github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-25 22:32:07 +00:00
Code Issues Projects Releases Wiki Activity

chore(userspace/engine,userspace/falco): upgraded to latest libs.

Browse Source 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
This commit is contained in:
Federico Di Pierro 2022-09-16 15:44:58 +02:00 committed by poiana
parent 9048d84ed4
commit e068df514c
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
userspace/engine/rule_loader.cpp
View File

@ -81,7 +81,7 @@ rule_loader::context::context(const YAML::Node &item,
init(parent.name(), position(item.Mark()), item_type, item_name, parent);
}
rule_loader::context::context(const libsinsp::filter::parser::pos_info& pos,
rule_loader::context::context(const libsinsp::filter::ast::pos_info& pos,
const std::string& condition,
const context& parent)
: alt_content(condition)

2
userspace/engine/rule_loader.h
View File

@ -112,7 +112,7 @@ public:
// from the YAML node containing the condition expression.
// - When compiling, the condition expression has expanded
// macro and list references with their values.
context(const libsinsp::filter::parser::pos_info& pos,
context(const libsinsp::filter::ast::pos_info& pos,
const std::string& condition,
const context& parent);

8
userspace/falco/app_actions/open_inspector.cpp
View File

@ -30,7 +30,7 @@ application::run_result application::open_offline_inspector()
{
try
{
m_state->offline_inspector->open_savefile(m_options.trace_filename, 0);
m_state->offline_inspector->open_savefile(m_options.trace_filename);
falco_logger::log(LOG_INFO, "Reading system call events from file: " + m_options.trace_filename + "\n");
return run_result::ok();
}
@ -88,14 +88,14 @@ application::run_result application::open_live_inspector(
snprintf(full_path, PATH_MAX, "%s/%s", home, FALCO_PROBE_BPF_FILEPATH);
bpf_probe_path = full_path;
}
inspector->open_bpf(2048, bpf_probe_path, m_state->ppm_sc_of_interest, m_state->tp_of_interest);
inspector->open_bpf(bpf_probe_path, DEFAULT_DRIVER_BUFFER_BYTES_DIM, m_state->ppm_sc_of_interest, m_state->tp_of_interest);
falco_logger::log(LOG_INFO, "Starting capture with BPF probe. BPF probe path: " + std::string(bpf_probe_path));
}
else /* Kernel module (default). */
{
try
{
inspector->open_kmod(2048, m_state->ppm_sc_of_interest, m_state->tp_of_interest);
inspector->open_kmod(DEFAULT_DRIVER_BUFFER_BYTES_DIM, m_state->ppm_sc_of_interest, m_state->tp_of_interest);
falco_logger::log(LOG_INFO, "Starting capture with Kernel module.");
}
catch(sinsp_exception &e)
@ -105,7 +105,7 @@ application::run_result application::open_live_inspector(
{
falco_logger::log(LOG_ERR, "Unable to load the driver.\n");
}
inspector->open_kmod(2048, m_state->ppm_sc_of_interest, m_state->tp_of_interest);
inspector->open_kmod(DEFAULT_DRIVER_BUFFER_BYTES_DIM, m_state->ppm_sc_of_interest, m_state->tp_of_interest);
}
}
}