From fc6a5cbc285fd742518617396da0872a55173985 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Thu, 2 May 2024 12:15:38 -0400 Subject: [PATCH 1/5] userspace: Extend CFLAGS of libscap.pc and libsinsp.pc. This is to so that includes work whether using e.g. #include or #include , and likewise for libsinp. * userspace/libsinsp/libsinsp.pc.in (Cflags): Add include directive for falcosecurity/driver. * userspace/libscap/libscap.pc.in: Likewise. Also add include directive for uthash. Signed-off-by: Maxim Cournoyer --- userspace/libscap/libscap.pc.in | 2 +- userspace/libsinsp/libsinsp.pc.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/userspace/libscap/libscap.pc.in b/userspace/libscap/libscap.pc.in index 40b6e96ed8..c5948489fe 100644 --- a/userspace/libscap/libscap.pc.in +++ b/userspace/libscap/libscap.pc.in @@ -7,4 +7,4 @@ Description: lib for System CAPture Version: @FALCOSECURITY_LIBS_VERSION@ Libs: -L${libdir} @LIBSCAP_LINK_LIBDIRS_FLAGS@ @LIBSCAP_LINK_LIBRARIES_FLAGS@ -Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libscap +Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libscap -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@ -I@UTHASH_INCLUDE@ diff --git a/userspace/libsinsp/libsinsp.pc.in b/userspace/libsinsp/libsinsp.pc.in index c1cc4a1e2a..9292e73ceb 100644 --- a/userspace/libsinsp/libsinsp.pc.in +++ b/userspace/libsinsp/libsinsp.pc.in @@ -8,4 +8,4 @@ Version: @FALCOSECURITY_LIBS_VERSION@ Requires: libscap Libs: -L${libdir} -lsinsp @SINSP_PKG_CONFIG_LIBDIRS@ @SINSP_PKG_CONFIG_LIBS@ -Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libsinsp @SINSP_PKG_CONFIG_INCLUDES@ +Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libsinsp -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@ @SINSP_PKG_CONFIG_INCLUDES@ From b062f1521d19440163a6425d0b78a7d4a5e4244a Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Fri, 3 May 2024 09:10:44 -0400 Subject: [PATCH 2/5] build: Install the pman library and its header. This is needed when linking to the static scap library, as its pkg-config file contains an '-lpman' directive. * userspace/libpman/CMakeLists.txt: New install target. Signed-off-by: Maxim Cournoyer --- userspace/libpman/CMakeLists.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/userspace/libpman/CMakeLists.txt b/userspace/libpman/CMakeLists.txt index da92e9f275..4b57365feb 100644 --- a/userspace/libpman/CMakeLists.txt +++ b/userspace/libpman/CMakeLists.txt @@ -58,3 +58,6 @@ endif() if(USE_BUNDLED_LIBBPF) add_dependencies(pman libbpf) endif() + +install(TARGETS pman LIBRARY ARCHIVE FRAMEWORK) +install(FILES include/libpman.h DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}) From 369db06f29b79e4c5d67f46afa9a79789ca6d75c Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Sat, 4 May 2024 10:14:18 -0400 Subject: [PATCH 3/5] libscap: Guard against install_lib_link_libraries-NOTFOUND. Previously, an erroneous -linstall_lib_link_libraries-NOTFOUND directive could be added to the configured libscap.pc pkg-config file. * cmake/modules/libscap.cmake: Ensure ${install_lib_link_library} is true. Signed-off-by: Maxim Cournoyer --- cmake/modules/libscap.cmake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmake/modules/libscap.cmake b/cmake/modules/libscap.cmake index 81ad2d28df..8b6b4197e0 100644 --- a/cmake/modules/libscap.cmake +++ b/cmake/modules/libscap.cmake @@ -95,7 +95,7 @@ foreach(libscap_install_lib ${LIBSCAP_INSTALL_LIBS}) list(APPEND libscap_link_libraries ${libscap_install_lib}) get_target_property(install_lib_link_libraries ${libscap_install_lib} LINK_LIBRARIES) foreach (install_lib_link_library ${install_lib_link_libraries}) - if (NOT ${install_lib_link_library} IN_LIST libscap_subdir_targets) + if (${install_lib_link_library} AND (NOT ${install_lib_link_library} IN_LIST libscap_subdir_targets)) if(${install_lib_link_library} MATCHES "/") # We have a path. Convert it to -L + -l. get_filename_component(scap_lib_dir ${install_lib_link_library} DIRECTORY) From 906d3c2bd2987cc42b6bebe7896325d37c313157 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Sun, 5 May 2024 07:44:53 -0400 Subject: [PATCH 4/5] build: Fix shared library build. * driver/CMakeLists.txt (DRIVER_SOURCES): Add missing headers. * userspace/libscap/engine/gvisor/CMakeLists.txt [BUILD_SHARED_LIBS]: Add missing include directories. * test/libscap/CMakeLists.txt (LIBSCAP_TESTS_LIBRARIES): Add ${PROTOBUF_LIB}. Fixes: #1820 Signed-off-by: Maxim Cournoyer --- driver/CMakeLists.txt | 5 +++++ test/libscap/CMakeLists.txt | 1 + userspace/libscap/engine/gvisor/CMakeLists.txt | 8 ++++++++ 3 files changed, 14 insertions(+) diff --git a/driver/CMakeLists.txt b/driver/CMakeLists.txt index 80229cc034..70c9ba65b6 100644 --- a/driver/CMakeLists.txt +++ b/driver/CMakeLists.txt @@ -152,6 +152,11 @@ set(DRIVER_SOURCES ppm_consumer.h capture_macro.h socketcall_to_syscall.h + syscall_compat_loongarch64.h + syscall_compat_ppc64le.h + syscall_compat_riscv64.h + syscall_compat_s390x.h + syscall_compat_x86_64.h syscall_ia32_64_map.c ) diff --git a/test/libscap/CMakeLists.txt b/test/libscap/CMakeLists.txt index e88603ebd0..fa26ba7ee4 100644 --- a/test/libscap/CMakeLists.txt +++ b/test/libscap/CMakeLists.txt @@ -45,6 +45,7 @@ set(LIBSCAP_TESTS_LIBRARIES "${GTEST_LIB}" "${GTEST_MAIN_LIB}" "${CMAKE_THREAD_LIBS_INIT}" + "${PROTOBUF_LIB}" scap ) diff --git a/userspace/libscap/engine/gvisor/CMakeLists.txt b/userspace/libscap/engine/gvisor/CMakeLists.txt index 6dfbafb146..875847b5da 100644 --- a/userspace/libscap/engine/gvisor/CMakeLists.txt +++ b/userspace/libscap/engine/gvisor/CMakeLists.txt @@ -76,6 +76,14 @@ if (BUILD_SHARED_LIBS) add_dependencies(scap_engine_gvisor_o uthash) add_dependencies(scap scap_engine_gvisor_o) target_sources(scap PRIVATE $) + + target_include_directories(scap_engine_gvisor_o + PRIVATE + ${CMAKE_BINARY_DIR} + ${CMAKE_CURRENT_BINARY_DIR} + ${CMAKE_SOURCE_DIR} + ${CMAKE_SOURCE_DIR}/userspace + ) else() add_library(scap_engine_gvisor ${scap_engine_gvisor_sources} From f74a20d83e1a3d79d4f57184e2b123727e7c235a Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Mon, 6 May 2024 16:24:48 -0400 Subject: [PATCH 5/5] libsinsp: Refine pkg-config file generation. The generated pkg-config file now makes use of pkg-config Requires and Requires.static fields, which should reduce over-linking when linking to shared libraries. * userspace/libscap/libscap.pc.in (prefix): Set directly to CMAKE_INSTALL_PREFIX. (Libs): Add -L{libdir}/@LIBS_PACKAGE_NAME@/libscap. * userspace/libsinsp/CMakeLists.txt: Separate libraries into pkg-config Requires and Requires.private lists. Do not infer from installable targets. * userspace/libsinsp/libsinsp.pc.in (Requires): Add @LIBSINSP_REQUIRES@. (Requires.private): New field. (Libs): Replace @SINSP_PKG_CONFIG_LIBDIRS@ and @SINSP_PKG_CONFIG_LIBS@ with @LIBSINSP_LINK_FLAGS@. (Cflags): Remove @SINSP_PKG_CONFIG_INCLUDES@ and @SINSP_PKG_CONFIG_INCLUDES@/driver. Add -I${includedir}/@LIBS_PACKAGE_NAME@/driver. Signed-off-by: Maxim Cournoyer --- userspace/libscap/libscap.pc.in | 5 ++- userspace/libsinsp/CMakeLists.txt | 73 ++++++++++--------------------- userspace/libsinsp/libsinsp.pc.in | 9 ++-- 3 files changed, 30 insertions(+), 57 deletions(-) diff --git a/userspace/libscap/libscap.pc.in b/userspace/libscap/libscap.pc.in index c5948489fe..829bcd19b7 100644 --- a/userspace/libscap/libscap.pc.in +++ b/userspace/libscap/libscap.pc.in @@ -1,4 +1,4 @@ -prefix=${pcfiledir}/../.. +prefix=@CMAKE_INSTALL_PREFIX@ libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@ includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@ @@ -6,5 +6,6 @@ Name: libscap Description: lib for System CAPture Version: @FALCOSECURITY_LIBS_VERSION@ -Libs: -L${libdir} @LIBSCAP_LINK_LIBDIRS_FLAGS@ @LIBSCAP_LINK_LIBRARIES_FLAGS@ +Requires: zlib +Libs: -L${libdir} -L{libdir}/@LIBS_PACKAGE_NAME@/libscap @LIBSCAP_LINK_LIBDIRS_FLAGS@ @LIBSCAP_LINK_LIBRARIES_FLAGS@ Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libscap -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@ -I@UTHASH_INCLUDE@ diff --git a/userspace/libsinsp/CMakeLists.txt b/userspace/libsinsp/CMakeLists.txt index 5d9ebacd9b..4d31931130 100644 --- a/userspace/libsinsp/CMakeLists.txt +++ b/userspace/libsinsp/CMakeLists.txt @@ -169,13 +169,9 @@ target_link_libraries(sinsp "${RE2_LIB}" ) -set(SINSP_PKGCONFIG_LIBRARIES - scap - "${ZLIB_LIB}" - "${CURL_LIBRARIES}" - "${JSONCPP_LIB}" - "${RE2_LIB}" -) +set(SINSP_PKGCONFIG_LIBRARIES) +set(SINSP_PKGCONFIG_REQUIRES jsoncpp) +set(SINSP_PKGCONFIG_REQUIRES_PRIVATE libcurl re2) if(NOT EMSCRIPTEN) target_link_libraries(sinsp @@ -184,7 +180,8 @@ if(NOT EMSCRIPTEN) PRIVATE "${TBB_LIB}" ) - list(APPEND SINSP_PKGCONFIG_LIBRARIES "${CARES_LIB}") + list(APPEND SINSP_PKGCONFIG_REQUIRES libcares) + list(APPEND SINSP_PKGCONFIG_REQUIRES_PRIVATE tbb) endif() if(USE_BUNDLED_VALIJSON) @@ -248,14 +245,12 @@ if(NOT WIN32) "${PROTOBUF_LIB}" "${CARES_LIB}" ) - list(APPEND SINSP_PKGCONFIG_LIBRARIES - "${GRPC_LIBRARIES}" - "${GRPCPP_LIB}" - "${GRPC_LIB}" - "${GPR_LIB}" - "${PROTOBUF_LIB}" - "${CARES_LIB}" - ) + list(APPEND SINSP_PKGCONFIG_REQUIRES + gpr + grpc + grpc++ + protobuf + libcares) if(NOT MUSL_OPTIMIZED_BUILD) target_link_libraries(sinsp INTERFACE rt anl) @@ -269,7 +264,7 @@ if(NOT WIN32) endif() # NOT APPLE target_link_libraries(sinsp INTERFACE "${OPENSSL_LIBRARIES}") - list(APPEND SINSP_PKGCONFIG_LIBRARIES "${OPENSSL_LIBRARIES}") + list(APPEND SINSP_PKGCONFIG_REQUIRES libcrypto libssl) target_link_libraries(sinsp INTERFACE dl pthread) list(APPEND SINSP_PKGCONFIG_LIBRARIES dl pthread) @@ -306,41 +301,17 @@ if(NOT DEFINED SINSP_AGENT_CGROUP_MEM_PATH_ENV_VAR) endif() add_definitions(-DSINSP_AGENT_CGROUP_MEM_PATH_ENV_VAR="${SINSP_AGENT_CGROUP_MEM_PATH_ENV_VAR}") -# Build our pkg-config "Libs:" flags. For now, loop over SINSP_PKGCONFIG_LIBRARIES. If -# we ever start using pkg_search_module or pkg_check_modules in cmake/modules -# we could add each module to our "Requires:" line instead. We might need to -# expand this to use some of the techniques in -# https://github.com/curl/curl/blob/curl-7_84_0/CMakeLists.txt#L1539 -set(SINSP_PKG_CONFIG_LIBS) -set(SINSP_PKG_CONFIG_LIBDIRS "") -foreach(sinsp_lib ${SINSP_PKGCONFIG_LIBRARIES}) - if(${sinsp_lib} MATCHES "^-") - # We have a flag. Pass it through unchanged. - list(APPEND SINSP_PKG_CONFIG_LIBS ${sinsp_lib}) - elseif(${sinsp_lib} MATCHES "/") - # We have a path. Convert it to -L + -l. - get_filename_component(sinsp_lib_dir ${sinsp_lib} DIRECTORY) - list(APPEND SINSP_PKG_CONFIG_LIBDIRS -L${sinsp_lib_dir}) - get_filename_component(sinsp_lib_base ${sinsp_lib} NAME_WE) - string(REGEX REPLACE "^lib" "" sinsp_lib_base ${sinsp_lib_base}) - list(APPEND SINSP_PKG_CONFIG_LIBS -l${sinsp_lib_base}) - elseif(${sinsp_lib} STREQUAL "scap") - # We require libscap.pc, so skip it. - else() - # Assume we have a plain library name. Prefix it with "-l". - list(APPEND SINSP_PKG_CONFIG_LIBS -l${sinsp_lib}) - endif() -endforeach() +list(REMOVE_DUPLICATES SINSP_PKGCONFIG_LIBRARIES) +list(REMOVE_DUPLICATES SINSP_PKGCONFIG_REQUIRES) +list(REMOVE_DUPLICATES SINSP_PKGCONFIG_REQUIRES_PRIVATE) -# Build our pkg-config "Cflags:" flags. -set(SINSP_PKG_CONFIG_INCLUDES "") -foreach(sinsp_include_directory ${LIBSINSP_INCLUDE_DIRS}) - list(APPEND SINSP_PKG_CONFIG_INCLUDES -I${sinsp_include_directory}) +set(SINSP_LINK_FLAGS) +foreach(sinsp_link_library ${SINSP_PKGCONFIG_LIBRARIES}) + list(APPEND SINSP_LINK_FLAGS "-l${sinsp_link_library}") endforeach() -string(REPLACE ";" " " SINSP_PKG_CONFIG_LIBS "${SINSP_PKG_CONFIG_LIBS}") -list(REMOVE_DUPLICATES SINSP_PKG_CONFIG_LIBDIRS) -string(REPLACE ";" " " SINSP_PKG_CONFIG_LIBDIRS "${SINSP_PKG_CONFIG_LIBDIRS}") -list(REMOVE_DUPLICATES SINSP_PKG_CONFIG_INCLUDES) -string(REPLACE ";" " " SINSP_PKG_CONFIG_INCLUDES "${SINSP_PKG_CONFIG_INCLUDES}") +string(REPLACE ";" " " LIBSINSP_LINK_FLAGS "${SINSP_LINK_FLAGS}") +string(REPLACE ";" " " LIBSINSP_REQUIRES "${SINSP_PKGCONFIG_REQUIRES}") +string(REPLACE ";" " " LIBSINSP_REQUIRES_PRIVATE "${SINSP_PKGCONFIG_REQUIRES_PRIVATE}") + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libsinsp.pc.in ${CMAKE_CURRENT_BINARY_DIR}/libsinsp.pc @ONLY) diff --git a/userspace/libsinsp/libsinsp.pc.in b/userspace/libsinsp/libsinsp.pc.in index 9292e73ceb..f20da76b39 100644 --- a/userspace/libsinsp/libsinsp.pc.in +++ b/userspace/libsinsp/libsinsp.pc.in @@ -1,4 +1,4 @@ -prefix=${pcfiledir}/../.. +prefix=@CMAKE_INSTALL_PREFIX@ libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@ includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@ @@ -6,6 +6,7 @@ Name: libsinsp Description: lib for System INSPection Version: @FALCOSECURITY_LIBS_VERSION@ -Requires: libscap -Libs: -L${libdir} -lsinsp @SINSP_PKG_CONFIG_LIBDIRS@ @SINSP_PKG_CONFIG_LIBS@ -Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libsinsp -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@ @SINSP_PKG_CONFIG_INCLUDES@ +Requires: libscap @LIBSINSP_REQUIRES@ +Requires.private: @LIBSINSP_REQUIRES_PRIVATE@ +Libs: -L${libdir} -lsinsp @LIBSINSP_LINK_FLAGS@ +Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libsinsp -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@