github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-13 05:22:34 +00:00
Code Issues Projects Releases Wiki Activity
4,976 Commits 119 Branches 173 Tags
refactor/cppcheck-cleanups
Commit Graph

206 Commits

Author SHA1 Message Date
Luca Guerra
993516f430 new(falco): add compile-time option to enable or disable gvisor support 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2022-07-01 14:17:38 +02:00
Jason Dellaluce
b91ff34b97 refactor: drop civetweb dependency and implement healtz using cpp-httplib 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2022-04-29 20:47:19 +02:00
Leonardo Grasso
b4d9261ce2 build: define "falco" component 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2022-04-22 09:41:56 +02:00
Jason Dellaluce
7db9dd66ff refactor(build): drop dependencies to chisels, luajit, lyaml, and libyaml 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2022-04-11 12:22:18 +02:00
Jason Dellaluce
0a132f453a update(cmake): remove lpeg dependency 
The Lua PEG parser is not longer needed, since we now use the new filter parser implemented
in libsinsp.

Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2022-03-23 18:31:43 +01:00
Mark Stemm
d74c8d6d4d Add cxxopts command line parsing library 
We'll use this to better manage the fairly large set of command line
options in self-contained objects instead of a scattering of
individual stack variables.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2022-02-24 10:40:16 +01:00
Andrea Bonanno
eedb794fd5 fix(userspace/falco): applies FALCO_INSTALL_CONF_FILE as the default config. 
Signed-off-by: Andrea Bonanno <andrea@bonanno.cloud>
 2022-02-18 17:33:43 +01:00
Federico Di Pierro
ff21544186 update(build)!: replaced various PROBE with DRIVER where necessary. 
Follow-up of https://github.com/falcosecurity/libs/pull/197.
Updated libs too to master version, as needed.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2022-02-08 09:50:39 +01:00
Luca Guerra
c49093005d fix(build): do not include plugins in musl builds 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2022-01-26 16:18:50 +01:00
Luca Guerra
69767bb51b fix(build): do not show plugin options in musl optimized builds 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2022-01-26 16:18:50 +01:00
Federico Di Pierro
7927f45d9f update(build): dropped Falco local luajit module, use the one provided by libs (upgraded) instead. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Co-authored-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2021-11-17 17:25:24 +01:00
Federico Di Pierro
0539e948c8 update(build): moved civetweb to its own cmake module. Moved its patch too. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2021-11-17 16:18:23 +01:00
Federico Di Pierro
5f1d04ec82 fix(build): build civetweb using cmake and linking to static openssl built by us. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2021-11-17 16:18:23 +01:00
Federico Di Pierro
9d8fc4c8d2 update(build): updated civetweb to version 1.15 to correctly support openssl1.1. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
 2021-11-17 16:18:23 +01:00
Mark Stemm
38a7f7ada0 cmake/build changes for plugins 
Add a cmake module "plugins" that does the following:

 - Downloads/installs the plugins artifacts from a known tag
 - Copies the resulting cloudtrail/json shared libraries to
   CMAKE_CURRENT_BINARY_DIR/plugins
 - Installs them to FALCO_SHARE_DIR/plugins

The default config will define the plugins but they will be disabled
by default.

Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Co-authored-by: Loris Degioanni <loris@sysdig.com>
Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2021-11-12 18:27:59 +01:00
Leonardo Grasso
bfc0021cdd build: update build system to support libs cmake modules 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2021-05-21 10:24:08 +02:00
Leonardo Grasso
e616f79bac build: switch to falcosecurity-libs external project 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2021-05-21 10:24:08 +02:00
Leonardo Grasso
d0be6d96d0 build: enable ASLR for statically linked build 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2021-04-22 18:12:05 +02:00
Leonardo Grasso
aefd67eb8a build: hardening flags 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2021-04-22 18:12:05 +02:00
Angelo Puglisi
9a175cb1db chore(cmake/modules): avoid useless rebuild 
Because of https://gitlab.kitware.com/cmake/cmake/-/issues/16419, every
time one compiles, some external projects gets updated causing rebuild.

Have EP_UPDATE_DISCONNECTED option (default OFF) to be able to control
that behaviour.

Signed-off-by: Angelo Puglisi <angelopuglisi86@gmail.com>
Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-12-10 13:28:01 -05:00
Lorenzo Fontana
12b7ff9940 build: BUILD_BYPRODUCTS for civetweb 
The BUILD_BYPRODUCTS for the civetweb target
is needed so that when Falco is built using Ninja
the falco target can have a reference to
understand what target is building the civetweb lib
and do the build automatically without having to do
`ninja civetweb` first.

Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-11-16 13:23:27 -05:00
Lorenzo Fontana
e0175b1e06 build: cmake modules fixes and split 
Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-11-10 04:09:10 -05:00
Lorenzo Fontana
0f155c3a1f build: switch Falco back to luajit 
moonjit is unmaintaned [0], and lujit recently [1] added support
for the aarch64 architecture.

[0] https://twitter.com/siddhesh_p/status/1308594269502885889?s=20
[1] e9af1abec5

Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-11-10 04:09:10 -05:00
Lorenzo Fontana
8dd9ebbdf9 build: moonjit replacement for luajit 
This is needed because Luajit does not support many architectures
such as aarch64 and ppcle64.

Note: some operating systems, such as Alpine, already use moonjit as a dropin
replacement for luajit.

Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-11-10 04:09:10 -05:00
Leonardo Di Donato
b3679f8a59 update: new DRIVERS_REPO default 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-10-28 14:11:39 +01:00
Lorenzo Fontana
0a33f555eb build: bump b64 to ce864b17ea0e24a91e77c7dd3eb2d1ac4175b3f0. 
This version includes a fix so that it does not include the headers
for size_t twice.

Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-10-13 09:30:05 -04:00
Lorenzo Fontana
38f524d1dd build: bump b64 to v2.0.0.1 
Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-10-13 09:30:05 -04:00
Lorenzo Fontana
a51c4fc903 build: static code analysis structure and cppcheck 
Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-09-29 14:44:28 +02:00
Leonardo Grasso
bbfb27777b build: remove macrodefs about time (musl build) 
See https://github.com/draios/sysdig/pull/1684

Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-18 17:27:45 +02:00
Leonardo Di Donato
9a29203a4d build: engine fields checksum only when not building the minimal Falco 
Co-authored-by: Leonardo Grasso <me@leonardograsso.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-09-10 15:01:07 +02:00
Leonardo Grasso
d5f752de7a build: add MUSL_OPTIMIZED_BUILD option 
This option is now decoupled from `MINIMAL_BUILD`

Co-Authored-By: Lorenzo Fontana <fontanalorenz@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-10 15:01:07 +02:00
Leonardo Grasso
c46dbc7f11 build: remove gRPC, openssl, curl from minimal build 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-10 15:01:07 +02:00
Leonardo Grasso
0c1ed551ca build: remove civetweb when minimal build 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-10 15:01:07 +02:00
Leonardo Grasso
9d88bfd0d4 build: add MINIMAL_BUILD option 
Co-Authored-By: Lorenzo Fontana <fontanalorenz@gmail.com>
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
 2020-09-10 15:01:07 +02:00
Lorenzo Fontana
a20e3267cd build: make sure lyaml is linked with the bundled libyaml 
Signed-off-by: Lorenzo Fontana <fontanalorenz@gmail.com>
 2020-08-20 19:26:56 +02:00
Lorenzo Fontana
c03f563450 build: libyaml in bundled deps 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-07-16 19:34:39 +02:00
Leonardo Di Donato
8ae6aa51b9 chore: onetbb dependency is back 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-15 18:33:50 +02:00
Kris Nova
1af1226566 feat(build): fixing MD5 of tpp for udig/pdig build 
Signed-off-by: Kris Nova <kris@nivenly.com>
 2020-07-15 18:33:50 +02:00
Leonardo Di Donato
54a6d5c523 build: do not download lyaml and lpeg from draios S3 anymore 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-02 06:01:12 +02:00
Leonardo Di Donato
9fe78bf658 build: fetch libb64 and luajit from github, not from draios repos 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-02 06:01:12 +02:00
Leonardo Di Donato
727755e276 build: fetch openssl, curl, njson dependencies from github not draios 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-07-02 06:01:12 +02:00
Leonardo Di Donato
258f73ede2 build: download string-view-lite 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-05-21 18:15:46 +02:00
Leonardo Di Donato
26621ca381 fix(scripts): falco-driver-loader must infer the OS ID from the host 
Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-04-24 11:28:05 +02:00
Leonardo Di Donato
3ec4b5b652 build: rename the driver to "falco" and setup the DBG URL 
DBG stands for Drivers Build Grid, a repository holding a set of
prebuilt drivers (both Falco kernel modules and Falco eBPF probes).

Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-04-24 11:28:05 +02:00
danmx
4df5fe83be update(cmake): using sha256 instead of md5 
Signed-off-by: danmx <daniel@iziourov.info>
 2020-03-27 00:34:54 +01:00
Leonardo Di Donato
3934f19f3d build: cmake var to store the URL where to lookup for prebuilt drivers 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-03-23 18:50:06 +01:00
Lorenzo Fontana
c5674c9001 build: fix tbb dependency rename 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-03-18 04:07:47 -07:00
Lorenzo Fontana
74b0e18253 build: PROBE_VERSION must use the driver version 
The driver version was also setup in the wrong cmake file.

Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2020-03-10 18:00:04 +01:00
Leonardo Di Donato
4d99ce1b65 new(.circleci): run the debug build on centos7 on CI (USE_BUNDLED_DEPS=ON, CMAKE_BUILD_TYPE=debug) 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-28 17:32:38 +01:00
Leonardo Di Donato
2a9c9bdc53 update(cmake/modules): module to detect Falco version from the git index 
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
 2020-02-07 11:28:57 +01:00