github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-28 23:57:29 +00:00
Code Issues Projects Releases Wiki Activity
4,285 Commits 121 Branches 172 Tags 104 MiB
eed5b906a8
Commit Graph

4285 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Melissa Kilby
72439b2eed cleanup(app_actions): adjust configure_interesting_sets 
* address reviewers feedback
* improve clarity around new -A and -i behavior
* additional cleanup (e.g. use generic set operations only)
* extend unit tests

Note: sinsp ppm sc API is undergoing a refactor, therefore current lookups are interim
and will subsequently be refactored as well.

Co-authored-by: Jason Dellaluce <jasondellaluce@gmail.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-02-21 14:31:28 +01:00
Melissa Kilby
f77f8667a1 cleanup(tests): add unit tests for configure_interesting_sets 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-02-21 14:31:28 +01:00
Melissa Kilby
30fe065446 cleanup(app_actions): configure -A w/ new default behavior 
Define new -A behavior in configure_interesting_sets

* default: all syscalls in rules included, sinsp state enforcement without high volume I/O syscalls
* -A flag set: all syscalls in rules included, sinsp state enforcement and allowing high volume I/O syscalls

Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-02-21 14:31:28 +01:00
Melissa Kilby
91c185a178 cleanup(app_actions): include evttypes from rules in configure_interesting_sets 
Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
 2023-02-21 14:31:28 +01:00
Jason Dellaluce
34ed5a5fc9 chore: fix typos 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-21 11:09:29 +01:00
Jason Dellaluce
f34ef41e8a test(userspace/falco): add tests for atomic signal handler 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-21 11:09:29 +01:00
Jason Dellaluce
70c22c7d2e refactor(userspace/falco): adapt actions to new signal handler constructs 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-21 11:09:29 +01:00
Jason Dellaluce
eb3bf7260d refactor(userspace/falco): add an ad-hoc concurrent object for signal handlers 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-21 11:09:29 +01:00
Jason Dellaluce
5470a88b61 fix(userspace/falco): add missing constructors/methods on falco semaphore 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-21 11:09:29 +01:00
Luca Guerra
e19f536514 new(docs): add security audit from January 2023 
Signed-off-by: Luca Guerra <luca@guerra.sh>
 2023-02-21 08:23:28 +01:00
Aldo Lacuku
7a0ca9f534 new(docs): update Changelog for 0.34.1 
Signed-off-by: Aldo Lacuku <aldo@lacuku.eu>
 2023-02-20 14:45:17 +01:00
Aldo Lacuku
bdca1ce0a6 update(cmake): bumped libs to 0.10.4 
Signed-off-by: Aldo Lacuku <aldo@lacuku.eu>
 2023-02-17 16:40:44 +01:00
Jason Dellaluce
94882f3fd2 test(unit_tests): add tests for select_event_sources action 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-15 10:51:35 +01:00
Jason Dellaluce
9fd6bbf2bf update(unit_tests): link test suite to falco app cmake target 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-15 10:51:35 +01:00
Jason Dellaluce
bf5b8f5c83 new(userspace/falco): add intermediate cmake target for falco app 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-15 10:51:35 +01:00
Jason Dellaluce
a7ef45852c fix(unit_tests): invert libraries and dependencies in CMakeLists 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-15 10:51:35 +01:00
Jason Dellaluce
c45bf3eb17 chore(userspace/falco): rename falco_init into falco_run 
Co-authored-by: Federico Di Pierro <nierro92@gmail.com>
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
149544d7ab chore(userspace/falco): fix spacing and license 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
1eb915bf2f fix(userspace/falco): solve issues with minimal build 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
3d6393ae62 fix: solve unit test issues 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
5d35dff2a7 refactor(userspace/falco/app): standalone sources for action helpers 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
799557f7f7 refactor(userspace/falco/app): make run and teardown actions consistent 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
fe859bda2d refactor(userspace/engine): turn app methods into simple functions 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
374136be18 refactor(userspace/engine): add standalone sources for app signals and options 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
623d27ef77 refactor(userspace/engine): create standalone sources for app state and run result 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
0f402d01d0 fix(userspace/falco): add missing pragma once 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Jason Dellaluce
ff68311629 fix(userspace/engine): add missing include 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 17:33:31 +01:00
Lorenzo Susini
88ac30650c fix(userspace/engine): correctly bump engine version after introduction of new fields 
Signed-off-by: Lorenzo Susini <susinilorenzo1@gmail.com>
 2023-02-14 13:03:06 +01:00
Jason Dellaluce
6ecc708e2b fix(unit_tests): adapt new evttype resolvers to gtest 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 12:47:07 +01:00
Jason Dellaluce
79b3f81a02 chore: fix typos 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 12:47:07 +01:00
Jason Dellaluce
2495827e0c fix(userspace/engine): correctly handle evttype indexing corner cases 
Signed-off-by: Jason Dellaluce <jasondellaluce@gmail.com>
 2023-02-14 12:47:07 +01:00
Federico Di Pierro
e8a62f6800 new(ci): added new workflow to automatic tag and publish new builder and tester images upon changes. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2023-02-14 09:49:05 +01:00
Federico Di Pierro
75dc8c050c new(userspace,tests): add proper support for generic events indexing. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2023-02-13 14:54:03 +01:00
Federico Di Pierro
392b66bd5a update(docs): update release.md to port Falco to use release/M.m.x branches. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2023-02-13 14:27:02 +01:00
Federico Di Pierro
cb5dddf8ec fix(release): fixed tag creation step in release doc. 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
 2023-02-13 14:27:02 +01:00
Andrea Terzolo
98550e80b3 chore: remove a no more useful cmake file 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
0d62fb9133 ci: remove unit tests from circleCI 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
af9fbbcdc6 chore: remove no more useful cmake files 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
d7e498caf9 fix after rebase 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
0004b140b1 ci: use new unit tests where necessary 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
dff127bb65 cleanup: remove old tests 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
5e5869357a tests: add Configuration tests 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
71d7c574e0 tests: add Ruleset tests 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
0f83411f05 tests: add PluginRequirements tests 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
696a744004 tests: add WarningResolver tests 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
8059e28af5 tests: add MacroResolver tests 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
1faa35552a tests: add EvtTypeResolver tests 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
88bac44f05 test: first scaffolfing of the initial structure 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Andrea Terzolo
dca76ba93c chore: fix building with njson 
Signed-off-by: Andrea Terzolo <andrea.terzolo@polito.it>
 2023-02-10 11:41:24 +01:00
Aldo Lacuku
43c802d045 fix(dockerfile/no-driver): install ca-certificates 
Signed-off-by: Aldo Lacuku <aldo@lacuku.eu>
 2023-02-09 17:31:31 +01:00