[Buildroot] [RFC PATCH v4 0/2] Bump sysdig to 0.29.1

[Buildroot] [RFC PATCH v4 0/2] Bump sysdig to 0.29.1

[Francis Laniel]

Hi.


In this contribution, I bumped sysdig version to 0.29.1.
Indeed, following this discussion [1], Arnout Vandecappelle noted sysdig 0.27.1
cannot be cross-compiled to, e.g., aarch64 because it uses the open() syscall.

To fix this, I bumped sysdig to 0.29.1.
Sadly, some components of sysdig, like libsinsp, libscap and the kernel modules,
were moved to falcosecurity/libs.
So, I added the falcosecurity-libs package.
A new patch was added to sysdig recipe to avoid compiling again
falcosecurity-libs.
Nonetheless, this patch is a bit big, so I prefered to keep the RFC tag to
gather your opinion about it.

I was nonetheless able to build and run sysdig with start-qemu.sh:
Welcome to Buildroot
buildroot login: root
# scap: loading out-of-tree module taints kernel.
scap: driver loading, scap 0.1.1dev
scap: adding new consumer (____ptrval____)
scap: initializing ring buffer for CPU 0
scap: CPU buffer initialized, size=8388608
scap: starting capture
2 14:29:14.500045202 0 <NA> (113) > switch next=10 pgft_maj=212 pgft_min=1175 vm_size=45204 vm_rss=18256 vm_swap=0
...
97 14:29:14.514272929 0 <NA> (113) > switch next=114 pgft_maj=213 pgft_min=1180 vm_size=45204 vm_rss=18256 vm_swap=
scap: deallocating consumer (____ptrval____)
scap: no more consumers, stopping capture

So, if you see a particular way to fix the problem I described above or any
problem with this contribution, feel free to share it!

Changes since:
 v3:
  - Make falcosecurity-libs a generic-package and a kernel-package.
  The generic-package will download us the libraries (libscap and libsinsp)
  which will be built by sysdig.mk.
  The kernel-package will build the kernel module.
  This permitted to simplify the overall contribution architecture by removing
  some patches.
 v2:
  - Add linux CONFIG_ option to execute falcosecurity-libs kernel module.
  - falcosecurity-libs driver name was set so sysdig automatically loads it.

Francis Laniel (2):
  falcosecurity-libs: add new package
  package/sysdig: bump to 0.29.1

 DEVELOPERS                                    |  1 +
 package/Config.in                             |  1 +
 ...cmake-Permit-setting-GRPC_CPP_PLUGIN.patch | 34 ++++++++
 package/falcosecurity-libs/Config.in          | 38 +++++++++
 .../falcosecurity-libs.hash                   |  5 ++
 .../falcosecurity-libs/falcosecurity-libs.mk  | 75 +++++++++++++++++
 ...BUNDLED_DEPS-before-getting-nlohmann.patch | 51 ++++++++++++
 ...ATCH_COMMAND-to-fix-lua-types-and-fu.patch | 82 -------------------
 ...gainst-libabseil-cpp-which-grpc-uses.patch | 47 -----------
 ...e-Add-libsinsp.a-as-IMPORTED-library.patch | 59 +++++++++++++
 package/sysdig/Config.in                      | 31 ++-----
 package/sysdig/sysdig.hash                    |  4 +-
 package/sysdig/sysdig.mk                      | 55 ++++++-------
 13 files changed, 295 insertions(+), 188 deletions(-)
 create mode 100644 package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
 create mode 100644 package/falcosecurity-libs/Config.in
 create mode 100644 package/falcosecurity-libs/falcosecurity-libs.hash
 create mode 100644 package/falcosecurity-libs/falcosecurity-libs.mk
 create mode 100644 package/sysdig/0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch
 delete mode 100644 package/sysdig/0001-libsinsp-Apply-PATCH_COMMAND-to-fix-lua-types-and-fu.patch
 delete mode 100644 package/sysdig/0002-Link-against-libabseil-cpp-which-grpc-uses.patch
 create mode 100644 package/sysdig/0002-cmake-Add-libsinsp.a-as-IMPORTED-library.patch


Best regards and thank you in advance.
---
[1] https://marc.info/?l=buildroot&m=164951521629400
-- 
2.25.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [RFC PATCH v4 1/2] falcosecurity-libs: add new package

[Francis Laniel]

Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
---
 DEVELOPERS                                    |  1 +
 package/Config.in                             |  1 +
 ...cmake-Permit-setting-GRPC_CPP_PLUGIN.patch | 34 ++++++++
 package/falcosecurity-libs/Config.in          | 30 +++++++
 .../falcosecurity-libs.hash                   |  5 ++
 .../falcosecurity-libs/falcosecurity-libs.mk  | 80 +++++++++++++++++++
 6 files changed, 151 insertions(+)
 create mode 100644 package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
 create mode 100644 package/falcosecurity-libs/Config.in
 create mode 100644 package/falcosecurity-libs/falcosecurity-libs.hash
 create mode 100644 package/falcosecurity-libs/falcosecurity-libs.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index ca9decb58f..d45d3d2a7b 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -969,6 +969,7 @@ F:	package/ipmitool/
 F:	package/odhcploc/
 
 N:	Francis Laniel <flaniel@linux.microsoft.com>
+F:	package/falcosecurity-libs
 F:	package/pahole/
 F:	package/sysdig/
 F:	package/tbb/
diff --git a/package/Config.in b/package/Config.in
index 24f7af5ea8..3070094cc0 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1935,6 +1935,7 @@ menu "Other"
 	source "package/eigen/Config.in"
 	source "package/elfutils/Config.in"
 	source "package/ell/Config.in"
+	source "package/falcosecurity-libs/Config.in"
 	source "package/fftw/Config.in"
 	source "package/flann/Config.in"
 	source "package/flatbuffers/Config.in"
diff --git a/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch b/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
new file mode 100644
index 0000000000..6141d8ef72
--- /dev/null
+++ b/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
@@ -0,0 +1,34 @@
+From 2e8a50cd4975df3ab60ee07c9675831cd5ad397f Mon Sep 17 00:00:00 2001
+From: Francis Laniel <flaniel@linux.microsoft.com>
+Date: Tue, 12 Apr 2022 19:54:11 +0100
+Subject: [PATCH] cmake: Permit setting GRPC_CPP_PLUGIN.
+
+This patch enables users to set GRPC_CPP_PLUGIN while calling cmake with:
+cmake -DGRPC_CPP_PLUGIN=/path
+
+Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
+---
+ cmake/modules/grpc.cmake | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/cmake/modules/grpc.cmake b/cmake/modules/grpc.cmake
+index e5fd16b8..9d8f5934 100644
+--- a/cmake/modules/grpc.cmake
++++ b/cmake/modules/grpc.cmake
+@@ -12,9 +12,11 @@ elseif(NOT USE_BUNDLED_GRPC)
+ 		set(GRPCPP_LIB gRPC::grpc++)
+ 
+ 		# gRPC C++ plugin
+-		get_target_property(GRPC_CPP_PLUGIN gRPC::grpc_cpp_plugin LOCATION)
+ 		if(NOT GRPC_CPP_PLUGIN)
+-			message(FATAL_ERROR "System grpc_cpp_plugin not found")
++			get_target_property(GRPC_CPP_PLUGIN gRPC::grpc_cpp_plugin LOCATION)
++			if(NOT GRPC_CPP_PLUGIN)
++				message(FATAL_ERROR "System grpc_cpp_plugin not found")
++			endif()
+ 		endif()
+ 
+ 		# gRPC include dir + properly handle grpc{++,pp}
+-- 
+2.25.1
+
diff --git a/package/falcosecurity-libs/Config.in b/package/falcosecurity-libs/Config.in
new file mode 100644
index 0000000000..e0b5a3d134
--- /dev/null
+++ b/package/falcosecurity-libs/Config.in
@@ -0,0 +1,30 @@
+config BR2_PACKAGE_FALCOSECURITY_LIBS
+	bool
+	depends on BR2_PACKAGE_PROTOBUF_ARCH_SUPPORTS # protobuf
+	depends on BR2_LINUX_KERNEL
+	depends on BR2_INSTALL_LIBSTDCPP # jsoncpp, protobuf, tbb
+	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # protobuf
+	depends on BR2_TOOLCHAIN_HAS_THREADS # jq, protobuf, tbb
+	depends on !BR2_STATIC_LIBS # protobuf, tbb
+	depends on BR2_TOOLCHAIN_USES_GLIBC # tbb
+	depends on BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
+	select BR2_PACKAGE_C_ARES
+	select BR2_PACKAGE_ELFUTILS
+	select BR2_PACKAGE_GRPC
+	select BR2_PACKAGE_GTEST
+	select BR2_PACKAGE_HOST_GRPC
+	select BR2_PACKAGE_HOST_PROTOBUF
+	select BR2_PACKAGE_JQ
+	select BR2_PACKAGE_JSONCPP
+	select BR2_PACKAGE_LIBB64
+	select BR2_PACKAGE_LIBCURL
+	select BR2_PACKAGE_OPENSSL
+	select BR2_PACKAGE_PROTOBUF
+	select BR2_PACKAGE_TBB
+	select BR2_PACKAGE_VALIJSON
+	select BR2_PACKAGE_ZLIB
+	help
+	  falcosecurity/libs provides libsinsp, libscap, the kernel
+	  module driver and the eBPF driver sources.
+
+	  https://github.com/falcosecurity/libs
diff --git a/package/falcosecurity-libs/falcosecurity-libs.hash b/package/falcosecurity-libs/falcosecurity-libs.hash
new file mode 100644
index 0000000000..7608c67590
--- /dev/null
+++ b/package/falcosecurity-libs/falcosecurity-libs.hash
@@ -0,0 +1,5 @@
+# sha256 locally computed
+sha256  80903bc57b7f9c5f24298ecf1531cf66ef571681b4bd1e05f6e4db704ffb380b  falcosecurity-libs-e5c53d648f3c4694385bbe488e7d47eaa36c229a.tar.gz
+sha256  a88fbf820b38b1c7fabc6efe291b8259e02ae21326f56fe31c6c9adf374b2702  COPYING
+sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  driver/GPL2.txt
+sha256  e3f6a43d097ed68176e9738de925d98b938e1bccf6d6bd1bcd79395eca8f76ed  driver/MIT.txt
diff --git a/package/falcosecurity-libs/falcosecurity-libs.mk b/package/falcosecurity-libs/falcosecurity-libs.mk
new file mode 100644
index 0000000000..96c762f336
--- /dev/null
+++ b/package/falcosecurity-libs/falcosecurity-libs.mk
@@ -0,0 +1,80 @@
+################################################################################
+#
+# falcosecurity-libs
+#
+################################################################################
+
+FALCOSECURITY_LIBS_VERSION = e5c53d648f3c4694385bbe488e7d47eaa36c229a
+FALCOSECURITY_LIBS_SITE = $(call github,falcosecurity,libs,$(FALCOSECURITY_LIBS_VERSION))
+FALCOSECURITY_LIBS_LICENSE = Apache-2.0 (userspace), MIT or GPL-2.0 (driver)
+FALCOSECURITY_LIBS_LICENSE_FILES = COPYING driver/MIT.txt driver/GPL2.txt
+FALCOSECURITY_LIBS_CPE_ID_VENDOR = falco
+FALCOSECURITY_LIBS_SUPPORTS_IN_SOURCE_BUILD = NO
+
+FALCOSECURITY_LIBS_DEPENDENCIES = \
+	c-ares \
+	elfutils \
+	grpc \
+	gtest \
+	host-grpc \
+	host-protobuf \
+	jq \
+	jsoncpp \
+	libb64 \
+	libcurl \
+	luainterpreter \
+	openssl \
+	protobuf \
+	tbb \
+	valijson \
+	zlib
+
+FALCOSECURITY_LIBS_DRIVER_NAME = scap
+FALCOSECURITY_LIBS_MODULE_SUBDIRS = driver
+FALCOSECURITY_LIBS_MODULE_MAKE_OPTS = KERNELDIR=$(LINUX_DIR)
+
+# falcosecurity-libs module needs these two kernel options to be set:
+# CONFIG_TRACEPOINTS
+# CONFIG_HAVE_SYSCALL_TRACEPOINTS
+# https://github.com/draios/sysdig/wiki/How-to-Install-Sysdig-from-the-Source-Code#linux-and-osx
+# CONFIG_FTRACE and CONFIG_SCHED_TRACER selects CONFIG_GENERIC_TRACER which in
+# turns select CONFIG_TRACING which in turns select CONFIG_TRACEPOINTS
+define FALCOSECURITY_LIBS_LINUX_CONFIG_FIXUPS
+	$(call KCONFIG_ENABLE_OPT,CONFIG_FTRACE)
+	$(call KCONFIG_ENABLE_OPT,CONFIG_SCHED_TRACER)
+	$(call KCONFIG_ENABLE_OPT,CONFIG_HAVE_SYSCALL_TRACEPOINTS)
+endef
+
+# falcosecurity-libs creates the module Makefile from a template, which contains
+# a single place-holder, KBUILD_FLAGS, wich is only replaced with debug flags,
+# which we don't care about here.
+# So, just replace the place-holder with the only meaningful value: nothing.
+# For the DRIVER_NAME, we set it to FALCOSECURITY_LIBS_DRIVER_NAME.
+# So, when sysdig will be run, it will automatically load
+# FALCOSECURITY_LIBS_DRIVER_NAME.ko.
+# We also need to do the same process for driver_config.h.in.
+# PPM_API_CURRENT_VERSION_* were take from driver/API_VERSION and
+# PPM_SCHEMA_CURRENT_VERSION_* from driver/SCHEMA_VERSION.
+# For the others, it was taken by inspecting
+# falcosecurity-libs/*/CMakeLists.txt.
+define FALCOSECURITY_LIBS_MODULE_GEN_MAKEFILE
+	$(INSTALL) -m 0644 $(@D)/driver/Makefile.in $(@D)/driver/Makefile
+	$(SED) 's/@KBUILD_FLAGS@//;' $(@D)/driver/Makefile
+	$(SED) 's/@DRIVER_NAME@/$(FALCOSECURITY_LIBS_DRIVER_NAME)/;' $(@D)/driver/Makefile
+
+	$(INSTALL) -m 0644 $(@D)/driver/driver_config.h.in $(@D)/driver/driver_config.h
+	$(SED) 's/\$${PPM_API_CURRENT_VERSION_MAJOR}/1/;' $(@D)/driver/driver_config.h
+	$(SED) 's/\$${PPM_API_CURRENT_VERSION_MINOR}/0/;' $(@D)/driver/driver_config.h
+	$(SED) 's/\$${PPM_API_CURRENT_VERSION_PATCH}/0/;' $(@D)/driver/driver_config.h
+	$(SED) 's/\$${PPM_SCHEMA_CURRENT_VERSION_MAJOR}/1/;' $(@D)/driver/driver_config.h
+	$(SED) 's/\$${PPM_SCHEMA_CURRENT_VERSION_MINOR}/0/;' $(@D)/driver/driver_config.h
+	$(SED) 's/\$${PPM_SCHEMA_CURRENT_VERSION_PATCH}/0/;' $(@D)/driver/driver_config.h
+	$(SED) 's/\$${DRIVER_VERSION}//;' $(@D)/driver/driver_config.h
+	$(SED) 's/\$${DRIVER_NAME}/$(FALCOSECURITY_LIBS_DRIVER_NAME)/;' $(@D)/driver/driver_config.h
+	$(SED) 's/\$${DRIVER_DEVICE_NAME}/$(FALCOSECURITY_LIBS_DRIVER_NAME)/;' $(@D)/driver/driver_config.h
+	$(SED) 's/\$${GIT_COMMIT}/0.1.1dev/;' $(@D)/driver/driver_config.h
+endef
+FALCOSECURITY_LIBS_POST_PATCH_HOOKS += FALCOSECURITY_LIBS_MODULE_GEN_MAKEFILE
+
+$(eval $(kernel-module))
+$(eval $(generic-package))
-- 
2.25.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

[Buildroot] [RFC PATCH v4 2/2] package/sysdig: bump to 0.29.1

[Francis Laniel]

sysdig 0.27.1 cannot be cross-compiled to, e.g., aarch64 because it uses open()
syscall [1].
This patch bumps its version to enable cross-compilation.

By doing so, we can remove the previous patches.
But this commit introduces new patches.
Indeed, libsinsp (lib system inspection), libscap (lib system capture) and the
kernel module were moved to falcosecurity/libs.
Sadly, it is not possible to compile sysdig with pre-compiled libs (like we do
in buildroot).
So, this contribution introduces a new patch to build sysdig with already built
falcosecurity/libs.

[1] https://marc.info/?l=buildroot&m=164951521629400

Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
---
 ...BUNDLED_DEPS-before-getting-nlohmann.patch | 52 ++++++++++++
 ...ATCH_COMMAND-to-fix-lua-types-and-fu.patch | 82 -------------------
 ...gainst-libabseil-cpp-which-grpc-uses.patch | 47 -----------
 package/sysdig/Config.in                      | 18 ++--
 package/sysdig/sysdig.hash                    |  4 +-
 package/sysdig/sysdig.mk                      | 55 +++++--------
 6 files changed, 79 insertions(+), 179 deletions(-)
 create mode 100644 package/sysdig/0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch
 delete mode 100644 package/sysdig/0001-libsinsp-Apply-PATCH_COMMAND-to-fix-lua-types-and-fu.patch
 delete mode 100644 package/sysdig/0002-Link-against-libabseil-cpp-which-grpc-uses.patch

diff --git a/package/sysdig/0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch b/package/sysdig/0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch
new file mode 100644
index 0000000000..3521bd3f8d
--- /dev/null
+++ b/package/sysdig/0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch
@@ -0,0 +1,52 @@
+From 0dbebd008c04d266dc41c4bec8280a0744fd5130 Mon Sep 17 00:00:00 2001
+From: Francis Laniel <flaniel@linux.microsoft.com>
+Date: Wed, 13 Apr 2022 18:01:11 +0100
+Subject: [PATCH] cmake: Check USE_BUNDLED_DEPS before getting
+ nlohmann-json.
+
+Upstream: https://github.com/draios/sysdig/pull/1869
+Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
+---
+ cmake/modules/nlohmann-json.cmake | 29 +++++++++++++++++++----------
+ 1 file changed, 19 insertions(+), 10 deletions(-)
+
+diff --git a/cmake/modules/nlohmann-json.cmake b/cmake/modules/nlohmann-json.cmake
+index bb1279d7..feb0f071 100644
+--- a/cmake/modules/nlohmann-json.cmake
++++ b/cmake/modules/nlohmann-json.cmake
+@@ -16,13 +16,22 @@
+ # limitations under the License.
+ #
+ 
+-set(NJSON_SRC "${PROJECT_BINARY_DIR}/njson-prefix/src/njson")
+-message(STATUS "Using bundled nlohmann-json in '${NJSON_SRC}'")
+-set(NJSON_INCLUDE_DIR "${NJSON_SRC}/single_include")
+-ExternalProject_Add(
+-  njson
+-  URL "https://github.com/nlohmann/json/archive/v3.3.0.tar.gz"
+-  URL_HASH "SHA256=2fd1d207b4669a7843296c41d3b6ac5b23d00dec48dba507ba051d14564aa801"
+-  CONFIGURE_COMMAND ""
+-  BUILD_COMMAND ""
+-  INSTALL_COMMAND "")
++if(NOT USE_BUNDLED_DEPS)
++  find_path(NJSON_INCLUDE_DIR NAMES nlohmann/json.hpp)
++  if(NJSON_INCLUDE_DIR)
++    message(STATUS "Found njson: include: ${NJSON_INCLUDE_DIR}")
++  else()
++    message(FATAL_ERROR "Couldn't find system njson")
++  endif()
++else()
++  set(NJSON_SRC "${PROJECT_BINARY_DIR}/njson-prefix/src/njson")
++  message(STATUS "Using bundled nlohmann-json in '${NJSON_SRC}'")
++  set(NJSON_INCLUDE_DIR "${NJSON_SRC}/single_include")
++  ExternalProject_Add(
++    njson
++    URL "https://github.com/nlohmann/json/archive/v3.3.0.tar.gz"
++    URL_HASH "SHA256=2fd1d207b4669a7843296c41d3b6ac5b23d00dec48dba507ba051d14564aa801"
++    CONFIGURE_COMMAND ""
++    BUILD_COMMAND ""
++    INSTALL_COMMAND "")
++endif()
+-- 
+2.25.1
+
diff --git a/package/sysdig/0001-libsinsp-Apply-PATCH_COMMAND-to-fix-lua-types-and-fu.patch b/package/sysdig/0001-libsinsp-Apply-PATCH_COMMAND-to-fix-lua-types-and-fu.patch
deleted file mode 100644
index 7873210281..0000000000
--- a/package/sysdig/0001-libsinsp-Apply-PATCH_COMMAND-to-fix-lua-types-and-fu.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From cc8bccc3ebb90103900a7f0f2b085ddb723b8792 Mon Sep 17 00:00:00 2001
-From: Francis Laniel <flaniel@linux.microsoft.com>
-Date: Wed, 6 Apr 2022 16:54:37 +0100
-Subject: [PATCH] libsinsp: Apply PATCH_COMMAND to fix lua types and function.
-
-Buildroot luajit 5.1 seems to not have compatibility between luaL_reg and
-luaL_Reg.
-So, we apply sysdig CMakeLists.txt PATCH_COMMAND to fix this and lua function
-call as well.
-Note that, this PATCH_COMMAND was added in sysdig in:
-a064440394c9 ("Adding power support to Travis builds (#1566)")
-
-This patch is also present in kubernetes/minikube in:
-f036c279bc59 ("Add patch for compiling sysdig with system luajit")
-
-Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
----
- userspace/libsinsp/chisel.cpp         | 6 +++---
- userspace/libsinsp/lua_parser.cpp     | 2 +-
- userspace/libsinsp/lua_parser_api.cpp | 2 +-
- 3 files changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/userspace/libsinsp/chisel.cpp b/userspace/libsinsp/chisel.cpp
-index 0a6e3cf8..0c2e255a 100644
---- a/userspace/libsinsp/chisel.cpp
-+++ b/userspace/libsinsp/chisel.cpp
-@@ -98,7 +98,7 @@ void lua_stackdump(lua_State *L)
- // Lua callbacks
- ///////////////////////////////////////////////////////////////////////////////
- #ifdef HAS_LUA_CHISELS
--const static struct luaL_reg ll_sysdig [] =
-+const static struct luaL_Reg ll_sysdig [] =
- {
- 	{"set_filter", &lua_cbacks::set_global_filter},
- 	{"set_snaplen", &lua_cbacks::set_snaplen},
-@@ -134,7 +134,7 @@ const static struct luaL_reg ll_sysdig [] =
- 	{NULL,NULL}
- };
- 
--const static struct luaL_reg ll_chisel [] =
-+const static struct luaL_Reg ll_chisel [] =
- {
- 	{"request_field", &lua_cbacks::request_field},
- 	{"set_filter", &lua_cbacks::set_filter},
-@@ -146,7 +146,7 @@ const static struct luaL_reg ll_chisel [] =
- 	{NULL,NULL}
- };
- 
--const static struct luaL_reg ll_evt [] =
-+const static struct luaL_Reg ll_evt [] =
- {
- 	{"field", &lua_cbacks::field},
- 	{"get_num", &lua_cbacks::get_num},
-diff --git a/userspace/libsinsp/lua_parser.cpp b/userspace/libsinsp/lua_parser.cpp
-index 0e26617d..78810d96 100644
---- a/userspace/libsinsp/lua_parser.cpp
-+++ b/userspace/libsinsp/lua_parser.cpp
-@@ -32,7 +32,7 @@ extern "C" {
- #include "lauxlib.h"
- }
- 
--const static struct luaL_reg ll_filter [] =
-+const static struct luaL_Reg ll_filter [] =
- {
- 	{"rel_expr", &lua_parser_cbacks::rel_expr},
- 	{"bool_op", &lua_parser_cbacks::bool_op},
-diff --git a/userspace/libsinsp/lua_parser_api.cpp b/userspace/libsinsp/lua_parser_api.cpp
-index c89e9126..c3d8008a 100644
---- a/userspace/libsinsp/lua_parser_api.cpp
-+++ b/userspace/libsinsp/lua_parser_api.cpp
-@@ -266,7 +266,7 @@ int lua_parser_cbacks::rel_expr(lua_State *ls)
- 					string err = "Got non-table as in-expression operand\n";
- 					throw sinsp_exception("parser API error");
- 				}
--				int n = luaL_getn(ls, 4);  /* get size of table */
-+				int n = lua_objlen (ls, 4);  /* get size of table */
- 				for (i=1; i<=n; i++)
- 				{
- 					lua_rawgeti(ls, 4, i);
--- 
-2.25.1
-
diff --git a/package/sysdig/0002-Link-against-libabseil-cpp-which-grpc-uses.patch b/package/sysdig/0002-Link-against-libabseil-cpp-which-grpc-uses.patch
deleted file mode 100644
index a9155fbb4a..0000000000
--- a/package/sysdig/0002-Link-against-libabseil-cpp-which-grpc-uses.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From a7fb3b863c3574470c45fdf6084dcc40931ca017 Mon Sep 17 00:00:00 2001
-From: Francis Laniel <flaniel@linux.microsoft.com>
-Date: Thu, 7 Apr 2022 18:30:23 +0100
-Subject: [PATCH] Link against libabseil-cpp which grpc uses.
-
-This patch was taken from:
-55c96b61f7b9 ("sysdig: make extra linking against abseil conditional") [1]
-from hhoffstaette/portage.
-
-[1] https://github.com/hhoffstaette/portage/blob/55c96b61f7b91e4d91bed6723e86c00dd91f8d16/dev-util/sysdig/files/0.27.1-grpc-absl-sync.patch
-
-Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
----
- CMakeLists.txt                    | 1 +
- userspace/libsinsp/CMakeLists.txt | 4 ++++
- 2 files changed, 5 insertions(+)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 1f34f1d6..c0354b29 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -552,6 +552,7 @@ if(NOT WIN32 AND NOT APPLE)
- 			else()
- 				message(FATAL_ERROR "Couldn't find system grpc")
- 			endif()
-+			find_library(ABSL_SYNC_LIB NAMES absl_synchronization)
- 			find_program(GRPC_CPP_PLUGIN grpc_cpp_plugin)
- 			if(NOT GRPC_CPP_PLUGIN)
- 				message(FATAL_ERROR "System grpc_cpp_plugin not found")
-diff --git a/userspace/libsinsp/CMakeLists.txt b/userspace/libsinsp/CMakeLists.txt
-index d72f9115..d1b7ea02 100644
---- a/userspace/libsinsp/CMakeLists.txt
-+++ b/userspace/libsinsp/CMakeLists.txt
-@@ -214,6 +214,10 @@ if(NOT WIN32)
- 				"${JQ_LIB}"
- 				"${B64_LIB}")
- 
-+			if(ABSL_SYNC_LIB)
-+				target_link_libraries(sinsp "${ABSL_SYNC_LIB}")
-+			endif()
-+
- 			if(NOT MUSL_OPTIMIZED_BUILD)
- 			target_link_libraries(sinsp
- 				rt
--- 
-2.25.1
-
diff --git a/package/sysdig/Config.in b/package/sysdig/Config.in
index c124054105..392d858ac6 100644
--- a/package/sysdig/Config.in
+++ b/package/sysdig/Config.in
@@ -2,25 +2,17 @@ config BR2_PACKAGE_SYSDIG
 	bool "sysdig"
 	depends on BR2_PACKAGE_PROTOBUF_ARCH_SUPPORTS # protobuf
 	depends on BR2_LINUX_KERNEL
-	depends on BR2_INSTALL_LIBSTDCPP # jsoncpp, protobuf, tbb
+	depends on BR2_INSTALL_LIBSTDCPP # jsoncpp, protobuf, tbb, yaml-cpp
 	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # protobuf
 	depends on BR2_TOOLCHAIN_HAS_THREADS # elfutils, jq, protobuf, tbb
 	depends on !BR2_STATIC_LIBS # elfutils, protobuf, tbb
 	depends on BR2_USE_WCHAR # elfutils
 	depends on BR2_TOOLCHAIN_USES_GLIBC # elfutils
 	depends on BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
-	select BR2_PACKAGE_C_ARES
-	select BR2_PACKAGE_ELFUTILS
-	select BR2_PACKAGE_GRPC
-	select BR2_PACKAGE_JQ
-	select BR2_PACKAGE_JSONCPP
-	select BR2_PACKAGE_LIBB64
-	select BR2_PACKAGE_LIBCURL
+	select BR2_PACKAGE_FALCOSECURITY_LIBS
 	select BR2_PACKAGE_NCURSES
-	select BR2_PACKAGE_OPENSSL
-	select BR2_PACKAGE_PROTOBUF
-	select BR2_PACKAGE_TBB
-	select BR2_PACKAGE_ZLIB
+	select BR2_PACKAGE_JSON_FOR_MODERN_CPP
+	select BR2_PACKAGE_YAML_CPP
 	help
 	  Sysdig is open source, system-level exploration:
 	  capture system state and activity from a running Linux
@@ -36,4 +28,4 @@ comment "sysdig needs a glibc toolchain w/ C++, threads, gcc >= 4.8, dynamic lib
 		|| !BR2_TOOLCHAIN_HAS_THREADS \
 		|| !BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || BR2_STATIC_LIBS \
 		|| !BR2_TOOLCHAIN_USES_GLIBC \
-	    || !BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
+		|| !BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
diff --git a/package/sysdig/sysdig.hash b/package/sysdig/sysdig.hash
index 4ec46abfc3..380c9dce1e 100644
--- a/package/sysdig/sysdig.hash
+++ b/package/sysdig/sysdig.hash
@@ -1,5 +1,3 @@
 # sha256 locally computed
-sha256  b9d05854493d245a7a7e75f77fc654508f720aab5e5e8a3a932bd8eb54e49bda  sysdig-0.27.1.tar.gz
+sha256  3721c97f0da43c1a68d2962d30363525d8532ab5f2534dfefc86d175e17e423e  sysdig-0.29.1.tar.gz
 sha256  a88fbf820b38b1c7fabc6efe291b8259e02ae21326f56fe31c6c9adf374b2702  COPYING
-sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  driver/GPL2.txt
-sha256  e3f6a43d097ed68176e9738de925d98b938e1bccf6d6bd1bcd79395eca8f76ed  driver/MIT.txt
diff --git a/package/sysdig/sysdig.mk b/package/sysdig/sysdig.mk
index 9a9aaa35c3..3ce5d0bb79 100644
--- a/package/sysdig/sysdig.mk
+++ b/package/sysdig/sysdig.mk
@@ -4,10 +4,10 @@
 #
 ################################################################################
 
-SYSDIG_VERSION = 0.27.1
+SYSDIG_VERSION = 0.29.1
 SYSDIG_SITE = $(call github,draios,sysdig,$(SYSDIG_VERSION))
-SYSDIG_LICENSE = Apache-2.0 (userspace), MIT or GPL-2.0 (driver)
-SYSDIG_LICENSE_FILES = COPYING driver/MIT.txt driver/GPL2.txt
+SYSDIG_LICENSE = Apache-2.0
+SYSDIG_LICENSE_FILE = COPYING
 SYSDIG_CPE_ID_VENDOR = sysdig
 SYSDIG_CONF_OPTS = \
 	-DENABLE_DKMS=OFF \
@@ -16,39 +16,26 @@ SYSDIG_CONF_OPTS = \
 SYSDIG_SUPPORTS_IN_SOURCE_BUILD = NO
 
 SYSDIG_DEPENDENCIES = \
-	c-ares \
-	elfutils \
-	grpc \
-	jq \
-	jsoncpp \
-	libb64 \
-	libcurl \
-	luainterpreter \
+	falcosecurity-libs \
 	ncurses \
-	openssl \
-	protobuf \
-	tbb \
-	zlib
+	json-for-modern-cpp \
+	yaml-cpp
 
-# sysdig creates the module Makefile from a template, which contains a
-# single place-holder, KBUILD_FLAGS, wich is only replaced with two
-# things:
-#   - debug flags, which we don't care about here,
-#   - 'sysdig-feature' flags, which are never set, so always empty
-# So, just replace the place-holder with the only meaningful value: nothing.
-define SYSDIG_MODULE_GEN_MAKEFILE
-	$(INSTALL) -m 0644 $(@D)/driver/Makefile.in $(@D)/driver/Makefile
-	$(SED) 's/@KBUILD_FLAGS@//;' $(@D)/driver/Makefile
-	$(SED) 's/@PROBE_NAME@/sysdig-probe/;' $(@D)/driver/Makefile
-endef
-SYSDIG_POST_PATCH_HOOKS += SYSDIG_MODULE_GEN_MAKEFILE
+# For sysdig to automatically loads the driver, SYSDIG_DRIVER_NAME should be
+# the same than FALCOSECURITY_LIBS_DRIVER_NAME.
+SYSDIG_DRIVER_NAME = scap
 
-# Don't build the driver as part of the 'standard' procedure, we'll
-# build it on our own with the kernel-module infra.
-SYSDIG_CONF_OPTS += -DBUILD_DRIVER=OFF
-
-SYSDIG_MODULE_SUBDIRS = driver
-SYSDIG_MODULE_MAKE_OPTS = KERNELDIR=$(LINUX_DIR)
+# Don't build the driver as part of the 'standard' procedure, it has been built
+# by falcosecurity-libs.mk.
+# grpc_cpp_plugin is needed to build falcosecurity libs, so we give the host
+# one there.
+SYSDIG_CONF_OPTS += -DFALCOSECURITY_LIBS_SOURCE_DIR=$(FALCOSECURITY_LIBS_SRCDIR) \
+	-DBUILD_DRIVER=OFF \
+	-DGRPC_CPP_PLUGIN=$(HOST_DIR)/bin/grpc_cpp_plugin \
+	-DDRIVER_NAME=$(SYSDIG_DRIVER_NAME) \
+	-DENABLE_DKMS=OFF \
+	-DUSE_BUNDLED_DEPS=OFF \
+	-DWITH_CHISEL=ON \
+	-DVALIJSON_INCLUDE=$(BUILD_DIR)/valijson-0.6/include/valijson
 
-$(eval $(kernel-module))
 $(eval $(cmake-package))
-- 
2.25.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [RFC PATCH v4 1/2] falcosecurity-libs: add new package

[Arnout Vandecappelle]

On 25/04/2022 18:43, Francis Laniel wrote:
> Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>

  I've added a bit of explanation both in the commit message and in the .mk file 
itself that we're not building the userspace components and why.

> ---
>   DEVELOPERS                                    |  1 +
>   package/Config.in                             |  1 +
>   ...cmake-Permit-setting-GRPC_CPP_PLUGIN.patch | 34 ++++++++
>   package/falcosecurity-libs/Config.in          | 30 +++++++
>   .../falcosecurity-libs.hash                   |  5 ++
>   .../falcosecurity-libs/falcosecurity-libs.mk  | 80 +++++++++++++++++++
>   6 files changed, 151 insertions(+)
>   create mode 100644 package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
>   create mode 100644 package/falcosecurity-libs/Config.in
>   create mode 100644 package/falcosecurity-libs/falcosecurity-libs.hash
>   create mode 100644 package/falcosecurity-libs/falcosecurity-libs.mk
> 
> diff --git a/DEVELOPERS b/DEVELOPERS
> index ca9decb58f..d45d3d2a7b 100644
> --- a/DEVELOPERS
> +++ b/DEVELOPERS
> @@ -969,6 +969,7 @@ F:	package/ipmitool/
>   F:	package/odhcploc/
>   
>   N:	Francis Laniel <flaniel@linux.microsoft.com>
> +F:	package/falcosecurity-libs
>   F:	package/pahole/
>   F:	package/sysdig/
>   F:	package/tbb/
> diff --git a/package/Config.in b/package/Config.in
> index 24f7af5ea8..3070094cc0 100644
> --- a/package/Config.in
> +++ b/package/Config.in
> @@ -1935,6 +1935,7 @@ menu "Other"
>   	source "package/eigen/Config.in"
>   	source "package/elfutils/Config.in"
>   	source "package/ell/Config.in"
> +	source "package/falcosecurity-libs/Config.in"
>   	source "package/fftw/Config.in"
>   	source "package/flann/Config.in"
>   	source "package/flatbuffers/Config.in"
> diff --git a/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch b/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
> new file mode 100644
> index 0000000000..6141d8ef72
> --- /dev/null
> +++ b/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
> @@ -0,0 +1,34 @@
> +From 2e8a50cd4975df3ab60ee07c9675831cd5ad397f Mon Sep 17 00:00:00 2001
> +From: Francis Laniel <flaniel@linux.microsoft.com>
> +Date: Tue, 12 Apr 2022 19:54:11 +0100
> +Subject: [PATCH] cmake: Permit setting GRPC_CPP_PLUGIN.
> +
> +This patch enables users to set GRPC_CPP_PLUGIN while calling cmake with:
> +cmake -DGRPC_CPP_PLUGIN=/path
> +
> +Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>

  Could you send this patch upstream?


  Applied to master, thanks.

  Regards,
  Arnout

[snip]
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [RFC PATCH v4 2/2] package/sysdig: bump to 0.29.1

[Arnout Vandecappelle]

On 25/04/2022 18:43, Francis Laniel wrote:
> sysdig 0.27.1 cannot be cross-compiled to, e.g., aarch64 because it uses open()
> syscall [1].
> This patch bumps its version to enable cross-compilation.
> 
> By doing so, we can remove the previous patches.
> But this commit introduces new patches.
> Indeed, libsinsp (lib system inspection), libscap (lib system capture) and the
> kernel module were moved to falcosecurity/libs.
> Sadly, it is not possible to compile sysdig with pre-compiled libs (like we do
> in buildroot).
> So, this contribution introduces a new patch to build sysdig with already built
> falcosecurity/libs.
> 
> [1] https://marc.info/?l=buildroot&m=164951521629400
> 
> Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
[snip]
> diff --git a/package/sysdig/Config.in b/package/sysdig/Config.in
> index c124054105..392d858ac6 100644
> --- a/package/sysdig/Config.in
> +++ b/package/sysdig/Config.in
> @@ -2,25 +2,17 @@ config BR2_PACKAGE_SYSDIG
>   	bool "sysdig"
>   	depends on BR2_PACKAGE_PROTOBUF_ARCH_SUPPORTS # protobuf
>   	depends on BR2_LINUX_KERNEL
> -	depends on BR2_INSTALL_LIBSTDCPP # jsoncpp, protobuf, tbb
> +	depends on BR2_INSTALL_LIBSTDCPP # jsoncpp, protobuf, tbb, yaml-cpp
>   	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # protobuf
>   	depends on BR2_TOOLCHAIN_HAS_THREADS # elfutils, jq, protobuf, tbb

  This is now an indirect dependency. We normally show that as
... # falcosecurity-libs -> elfutils, jq, protobuf, tbb
but that would get really long, so I changed all of them to just mention 
falcosecurity-libs.

>   	depends on !BR2_STATIC_LIBS # elfutils, protobuf, tbb
>   	depends on BR2_USE_WCHAR # elfutils

  This one is not present in falcosecurity-libs (anyway implied by glibc), so I 
removed it.

>   	depends on BR2_TOOLCHAIN_USES_GLIBC # elfutils
>   	depends on BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
> -	select BR2_PACKAGE_C_ARES
> -	select BR2_PACKAGE_ELFUTILS
> -	select BR2_PACKAGE_GRPC
> -	select BR2_PACKAGE_JQ
> -	select BR2_PACKAGE_JSONCPP
> -	select BR2_PACKAGE_LIBB64
> -	select BR2_PACKAGE_LIBCURL
> +	select BR2_PACKAGE_FALCOSECURITY_LIBS
>   	select BR2_PACKAGE_NCURSES
> -	select BR2_PACKAGE_OPENSSL
> -	select BR2_PACKAGE_PROTOBUF
> -	select BR2_PACKAGE_TBB
> -	select BR2_PACKAGE_ZLIB
> +	select BR2_PACKAGE_JSON_FOR_MODERN_CPP
> +	select BR2_PACKAGE_YAML_CPP
>   	help
>   	  Sysdig is open source, system-level exploration:
>   	  capture system state and activity from a running Linux
> @@ -36,4 +28,4 @@ comment "sysdig needs a glibc toolchain w/ C++, threads, gcc >= 4.8, dynamic lib
>   		|| !BR2_TOOLCHAIN_HAS_THREADS \
>   		|| !BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || BR2_STATIC_LIBS \
>   		|| !BR2_TOOLCHAIN_USES_GLIBC \
> -	    || !BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
> +		|| !BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
> diff --git a/package/sysdig/sysdig.hash b/package/sysdig/sysdig.hash
> index 4ec46abfc3..380c9dce1e 100644
> --- a/package/sysdig/sysdig.hash
> +++ b/package/sysdig/sysdig.hash
> @@ -1,5 +1,3 @@
>   # sha256 locally computed
> -sha256  b9d05854493d245a7a7e75f77fc654508f720aab5e5e8a3a932bd8eb54e49bda  sysdig-0.27.1.tar.gz
> +sha256  3721c97f0da43c1a68d2962d30363525d8532ab5f2534dfefc86d175e17e423e  sysdig-0.29.1.tar.gz
>   sha256  a88fbf820b38b1c7fabc6efe291b8259e02ae21326f56fe31c6c9adf374b2702  COPYING
> -sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  driver/GPL2.txt
> -sha256  e3f6a43d097ed68176e9738de925d98b938e1bccf6d6bd1bcd79395eca8f76ed  driver/MIT.txt
> diff --git a/package/sysdig/sysdig.mk b/package/sysdig/sysdig.mk
> index 9a9aaa35c3..3ce5d0bb79 100644
> --- a/package/sysdig/sysdig.mk
> +++ b/package/sysdig/sysdig.mk
> @@ -4,10 +4,10 @@
>   #
>   ################################################################################
>   
> -SYSDIG_VERSION = 0.27.1
> +SYSDIG_VERSION = 0.29.1
>   SYSDIG_SITE = $(call github,draios,sysdig,$(SYSDIG_VERSION))
> -SYSDIG_LICENSE = Apache-2.0 (userspace), MIT or GPL-2.0 (driver)
> -SYSDIG_LICENSE_FILES = COPYING driver/MIT.txt driver/GPL2.txt
> +SYSDIG_LICENSE = Apache-2.0
> +SYSDIG_LICENSE_FILE = COPYING
>   SYSDIG_CPE_ID_VENDOR = sysdig
>   SYSDIG_CONF_OPTS = \
>   	-DENABLE_DKMS=OFF \
> @@ -16,39 +16,26 @@ SYSDIG_CONF_OPTS = \
>   SYSDIG_SUPPORTS_IN_SOURCE_BUILD = NO
>   
>   SYSDIG_DEPENDENCIES = \
> -	c-ares \
> -	elfutils \
> -	grpc \
> -	jq \
> -	jsoncpp \
> -	libb64 \
> -	libcurl \
> -	luainterpreter \
> +	falcosecurity-libs \
>   	ncurses \
> -	openssl \
> -	protobuf \
> -	tbb \
> -	zlib
> +	json-for-modern-cpp \
> +	yaml-cpp
>   
> -# sysdig creates the module Makefile from a template, which contains a
> -# single place-holder, KBUILD_FLAGS, wich is only replaced with two
> -# things:
> -#   - debug flags, which we don't care about here,
> -#   - 'sysdig-feature' flags, which are never set, so always empty
> -# So, just replace the place-holder with the only meaningful value: nothing.
> -define SYSDIG_MODULE_GEN_MAKEFILE
> -	$(INSTALL) -m 0644 $(@D)/driver/Makefile.in $(@D)/driver/Makefile
> -	$(SED) 's/@KBUILD_FLAGS@//;' $(@D)/driver/Makefile
> -	$(SED) 's/@PROBE_NAME@/sysdig-probe/;' $(@D)/driver/Makefile
> -endef
> -SYSDIG_POST_PATCH_HOOKS += SYSDIG_MODULE_GEN_MAKEFILE
> +# For sysdig to automatically loads the driver, SYSDIG_DRIVER_NAME should be
> +# the same than FALCOSECURITY_LIBS_DRIVER_NAME.
> +SYSDIG_DRIVER_NAME = scap

  It's a bit silly to have this huge comment and then define a variable that is 
used only once. So I removed all that and directly used 
FALCOSECURITY_LIBS_DRIVER_NAME below.

  Applied to master, thanks.

  Regards,
  Arnout

>   
> -# Don't build the driver as part of the 'standard' procedure, we'll
> -# build it on our own with the kernel-module infra.
> -SYSDIG_CONF_OPTS += -DBUILD_DRIVER=OFF
> -
> -SYSDIG_MODULE_SUBDIRS = driver
> -SYSDIG_MODULE_MAKE_OPTS = KERNELDIR=$(LINUX_DIR)
> +# Don't build the driver as part of the 'standard' procedure, it has been built
> +# by falcosecurity-libs.mk.
> +# grpc_cpp_plugin is needed to build falcosecurity libs, so we give the host
> +# one there.
> +SYSDIG_CONF_OPTS += -DFALCOSECURITY_LIBS_SOURCE_DIR=$(FALCOSECURITY_LIBS_SRCDIR) \
> +	-DBUILD_DRIVER=OFF \
> +	-DGRPC_CPP_PLUGIN=$(HOST_DIR)/bin/grpc_cpp_plugin \
> +	-DDRIVER_NAME=$(SYSDIG_DRIVER_NAME) \
> +	-DENABLE_DKMS=OFF \
> +	-DUSE_BUNDLED_DEPS=OFF \
> +	-DWITH_CHISEL=ON \
> +	-DVALIJSON_INCLUDE=$(BUILD_DIR)/valijson-0.6/include/valijson
>   
> -$(eval $(kernel-module))
>   $(eval $(cmake-package))
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [RFC PATCH v4 2/2] package/sysdig: bump to 0.29.1

[Francis Laniel]

Hi!

Le samedi 30 avril 2022, 19:07:41 BST Arnout Vandecappelle a écrit :
> On 25/04/2022 18:43, Francis Laniel wrote:
> > sysdig 0.27.1 cannot be cross-compiled to, e.g., aarch64 because it uses
> > open() syscall [1].
> > This patch bumps its version to enable cross-compilation.
> > 
> > By doing so, we can remove the previous patches.
> > But this commit introduces new patches.
> > Indeed, libsinsp (lib system inspection), libscap (lib system capture) and
> > the kernel module were moved to falcosecurity/libs.
> > Sadly, it is not possible to compile sysdig with pre-compiled libs (like
> > we do in buildroot).
> > So, this contribution introduces a new patch to build sysdig with already
> > built falcosecurity/libs.
> > 
> > [1] https://marc.info/?l=buildroot&m=164951521629400
> > 
> > Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
> 
> [snip]
> 
> > diff --git a/package/sysdig/Config.in b/package/sysdig/Config.in
> > index c124054105..392d858ac6 100644
> > --- a/package/sysdig/Config.in
> > +++ b/package/sysdig/Config.in
> > @@ -2,25 +2,17 @@ config BR2_PACKAGE_SYSDIG
> > 
> >   	bool "sysdig"
> >   	depends on BR2_PACKAGE_PROTOBUF_ARCH_SUPPORTS # protobuf
> >   	depends on BR2_LINUX_KERNEL
> > 
> > -	depends on BR2_INSTALL_LIBSTDCPP # jsoncpp, protobuf, tbb
> > +	depends on BR2_INSTALL_LIBSTDCPP # jsoncpp, protobuf, tbb, yaml-cpp
> > 
> >   	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # protobuf
> >   	depends on BR2_TOOLCHAIN_HAS_THREADS # elfutils, jq, protobuf, tbb
> 
>   This is now an indirect dependency. We normally show that as
> ... # falcosecurity-libs -> elfutils, jq, protobuf, tbb
> but that would get really long, so I changed all of them to just mention
> falcosecurity-libs.
> 
> >   	depends on !BR2_STATIC_LIBS # elfutils, protobuf, tbb
> >   	depends on BR2_USE_WCHAR # elfutils
> 
>   This one is not present in falcosecurity-libs (anyway implied by glibc),
> so I removed it.
> 
> >   	depends on BR2_TOOLCHAIN_USES_GLIBC # elfutils
> >   	depends on BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
> > 
> > -	select BR2_PACKAGE_C_ARES
> > -	select BR2_PACKAGE_ELFUTILS
> > -	select BR2_PACKAGE_GRPC
> > -	select BR2_PACKAGE_JQ
> > -	select BR2_PACKAGE_JSONCPP
> > -	select BR2_PACKAGE_LIBB64
> > -	select BR2_PACKAGE_LIBCURL
> > +	select BR2_PACKAGE_FALCOSECURITY_LIBS
> > 
> >   	select BR2_PACKAGE_NCURSES
> > 
> > -	select BR2_PACKAGE_OPENSSL
> > -	select BR2_PACKAGE_PROTOBUF
> > -	select BR2_PACKAGE_TBB
> > -	select BR2_PACKAGE_ZLIB
> > +	select BR2_PACKAGE_JSON_FOR_MODERN_CPP
> > +	select BR2_PACKAGE_YAML_CPP
> > 
> >   	help
> >   	
> >   	  Sysdig is open source, system-level exploration:
> >   	  capture system state and activity from a running Linux
> > 
> > @@ -36,4 +28,4 @@ comment "sysdig needs a glibc toolchain w/ C++, threads,
> > gcc >= 4.8, dynamic lib> 
> >   		|| !BR2_TOOLCHAIN_HAS_THREADS \
> >   		|| !BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || BR2_STATIC_LIBS \
> >   		|| !BR2_TOOLCHAIN_USES_GLIBC \
> > 
> > -	    || !BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
> > +		|| !BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
> > diff --git a/package/sysdig/sysdig.hash b/package/sysdig/sysdig.hash
> > index 4ec46abfc3..380c9dce1e 100644
> > --- a/package/sysdig/sysdig.hash
> > +++ b/package/sysdig/sysdig.hash
> > @@ -1,5 +1,3 @@
> > 
> >   # sha256 locally computed
> > 
> > -sha256  b9d05854493d245a7a7e75f77fc654508f720aab5e5e8a3a932bd8eb54e49bda 
> > sysdig-0.27.1.tar.gz +sha256 
> > 3721c97f0da43c1a68d2962d30363525d8532ab5f2534dfefc86d175e17e423e 
> > sysdig-0.29.1.tar.gz> 
> >   sha256  a88fbf820b38b1c7fabc6efe291b8259e02ae21326f56fe31c6c9adf374b2702
> >    COPYING> 
> > -sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 
> > driver/GPL2.txt -sha256 
> > e3f6a43d097ed68176e9738de925d98b938e1bccf6d6bd1bcd79395eca8f76ed 
> > driver/MIT.txt diff --git a/package/sysdig/sysdig.mk
> > b/package/sysdig/sysdig.mk
> > index 9a9aaa35c3..3ce5d0bb79 100644
> > --- a/package/sysdig/sysdig.mk
> > +++ b/package/sysdig/sysdig.mk
> > @@ -4,10 +4,10 @@
> > 
> >   #
> >   ########################################################################
> >   ########> 
> > -SYSDIG_VERSION = 0.27.1
> > +SYSDIG_VERSION = 0.29.1
> > 
> >   SYSDIG_SITE = $(call github,draios,sysdig,$(SYSDIG_VERSION))
> > 
> > -SYSDIG_LICENSE = Apache-2.0 (userspace), MIT or GPL-2.0 (driver)
> > -SYSDIG_LICENSE_FILES = COPYING driver/MIT.txt driver/GPL2.txt
> > +SYSDIG_LICENSE = Apache-2.0
> > +SYSDIG_LICENSE_FILE = COPYING
> > 
> >   SYSDIG_CPE_ID_VENDOR = sysdig
> >   SYSDIG_CONF_OPTS = \
> >   
> >   	-DENABLE_DKMS=OFF \
> > 
> > @@ -16,39 +16,26 @@ SYSDIG_CONF_OPTS = \
> > 
> >   SYSDIG_SUPPORTS_IN_SOURCE_BUILD = NO
> >   
> >   SYSDIG_DEPENDENCIES = \
> > 
> > -	c-ares \
> > -	elfutils \
> > -	grpc \
> > -	jq \
> > -	jsoncpp \
> > -	libb64 \
> > -	libcurl \
> > -	luainterpreter \
> > +	falcosecurity-libs \
> > 
> >   	ncurses \
> > 
> > -	openssl \
> > -	protobuf \
> > -	tbb \
> > -	zlib
> > +	json-for-modern-cpp \
> > +	yaml-cpp
> > 
> > -# sysdig creates the module Makefile from a template, which contains a
> > -# single place-holder, KBUILD_FLAGS, wich is only replaced with two
> > -# things:
> > -#   - debug flags, which we don't care about here,
> > -#   - 'sysdig-feature' flags, which are never set, so always empty
> > -# So, just replace the place-holder with the only meaningful value:
> > nothing. -define SYSDIG_MODULE_GEN_MAKEFILE
> > -	$(INSTALL) -m 0644 $(@D)/driver/Makefile.in $(@D)/driver/Makefile
> > -	$(SED) 's/@KBUILD_FLAGS@//;' $(@D)/driver/Makefile
> > -	$(SED) 's/@PROBE_NAME@/sysdig-probe/;' $(@D)/driver/Makefile
> > -endef
> > -SYSDIG_POST_PATCH_HOOKS += SYSDIG_MODULE_GEN_MAKEFILE
> > +# For sysdig to automatically loads the driver, SYSDIG_DRIVER_NAME should
> > be +# the same than FALCOSECURITY_LIBS_DRIVER_NAME.
> > +SYSDIG_DRIVER_NAME = scap
> 
>   It's a bit silly to have this huge comment and then define a variable that
> is used only once. So I removed all that and directly used
> FALCOSECURITY_LIBS_DRIVER_NAME below.
> 
>   Applied to master, thanks.

Thank you for it!
I actually did a small mistake when sending this patch...
I will send a new series which corrects the problem and bump to 0.29.2 before 
end of the day!

>   Regards,
>   Arnout
> 
> > -# Don't build the driver as part of the 'standard' procedure, we'll
> > -# build it on our own with the kernel-module infra.
> > -SYSDIG_CONF_OPTS += -DBUILD_DRIVER=OFF
> > -
> > -SYSDIG_MODULE_SUBDIRS = driver
> > -SYSDIG_MODULE_MAKE_OPTS = KERNELDIR=$(LINUX_DIR)
> > +# Don't build the driver as part of the 'standard' procedure, it has been
> > built +# by falcosecurity-libs.mk.
> > +# grpc_cpp_plugin is needed to build falcosecurity libs, so we give the
> > host +# one there.
> > +SYSDIG_CONF_OPTS +=
> > -DFALCOSECURITY_LIBS_SOURCE_DIR=$(FALCOSECURITY_LIBS_SRCDIR) \
> > +	-DBUILD_DRIVER=OFF \
> > +	-DGRPC_CPP_PLUGIN=$(HOST_DIR)/bin/grpc_cpp_plugin \
> > +	-DDRIVER_NAME=$(SYSDIG_DRIVER_NAME) \
> > +	-DENABLE_DKMS=OFF \
> > +	-DUSE_BUNDLED_DEPS=OFF \
> > +	-DWITH_CHISEL=ON \
> > +	-DVALIJSON_INCLUDE=$(BUILD_DIR)/valijson-0.6/include/valijson
> > 
> > -$(eval $(kernel-module))
> > 
> >   $(eval $(cmake-package))




_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [RFC PATCH v4 1/2] falcosecurity-libs: add new package

[Francis Laniel]

Hi!

Le samedi 30 avril 2022, 18:57:04 BST Arnout Vandecappelle a écrit :
> On 25/04/2022 18:43, Francis Laniel wrote:
> > Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
> 
>   I've added a bit of explanation both in the commit message and in the .mk
> file itself that we're not building the userspace components and why.
> 
> > ---
> > 
> >   DEVELOPERS                                    |  1 +
> >   package/Config.in                             |  1 +
> >   ...cmake-Permit-setting-GRPC_CPP_PLUGIN.patch | 34 ++++++++
> >   package/falcosecurity-libs/Config.in          | 30 +++++++
> >   .../falcosecurity-libs.hash                   |  5 ++
> >   .../falcosecurity-libs/falcosecurity-libs.mk  | 80 +++++++++++++++++++
> >   6 files changed, 151 insertions(+)
> >   create mode 100644
> >   package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.pa
> >   tch create mode 100644 package/falcosecurity-libs/Config.in
> >   create mode 100644 package/falcosecurity-libs/falcosecurity-libs.hash
> >   create mode 100644 package/falcosecurity-libs/falcosecurity-libs.mk
> > 
> > diff --git a/DEVELOPERS b/DEVELOPERS
> > index ca9decb58f..d45d3d2a7b 100644
> > --- a/DEVELOPERS
> > +++ b/DEVELOPERS
> > @@ -969,6 +969,7 @@ F:	package/ipmitool/
> > 
> >   F:	package/odhcploc/
> >   
> >   N:	Francis Laniel <flaniel@linux.microsoft.com>
> > 
> > +F:	package/falcosecurity-libs
> > 
> >   F:	package/pahole/
> >   F:	package/sysdig/
> >   F:	package/tbb/
> > 
> > diff --git a/package/Config.in b/package/Config.in
> > index 24f7af5ea8..3070094cc0 100644
> > --- a/package/Config.in
> > +++ b/package/Config.in
> > @@ -1935,6 +1935,7 @@ menu "Other"
> > 
> >   	source "package/eigen/Config.in"
> >   	source "package/elfutils/Config.in"
> >   	source "package/ell/Config.in"
> > 
> > +	source "package/falcosecurity-libs/Config.in"
> > 
> >   	source "package/fftw/Config.in"
> >   	source "package/flann/Config.in"
> >   	source "package/flatbuffers/Config.in"
> > 
> > diff --git
> > a/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.pa
> > tch
> > b/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.pa
> > tch new file mode 100644
> > index 0000000000..6141d8ef72
> > --- /dev/null
> > +++
> > b/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.pa
> > tch @@ -0,0 +1,34 @@
> > +From 2e8a50cd4975df3ab60ee07c9675831cd5ad397f Mon Sep 17 00:00:00 2001
> > +From: Francis Laniel <flaniel@linux.microsoft.com>
> > +Date: Tue, 12 Apr 2022 19:54:11 +0100
> > +Subject: [PATCH] cmake: Permit setting GRPC_CPP_PLUGIN.
> > +
> > +This patch enables users to set GRPC_CPP_PLUGIN while calling cmake with:
> > +cmake -DGRPC_CPP_PLUGIN=/path
> > +
> > +Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
> 
>   Could you send this patch upstream?

Oh sorry, I sent the nlohmann-json one but forgot about it!
I will try to upstream it!

> 
>   Applied to master, thanks.

Thank you!

>   Regards,
>   Arnout
> 
> [snip]

Best regards.


_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot