falco

mirror of https://github.com/falcosecurity/falco.git synced 2025-07-01 17:12:21 +00:00

Author	SHA1	Message	Date
Stefano	b378c3a77d	Add darryk10 as rules OWNERS as reviewer Signed-off-by: darryk10 <stefano.chierici@sysdig.com>	2022-07-21 17:42:07 +02:00
Jason Dellaluce	0cab9ba6ed	chore(OWNERS): remove duplicates in reviewers Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-07-20 10:39:56 +02:00
Jason Dellaluce	8cb6fc532f	cleanup(OWNERS): remove inactive approvers Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-07-20 10:39:56 +02:00
Andrea Terzolo	35db0b4a24	cleanup(userspace): remove unused logic Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>	2022-07-14 09:58:50 +02:00
Andrea Terzolo	4136a27de1	new(userspace): add exception management Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>	2022-07-14 09:58:50 +02:00
Andrea Terzolo	e73dbd4b42	new(userspace): add current `drop_pct` Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it> Co-authored-by: Shane Lawrence <shane@lawrence.dev>	2022-07-14 09:58:50 +02:00
Andrea Terzolo	b57a2d5a5f	update(userspace): introduce nlohmann json library Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>	2022-07-14 09:58:50 +02:00
Federico Di Pierro	1bf5f864bc	chore(docs): updated release.md template for packages adding aarch64 packages. Moreover, updated readme using aarch64 instead of arm64 (same that is used in the badge), and adding "-x86_64" suffix to x86 packages. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2022-07-13 12:01:23 +02:00
Alessandro Brucato	c40d1a5141	Update rules/falco_rules.yaml Signed-off-by: Alessandro Brucato <alessandro.brucato@sysdig.com>	2022-07-13 11:54:23 +02:00
Alessandro Brucato	409ca4382e	Update rules/falco_rules.yaml Signed-off-by: Alessandro Brucato <alessandro.brucato@sysdig.com> Co-authored-by: schie <77834235+darryk10@users.noreply.github.com>	2022-07-13 11:54:23 +02:00
Alessandro Brucato	a71a635b7e	Update rules/falco_rules.yaml Signed-off-by: Alessandro Brucato <alessandro.brucato@sysdig.com> Co-authored-by: schie <77834235+darryk10@users.noreply.github.com>	2022-07-13 11:54:23 +02:00
Alessandro Brucato	07024a2e0f	Update rules/falco_rules.yaml Signed-off-by: Alessandro Brucato <alessandro.brucato@sysdig.com> Co-authored-by: schie <77834235+darryk10@users.noreply.github.com>	2022-07-13 11:54:23 +02:00
Brucedh	6feeaee0cd	Added exception to Launch Privileged Container Signed-off-by: Alessandro Brucato <alessandro.brucato@sysdig.com>	2022-07-13 11:54:23 +02:00
Andrea Terzolo	a7153f2fd8	fix(userspace): compute the `drop ratio` in the right way Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it> Co-authored-by: Shane Lawrence <shane@lawrence.dev>	2022-07-13 09:38:22 +02:00
Ravi Ranjan	c078f7c21d	Falco Rules/Conditions Updates Signed-off-by: Ravi Ranjan <ravi.ranjan@elastisys.com>	2022-07-12 12:08:38 +02:00
Aldo Lacuku	46f625c449	chore(engine): remove trailing colon from logs when loading rule files Signed-off-by: Aldo Lacuku <aldo@lacuku.eu>	2022-07-12 10:40:43 +02:00
Luca Guerra	4c4ed56c19	update(docs): changelog for version 0.32.1 Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-11 11:19:44 +02:00
Luca Guerra	773156de04	update(falco): update libs to 0.7.0 Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-11 10:16:43 +02:00
Jason Dellaluce	62c1e875d5	update(userspace/falco): simplify sinsp logger sev decoding Co-authored-by: Luca Guerra <luca@guerra.sh> Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-07-07 12:46:51 +02:00
Jason Dellaluce	7dade32688	refactor(userspace/falco): make sinsp logging part of the configuration (default to false) Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-07-07 12:46:51 +02:00
Jason Dellaluce	bae68b37ee	new(userspace/falco): enable attaching libsinsp logger to the falco one Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-07-07 12:46:51 +02:00
Federico Di Pierro	3ddabc3b95	docs(readme): added arm64 mention + packages + badge. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2022-07-05 17:46:00 +02:00
Federico Di Pierro	a8b9ec18b0	fix(circleci): properly set BUILD_DIR and SOURCE_DIR to /build and /source respectively. Inside job "build-arm64" these are the locations used inside the container. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2022-07-05 17:45:01 +02:00
Federico Di Pierro	34404141e4	fix(circleci): share docker socket with docker container. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2022-07-05 17:45:01 +02:00
Federico Di Pierro	315b44dc17	new(circleci): enable integration tests for arm64. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2022-07-05 17:45:01 +02:00
Luca Guerra	161fe6fb3c	update(falco): upgrade drivers to 2.0.0, libs to latest rc Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-05 11:02:38 +02:00
Luca Guerra	3cde70eda8	fix(falco): parameter ordering in initialization Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-01 14:17:38 +02:00
Luca Guerra	982e8663be	update(gvisor): make gvisor_enable depend on config Signed-off-by: Luca Guerra <luca@guerra.sh> Co-authored-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-07-01 14:17:38 +02:00
Luca Guerra	993516f430	new(falco): add compile-time option to enable or disable gvisor support Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-01 14:17:38 +02:00
Luca Guerra	60b149709d	fix(gvisor): formatting Signed-off-by: Luca Guerra <luca@guerra.sh> Co-authored-by: Jason Dellaluce <jasondellaluce@gmail.com> Co-authored-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-07-01 14:17:38 +02:00
Luca Guerra	698eda8680	new(gvisor): add option to generate gVisor configuration Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-01 14:17:38 +02:00
Luca Guerra	0b75433cee	update(gvisor): update to the latest sinsp interface Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-01 14:17:38 +02:00
Luca Guerra	0ba492c280	new(falco): do not alert on syscall frequency when gvisor is enabled Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-01 14:17:38 +02:00
Luca Guerra	927c1c4126	new(falco): enable gVisor event collection Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-01 14:17:38 +02:00
Luca Guerra	1966fa1f91	update(falco): update libs to 0.7.0-rc2, 2.0.0-rc1+driver Signed-off-by: Luca Guerra <luca@guerra.sh>	2022-07-01 12:53:23 +02:00
Andrea Terzolo	e4fe6a3353	chore(cmake): bump plugins versions Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>	2022-06-29 16:41:29 +02:00
Federico Di Pierro	610b67838b	fix(docker): fixed deb tester sub image. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2022-06-29 11:52:31 +02:00
Jason Dellaluce	effabf533d	test(plugins): drop macro source warning test Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-06-28 11:33:08 +02:00
Jason Dellaluce	3c2effb498	refactor(userspace/engine): remove source field from macros in rule loader Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-06-28 11:33:08 +02:00
Jason Dellaluce	555bf9971c	fix(test): update expected test result for docker-compose scap file Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com> Co-authored-by: Luca Guerra <luca@guerra.sh>	2022-06-23 18:12:24 +02:00
Leonardo Grasso	c309107949	fix(test): correct "incompat_plugin_api" expectation See https://github.com/falcosecurity/libs/pull/389 Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2022-06-23 18:12:24 +02:00
Leonardo Grasso	b6245d77c7	update(rules): lower priority to noisy rule (after the dup improvement) Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2022-06-23 18:12:24 +02:00
Leonardo Grasso	2f208b52fc	fix(userspace/falco/app_actions/print_version.cpp): correct getter call for schema version Signed-off-by: Leonardo Grasso <me@leonardograsso.com> Co-authored-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-06-23 12:47:03 +02:00
Leonardo Grasso	f3bc178e40	fix(userspace/falco/app_actions/print_version.cpp): ensure destructor gets invoked Signed-off-by: Leonardo Grasso <me@leonardograsso.com> Co-authored-by: Jason Dellaluce <jasondellaluce@gmail.com>	2022-06-23 12:47:03 +02:00
Leonardo Grasso	308f001b87	chore(cmake/modules): remove leftover Co-authored-by: Federico Di Pierro <nierro92@gmail.com> Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2022-06-23 12:47:03 +02:00
Leonardo Grasso	fda9fb36de	update(userspace/falco): add more info to `--version` output Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2022-06-23 12:47:03 +02:00
Leonardo Grasso	92fdbbcc52	update(userspace/falco): do not print driver version by default Since now each Falco version is compatible with a range of driver version and not just one. Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2022-06-23 12:47:03 +02:00
Leonardo Grasso	4b694896a4	build: temporarily bump libs and driver Note that another bump is required before releasing Falco, since this commit uses alpha versions. Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2022-06-23 12:47:03 +02:00
Leonardo Grasso	d589ec2144	build(cmake/modules): dedicated cmake module for the driver Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2022-06-23 12:47:03 +02:00
Leonardo Grasso	6c08fa2a20	build(cmake/modules): divorce driver from falcosecurity-libs module Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2022-06-23 12:47:03 +02:00

1 2 3 4 5 ...

3016 Commits