Merging to falco-master for 0.5.0 #702
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* mac build (not tested) * linux build and run * Done - add blocking connect/init mode to k8s - sysdig connect and init are blocking now (faster startup) - move k8s http to 1.1 to utilize keepalive - fixed chunk purging bug - reuse state socket for watch (no diconnect after state fetch) Todo - improve handler receive error handling - test https - blocking resolve * watch redirection fix * fix watch transition; detect http 1.1 watch emission end and reconnect promptly; fix jq filter order bug * fix mac build * fix linux compile error; add docker flag to handler * windows build * fix race condition when no data on first attempt; make k8s default http 1.1 * fix blocking read
* Update ppm.h Added support for s390x * Update ppm.h re committing changes related to s390x
This reverts commit bf7ae5a.
* Update ppm.h Added support for s390x * Update ppm.h re committing changes related to s390x
Otherwise, with cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_BUNDLED_OPENSSL=OFF .. one gets ``` [ 96%] Linking CXX executable csysdig [ 97%] Linking CXX executable sysdig /usr/bin/ld: ../libsinsp/libsinsp.a(k8s_handler.cpp.o): undefined reference to symbol 'SSL_CTX_use_PrivateKey_file' /usr/lib/libssl.so.1.0.0: error adding symbols: DSO missing from command line collect2: error: ld returned 1 exit status make[2]: *** [userspace/sysdig/CMakeFiles/csysdig.dir/build.make:131: userspace/sysdig/csysdig] Error 1 make[1]: *** [CMakeFiles/Makefile2:275: userspace/sysdig/CMakeFiles/csysdig.dir/all] Error 2 make[1]: *** Waiting for unfinished jobs.... /usr/bin/ld: ../libsinsp/libsinsp.a(k8s_handler.cpp.o): undefined reference to symbol 'SSL_CTX_use_PrivateKey_file' /usr/lib/libssl.so.1.0.0: error adding symbols: DSO missing from command line collect2: error: ld returned 1 exit status make[2]: *** [userspace/sysdig/CMakeFiles/sysdig.dir/build.make:129: userspace/sysdig/sysdig] Error 1 make[1]: *** [CMakeFiles/Makefile2:323: userspace/sysdig/CMakeFiles/sysdig.dir/all] Error 2 make: *** [Makefile:139: all] Error 2 ``` This is because linking to libssl and libcrypto is not done (after find_package in CMakeLists.txt) when using the system libraries. Also, fix the curl ssl dependency. sysdig-CLA-1.0-signed-off-by: Raghavendra Prabhu <me@rdprabhu.com>
- fix transition from non-chunked to chunked k8s handler - change active k8s handler filter from reference to pointer - remove unnecessary socket handler docker flag - early terminate k8s blocking request loop on JSON end detect - increase k8s blocking loop sleep to 10ms - fix some logs
added checks for unused macros on s390x sysdig-CLA-1.0-signed-off-by: Ketan Kunde ketan22584@gmail.com
When parsing clone exit events, specifically for the child half of a clone and when in a container, detect and potentially remove stale threadinfo state for the child thread. Generally the client have of a clone is responsible for creating the thread state for the new thread, as long as the parent is in a container. See the parent half of the "if(childtid == 0)" statement. We simply need to verify in the child half that the parent really was in a container. You can find the parent thread id from the syscall return information, which is moved up from below. Look up the parent thread and see if its vtid/vpid differs from tid/pid. If so, any existing thread state must be stale and remove it. Note that you can't use evt->m_tinfo->get_parent_thread() directly, as that comes from the existing potentially stale threadinfo. This fixes #664.
…ble in 4.8 (torvalds/linux@47be618). When forking a new process, inherit the cwd from the parent.
Support DC/OS token auth and HTTPS on Mesos
* add timeout to urlopen operations * add timeout to download operations * retry download max 10 times
* Fix compilation issues with kernel 4.9 related commits: torvalds/linux@4c737b4 torvalds/linux@b9d989c * map io cgroup to blkio, fix for kernels >= 4.8
Use https instead of http for all downloads within the install script. In cases where the links refer to artifacts in our s3 bucket, switch to https + s3.amazon.aws.com, which is already used by other urls in the script. This fixes falcosecurity/falco#152.
* Whitespace diffs. Committing separate from other changes. * Fix leak when fmt string ends with non-filtercheck Make sure that any final rawstring_check added to the list of tokens is also added to m_chks_to_free, so it is properly freed. This fixes #693.
Currently, utils.h has a lot of implicit dependencies on other stl header files as well as assuming the std namespace is available. Clean it up so it can be included on its own (say, in falcosecurity/falco#162).
* throttle max bytes per socket/cycle to 512k, max msgs for critical k8s entities to 100 * ifdef k8s caching * adjust some commented (TBD) code * fix the message limit logic
This reverts commit c183a57.
* Reset marathon group json together with marathon app one * Remove spurious app_it declaration
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.