From ea86757e51cf424566f79896335d31d15b89d0d9 Mon Sep 17 00:00:00 2001 From: Francis Laniel Date: Mon, 25 Apr 2022 17:43:19 +0100 Subject: [PATCH] package/sysdig: bump to 0.29.1 sysdig 0.27.1 cannot be cross-compiled to, e.g., aarch64 because it uses open() syscall [1]. This patch bumps its version to enable cross-compilation. Existing patches have been upstream, but a new patch (merged upstream) has to be added to avoid downloading json-for-modern-cpp during the build. [1] https://marc.info/?l=buildroot&m=164951521629400 Signed-off-by: Francis Laniel Signed-off-by: Arnout Vandecappelle (Essensium/Mind) --- ...BUNDLED_DEPS-before-getting-nlohmann.patch | 52 ++++++++++++ ...ATCH_COMMAND-to-fix-lua-types-and-fu.patch | 82 ------------------- ...gainst-libabseil-cpp-which-grpc-uses.patch | 47 ----------- package/sysdig/Config.in | 33 +++----- package/sysdig/sysdig.hash | 4 +- package/sysdig/sysdig.mk | 53 ++++-------- 6 files changed, 83 insertions(+), 188 deletions(-) create mode 100644 package/sysdig/0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch delete mode 100644 package/sysdig/0001-libsinsp-Apply-PATCH_COMMAND-to-fix-lua-types-and-fu.patch delete mode 100644 package/sysdig/0002-Link-against-libabseil-cpp-which-grpc-uses.patch diff --git a/package/sysdig/0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch b/package/sysdig/0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch new file mode 100644 index 0000000000..3521bd3f8d --- /dev/null +++ b/package/sysdig/0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch @@ -0,0 +1,52 @@ +From 0dbebd008c04d266dc41c4bec8280a0744fd5130 Mon Sep 17 00:00:00 2001 +From: Francis Laniel +Date: Wed, 13 Apr 2022 18:01:11 +0100 +Subject: [PATCH] cmake: Check USE_BUNDLED_DEPS before getting + nlohmann-json. + +Upstream: https://github.com/draios/sysdig/pull/1869 +Signed-off-by: Francis Laniel +--- + cmake/modules/nlohmann-json.cmake | 29 +++++++++++++++++++---------- + 1 file changed, 19 insertions(+), 10 deletions(-) + +diff --git a/cmake/modules/nlohmann-json.cmake b/cmake/modules/nlohmann-json.cmake +index bb1279d7..feb0f071 100644 +--- a/cmake/modules/nlohmann-json.cmake ++++ b/cmake/modules/nlohmann-json.cmake +@@ -16,13 +16,22 @@ + # limitations under the License. + # + +-set(NJSON_SRC "${PROJECT_BINARY_DIR}/njson-prefix/src/njson") +-message(STATUS "Using bundled nlohmann-json in '${NJSON_SRC}'") +-set(NJSON_INCLUDE_DIR "${NJSON_SRC}/single_include") +-ExternalProject_Add( +- njson +- URL "https://github.com/nlohmann/json/archive/v3.3.0.tar.gz" +- URL_HASH "SHA256=2fd1d207b4669a7843296c41d3b6ac5b23d00dec48dba507ba051d14564aa801" +- CONFIGURE_COMMAND "" +- BUILD_COMMAND "" +- INSTALL_COMMAND "") ++if(NOT USE_BUNDLED_DEPS) ++ find_path(NJSON_INCLUDE_DIR NAMES nlohmann/json.hpp) ++ if(NJSON_INCLUDE_DIR) ++ message(STATUS "Found njson: include: ${NJSON_INCLUDE_DIR}") ++ else() ++ message(FATAL_ERROR "Couldn't find system njson") ++ endif() ++else() ++ set(NJSON_SRC "${PROJECT_BINARY_DIR}/njson-prefix/src/njson") ++ message(STATUS "Using bundled nlohmann-json in '${NJSON_SRC}'") ++ set(NJSON_INCLUDE_DIR "${NJSON_SRC}/single_include") ++ ExternalProject_Add( ++ njson ++ URL "https://github.com/nlohmann/json/archive/v3.3.0.tar.gz" ++ URL_HASH "SHA256=2fd1d207b4669a7843296c41d3b6ac5b23d00dec48dba507ba051d14564aa801" ++ CONFIGURE_COMMAND "" ++ BUILD_COMMAND "" ++ INSTALL_COMMAND "") ++endif() +-- +2.25.1 + diff --git a/package/sysdig/0001-libsinsp-Apply-PATCH_COMMAND-to-fix-lua-types-and-fu.patch b/package/sysdig/0001-libsinsp-Apply-PATCH_COMMAND-to-fix-lua-types-and-fu.patch deleted file mode 100644 index 7873210281..0000000000 --- a/package/sysdig/0001-libsinsp-Apply-PATCH_COMMAND-to-fix-lua-types-and-fu.patch +++ /dev/null @@ -1,82 +0,0 @@ -From cc8bccc3ebb90103900a7f0f2b085ddb723b8792 Mon Sep 17 00:00:00 2001 -From: Francis Laniel -Date: Wed, 6 Apr 2022 16:54:37 +0100 -Subject: [PATCH] libsinsp: Apply PATCH_COMMAND to fix lua types and function. - -Buildroot luajit 5.1 seems to not have compatibility between luaL_reg and -luaL_Reg. -So, we apply sysdig CMakeLists.txt PATCH_COMMAND to fix this and lua function -call as well. -Note that, this PATCH_COMMAND was added in sysdig in: -a064440394c9 ("Adding power support to Travis builds (#1566)") - -This patch is also present in kubernetes/minikube in: -f036c279bc59 ("Add patch for compiling sysdig with system luajit") - -Signed-off-by: Francis Laniel ---- - userspace/libsinsp/chisel.cpp | 6 +++--- - userspace/libsinsp/lua_parser.cpp | 2 +- - userspace/libsinsp/lua_parser_api.cpp | 2 +- - 3 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/userspace/libsinsp/chisel.cpp b/userspace/libsinsp/chisel.cpp -index 0a6e3cf8..0c2e255a 100644 ---- a/userspace/libsinsp/chisel.cpp -+++ b/userspace/libsinsp/chisel.cpp -@@ -98,7 +98,7 @@ void lua_stackdump(lua_State *L) - // Lua callbacks - /////////////////////////////////////////////////////////////////////////////// - #ifdef HAS_LUA_CHISELS --const static struct luaL_reg ll_sysdig [] = -+const static struct luaL_Reg ll_sysdig [] = - { - {"set_filter", &lua_cbacks::set_global_filter}, - {"set_snaplen", &lua_cbacks::set_snaplen}, -@@ -134,7 +134,7 @@ const static struct luaL_reg ll_sysdig [] = - {NULL,NULL} - }; - --const static struct luaL_reg ll_chisel [] = -+const static struct luaL_Reg ll_chisel [] = - { - {"request_field", &lua_cbacks::request_field}, - {"set_filter", &lua_cbacks::set_filter}, -@@ -146,7 +146,7 @@ const static struct luaL_reg ll_chisel [] = - {NULL,NULL} - }; - --const static struct luaL_reg ll_evt [] = -+const static struct luaL_Reg ll_evt [] = - { - {"field", &lua_cbacks::field}, - {"get_num", &lua_cbacks::get_num}, -diff --git a/userspace/libsinsp/lua_parser.cpp b/userspace/libsinsp/lua_parser.cpp -index 0e26617d..78810d96 100644 ---- a/userspace/libsinsp/lua_parser.cpp -+++ b/userspace/libsinsp/lua_parser.cpp -@@ -32,7 +32,7 @@ extern "C" { - #include "lauxlib.h" - } - --const static struct luaL_reg ll_filter [] = -+const static struct luaL_Reg ll_filter [] = - { - {"rel_expr", &lua_parser_cbacks::rel_expr}, - {"bool_op", &lua_parser_cbacks::bool_op}, -diff --git a/userspace/libsinsp/lua_parser_api.cpp b/userspace/libsinsp/lua_parser_api.cpp -index c89e9126..c3d8008a 100644 ---- a/userspace/libsinsp/lua_parser_api.cpp -+++ b/userspace/libsinsp/lua_parser_api.cpp -@@ -266,7 +266,7 @@ int lua_parser_cbacks::rel_expr(lua_State *ls) - string err = "Got non-table as in-expression operand\n"; - throw sinsp_exception("parser API error"); - } -- int n = luaL_getn(ls, 4); /* get size of table */ -+ int n = lua_objlen (ls, 4); /* get size of table */ - for (i=1; i<=n; i++) - { - lua_rawgeti(ls, 4, i); --- -2.25.1 - diff --git a/package/sysdig/0002-Link-against-libabseil-cpp-which-grpc-uses.patch b/package/sysdig/0002-Link-against-libabseil-cpp-which-grpc-uses.patch deleted file mode 100644 index a9155fbb4a..0000000000 --- a/package/sysdig/0002-Link-against-libabseil-cpp-which-grpc-uses.patch +++ /dev/null @@ -1,47 +0,0 @@ -From a7fb3b863c3574470c45fdf6084dcc40931ca017 Mon Sep 17 00:00:00 2001 -From: Francis Laniel -Date: Thu, 7 Apr 2022 18:30:23 +0100 -Subject: [PATCH] Link against libabseil-cpp which grpc uses. - -This patch was taken from: -55c96b61f7b9 ("sysdig: make extra linking against abseil conditional") [1] -from hhoffstaette/portage. - -[1] https://github.com/hhoffstaette/portage/blob/55c96b61f7b91e4d91bed6723e86c00dd91f8d16/dev-util/sysdig/files/0.27.1-grpc-absl-sync.patch - -Signed-off-by: Francis Laniel ---- - CMakeLists.txt | 1 + - userspace/libsinsp/CMakeLists.txt | 4 ++++ - 2 files changed, 5 insertions(+) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 1f34f1d6..c0354b29 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -552,6 +552,7 @@ if(NOT WIN32 AND NOT APPLE) - else() - message(FATAL_ERROR "Couldn't find system grpc") - endif() -+ find_library(ABSL_SYNC_LIB NAMES absl_synchronization) - find_program(GRPC_CPP_PLUGIN grpc_cpp_plugin) - if(NOT GRPC_CPP_PLUGIN) - message(FATAL_ERROR "System grpc_cpp_plugin not found") -diff --git a/userspace/libsinsp/CMakeLists.txt b/userspace/libsinsp/CMakeLists.txt -index d72f9115..d1b7ea02 100644 ---- a/userspace/libsinsp/CMakeLists.txt -+++ b/userspace/libsinsp/CMakeLists.txt -@@ -214,6 +214,10 @@ if(NOT WIN32) - "${JQ_LIB}" - "${B64_LIB}") - -+ if(ABSL_SYNC_LIB) -+ target_link_libraries(sinsp "${ABSL_SYNC_LIB}") -+ endif() -+ - if(NOT MUSL_OPTIMIZED_BUILD) - target_link_libraries(sinsp - rt --- -2.25.1 - diff --git a/package/sysdig/Config.in b/package/sysdig/Config.in index c124054105..3a21f51725 100644 --- a/package/sysdig/Config.in +++ b/package/sysdig/Config.in @@ -1,26 +1,17 @@ config BR2_PACKAGE_SYSDIG bool "sysdig" - depends on BR2_PACKAGE_PROTOBUF_ARCH_SUPPORTS # protobuf - depends on BR2_LINUX_KERNEL - depends on BR2_INSTALL_LIBSTDCPP # jsoncpp, protobuf, tbb - depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # protobuf - depends on BR2_TOOLCHAIN_HAS_THREADS # elfutils, jq, protobuf, tbb - depends on !BR2_STATIC_LIBS # elfutils, protobuf, tbb - depends on BR2_USE_WCHAR # elfutils - depends on BR2_TOOLCHAIN_USES_GLIBC # elfutils - depends on BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1 - select BR2_PACKAGE_C_ARES - select BR2_PACKAGE_ELFUTILS - select BR2_PACKAGE_GRPC - select BR2_PACKAGE_JQ - select BR2_PACKAGE_JSONCPP - select BR2_PACKAGE_LIBB64 - select BR2_PACKAGE_LIBCURL + depends on BR2_PACKAGE_PROTOBUF_ARCH_SUPPORTS # falcosecurity-libs + depends on BR2_LINUX_KERNEL # falcosecurity-libs + depends on BR2_INSTALL_LIBSTDCPP + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # falcosecurity-libs + depends on BR2_TOOLCHAIN_HAS_THREADS # falcosecurity-libs + depends on !BR2_STATIC_LIBS # falcosecurity-libs + depends on BR2_TOOLCHAIN_USES_GLIBC # falcosecurity-libs + depends on BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1 # falcosecurity-libs + select BR2_PACKAGE_FALCOSECURITY_LIBS select BR2_PACKAGE_NCURSES - select BR2_PACKAGE_OPENSSL - select BR2_PACKAGE_PROTOBUF - select BR2_PACKAGE_TBB - select BR2_PACKAGE_ZLIB + select BR2_PACKAGE_JSON_FOR_MODERN_CPP + select BR2_PACKAGE_YAML_CPP help Sysdig is open source, system-level exploration: capture system state and activity from a running Linux @@ -36,4 +27,4 @@ comment "sysdig needs a glibc toolchain w/ C++, threads, gcc >= 4.8, dynamic lib || !BR2_TOOLCHAIN_HAS_THREADS \ || !BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || BR2_STATIC_LIBS \ || !BR2_TOOLCHAIN_USES_GLIBC \ - || !BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1 + || !BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1 diff --git a/package/sysdig/sysdig.hash b/package/sysdig/sysdig.hash index 4ec46abfc3..380c9dce1e 100644 --- a/package/sysdig/sysdig.hash +++ b/package/sysdig/sysdig.hash @@ -1,5 +1,3 @@ # sha256 locally computed -sha256 b9d05854493d245a7a7e75f77fc654508f720aab5e5e8a3a932bd8eb54e49bda sysdig-0.27.1.tar.gz +sha256 3721c97f0da43c1a68d2962d30363525d8532ab5f2534dfefc86d175e17e423e sysdig-0.29.1.tar.gz sha256 a88fbf820b38b1c7fabc6efe291b8259e02ae21326f56fe31c6c9adf374b2702 COPYING -sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 driver/GPL2.txt -sha256 e3f6a43d097ed68176e9738de925d98b938e1bccf6d6bd1bcd79395eca8f76ed driver/MIT.txt diff --git a/package/sysdig/sysdig.mk b/package/sysdig/sysdig.mk index 9a9aaa35c3..76cabcaeca 100644 --- a/package/sysdig/sysdig.mk +++ b/package/sysdig/sysdig.mk @@ -4,10 +4,10 @@ # ################################################################################ -SYSDIG_VERSION = 0.27.1 +SYSDIG_VERSION = 0.29.1 SYSDIG_SITE = $(call github,draios,sysdig,$(SYSDIG_VERSION)) -SYSDIG_LICENSE = Apache-2.0 (userspace), MIT or GPL-2.0 (driver) -SYSDIG_LICENSE_FILES = COPYING driver/MIT.txt driver/GPL2.txt +SYSDIG_LICENSE = Apache-2.0 +SYSDIG_LICENSE_FILE = COPYING SYSDIG_CPE_ID_VENDOR = sysdig SYSDIG_CONF_OPTS = \ -DENABLE_DKMS=OFF \ @@ -16,39 +16,22 @@ SYSDIG_CONF_OPTS = \ SYSDIG_SUPPORTS_IN_SOURCE_BUILD = NO SYSDIG_DEPENDENCIES = \ - c-ares \ - elfutils \ - grpc \ - jq \ - jsoncpp \ - libb64 \ - libcurl \ - luainterpreter \ + falcosecurity-libs \ ncurses \ - openssl \ - protobuf \ - tbb \ - zlib + json-for-modern-cpp \ + yaml-cpp -# sysdig creates the module Makefile from a template, which contains a -# single place-holder, KBUILD_FLAGS, wich is only replaced with two -# things: -# - debug flags, which we don't care about here, -# - 'sysdig-feature' flags, which are never set, so always empty -# So, just replace the place-holder with the only meaningful value: nothing. -define SYSDIG_MODULE_GEN_MAKEFILE - $(INSTALL) -m 0644 $(@D)/driver/Makefile.in $(@D)/driver/Makefile - $(SED) 's/@KBUILD_FLAGS@//;' $(@D)/driver/Makefile - $(SED) 's/@PROBE_NAME@/sysdig-probe/;' $(@D)/driver/Makefile -endef -SYSDIG_POST_PATCH_HOOKS += SYSDIG_MODULE_GEN_MAKEFILE +# Don't build the driver as part of the 'standard' procedure, it has been built +# by falcosecurity-libs.mk. +# grpc_cpp_plugin is needed to build falcosecurity libs, so we give the host +# one there. +SYSDIG_CONF_OPTS += -DFALCOSECURITY_LIBS_SOURCE_DIR=$(FALCOSECURITY_LIBS_SRCDIR) \ + -DBUILD_DRIVER=OFF \ + -DGRPC_CPP_PLUGIN=$(HOST_DIR)/bin/grpc_cpp_plugin \ + -DDRIVER_NAME=$(FALCOSECURITY_LIBS_DRIVER_NAME.) \ + -DENABLE_DKMS=OFF \ + -DUSE_BUNDLED_DEPS=OFF \ + -DWITH_CHISEL=ON \ + -DVALIJSON_INCLUDE=$(BUILD_DIR)/valijson-0.6/include/valijson -# Don't build the driver as part of the 'standard' procedure, we'll -# build it on our own with the kernel-module infra. -SYSDIG_CONF_OPTS += -DBUILD_DRIVER=OFF - -SYSDIG_MODULE_SUBDIRS = driver -SYSDIG_MODULE_MAKE_OPTS = KERNELDIR=$(LINUX_DIR) - -$(eval $(kernel-module)) $(eval $(cmake-package))