diff --git a/cmake/modules/CompilerFlags.cmake b/cmake/modules/CompilerFlags.cmake index 08c2374238f..302f68a6f24 100644 --- a/cmake/modules/CompilerFlags.cmake +++ b/cmake/modules/CompilerFlags.cmake @@ -88,15 +88,17 @@ else() # MSVC set(CMAKE_MSVC_RUNTIME_LIBRARY "MultiThreaded$<$:Debug>") # The WIN32_LEAN_AND_MEAN define avoids possible macro pollution - # when a libsinsp consumer includes the windows.h header. - # See: https://stackoverflow.com/a/28380820 - + # when a libsinsp consumer includes the windows.h header: + # https://stackoverflow.com/a/28380820 + # Same goes for NOMINMAX: + # https://stackoverflow.com/questions/5004858/why-is-stdmin-failing-when-windows-h-is-included add_compile_definitions( _HAS_STD_BYTE=0 _CRT_SECURE_NO_WARNINGS WIN32 MINIMAL_BUILD WIN32_LEAN_AND_MEAN + NOMINMAX ) set(FALCOSECURITY_LIBS_COMMON_FLAGS "/EHsc /W3 /Zi /std:c++17") diff --git a/userspace/falco/configuration.cpp b/userspace/falco/configuration.cpp index 47b480da114..a630aac25ca 100644 --- a/userspace/falco/configuration.cpp +++ b/userspace/falco/configuration.cpp @@ -47,580 +47,13 @@ static re2::RE2 ip_address_re("((^\\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]| #define DEFAULT_CPUS_FOR_EACH_SYSCALL_BUFFER 2 #define DEFAULT_DROP_FAILED_EXIT false -static const std::string schema_json_string = R"( -{ - "$schema": "http://json-schema.org/draft-06/schema#", - "$ref": "#/definitions/FalcoConfig", - "definitions": { - "FalcoConfig": { - "type": "object", - "additionalProperties": false, - "properties": { - "config_files": { - "type": "array", - "items": { - "type": "string" - } - }, - "watch_config_files": { - "type": "boolean" - }, - "rules_files": { - "type": "array", - "items": { - "type": "string" - } - }, - "rule_files": { - "type": "array", - "items": { - "type": "string" - } - }, - "rules": { - "type": "array", - "items": { - "$ref": "#/definitions/Rule" - } - }, - "engine": { - "$ref": "#/definitions/Engine" - }, - "load_plugins": { - "type": "array", - "items": { - "type": "string" - } - }, - "plugins": { - "type": "array", - "items": { - "$ref": "#/definitions/Plugin" - } - }, - "time_format_iso_8601": { - "type": "boolean" - }, - "priority": { - "type": "string" - }, - "json_output": { - "type": "boolean" - }, - "json_include_output_property": { - "type": "boolean" - }, - "json_include_tags_property": { - "type": "boolean" - }, - "buffered_outputs": { - "type": "boolean" - }, - "rule_matching": { - "type": "string" - }, - "outputs_queue": { - "$ref": "#/definitions/OutputsQueue" - }, - "stdout_output": { - "$ref": "#/definitions/Output" - }, - "syslog_output": { - "$ref": "#/definitions/Output" - }, - "file_output": { - "$ref": "#/definitions/FileOutput" - }, - "http_output": { - "$ref": "#/definitions/HTTPOutput" - }, - "program_output": { - "$ref": "#/definitions/ProgramOutput" - }, - "grpc_output": { - "$ref": "#/definitions/Output" - }, - "grpc": { - "$ref": "#/definitions/Grpc" - }, - "webserver": { - "$ref": "#/definitions/Webserver" - }, - "log_stderr": { - "type": "boolean" - }, - "log_syslog": { - "type": "boolean" - }, - "log_level": { - "type": "string" - }, - "libs_logger": { - "$ref": "#/definitions/LibsLogger" - }, - "output_timeout": { - "type": "integer" - }, - "syscall_event_timeouts": { - "$ref": "#/definitions/SyscallEventTimeouts" - }, - "syscall_event_drops": { - "$ref": "#/definitions/SyscallEventDrops" - }, - "metrics": { - "$ref": "#/definitions/Metrics" - }, - "base_syscalls": { - "$ref": "#/definitions/BaseSyscalls" - }, - "falco_libs": { - "$ref": "#/definitions/FalcoLibs" - } - }, - "title": "FalcoConfig" - }, - "BaseSyscalls": { - "type": "object", - "additionalProperties": false, - "properties": { - "custom_set": { - "type": "array", - "items": { - "type": "string" - } - }, - "repair": { - "type": "boolean" - } - }, - "minProperties": 1, - "title": "BaseSyscalls" - }, - "Engine": { - "type": "object", - "additionalProperties": false, - "properties": { - "kind": { - "type": "string" - }, - "kmod": { - "$ref": "#/definitions/Kmod" - }, - "ebpf": { - "$ref": "#/definitions/Ebpf" - }, - "modern_ebpf": { - "$ref": "#/definitions/ModernEbpf" - }, - "replay": { - "$ref": "#/definitions/Replay" - }, - "gvisor": { - "$ref": "#/definitions/Gvisor" - } - }, - "required": [ - "kind" - ], - "title": "Engine" - }, - "Ebpf": { - "type": "object", - "additionalProperties": false, - "properties": { - "probe": { - "type": "string" - }, - "buf_size_preset": { - "type": "integer" - }, - "drop_failed_exit": { - "type": "boolean" - } - }, - "required": [ - "probe" - ], - "title": "Ebpf" - }, - "Gvisor": { - "type": "object", - "additionalProperties": false, - "properties": { - "config": { - "type": "string" - }, - "root": { - "type": "string" - } - }, - "required": [ - "config", - "root" - ], - "title": "Gvisor" - }, - "Kmod": { - "type": "object", - "additionalProperties": false, - "properties": { - "buf_size_preset": { - "type": "integer" - }, - "drop_failed_exit": { - "type": "boolean" - } - }, - "minProperties": 1, - "title": "Kmod" - }, - "ModernEbpf": { - "type": "object", - "additionalProperties": false, - "properties": { - "cpus_for_each_buffer": { - "type": "integer" - }, - "buf_size_preset": { - "type": "integer" - }, - "drop_failed_exit": { - "type": "boolean" - } - }, - "title": "ModernEbpf" - }, - "Replay": { - "type": "object", - "additionalProperties": false, - "properties": { - "capture_file": { - "type": "string" - } - }, - "required": [ - "capture_file" - ], - "title": "Replay" - }, - "FalcoLibs": { - "type": "object", - "additionalProperties": false, - "properties": { - "thread_table_size": { - "type": "integer" - } - }, - "minProperties": 1, - "title": "FalcoLibs" - }, - "FileOutput": { - "type": "object", - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "keep_alive": { - "type": "boolean" - }, - "filename": { - "type": "string" - } - }, - "minProperties": 1, - "title": "FileOutput" - }, - "Grpc": { - "type": "object", - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "bind_address": { - "type": "string" - }, - "threadiness": { - "type": "integer" - } - }, - "minProperties": 1, - "title": "Grpc" - }, - "Output": { - "type": "object", - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - } - }, - "minProperties": 1, - "title": "Output" - }, - "HTTPOutput": { - "type": "object", - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "url": { - "type": "string", - "format": "uri", - "qt-uri-protocols": [ - "http" - ] - }, - "user_agent": { - "type": "string" - }, - "insecure": { - "type": "boolean" - }, - "ca_cert": { - "type": "string" - }, - "ca_bundle": { - "type": "string" - }, - "ca_path": { - "type": "string" - }, - "mtls": { - "type": "boolean" - }, - "client_cert": { - "type": "string" - }, - "client_key": { - "type": "string" - }, - "echo": { - "type": "boolean" - }, - "compress_uploads": { - "type": "boolean" - }, - "keep_alive": { - "type": "boolean" - } - }, - "minProperties": 1, - "title": "HTTPOutput" - }, - "LibsLogger": { - "type": "object", - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "severity": { - "type": "string" - } - }, - "minProperties": 1, - "title": "LibsLogger" - }, - "Metrics": { - "type": "object", - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "interval": { - "type": "string" - }, - "output_rule": { - "type": "boolean" - }, - "output_file": { - "type": "string" - }, - "rules_counters_enabled": { - "type": "boolean" - }, - "resource_utilization_enabled": { - "type": "boolean" - }, - "state_counters_enabled": { - "type": "boolean" - }, - "kernel_event_counters_enabled": { - "type": "boolean" - }, - "libbpf_stats_enabled": { - "type": "boolean" - }, - "plugins_metrics_enabled": { - "type": "boolean" - }, - "convert_memory_to_mb": { - "type": "boolean" - }, - "include_empty_values": { - "type": "boolean" - } - }, - "minProperties": 1, - "title": "Metrics" - }, - "OutputsQueue": { - "type": "object", - "additionalProperties": false, - "properties": { - "capacity": { - "type": "integer" - } - }, - "minProperties": 1, - "title": "OutputsQueue" - }, - "Plugin": { - "type": "object", - "additionalProperties": false, - "properties": { - "name": { - "type": "string" - }, - "library_path": { - "type": "string" - }, - "init_config": { - "type": "string" - }, - "open_params": { - "type": "string" - } - }, - "required": [ - "library_path", - "name" - ], - "title": "Plugin" - }, - "ProgramOutput": { - "type": "object", - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "keep_alive": { - "type": "boolean" - }, - "program": { - "type": "string" - } - }, - "required": [ - "program" - ], - "title": "ProgramOutput" - }, - "Rule": { - "type": "object", - "additionalProperties": false, - "properties": { - "disable": { - "$ref": "#/definitions/Able" - }, - "enable": { - "$ref": "#/definitions/Able" - } - }, - "minProperties": 1, - "title": "Rule" - }, - "Able": { - "type": "object", - "additionalProperties": false, - "properties": { - "rule": { - "type": "string" - }, - "tag": { - "type": "string" - } - }, - "minProperties": 1, - "title": "Able" - }, - "SyscallEventDrops": { - "type": "object", - "additionalProperties": false, - "properties": { - "threshold": { - "type": "number" - }, - "actions": { - "type": "array", - "items": { - "type": "string" - } - }, - "rate": { - "type": "number" - }, - "max_burst": { - "type": "integer" - }, - "simulate_drops": { - "type": "boolean" - } - }, - "minProperties": 1, - "title": "SyscallEventDrops" - }, - "SyscallEventTimeouts": { - "type": "object", - "additionalProperties": false, - "properties": { - "max_consecutives": { - "type": "integer" - } - }, - "minProperties": 1, - "title": "SyscallEventTimeouts" - }, - "Webserver": { - "type": "object", - "additionalProperties": false, - "properties": { - "enabled": { - "type": "boolean" - }, - "threadiness": { - "type": "integer" - }, - "listen_port": { - "type": "integer" - }, - "listen_address": { - "type": "string" - }, - "k8s_healthz_endpoint": { - "type": "string" - }, - "prometheus_metrics_enabled": { - "type": "boolean" - }, - "ssl_enabled": { - "type": "boolean" - }, - "ssl_certificate": { - "type": "string" - } - }, - "minProperties": 1, - "title": "Webserver" - } - } -} -)"; +// Since MSVC compiler has some weird limitations for the +// string size limit, this code would throw: +// "error C2026: string too big, trailing characters truncate" if not minified: +// https://learn.microsoft.com/en-us/cpp/cpp/string-and-character-literals-cpp?view=msvc-170#size-of-string-literals +// Just use any available online tool, eg: https://jsonformatter.org/json-minify +// to format the json, add the new fields, and then minify it again. +static const std::string schema_json_string = R"({"$schema":"http://json-schema.org/draft-06/schema#","$ref":"#/definitions/FalcoConfig","definitions":{"FalcoConfig":{"type":"object","additionalProperties":false,"properties":{"config_files":{"type":"array","items":{"type":"string"}},"watch_config_files":{"type":"boolean"},"rules_files":{"type":"array","items":{"type":"string"}},"rule_files":{"type":"array","items":{"type":"string"}},"rules":{"type":"array","items":{"$ref":"#/definitions/Rule"}},"engine":{"$ref":"#/definitions/Engine"},"load_plugins":{"type":"array","items":{"type":"string"}},"plugins":{"type":"array","items":{"$ref":"#/definitions/Plugin"}},"time_format_iso_8601":{"type":"boolean"},"priority":{"type":"string"},"json_output":{"type":"boolean"},"json_include_output_property":{"type":"boolean"},"json_include_tags_property":{"type":"boolean"},"buffered_outputs":{"type":"boolean"},"rule_matching":{"type":"string"},"outputs_queue":{"$ref":"#/definitions/OutputsQueue"},"stdout_output":{"$ref":"#/definitions/Output"},"syslog_output":{"$ref":"#/definitions/Output"},"file_output":{"$ref":"#/definitions/FileOutput"},"http_output":{"$ref":"#/definitions/HTTPOutput"},"program_output":{"$ref":"#/definitions/ProgramOutput"},"grpc_output":{"$ref":"#/definitions/Output"},"grpc":{"$ref":"#/definitions/Grpc"},"webserver":{"$ref":"#/definitions/Webserver"},"log_stderr":{"type":"boolean"},"log_syslog":{"type":"boolean"},"log_level":{"type":"string"},"libs_logger":{"$ref":"#/definitions/LibsLogger"},"output_timeout":{"type":"integer"},"syscall_event_timeouts":{"$ref":"#/definitions/SyscallEventTimeouts"},"syscall_event_drops":{"$ref":"#/definitions/SyscallEventDrops"},"metrics":{"$ref":"#/definitions/Metrics"},"base_syscalls":{"$ref":"#/definitions/BaseSyscalls"},"falco_libs":{"$ref":"#/definitions/FalcoLibs"}},"title":"FalcoConfig"},"BaseSyscalls":{"type":"object","additionalProperties":false,"properties":{"custom_set":{"type":"array","items":{"type":"string"}},"repair":{"type":"boolean"}},"minProperties":1,"title":"BaseSyscalls"},"Engine":{"type":"object","additionalProperties":false,"properties":{"kind":{"type":"string"},"kmod":{"$ref":"#/definitions/Kmod"},"ebpf":{"$ref":"#/definitions/Ebpf"},"modern_ebpf":{"$ref":"#/definitions/ModernEbpf"},"replay":{"$ref":"#/definitions/Replay"},"gvisor":{"$ref":"#/definitions/Gvisor"}},"required":["kind"],"title":"Engine"},"Ebpf":{"type":"object","additionalProperties":false,"properties":{"probe":{"type":"string"},"buf_size_preset":{"type":"integer"},"drop_failed_exit":{"type":"boolean"}},"required":["probe"],"title":"Ebpf"},"Gvisor":{"type":"object","additionalProperties":false,"properties":{"config":{"type":"string"},"root":{"type":"string"}},"required":["config","root"],"title":"Gvisor"},"Kmod":{"type":"object","additionalProperties":false,"properties":{"buf_size_preset":{"type":"integer"},"drop_failed_exit":{"type":"boolean"}},"minProperties":1,"title":"Kmod"},"ModernEbpf":{"type":"object","additionalProperties":false,"properties":{"cpus_for_each_buffer":{"type":"integer"},"buf_size_preset":{"type":"integer"},"drop_failed_exit":{"type":"boolean"}},"title":"ModernEbpf"},"Replay":{"type":"object","additionalProperties":false,"properties":{"capture_file":{"type":"string"}},"required":["capture_file"],"title":"Replay"},"FalcoLibs":{"type":"object","additionalProperties":false,"properties":{"thread_table_size":{"type":"integer"}},"minProperties":1,"title":"FalcoLibs"},"FileOutput":{"type":"object","additionalProperties":false,"properties":{"enabled":{"type":"boolean"},"keep_alive":{"type":"boolean"},"filename":{"type":"string"}},"minProperties":1,"title":"FileOutput"},"Grpc":{"type":"object","additionalProperties":false,"properties":{"enabled":{"type":"boolean"},"bind_address":{"type":"string"},"threadiness":{"type":"integer"}},"minProperties":1,"title":"Grpc"},"Output":{"type":"object","additionalProperties":false,"properties":{"enabled":{"type":"boolean"}},"minProperties":1,"title":"Output"},"HTTPOutput":{"type":"object","additionalProperties":false,"properties":{"enabled":{"type":"boolean"},"url":{"type":"string","format":"uri","qt-uri-protocols":["http"]},"user_agent":{"type":"string"},"insecure":{"type":"boolean"},"ca_cert":{"type":"string"},"ca_bundle":{"type":"string"},"ca_path":{"type":"string"},"mtls":{"type":"boolean"},"client_cert":{"type":"string"},"client_key":{"type":"string"},"echo":{"type":"boolean"},"compress_uploads":{"type":"boolean"},"keep_alive":{"type":"boolean"}},"minProperties":1,"title":"HTTPOutput"},"LibsLogger":{"type":"object","additionalProperties":false,"properties":{"enabled":{"type":"boolean"},"severity":{"type":"string"}},"minProperties":1,"title":"LibsLogger"},"Metrics":{"type":"object","additionalProperties":false,"properties":{"enabled":{"type":"boolean"},"interval":{"type":"string"},"output_rule":{"type":"boolean"},"output_file":{"type":"string"},"rules_counters_enabled":{"type":"boolean"},"resource_utilization_enabled":{"type":"boolean"},"state_counters_enabled":{"type":"boolean"},"kernel_event_counters_enabled":{"type":"boolean"},"libbpf_stats_enabled":{"type":"boolean"},"plugins_metrics_enabled":{"type":"boolean"},"convert_memory_to_mb":{"type":"boolean"},"include_empty_values":{"type":"boolean"}},"minProperties":1,"title":"Metrics"},"OutputsQueue":{"type":"object","additionalProperties":false,"properties":{"capacity":{"type":"integer"}},"minProperties":1,"title":"OutputsQueue"},"Plugin":{"type":"object","additionalProperties":false,"properties":{"name":{"type":"string"},"library_path":{"type":"string"},"init_config":{"type":"string"},"open_params":{"type":"string"}},"required":["library_path","name"],"title":"Plugin"},"ProgramOutput":{"type":"object","additionalProperties":false,"properties":{"enabled":{"type":"boolean"},"keep_alive":{"type":"boolean"},"program":{"type":"string"}},"required":["program"],"title":"ProgramOutput"},"Rule":{"type":"object","additionalProperties":false,"properties":{"disable":{"$ref":"#/definitions/Able"},"enable":{"$ref":"#/definitions/Able"}},"minProperties":1,"title":"Rule"},"Able":{"type":"object","additionalProperties":false,"properties":{"rule":{"type":"string"},"tag":{"type":"string"}},"minProperties":1,"title":"Able"},"SyscallEventDrops":{"type":"object","additionalProperties":false,"properties":{"threshold":{"type":"number"},"actions":{"type":"array","items":{"type":"string"}},"rate":{"type":"number"},"max_burst":{"type":"integer"},"simulate_drops":{"type":"boolean"}},"minProperties":1,"title":"SyscallEventDrops"},"SyscallEventTimeouts":{"type":"object","additionalProperties":false,"properties":{"max_consecutives":{"type":"integer"}},"minProperties":1,"title":"SyscallEventTimeouts"},"Webserver":{"type":"object","additionalProperties":false,"properties":{"enabled":{"type":"boolean"},"threadiness":{"type":"integer"},"listen_port":{"type":"integer"},"listen_address":{"type":"string"},"k8s_healthz_endpoint":{"type":"string"},"prometheus_metrics_enabled":{"type":"boolean"},"ssl_enabled":{"type":"boolean"},"ssl_certificate":{"type":"string"}},"minProperties":1,"title":"Webserver"}}})"; falco_configuration::falco_configuration(): m_json_output(false),