From f547dc97aba54518940ade28f5eef19f6b6ab64a Mon Sep 17 00:00:00 2001 From: Mark Stemm Date: Wed, 20 Jul 2016 15:31:34 -0700 Subject: [PATCH] Move falco engine to its own library. Move the c++ and lua code implementing falco engine/falco common to its own directory userspace/engine. It's compiled as a static library libfalco_engine.a, and has its own CMakeLists.txt so it can be included by other projects. The engine's CMakeLists.txt has a add_subdirectory for the falco rules directory, so including the engine also builds the rules. The variables you need to set to use the engine's CMakeLists.txt are: - CMAKE_INSTALL_PREFIX: the root directory below which everything is installed. - FALCO_ETC_DIR: where to install the rules file. - FALCO_SHARE_DIR: where to install lua code, relative to the - install/package root. - LUAJIT_INCLUDE: where to find header files for lua. - FALCO_SINSP_LIBRARY: the library containing sinsp code. It will be - considered a dependency of the engine. - LPEG_LIB/LYAML_LIB/LIBYAML_LIB: locations for third-party libraries. - FALCO_COMPONENT: if set, will be included as a part of any install() commands. Instead of specifying /usr/share/falco in config_falco_*.h.in, use CMAKE_INSTALL_PREFIX and FALCO_SHARE_DIR. The lua code for the engine has also moved, so the two lua source directories (userspace/engine/lua and userspace/falco/lua) need to be available separately via falco_common, so make it an argument to falco_common::init. As a part of making it easy to include in another project, also clean up LPEG build/defs. Modify build-lpeg to add a PREFIX argument to allow for object files/libraries being in an alternate location, and when building lpeg, put object files in a build/ subdirectory. --- CMakeLists.txt | 16 ++++++---- rules/CMakeLists.txt | 14 +++++++-- scripts/build-lpeg.sh | 24 ++++++++++---- userspace/engine/CMakeLists.txt | 31 +++++++++++++++++++ userspace/engine/config_falco_engine.h.in | 4 +++ userspace/{falco => engine}/falco_common.cpp | 12 +++---- userspace/{falco => engine}/falco_common.h | 2 +- userspace/{falco => engine}/falco_engine.cpp | 4 ++- userspace/{falco => engine}/falco_engine.h | 1 - userspace/{falco => engine}/lpeg.h | 0 userspace/{falco => engine}/lua/README.md | 0 userspace/{falco => engine}/lua/compiler.lua | 0 .../{falco => engine}/lua/parser-smoke.sh | 0 userspace/{falco => engine}/lua/parser.lua | 0 .../{falco => engine}/lua/rule_loader.lua | 0 userspace/{falco => engine}/lyaml.h | 0 userspace/{falco => engine}/rules.cpp | 0 userspace/{falco => engine}/rules.h | 0 userspace/falco/CMakeLists.txt | 7 ++--- userspace/falco/config_falco.h.in | 2 +- userspace/falco/falco.cpp | 1 + userspace/falco/falco_outputs.cpp | 5 ++- userspace/falco/falco_outputs.h | 2 -- 23 files changed, 94 insertions(+), 31 deletions(-) create mode 100644 userspace/engine/CMakeLists.txt create mode 100644 userspace/engine/config_falco_engine.h.in rename userspace/{falco => engine}/falco_common.cpp (84%) rename userspace/{falco => engine}/falco_common.h (93%) rename userspace/{falco => engine}/falco_engine.cpp (95%) rename userspace/{falco => engine}/falco_engine.h (98%) rename userspace/{falco => engine}/lpeg.h (100%) rename userspace/{falco => engine}/lua/README.md (100%) rename userspace/{falco => engine}/lua/compiler.lua (100%) rename userspace/{falco => engine}/lua/parser-smoke.sh (100%) rename userspace/{falco => engine}/lua/parser.lua (100%) rename userspace/{falco => engine}/lua/rule_loader.lua (100%) rename userspace/{falco => engine}/lyaml.h (100%) rename userspace/{falco => engine}/rules.cpp (100%) rename userspace/{falco => engine}/rules.h (100%) diff --git a/CMakeLists.txt b/CMakeLists.txt index b0809137..730f559f 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -6,8 +6,8 @@ if(NOT DEFINED FALCO_VERSION) set(FALCO_VERSION "0.1.1dev") endif() -if(NOT DEFINED DIR_ETC) - set(DIR_ETC "/etc") +if(NOT DEFINED FALCO_ETC_DIR) + set(FALCO_ETC_DIR "/etc") endif() if(NOT CMAKE_BUILD_TYPE) @@ -39,6 +39,7 @@ set(PACKAGE_NAME "falco") set(PROBE_VERSION "${FALCO_VERSION}") set(PROBE_NAME "sysdig-probe") set(PROBE_DEVICE_NAME "sysdig") +set(CMAKE_INSTALL_PREFIX /usr) set(CMD_MAKE make) @@ -160,11 +161,12 @@ ExternalProject_Add(luajit INSTALL_COMMAND "") set (LPEG_SRC "${PROJECT_BINARY_DIR}/lpeg-prefix/src/lpeg") +set (LPEG_LIB "${PROJECT_BINARY_DIR}/lpeg-prefix/src/lpeg/build/lpeg.a") ExternalProject_Add(lpeg DEPENDS luajit URL "http://s3.amazonaws.com/download.draios.com/dependencies/lpeg-1.0.0.tar.gz" URL_MD5 "0aec64ccd13996202ad0c099e2877ece" - BUILD_COMMAND LUA_INCLUDE=${LUAJIT_INCLUDE} "${PROJECT_SOURCE_DIR}/scripts/build-lpeg.sh" + BUILD_COMMAND LUA_INCLUDE=${LUAJIT_INCLUDE} "${PROJECT_SOURCE_DIR}/scripts/build-lpeg.sh" "${LPEG_SRC}/build" BUILD_IN_SOURCE 1 CONFIGURE_COMMAND "" INSTALL_COMMAND "") @@ -188,17 +190,19 @@ ExternalProject_Add(lyaml BUILD_COMMAND ${CMD_MAKE} BUILD_IN_SOURCE 1 CONFIGURE_COMMAND ./configure --enable-static LIBS=-L../../../libyaml-prefix/src/libyaml/src/.libs CFLAGS=-I../../../libyaml-prefix/src/libyaml/include CPPFLAGS=-I../../../libyaml-prefix/src/libyaml/include LUA_INCLUDE=-I../../../luajit-prefix/src/luajit/src LUA=../../../luajit-prefix/src/luajit/src/luajit - INSTALL_COMMAND sh -c "cp -R ${PROJECT_BINARY_DIR}/lyaml-prefix/src/lyaml/lib/* ${PROJECT_SOURCE_DIR}/userspace/falco/lua") + INSTALL_COMMAND sh -c "cp -R ${PROJECT_BINARY_DIR}/lyaml-prefix/src/lyaml/lib/* ${PROJECT_SOURCE_DIR}/userspace/engine/lua") install(FILES falco.yaml - DESTINATION "${DIR_ETC}") + DESTINATION "${FALCO_ETC_DIR}") add_subdirectory("${SYSDIG_DIR}/driver" "${PROJECT_BINARY_DIR}/driver") add_subdirectory("${SYSDIG_DIR}/userspace/libscap" "${PROJECT_BINARY_DIR}/userspace/libscap") add_subdirectory("${SYSDIG_DIR}/userspace/libsinsp" "${PROJECT_BINARY_DIR}/userspace/libsinsp") -add_subdirectory(rules) add_subdirectory(scripts) +set(FALCO_SINSP_LIBRARY sinsp) +set(FALCO_SHARE_DIR share/falco) +add_subdirectory(userspace/engine) add_subdirectory(userspace/falco) diff --git a/rules/CMakeLists.txt b/rules/CMakeLists.txt index 8e7bfb68..916f5f8f 100644 --- a/rules/CMakeLists.txt +++ b/rules/CMakeLists.txt @@ -1,3 +1,13 @@ -install(FILES falco_rules.yaml - DESTINATION "${DIR_ETC}") +if(NOT DEFINED FALCO_ETC_DIR) + set(FALCO_ETC_DIR "/etc") +endif() + +if(DEFINED FALCO_COMPONENT) +install(FILES falco_rules.yaml + COMPONENT "${FALCO_COMPONENT}" + DESTINATION "${FALCO_ETC_DIR}") +else() +install(FILES falco_rules.yaml + DESTINATION "${FALCO_ETC_DIR}") +endif() diff --git a/scripts/build-lpeg.sh b/scripts/build-lpeg.sh index 6a8db3fd..ba77159f 100755 --- a/scripts/build-lpeg.sh +++ b/scripts/build-lpeg.sh @@ -1,17 +1,29 @@ -#!/bin/sh +#!/bin/bash -gcc -O2 -fPIC -I$LUA_INCLUDE -c lpcap.c -o lpcap.o -gcc -O2 -fPIC -I$LUA_INCLUDE -c lpcode.c -o lpcode.o -gcc -O2 -fPIC -I$LUA_INCLUDE -c lpprint.c -o lpprint.o -gcc -O2 -fPIC -I$LUA_INCLUDE -c lptree.c -o lptree.o -gcc -O2 -fPIC -I$LUA_INCLUDE -c lpvm.c -o lpvm.o +set -ex + +PREFIX=$1 + +if [ -z $PREFIX ]; then + PREFIX=. +fi + +mkdir -p $PREFIX + +gcc -O2 -fPIC -I$LUA_INCLUDE -c lpcap.c -o $PREFIX/lpcap.o +gcc -O2 -fPIC -I$LUA_INCLUDE -c lpcode.c -o $PREFIX/lpcode.o +gcc -O2 -fPIC -I$LUA_INCLUDE -c lpprint.c -o $PREFIX/lpprint.o +gcc -O2 -fPIC -I$LUA_INCLUDE -c lptree.c -o $PREFIX/lptree.o +gcc -O2 -fPIC -I$LUA_INCLUDE -c lpvm.c -o $PREFIX/lpvm.o # For building lpeg.so, which we don't need now that we're statically linking lpeg.a into falco #gcc -shared -o lpeg.so -L/usr/local/lib lpcap.o lpcode.o lpprint.o lptree.o lpvm.o #gcc -shared -o lpeg.so -L/usr/local/lib lpcap.o lpcode.o lpprint.o lptree.o lpvm.o +pushd $PREFIX /usr/bin/ar cr lpeg.a lpcap.o lpcode.o lpprint.o lptree.o lpvm.o /usr/bin/ranlib lpeg.a +popd chmod ug+w re.lua diff --git a/userspace/engine/CMakeLists.txt b/userspace/engine/CMakeLists.txt new file mode 100644 index 00000000..dfc85495 --- /dev/null +++ b/userspace/engine/CMakeLists.txt @@ -0,0 +1,31 @@ +include_directories("${PROJECT_SOURCE_DIR}/../sysdig/userspace/libsinsp/third-party/jsoncpp") +include_directories("${PROJECT_SOURCE_DIR}/../sysdig/userspace/libscap") +include_directories("${PROJECT_SOURCE_DIR}/../sysdig/userspace/libsinsp") +include_directories("${PROJECT_BINARY_DIR}/userspace/engine") +include_directories("${LUAJIT_INCLUDE}") + +add_library(falco_engine STATIC rules.cpp falco_common.cpp falco_engine.cpp) + +target_include_directories(falco_engine PUBLIC + "${LUAJIT_INCLUDE}") + +target_link_libraries(falco_engine + "${FALCO_SINSP_LIBRARY}" + "${LPEG_LIB}" + "${LYAML_LIB}" + "${LIBYAML_LIB}") + +configure_file(config_falco_engine.h.in config_falco_engine.h) + +if(DEFINED FALCO_COMPONENT) +install(DIRECTORY lua + DESTINATION "${FALCO_SHARE_DIR}" + COMPONENT "${FALCO_COMPONENT}" + FILES_MATCHING PATTERN *.lua) +else() +install(DIRECTORY lua + DESTINATION "${FALCO_SHARE_DIR}" + FILES_MATCHING PATTERN *.lua) +endif() + +add_subdirectory("${PROJECT_SOURCE_DIR}/../falco/rules" "${PROJECT_BINARY_DIR}/rules") diff --git a/userspace/engine/config_falco_engine.h.in b/userspace/engine/config_falco_engine.h.in new file mode 100644 index 00000000..a0481911 --- /dev/null +++ b/userspace/engine/config_falco_engine.h.in @@ -0,0 +1,4 @@ +#pragma once + +#define FALCO_ENGINE_LUA_DIR "${CMAKE_INSTALL_PREFIX}/${FALCO_SHARE_DIR}/lua/" +#define FALCO_ENGINE_SOURCE_LUA_DIR "${PROJECT_SOURCE_DIR}/../falco/userspace/engine/lua/" diff --git a/userspace/falco/falco_common.cpp b/userspace/engine/falco_common.cpp similarity index 84% rename from userspace/falco/falco_common.cpp rename to userspace/engine/falco_common.cpp index 47874180..1e2361ec 100644 --- a/userspace/falco/falco_common.cpp +++ b/userspace/engine/falco_common.cpp @@ -1,6 +1,6 @@ #include -#include "config_falco.h" +#include "config_falco_engine.h" #include "falco_common.h" falco_common::falco_common() @@ -22,24 +22,24 @@ void falco_common::set_inspector(sinsp *inspector) m_inspector = inspector; } -void falco_common::init(string &lua_main_filename) +void falco_common::init(const char *lua_main_filename, const char *source_dir) { ifstream is; - string lua_dir = FALCO_LUA_DIR; + string lua_dir = FALCO_ENGINE_LUA_DIR; string lua_main_path = lua_dir + lua_main_filename; is.open(lua_main_path); if (!is.is_open()) { - lua_dir = FALCO_SOURCE_LUA_DIR; + lua_dir = source_dir; lua_main_path = lua_dir + lua_main_filename; is.open(lua_main_path); if (!is.is_open()) { throw falco_exception("Could not find Falco Lua entrypoint (tried " + - string(FALCO_LUA_DIR) + lua_main_filename + ", " + - string(FALCO_SOURCE_LUA_DIR) + lua_main_filename + ")"); + string(FALCO_ENGINE_LUA_DIR) + lua_main_filename + ", " + + string(source_dir) + lua_main_filename + ")"); } } diff --git a/userspace/falco/falco_common.h b/userspace/engine/falco_common.h similarity index 93% rename from userspace/falco/falco_common.h rename to userspace/engine/falco_common.h index b3c49e06..d08a274d 100644 --- a/userspace/falco/falco_common.h +++ b/userspace/engine/falco_common.h @@ -52,7 +52,7 @@ public: falco_common(); virtual ~falco_common(); - void init(std::string &lua_main_filename); + void init(const char *lua_main_filename, const char *source_dir); void set_inspector(sinsp *inspector); diff --git a/userspace/falco/falco_engine.cpp b/userspace/engine/falco_engine.cpp similarity index 95% rename from userspace/falco/falco_engine.cpp rename to userspace/engine/falco_engine.cpp index f144721e..c4dcb771 100644 --- a/userspace/falco/falco_engine.cpp +++ b/userspace/engine/falco_engine.cpp @@ -2,6 +2,7 @@ #include #include "falco_engine.h" +#include "config_falco_engine.h" extern "C" { #include "lpeg.h" @@ -17,11 +18,12 @@ string lua_print_stats = "print_stats"; using namespace std; falco_engine::falco_engine() + : m_rules(NULL) { luaopen_lpeg(m_ls); luaopen_yaml(m_ls); - falco_common::init(m_lua_main_filename); + falco_common::init(m_lua_main_filename.c_str(), FALCO_ENGINE_SOURCE_LUA_DIR); falco_rules::init(m_ls); } diff --git a/userspace/falco/falco_engine.h b/userspace/engine/falco_engine.h similarity index 98% rename from userspace/falco/falco_engine.h rename to userspace/engine/falco_engine.h index 63675af9..38661a06 100644 --- a/userspace/falco/falco_engine.h +++ b/userspace/engine/falco_engine.h @@ -7,7 +7,6 @@ #include "rules.h" -#include "config_falco.h" #include "falco_common.h" // diff --git a/userspace/falco/lpeg.h b/userspace/engine/lpeg.h similarity index 100% rename from userspace/falco/lpeg.h rename to userspace/engine/lpeg.h diff --git a/userspace/falco/lua/README.md b/userspace/engine/lua/README.md similarity index 100% rename from userspace/falco/lua/README.md rename to userspace/engine/lua/README.md diff --git a/userspace/falco/lua/compiler.lua b/userspace/engine/lua/compiler.lua similarity index 100% rename from userspace/falco/lua/compiler.lua rename to userspace/engine/lua/compiler.lua diff --git a/userspace/falco/lua/parser-smoke.sh b/userspace/engine/lua/parser-smoke.sh similarity index 100% rename from userspace/falco/lua/parser-smoke.sh rename to userspace/engine/lua/parser-smoke.sh diff --git a/userspace/falco/lua/parser.lua b/userspace/engine/lua/parser.lua similarity index 100% rename from userspace/falco/lua/parser.lua rename to userspace/engine/lua/parser.lua diff --git a/userspace/falco/lua/rule_loader.lua b/userspace/engine/lua/rule_loader.lua similarity index 100% rename from userspace/falco/lua/rule_loader.lua rename to userspace/engine/lua/rule_loader.lua diff --git a/userspace/falco/lyaml.h b/userspace/engine/lyaml.h similarity index 100% rename from userspace/falco/lyaml.h rename to userspace/engine/lyaml.h diff --git a/userspace/falco/rules.cpp b/userspace/engine/rules.cpp similarity index 100% rename from userspace/falco/rules.cpp rename to userspace/engine/rules.cpp diff --git a/userspace/falco/rules.h b/userspace/engine/rules.h similarity index 100% rename from userspace/falco/rules.h rename to userspace/engine/rules.h diff --git a/userspace/falco/CMakeLists.txt b/userspace/falco/CMakeLists.txt index 510c0b54..9111bcfa 100644 --- a/userspace/falco/CMakeLists.txt +++ b/userspace/falco/CMakeLists.txt @@ -3,17 +3,16 @@ include_directories("${LUAJIT_INCLUDE}") include_directories("${PROJECT_SOURCE_DIR}/../sysdig/userspace/libscap") include_directories("${PROJECT_SOURCE_DIR}/../sysdig/userspace/libsinsp") +include_directories("${PROJECT_SOURCE_DIR}/userspace/engine") include_directories("${PROJECT_BINARY_DIR}/userspace/falco") include_directories("${CURL_INCLUDE_DIR}") include_directories("${YAMLCPP_INCLUDE_DIR}") include_directories("${DRAIOS_DEPENDENCIES_DIR}/yaml-${DRAIOS_YAML_VERSION}/target/include") -add_executable(falco configuration.cpp formats.cpp rules.cpp logger.cpp falco_common.cpp falco_engine.cpp falco_outputs.cpp falco.cpp) +add_executable(falco configuration.cpp formats.cpp logger.cpp falco_outputs.cpp falco.cpp) -target_link_libraries(falco sinsp) +target_link_libraries(falco falco_engine sinsp) target_link_libraries(falco - "${LPEG_SRC}/lpeg.a" - "${LYAML_LIB}" "${LIBYAML_LIB}" "${YAMLCPP_LIB}") diff --git a/userspace/falco/config_falco.h.in b/userspace/falco/config_falco.h.in index 0f0ab124..a977dbb0 100644 --- a/userspace/falco/config_falco.h.in +++ b/userspace/falco/config_falco.h.in @@ -2,7 +2,7 @@ #define FALCO_VERSION "${FALCO_VERSION}" -#define FALCO_LUA_DIR "/usr/share/falco/lua/" +#define FALCO_LUA_DIR "${CMAKE_INSTALL_PREFIX}/${FALCO_SHARE_DIR}/lua/" #define FALCO_SOURCE_DIR "${PROJECT_SOURCE_DIR}" #define FALCO_SOURCE_CONF_FILE "${PROJECT_SOURCE_DIR}/falco.yaml" #define FALCO_INSTALL_CONF_FILE "/etc/falco.yaml" diff --git a/userspace/falco/falco.cpp b/userspace/falco/falco.cpp index 8359c2a2..e7ebc1b2 100644 --- a/userspace/falco/falco.cpp +++ b/userspace/falco/falco.cpp @@ -14,6 +14,7 @@ #include "configuration.h" #include "falco_engine.h" +#include "config_falco.h" bool g_terminate = false; // diff --git a/userspace/falco/falco_outputs.cpp b/userspace/falco/falco_outputs.cpp index 7929f1c1..d16cbdda 100644 --- a/userspace/falco/falco_outputs.cpp +++ b/userspace/falco/falco_outputs.cpp @@ -1,6 +1,9 @@ #include "falco_outputs.h" +#include "config_falco.h" + + #include "formats.h" #include "logger.h" @@ -24,7 +27,7 @@ void falco_outputs::init(bool json_output) throw falco_exception("No inspector provided"); } - falco_common::init(m_lua_main_filename); + falco_common::init(m_lua_main_filename.c_str(), FALCO_SOURCE_LUA_DIR); falco_formats::init(m_inspector, m_ls, json_output); diff --git a/userspace/falco/falco_outputs.h b/userspace/falco/falco_outputs.h index 938dbb94..28da94d6 100644 --- a/userspace/falco/falco_outputs.h +++ b/userspace/falco/falco_outputs.h @@ -1,7 +1,5 @@ #pragma once -#include "config_falco.h" - #include "falco_common.h" //