github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2026-04-04 11:02:16 +00:00
Code Issues Projects Releases Wiki Activity
1,811 Commits 127 Branches 184 Tags
new/profiler
Commit Graph

1811 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lorenzo Fontana
9c6c2f7b02 temporary commit 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-16 19:46:46 +02:00
Leonardo Di Donato
8dfc5da425 update(tests/profiler): serialization/deserialization of profiler nodes 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:38:32 +02:00
Leonardo Di Donato
cc8bc663df update(userspace/profiler): introduce profiler namespace 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:38:32 +02:00
Lorenzo Fontana
35cba8a231 new(tests/profiler): flatbuffer serialization tests skaffold 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:38:32 +02:00
Lorenzo Fontana
694f13c9a2 build(userspace/profiler): dependency between profiler flatbuffer generation and tests target 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:38:29 +02:00
Leonardo Di Donato
e17fb1cb04 build: initial setup for flatbuffers (cmake) 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:37:52 +02:00
Leonardo Di Donato
943d49bdf2 wip: initial flatbuffer definition for profile data 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:37:52 +02:00
Leonardo Di Donato
f8783b3312 chore(profiler): tests naming and other refinements 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:37:51 +02:00
Leonardo Di Donato
96df786ce8 update(tests/profiler): profiler detects parent (single chunk) 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:37:51 +02:00
Leonardo Di Donato
54050b2d4a update(tests/profiler): setup test for parents 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:37:51 +02:00
Leonardo Di Donato
dac2ff9379 new(userspace/profiler): get the parent 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:37:51 +02:00
Lorenzo Fontana
7e048f384c update(profiler): give profiler its own home 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:37:49 +02:00
Lorenzo Fontana
43446369ec update(tests): use hedley in profiler tests 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:37:15 +02:00
Lorenzo Fontana
e8afe72063 update(tests/falco): more complete profiler tests 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:37:15 +02:00
Leonardo Di Donato
1710812065 chore(cmake/modules): refinements to the Catch2 cmake module 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:37:15 +02:00
Leonardo Di Donato
b21f09aebd build: hedley macros 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:37:15 +02:00
Leonardo Di Donato
02853d5310 update(userspace/falco): move the chunck allocation code out-of-line 
This makes the usual (the most common code path, since the `else` clause
is hit very rarely) straight-line.

It removes an unnecessary `jmp .LBBx_y` that was taken every time.

For this reason, the resulting code is more efficient.

Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:37:14 +02:00
Lorenzo Fontana
755ba8f9a2 new(tests): profiler tests bootstrap 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:37:07 +02:00
Leonardo Di Donato
d2d7ead732 build(userspace/falco): build the profiler header file 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:36:11 +02:00
Leonardo Di Donato
fb948912a3 new(userspace/falco): initial profiler impl 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-14 15:36:08 +02:00
Lorenzo Fontana
d0f4f7cbb5 docs(tests): fix typo 
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:02:15 +02:00
Lorenzo Fontana
d67b3f5577 docs(CONTRIBUTING): mention the unit test page on CONTRIBUTING 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:02:15 +02:00
Lorenzo Fontana
1d43d4eb40 build(tests): allow to pass FALCO_TESTS_ARGUMENTS to the tests target 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:02:15 +02:00
Lorenzo Fontana
e9e2547a44 docs(tests): initial unit-tests readme 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-05-14 15:02:15 +02:00
Leonardo Grasso
0f23a9477f update(docker/OWNERS): add myself to approvers 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-14 14:09:46 +02:00
Leonardo Grasso
9242c45214 update(examples): move /examples to contrib repo 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-14 12:54:09 +02:00
Leonardo Grasso
ede2ef8706 update(integration): move /integration to contrib repo 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-13 15:15:40 +02:00
Leonardo Grasso
0c4074b7a9 update(docker): remove minimal image 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-13 10:39:07 +02:00
Leonardo Grasso
05c684d68c test: add bin package (tar.gz) to integration test 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-12 19:22:49 +02:00
Leonardo Grasso
a520a9b666 update(proposals/20200506-artifacts-scope-part-2.md): resolution about image naming 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-12 18:53:46 +02:00
Leonardo Grasso
9393ae9e03 fix(proposals/20200506-artifacts-scope): typos 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-12 18:53:46 +02:00
Leonardo Grasso
fcd2849a5d update(proposals/20200506-artifacts-scope): refinements 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>

As per https://github.com/falcosecurity/falco/pull/1184/files#r420856406
 2020-05-12 18:53:46 +02:00
Leo Di Donato
c7573c3db9 update(proposals/20200506-artifacts-scope-part-2): refinements to the future SoA of Falco artifacts and images 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-12 18:53:46 +02:00
Leo Di Donato
737ef557ae update(proposals/20200506-artifacts-scope-part-1): improvements to SoA of Falco artifacts and images 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>

Co-authored-by: Lorenzo Fontana <lo@linux.com>
 2020-05-12 18:53:46 +02:00
Leonardo Grasso
078c98f847 docs(proposal): split artifacts scope proposal in 2 parts 
Still some TODOs

Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-12 18:53:46 +02:00
Leonardo Grasso
63eafd2ff8 docs(proposals/20200504-falco-artifacts-scope.md): update from review 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-12 18:53:46 +02:00
Leonardo Grasso
69714a8124 fix(proposals/20200504-falco-artifacts-scope.md): minor fixes 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-12 18:53:46 +02:00
Kris Nova
b6bbc27e57 feat(docs): "Official Support" is the highest and most coveted status. 
Signed-off-by: Kris Nova <kris@nivenly.com>
 2020-05-12 18:53:46 +02:00
Kris Nova
df3fc73e55 feat(docs): Updating proposal with new vernacular 
Signed-off-by: Kris Nova <kris@nivenly.com>
 2020-05-12 18:53:46 +02:00
Kris Nova
b9bf985fae feat(proposal): Adding artifacts scope and proposal 
- Highlights scope of Falco
 - Highlights subprojects and groups evolution
 - Defines build artifacts
 - Defines artifact naming convention
 - Dictates that we take action to make these changes happen

Signed-off-by: Kris Nova <kris@nivenly.com>
 2020-05-12 18:53:46 +02:00
Mark Stemm
8adcc95bac Add unit tests for ruleset handling 
A new unit test file test_rulesets adds tests for the following:

 - enabling/disabling rules based on substrings
 - enabling/disabling rules based on exact matches
 - enabling/disabling rules based on tags

There are variants that test for default and non-default rulesets.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2020-05-11 14:15:42 +02:00
Mark Stemm
176d6f2bfe Make token bucket unit test pass valgrind 
Previously, valgrind was complaining about the leaked token bucket.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2020-05-11 14:15:42 +02:00
Mark Stemm
7fd350d49a Allow exact matches for rule names 
Currently, when calling enable_rule, the provided rule name pattern is a
substring match, that is if the rules file has a rule "My fantastic
rule", and you call engine->enable_rule("fantastic", true), the rule
will be enabled.

This can cause problems if one rule name is a complete subset of another
rule name e.g. rules "My rule" and "My rule is great", and calling
engine->enable_rule("My rule", true).

To allow for this case, add an alternate method enable_rule_exact() in
both default ruleset and ruleset variants. In this case, the rule name
must be an exact match.

In the underlying ruleset code, add a "match_exact" option to
falco_ruleset::enable() that denotes whether the substring is an exact
or substring match.

This doesn't change the default behavior of falco in any way, as the
existing calls still use enable_rule().

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2020-05-11 14:15:42 +02:00
Leonardo Grasso
900a3b5860 refactor(docker): driverloader to falco-driver-loader 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-08 18:08:03 +02:00
Leonardo Di Donato
3991552553 update(cmake/modules): bump driver version to 96bd9bc560f67742738eb7255aeb4d03046b8045 
This driver version contains a fix for kernels < 3.17

Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-06 20:35:31 +02:00
Leonardo Grasso
83d5ce4d58 fix(.circleci): correct driverloader's base tag 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 15:05:53 +02:00
Leonardo Grasso
2e703f0565 refactor(docker/driverloader): rename build arg 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 15:05:53 +02:00
Leonardo Grasso
24c0e80bd8 chore(docker): clean up unused set -e 
Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 11:27:38 +02:00
Leonardo Grasso
5e421c9ac4 docs(docker): add driverloader into supported images 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 11:27:38 +02:00
Leonardo Grasso
6a20526c4b update(.circleci): add steps to build and publish the driverloader image 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-05-04 11:27:38 +02:00