falco

mirror of https://github.com/falcosecurity/falco.git synced 2025-06-28 07:37:32 +00:00

Author	SHA1	Message	Date
Shane Lawrence	d88d6685f8	Fix accidental whitespace. Co-authored-by: Leonardo Grasso <me@leonardograsso.com> Signed-off-by: Shane Lawrence <shane@lawrence.dev>	2024-12-19 18:25:50 +01:00
Shane Lawrence	06818263b6	Check if path exists before linking. Signed-off-by: Shane Lawrence <shane@lawrence.dev>	2024-12-19 18:25:50 +01:00
Luca Guerra	02f3db9835	cleanup(build): remove libelf dependency Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-12-19 10:31:48 +01:00
Luca Guerra	1239566467	fix(falco): prevent use-after-return in webserver Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-12-19 10:31:48 +01:00
Luca Guerra	129087a08b	fix(ci): consolidate sanitizers/not sanitizers jobs Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-12-19 10:31:48 +01:00
Luca Guerra	3bc27afc14	fix(ci): use ubuntu 22.04 to build wasm due to a regression (undefined _main) Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-12-19 10:31:48 +01:00
Luca Guerra	f2a983298e	fix(build): remove zlib requirement from cpp-httplib Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-12-19 10:31:48 +01:00
Luca Guerra	42de47a488	fix(ci): upgrade bpftool for static build Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-12-19 10:31:48 +01:00
Luca Guerra	092b54cab6	update(build): link (BSD) libelf statically by default Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-12-19 10:31:48 +01:00
Luca Guerra	e652d7fc85	Revert "update(build): disable musl builds" This reverts commit `30df5738a5`. Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-12-19 10:31:48 +01:00
Luca Guerra	d7792acdf3	update(falco): update libs to latest master Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-12-19 10:31:48 +01:00
Leonardo Grasso	a975e4cbc4	docs(falco.yaml): correct `buffered_outputs` description Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2024-12-16 09:33:32 +01:00
Federico Di Pierro	fa862b57e8	update(cmake): bump jemalloc asan warning message Co-authored-by: Samuel Gaist <samuel.gaist@idiap.ch> Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-10 15:11:03 +01:00
Federico Di Pierro	ac191b746c	chore(cmake): add a warning when using both jemalloc and asan. Signed-off-by: Federico Di Pierro <nierro92@gmail.com> Co-authored-by: Samuel Gaist <samuel.gaist@idiap.ch>	2024-12-10 15:11:03 +01:00
Federico Di Pierro	72f4715688	chore(ci): drop jemalloc from ASAN builds. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-10 15:11:03 +01:00
Federico Di Pierro	5044f3aa7e	fix(cmake): fixed jemalloc from system. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-10 15:11:03 +01:00
Federico Di Pierro	1c71777dbd	new(cmake,userspace): expose jemalloc stats in stats writer and prometheus metircs. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-10 15:11:03 +01:00
Federico Di Pierro	d007418fd3	new(cmake,ci): added support for using jemalloc allocator instead of glibc one. The jemalloc allocator is enabled by default for published packages. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-10 15:11:03 +01:00
Federico Di Pierro	f8feea63ad	fix(userspace/falco): use correct filtercheck_field_info. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-06 13:33:46 +01:00
cpanato	257ae9a8c0	add attestation Signed-off-by: cpanato <ctadeu@gmail.com>	2024-12-05 17:34:41 +01:00
Federico Di Pierro	35d8618373	chore(userspace/falco): add new `suggested_output` option to `append_output` configuration. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-05 15:34:40 +01:00
Federico Di Pierro	70ee5f4107	chore(userspace): update config schema. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-05 15:34:40 +01:00
Federico Di Pierro	114757d215	new(userspace,cmake): honor new plugins exposed suggested output formats. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-05 15:34:40 +01:00
Federico Di Pierro	9b35c0d5e0	update(userspace/falco): use ternary operator Co-authored-by: Samuel Gaist <samuel.gaist@idiap.ch> Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-05 10:15:39 +01:00
Federico Di Pierro	211eea6abb	new(userspace/falco): allow entirely disabling plugin hostinfo support. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-12-05 10:15:39 +01:00
FedeDP	9f29444b17	update(cmake): update libs and driver to latest master. Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>	2024-12-03 10:01:26 +01:00
Thomas Labarussias	242f25ae25	fix: update the url for the docs about the concurrent queue classes Signed-off-by: Thomas Labarussias <issif+github@gadz.org>	2024-11-26 18:29:48 +01:00
Federico Di Pierro	ee4c9f9d4b	update(changelog): updated changelog for 0.39.2. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-21 18:03:22 +01:00
poiana	563291f8d8	update(cmake): update libs and driver to latest master. Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>	2024-11-21 11:03:21 +01:00
Federico Di Pierro	4efbd44354	update(cmake): bumped falcoctl to v0.10.1. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-21 09:56:21 +01:00
Federico Di Pierro	0a8526dd7b	fix(cmake,docker): avoid cpp-httplib requiring brotli. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-07 08:58:23 +01:00
Luca Guerra	edf36c0724	fix(docker): add brotli to the Falco image Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-11-06 16:10:18 +01:00
Leonardo Grasso	3fa8bc9bc7	fix(docker/falco-debian): usage label Co-authored-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com> Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2024-11-05 17:38:11 +01:00
Leonardo Grasso	a212262194	docs(docker): update images description Co-authored-by: Leonardo Di Giovanna <leonardodigiovanna1@gmail.com> Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2024-11-05 17:38:11 +01:00
Leonardo Grasso	cfaf260b08	update(docker): no CMD for falco-driver-loader images Co-authored-by: Federico Di Pierro <nierro92@gmail.com> Signed-off-by: Leonardo Grasso <me@leonardograsso.com>	2024-11-05 17:38:11 +01:00
Federico Di Pierro	f4dd0b9c07	fix(docker): fix docker-compose with correct image name for Falco. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-05 17:38:11 +01:00
Federico Di Pierro	c44d323b4b	chore(ci,docker): more fixes. Signed-off-by: Federico Di Pierro <nierro92@gmail.com> Co-authored-by: Leonardo Grasso <me@leonardograsso.com>	2024-11-05 17:38:11 +01:00
Federico Di Pierro	57446c38f7	chore(docker): apply some review suggestions. Signed-off-by: Federico Di Pierro <nierro92@gmail.com> Co-authored-by: Leonardo Grasso <me@leonardograsso.com>	2024-11-05 17:38:11 +01:00
Federico Di Pierro	77695ace72	fix(docker): fixed small issues in the new images. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-05 17:38:11 +01:00
Federico Di Pierro	01ab1661c0	cleanup(ci): drop `-slim` tag. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-05 17:38:11 +01:00
Federico Di Pierro	58930ea8c0	new(ci,docker): renamed driver-loader-legacy to driver-loader-buster. Moreover, ported docker images CI to new images. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-05 17:38:11 +01:00
Federico Di Pierro	56c061f37a	chore(docker): updated README. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-05 17:38:11 +01:00
Federico Di Pierro	1307061554	new(docker): initial work towards new docker images. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-05 17:38:11 +01:00
Luca Guerra	e4107c05a4	update(ci): replace aarch64 actuated runners with oracle Signed-off-by: Luca Guerra <luca@guerra.sh>	2024-11-05 10:59:09 +01:00
Federico Di Pierro	729bf9562b	update(cmake): bump yaml-cpp to latest master. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-11-05 09:29:09 +01:00
dependabot[bot]	b50903e498	chore(deps): Bump submodules/falcosecurity-rules Bumps [submodules/falcosecurity-rules](https://github.com/falcosecurity/rules) from `407e997` to `283a62f`. - [Release notes](https://github.com/falcosecurity/rules/releases) - [Commits](`407e99721f...283a62f464`) --- updated-dependencies: - dependency-name: submodules/falcosecurity-rules dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2024-10-24 10:11:12 +02:00
Mark Stemm	09a9fd4c26	Add tests for mismatched sources and append Add additional unit tests to verify that rule loading fails when a second rules object has a different source but the name of an existing rules object. Also add tests for additional rules having an empty source. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2024-10-24 08:45:12 +02:00
Mark Stemm	4a73ef8824	When overriding rules, ensure that the sources match In places where a second rule definition might replace, append to, or replace items from a base rule, ensure that the source of the second rule definiton matches the first. This already existed for defines, but for other changes. There was a bug where a second definition might exist for a different source, but the additional rule was used anyway. This now returns the same error for these other changes e.g. "Rule has been re-defined..." as define. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2024-10-24 08:45:12 +02:00
Mark Stemm	a44b311333	Add a source to rule_update_info It's possible that someone might want to override a property for a non-syscall rule source. To assist in this, decode any source property for rules with append/override and save it in the rule_update_info object. For the source property only, the value for source can be empty e.g. 'source: ' or an empty string e.g. 'source: ""'. Both of those are considered valid but result in an empty source. A later change will ensure that the sources match up when appending/redefining/overriding/enabling. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>	2024-10-24 08:45:12 +02:00
Federico Di Pierro	24f824dfb5	update(cmake): bump libs to latest master. Signed-off-by: Federico Di Pierro <nierro92@gmail.com>	2024-10-22 14:59:04 +02:00

1 2 3 4 5 ...

4866 Commits