Add grpc methods to reload/validate a set of rules files. This is only
stubs at the moment, but the implementation will consist of:
- creating a new falco engine
- doing any required initialization
- loading each rules file
- enabling/disabling rules based on command line options
- (for reload) using swappable_falco_engine::replace() to update the
falco engine.
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
Use an instance of swappable_falco_engine obj to hold the falco
engine.
This generally involves:
- Passing around a reference to a swappable_falco_engine instead of a
pointer to a falco_engine
- Using swengine.engine() to access the current falco engine instead
of the falco_engine pointer.
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
New class swappable_falco_engine contains a shared_ptr to a
falco_engine object and has two main methods:
- engine(): retrieve the current shared pointer
- replace(): update the engine with a new one
The implementation allows for replace() and engine() to occur on
different threads, using a tbb::concurrent_queue. replace() pushes
onto the queue(), and engine() pops from the queue, replacing the
current engine.
This will be used to replace the falco engine on the fly when
reloading rules on the fly via the grpc interface.
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
This isn't used by the engine itself anymore, now that it uses
factories to provide formatters.
This is in preparation for other changes to make the falco engine
hot-swappable while running.
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
When listing fields with -N (names only), also skip fields with the
EPF_TABLE_ONLY flag. (Skipping fields without -N is handled in libs,
in the as_string() method).
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
Instead of having .lua files external to the program responsible for
loading rules, embed the contents of those files into the executable
and load them as strings instead of as files:
Add a cmake custom command below userspace/engine/lua that calls a
bash script lua-to-cpp.sh to generate falco_engine_lua_files.{cpp,hh}
that are compiled into the falco engine library.
The script creates a .cpp file that has const char * symbols for each
file, as well as lists of files that should be loaded when the falco
engine is loaded. There are actually two lists:
- lua_module_strings: these are loaded and also added to the lua
runtime package.preload table, so they are available when lua code
require()s them.
- lua_code_strings: these are loaded *and* evaluated, so the functions
in them are availble to be called from C++.
This simplifies some of the falco_common methods, as there's no need
to keep track of a "main" lua file to load or paths from which the lua
loader should find files for modules, and there's no need to keep
track of an "alternate" lua directory that occurs for debug builds.
Also, there's no need to include any .lua files in the installed
packages, as they're built into the falco binary.
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
This will distinguish it from rule_loader.lua, which is *not* a module
but lua code with functions that can be called directly.
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
