDFLAGS=-all-static - BUILD_IN_SOURCE 1 - INSTALL_COMMAND ${CMD_MAKE} install) -endif () diff --git a/cmake/modules/luajit.cmake b/cmake/modules/luajit.cmake index 1c9f36fb..4bd78736 100644 --- a/cmake/modules/luajit.cmake +++ b/cmake/modules/luajit.cmake @@ -11,17 +11,20 @@ # specific language governing permissions and limitations under the License. # -set(LUAJIT_SRC "${PROJECT_BINARY_DIR}/luajit-prefix/src/luajit/src") -message(STATUS "Using bundled LuaJIT in '${LUAJIT_SRC}'") -set(LUAJIT_INCLUDE "${LUAJIT_SRC}") -set(LUAJIT_LIB "${LUAJIT_SRC}/libluajit.a") -externalproject_add( - luajit - GIT_REPOSITORY "https://github.com/LuaJIT/LuaJIT" - GIT_TAG "1d8b747c161db457e032a023ebbff511f5de5ec2" - CONFIGURE_COMMAND "" - BUILD_COMMAND ${CMD_MAKE} - BUILD_IN_SOURCE 1 - BUILD_BYPRODUCTS ${LUAJIT_LIB} - INSTALL_COMMAND "" -) +if(NOT LUAJIT_INCLUDE) + set(LUAJIT_SRC "${PROJECT_BINARY_DIR}/luajit-prefix/src/luajit/src") + message(STATUS "Using bundled LuaJIT in '${LUAJIT_SRC}'") + set(LUAJIT_INCLUDE "${LUAJIT_SRC}") + set(LUAJIT_LIB "${LUAJIT_SRC}/libluajit.a") + externalproject_add( + luajit + GIT_REPOSITORY "https://github.com/LuaJIT/LuaJIT" + GIT_TAG "1d8b747c161db457e032a023ebbff511f5de5ec2" + CONFIGURE_COMMAND "" + BUILD_COMMAND ${CMD_MAKE} + BUILD_IN_SOURCE 1 + BUILD_BYPRODUCTS ${LUAJIT_LIB} + INSTALL_COMMAND "" + ) +endif() +include_directories("${LUAJIT_INCLUDE}") diff --git a/userspace/engine/CMakeLists.txt b/userspace/engine/CMakeLists.txt index 3142bcc6..f5dfa56e 100644 --- a/userspace/engine/CMakeLists.txt +++ b/userspace/engine/CMakeLists.txt @@ -35,9 +35,8 @@ if(MINIMAL_BUILD) "${NJSON_INCLUDE}" "${TBB_INCLUDE_DIR}" "${STRING_VIEW_LITE_INCLUDE}" - "${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libsinsp/third-party/jsoncpp" - "${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libscap" - "${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libsinsp" + "${LIBSCAP_INCLUDE_DIRS}" + "${LIBSINSP_INCLUDE_DIRS}" "${PROJECT_BINARY_DIR}/userspace/engine") else() target_include_directories( @@ -48,9 +47,8 @@ else() "${CURL_INCLUDE_DIR}" "${TBB_INCLUDE_DIR}" "${STRING_VIEW_LITE_INCLUDE}" - "${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libsinsp/third-party/jsoncpp" - "${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libscap" - "${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libsinsp" + "${LIBSCAP_INCLUDE_DIRS}" + "${LIBSINSP_INCLUDE_DIRS}" "${PROJECT_BINARY_DIR}/userspace/engine") endif() diff --git a/userspace/falco/CMakeLists.txt b/userspace/falco/CMakeLists.txt index f501cfd5..2c26a4da 100644 --- a/userspace/falco/CMakeLists.txt +++ b/userspace/falco/CMakeLists.txt @@ -25,7 +25,6 @@ set( event_drops.cpp statsfilewriter.cpp falco.cpp - "${FALCOSECURITY_LIBS_SOURCE_DIR}/userspace/libsinsp/fields_info.cpp" ) set( diff --git a/userspace/falco/falco.cpp b/userspace/falco/falco.cpp index 4bb01a76..6b05567a 100644 --- a/userspace/falco/falco.cpp +++ b/userspace/falco/falco.cpp @@ -36,7 +36,6 @@ limitations under the License. #include "logger.h" #include "utils.h" -#include "chisel.h" #include "fields_info.h" #include "falco_utils.h"