[Buildroot] [PATCH 2/3] falcosecurity-libs: add new package
Francis Laniel
flaniel at linux.microsoft.com
Thu Apr 14 17:43:57 UTC 2022
Signed-off-by: Francis Laniel <flaniel at linux.microsoft.com>
---
DEVELOPERS | 1 +
package/Config.in | 1 +
...cmake-Permit-setting-GRPC_CPP_PLUGIN.patch | 34 ++++++++++
package/falcosecurity-libs/Config.in | 38 ++++++++++++
.../falcosecurity-libs.hash | 5 ++
.../falcosecurity-libs/falcosecurity-libs.mk | 62 +++++++++++++++++++
6 files changed, 141 insertions(+)
create mode 100644 package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
create mode 100644 package/falcosecurity-libs/Config.in
create mode 100644 package/falcosecurity-libs/falcosecurity-libs.hash
create mode 100644 package/falcosecurity-libs/falcosecurity-libs.mk
diff --git a/DEVELOPERS b/DEVELOPERS
index b997b859ed..8ca9416b7b 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -969,6 +969,7 @@ F: package/ipmitool/
F: package/odhcploc/
N: Francis Laniel <flaniel at linux.microsoft.com>
+F: package/falcosecurity-libs
F: package/nlohmann-json
F: package/pahole/
F: package/sysdig/
diff --git a/package/Config.in b/package/Config.in
index 46df1b3540..4f2330e4fd 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1936,6 +1936,7 @@ menu "Other"
source "package/eigen/Config.in"
source "package/elfutils/Config.in"
source "package/ell/Config.in"
+ source "package/falcosecurity-libs/Config.in"
source "package/fftw/Config.in"
source "package/flann/Config.in"
source "package/flatbuffers/Config.in"
diff --git a/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch b/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
new file mode 100644
index 0000000000..6141d8ef72
--- /dev/null
+++ b/package/falcosecurity-libs/0001-cmake-Permit-setting-GRPC_CPP_PLUGIN.patch
@@ -0,0 +1,34 @@
+From 2e8a50cd4975df3ab60ee07c9675831cd5ad397f Mon Sep 17 00:00:00 2001
+From: Francis Laniel <flaniel at linux.microsoft.com>
+Date: Tue, 12 Apr 2022 19:54:11 +0100
+Subject: [PATCH] cmake: Permit setting GRPC_CPP_PLUGIN.
+
+This patch enables users to set GRPC_CPP_PLUGIN while calling cmake with:
+cmake -DGRPC_CPP_PLUGIN=/path
+
+Signed-off-by: Francis Laniel <flaniel at linux.microsoft.com>
+---
+ cmake/modules/grpc.cmake | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/cmake/modules/grpc.cmake b/cmake/modules/grpc.cmake
+index e5fd16b8..9d8f5934 100644
+--- a/cmake/modules/grpc.cmake
++++ b/cmake/modules/grpc.cmake
+@@ -12,9 +12,11 @@ elseif(NOT USE_BUNDLED_GRPC)
+ set(GRPCPP_LIB gRPC::grpc++)
+
+ # gRPC C++ plugin
+- get_target_property(GRPC_CPP_PLUGIN gRPC::grpc_cpp_plugin LOCATION)
+ if(NOT GRPC_CPP_PLUGIN)
+- message(FATAL_ERROR "System grpc_cpp_plugin not found")
++ get_target_property(GRPC_CPP_PLUGIN gRPC::grpc_cpp_plugin LOCATION)
++ if(NOT GRPC_CPP_PLUGIN)
++ message(FATAL_ERROR "System grpc_cpp_plugin not found")
++ endif()
+ endif()
+
+ # gRPC include dir + properly handle grpc{++,pp}
+--
+2.25.1
+
diff --git a/package/falcosecurity-libs/Config.in b/package/falcosecurity-libs/Config.in
new file mode 100644
index 0000000000..9dd9221caa
--- /dev/null
+++ b/package/falcosecurity-libs/Config.in
@@ -0,0 +1,38 @@
+config BR2_PACKAGE_FALCOSECURITY_LIBS
+ bool "sysdig"
+ depends on BR2_PACKAGE_PROTOBUF_ARCH_SUPPORTS # protobuf
+ depends on BR2_LINUX_KERNEL
+ depends on BR2_INSTALL_LIBSTDCPP # jsoncpp, protobuf, tbb
+ depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # protobuf
+ depends on BR2_TOOLCHAIN_HAS_THREADS # jq, protobuf, tbb
+ depends on !BR2_STATIC_LIBS # protobuf, tbb
+ depends on BR2_TOOLCHAIN_USES_GLIBC # tbb
+ depends on BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
+ select BR2_PACKAGE_C_ARES
+ select BR2_PACKAGE_ELFUTILS
+ select BR2_PACKAGE_GRPC
+ select BR2_PACKAGE_GTEST
+ select BR2_PACKAGE_HOST_GRPC
+ select BR2_PACKAGE_HOST_PROTOBUF
+ select BR2_PACKAGE_JQ
+ select BR2_PACKAGE_JSONCPP
+ select BR2_PACKAGE_LIBB64
+ select BR2_PACKAGE_LIBCURL
+ select BR2_PACKAGE_OPENSSL
+ select BR2_PACKAGE_PROTOBUF
+ select BR2_PACKAGE_TBB
+ select BR2_PACKAGE_VALIJSON
+ select BR2_PACKAGE_ZLIB
+ help
+ falcosecurity/libs provides libsinsp, libscap, the kernel module driver
+ and the eBPF driver sources.
+
+ https://github.com/falcosecurity/libs
+
+comment "falcosecurity-libs needs a glibc toolchain w/ C++, threads, gcc >= 4.8, dynamic library, a Linux kernel, and luajit or lua 5.1 to be built"
+ depends on BR2_PACKAGE_PROTOBUF_ARCH_SUPPORTS
+ depends on !BR2_LINUX_KERNEL || !BR2_INSTALL_LIBSTDCPP \
+ || !BR2_TOOLCHAIN_HAS_THREADS \
+ || !BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || BR2_STATIC_LIBS \
+ || !BR2_TOOLCHAIN_USES_GLIBC \
+ || !BR2_PACKAGE_LUAINTERPRETER_ABI_VERSION_5_1
diff --git a/package/falcosecurity-libs/falcosecurity-libs.hash b/package/falcosecurity-libs/falcosecurity-libs.hash
new file mode 100644
index 0000000000..7608c67590
--- /dev/null
+++ b/package/falcosecurity-libs/falcosecurity-libs.hash
@@ -0,0 +1,5 @@
+# sha256 locally computed
+sha256 80903bc57b7f9c5f24298ecf1531cf66ef571681b4bd1e05f6e4db704ffb380b falcosecurity-libs-e5c53d648f3c4694385bbe488e7d47eaa36c229a.tar.gz
+sha256 a88fbf820b38b1c7fabc6efe291b8259e02ae21326f56fe31c6c9adf374b2702 COPYING
+sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 driver/GPL2.txt
+sha256 e3f6a43d097ed68176e9738de925d98b938e1bccf6d6bd1bcd79395eca8f76ed driver/MIT.txt
diff --git a/package/falcosecurity-libs/falcosecurity-libs.mk b/package/falcosecurity-libs/falcosecurity-libs.mk
new file mode 100644
index 0000000000..5d73770b30
--- /dev/null
+++ b/package/falcosecurity-libs/falcosecurity-libs.mk
@@ -0,0 +1,62 @@
+################################################################################
+#
+# falcosecurity-libs
+#
+################################################################################
+
+FALCOSECURITY_LIBS_VERSION = e5c53d648f3c4694385bbe488e7d47eaa36c229a
+FALCOSECURITY_LIBS_SITE = $(call github,falcosecurity,libs,$(FALCOSECURITY_LIBS_VERSION))
+FALCOSECURITY_LIBS_LICENSE = Apache-2.0 (userspace), MIT or GPL-2.0 (driver)
+FALCOSECURITY_LIBS_LICENSE_FILES = COPYING driver/MIT.txt driver/GPL2.txt
+FALCOSECURITY_LIBS_CPE_ID_VENDOR = falco
+FALCOSECURITY_LIBS_CONF_OPTS = \
+ -DENABLE_DKMS=OFF \
+ -DUSE_BUNDLED_DEPS=OFF \
+ -DVALIJSON_INCLUDE=$(BUILD_DIR)/valijson-0.6/include/valijson
+FALCOSECURITY_LIBS_SUPPORTS_IN_SOURCE_BUILD = NO
+
+# falcosecurity-libs needs these two kernel options to be set:
+# CONFIG_TRACEPOINTS
+# CONFIG_HAVE_SYSCALL_TRACEPOINTS
+# https://github.com/draios/sysdig/wiki/How-to-Install-Sysdig-from-the-Source-Code#linux-and-osx
+
+FALCOSECURITY_LIBS_DEPENDENCIES = \
+ c-ares \
+ elfutils \
+ grpc \
+ gtest \
+ host-grpc \
+ host-protobuf \
+ jq \
+ jsoncpp \
+ libb64 \
+ libcurl \
+ luainterpreter \
+ openssl \
+ protobuf \
+ tbb \
+ valijson \
+ zlib
+
+# Don't build the driver as part of the 'standard' procedure, we'll
+# build it on our own with the kernel-module infra.
+# grpc_cpp_plugin is needed to build falcosecurity libs, so we give the host
+# one there.
+FALCOSECURITY_LIBS_CONF_OPTS += -DBUILD_DRIVER=OFF -DGRPC_CPP_PLUGIN=$(HOST_DIR)/bin/grpc_cpp_plugin
+
+FALCOSECURITY_LIBS_MODULE_SUBDIRS = driver
+FALCOSECURITY_LIBS_MODULE_MAKE_OPTS = KERNELDIR=$(LINUX_DIR)
+
+# falcosecurity-libs creates the module Makefile from a template, which contains
+# a single place-holder, KBUILD_FLAGS, wich is only replaced with debug flags,
+# which we don't care about here.
+# So, just replace the place-holder with the only meaningful value: nothing.
+define FALCOSECURITY_LIBS_MODULE_GEN_MAKEFILE
+ $(INSTALL) -m 0644 $(@D)/driver/Makefile.in $(@D)/driver/Makefile
+ $(SED) 's/@KBUILD_FLAGS@//;' $(@D)/driver/Makefile
+ $(SED) 's/@DRIVER_NAME@/falco/;' $(@D)/driver/Makefile
+endef
+FALCOSECURITY_LIBS_POST_PATCH_HOOKS += FALCOSECURITY_LIBS_MODULE_GEN_MAKEFILE
+
+$(eval $(kernel-module))
+$(eval $(cmake-package))
--
2.25.1
More information about the buildroot
mailing list