diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5d169f0b7f0..ec5c850fed3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,22 +19,14 @@ jobs: fetch-version: uses: ./.github/workflows/reusable_fetch_version.yaml - build-dev-packages-sanitizers-x86_64: - needs: [fetch-version] - uses: ./.github/workflows/reusable_build_packages.yaml - with: - arch: x86_64 - version: ${{ needs.fetch-version.outputs.version }} - build_type: Debug - sanitizers: true - build-dev-packages-x86_64: needs: [fetch-version] uses: ./.github/workflows/reusable_build_packages.yaml with: arch: x86_64 version: ${{ needs.fetch-version.outputs.version }} - build_type: Release + enable_debug: true + enable_sanitizers: true build-dev-packages-arm64: needs: [fetch-version] @@ -42,22 +34,19 @@ jobs: with: arch: aarch64 version: ${{ needs.fetch-version.outputs.version }} - build_type: Debug - sanitizers: false + enable_debug: true test-dev-packages: - needs: [fetch-version, build-dev-packages-sanitizers-x86_64] + needs: [fetch-version, build-dev-packages-x86_64] uses: ./.github/workflows/reusable_test_packages.yaml - # The musl build job is currently disabled because we link libelf dynamically and it is - # not possible to dynamically link with musl - # strategy: - # fail-fast: false - # matrix: - # static: ["static", ""] + strategy: + fail-fast: false + matrix: + static: ["static", ""] with: arch: x86_64 - sanitizers: true - # static: ${{ matrix.static != '' && true || false }} + sanitizers: ${{ matrix.static == '' && true || false }} + static: ${{ matrix.static != '' && true || false }} version: ${{ needs.fetch-version.outputs.version }} test-dev-packages-arm64: diff --git a/.github/workflows/master.yaml b/.github/workflows/master.yaml index 2496aefcb0a..b893cd2e874 100644 --- a/.github/workflows/master.yaml +++ b/.github/workflows/master.yaml @@ -31,15 +31,13 @@ jobs: test-dev-packages: needs: [fetch-version, build-dev-packages] uses: ./.github/workflows/reusable_test_packages.yaml - # The musl build job is currently disabled because we link libelf dynamically and it is - # not possible to dynamically link with musl - # strategy: - # fail-fast: false - # matrix: - # static: ["static", ""] + strategy: + fail-fast: false + matrix: + static: ["static", ""] with: arch: x86_64 - # static: ${{ matrix.static != '' && true || false }} + static: ${{ matrix.static != '' && true || false }} version: ${{ needs.fetch-version.outputs.version }} test-dev-packages-arm64: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 30133788a71..21a7c47023a 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -69,16 +69,13 @@ jobs: test-packages: needs: [release-settings, build-packages] uses: ./.github/workflows/reusable_test_packages.yaml - - # The musl build job is currently disabled because we link libelf dynamically and it is - # not possible to dynamically link with musl - # strategy: - # fail-fast: false - # matrix: - # static: ["static", ""] + strategy: + fail-fast: false + matrix: + static: ["static", ""] with: arch: x86_64 - # static: ${{ matrix.static != '' && true || false }} + static: ${{ matrix.static != '' && true || false }} version: ${{ github.event.release.tag_name }} test-packages-arm64: diff --git a/.github/workflows/reusable_build_packages.yaml b/.github/workflows/reusable_build_packages.yaml index ac648412fb7..d039943a96f 100644 --- a/.github/workflows/reusable_build_packages.yaml +++ b/.github/workflows/reusable_build_packages.yaml @@ -10,13 +10,13 @@ on: description: The Falco version to use when building packages required: true type: string - build_type: - description: The build type + enable_debug: + description: Also create a debug build required: false - type: string - default: 'Release' - sanitizers: - description: enable sanitizer support + type: boolean + default: false + enable_sanitizers: + description: Also create a sanitizer build required: false type: boolean default: false @@ -33,7 +33,7 @@ jobs: # Always install deps before invoking checkout action, to properly perform a full clone. - name: Install build dependencies run: | - dnf install -y bpftool ca-certificates cmake make automake gcc gcc-c++ kernel-devel clang git pkg-config autoconf automake libbpf-devel elfutils-libelf-devel + dnf install -y bpftool ca-certificates cmake make automake gcc gcc-c++ kernel-devel clang git pkg-config autoconf automake - name: Checkout uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 @@ -51,7 +51,7 @@ jobs: path: skeleton-build/skel_dir/bpf_probe.skel.h retention-days: 1 - build-packages: + build-packages-release: # See https://github.com/actions/runner/issues/409#issuecomment-1158849936 runs-on: ${{ (inputs.arch == 'aarch64' && 'oracle-aarch64-4cpu-16gb') || 'ubuntu-latest' }} needs: [build-modern-bpf-skeleton] @@ -59,7 +59,7 @@ jobs: # Always install deps before invoking checkout action, to properly perform a full clone. - name: Install build deps run: | - sudo apt update && sudo apt install -y --no-install-recommends ca-certificates cmake curl wget build-essential git pkg-config autoconf automake libtool libelf-dev m4 rpm + sudo apt update && sudo apt install -y --no-install-recommends ca-certificates cmake curl wget build-essential git pkg-config autoconf automake libtool m4 rpm - name: Checkout uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 @@ -78,14 +78,13 @@ jobs: # Jemalloc and ASAN don't play very well together. run: | cmake -B build -S . \ - -DCMAKE_BUILD_TYPE=${{ inputs.build_type }} \ + -DCMAKE_BUILD_TYPE=Release \ -DUSE_BUNDLED_DEPS=On \ -DFALCO_ETC_DIR=/etc/falco \ -DMODERN_BPF_SKEL_DIR=/tmp \ -DBUILD_DRIVER=Off \ -DBUILD_BPF=Off \ - -DUSE_ASAN=${{ (inputs.sanitizers == true && inputs.arch == 'x86_64' && 'ON') || 'OFF' }} \ - -DUSE_JEMALLOC=${{ (inputs.sanitizers == true && inputs.arch == 'x86_64' && 'OFF') || 'ON' }} \ + -DUSE_JEMALLOC=ON \ -DFALCO_VERSION=${{ inputs.version }} - name: Build project @@ -99,37 +98,137 @@ jobs: - name: Upload Falco tar.gz package uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: - name: falco-${{ inputs.version }}-${{ inputs.arch }}${{ inputs.sanitizers == true && '-sanitizers' || '' }}.tar.gz + name: falco-${{ inputs.version }}-${{ inputs.arch }}.tar.gz path: | ${{ github.workspace }}/build/falco-*.tar.gz - name: Upload Falco deb package uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: - name: falco-${{ inputs.version }}-${{ inputs.arch }}${{ inputs.sanitizers == true && '-sanitizers' || '' }}.deb + name: falco-${{ inputs.version }}-${{ inputs.arch }}.deb path: | ${{ github.workspace }}/build/falco-*.deb - name: Upload Falco rpm package uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: - name: falco-${{ inputs.version }}-${{ inputs.arch }}${{ inputs.sanitizers == true && '-sanitizers' || '' }}.rpm + name: falco-${{ inputs.version }}-${{ inputs.arch }}.rpm + path: | + ${{ github.workspace }}/build/falco-*.rpm + + build-packages-debug: + # See https://github.com/actions/runner/issues/409#issuecomment-1158849936 + runs-on: ${{ (inputs.arch == 'aarch64' && 'oracle-aarch64-4cpu-16gb') || 'ubuntu-22.04' }} + if: ${{ inputs.enable_debug == true }} + needs: [build-modern-bpf-skeleton] + steps: + # Always install deps before invoking checkout action, to properly perform a full clone. + - name: Install build deps + run: | + sudo apt update && sudo apt install -y --no-install-recommends ca-certificates cmake curl wget build-essential git pkg-config autoconf automake libtool m4 rpm + + - name: Checkout + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + - name: Download skeleton + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: bpf_probe_${{ inputs.arch }}.skel.h + path: /tmp + + - name: Install zig + if: inputs.sanitizers == false + uses: falcosecurity/libs/.github/actions/install-zig@master + + - name: Prepare project + run: | + cmake -B build -S . \ + -DCMAKE_BUILD_TYPE=Debug \ + -DUSE_BUNDLED_DEPS=On \ + -DFALCO_ETC_DIR=/etc/falco \ + -DMODERN_BPF_SKEL_DIR=/tmp \ + -DBUILD_DRIVER=Off \ + -DBUILD_BPF=Off \ + -DUSE_JEMALLOC=On \ + -DFALCO_VERSION=${{ inputs.version }} + + - name: Build project + run: | + cmake --build build --target falco -j6 + + - name: Build packages + run: | + cmake --build build --target package + + - name: Upload Falco tar.gz package + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + with: + name: falco-${{ inputs.version }}-${{ inputs.arch }}-debug.tar.gz path: | - ${{ github.workspace }}/build/falco-*.rpm + ${{ github.workspace }}/build/falco-*.tar.gz + + build-packages-sanitizers: + # See https://github.com/actions/runner/issues/409#issuecomment-1158849936 + runs-on: ${{ (inputs.arch == 'aarch64' && 'oracle-aarch64-4cpu-16gb') || 'ubuntu-latest' }} + if: ${{ inputs.enable_sanitizers == true }} + needs: [build-modern-bpf-skeleton] + steps: + # Always install deps before invoking checkout action, to properly perform a full clone. + - name: Install build deps + run: | + sudo apt update && sudo apt install -y --no-install-recommends ca-certificates cmake curl wget build-essential git pkg-config autoconf automake libtool m4 rpm + + - name: Checkout + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + - name: Download skeleton + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: bpf_probe_${{ inputs.arch }}.skel.h + path: /tmp + + - name: Prepare project + run: | + cmake -B build -S . \ + -DCMAKE_BUILD_TYPE=Debug \ + -DUSE_BUNDLED_DEPS=On \ + -DFALCO_ETC_DIR=/etc/falco \ + -DMODERN_BPF_SKEL_DIR=/tmp \ + -DBUILD_DRIVER=Off \ + -DBUILD_BPF=Off \ + -DUSE_JEMALLOC=Off \ + -DUSE_ASAN=On \ + -DFALCO_VERSION=${{ inputs.version }} + + - name: Build project + run: | + cmake --build build --target falco -j6 + + - name: Build packages + run: | + cmake --build build --target package + + - name: Upload Falco tar.gz package + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + with: + name: falco-${{ inputs.version }}-${{ inputs.arch }}-sanitizers.tar.gz + path: | + ${{ github.workspace }}/build/falco-*.tar.gz - # The musl build job is currently disabled because we link libelf dynamically and it is - # not possible to dynamically link with musl build-musl-package: # x86_64 only for now - # if: ${{ inputs.arch == 'x86_64' }} - if: false + if: ${{ inputs.arch == 'x86_64' }} runs-on: ubuntu-latest container: alpine:3.17 steps: # Always install deps before invoking checkout action, to properly perform a full clone. - name: Install build dependencies run: | - apk add g++ gcc cmake make git bash perl linux-headers autoconf automake m4 libtool elfutils-dev libelf-static patch binutils bpftool clang + apk add g++ gcc cmake make git bash perl linux-headers autoconf automake m4 libtool elfutils-dev libelf-static patch binutils clang llvm + git clone https://github.com/libbpf/bpftool.git --branch v7.3.0 --single-branch + cd bpftool + git submodule update --init + cd src && make install - name: Checkout uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 @@ -139,10 +238,10 @@ jobs: - name: Prepare project run: | cmake -B build -S . \ - -DCMAKE_BUILD_TYPE=${{ inputs.build_type }} \ + -DCMAKE_BUILD_TYPE=Release \ -DCPACK_GENERATOR=TGZ \ -DBUILD_BPF=Off -DBUILD_DRIVER=Off \ - -DUSE_BUNDLED_DEPS=On -DUSE_BUNDLED_LIBELF=Off -DBUILD_LIBSCAP_MODERN_BPF=ON -DMUSL_OPTIMIZED_BUILD=On -DFALCO_ETC_DIR=/etc/falco -DFALCO_VERSION=${{ inputs.version }} + -DUSE_BUNDLED_DEPS=On -DBUILD_LIBSCAP_MODERN_BPF=ON -DMUSL_OPTIMIZED_BUILD=On -DFALCO_ETC_DIR=/etc/falco -DFALCO_VERSION=${{ inputs.version }} - name: Build project run: | @@ -166,7 +265,7 @@ jobs: build-wasm-package: if: ${{ inputs.arch == 'x86_64' }} - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: # Always install deps before invoking checkout action, to properly perform a full clone. - name: Install build dependencies @@ -190,7 +289,7 @@ jobs: -DBUILD_BPF=Off \ -DBUILD_DRIVER=Off \ -DBUILD_FALCO_MODERN_BPF=Off \ - -DCMAKE_BUILD_TYPE=${{ inputs.build_type }} \ + -DCMAKE_BUILD_TYPE=Release \ -DUSE_BUNDLED_DEPS=On \ -DFALCO_ETC_DIR=/etc/falco \ -DBUILD_FALCO_UNIT_TESTS=On \ @@ -230,28 +329,28 @@ jobs: # NOTE: Backslash doesn't work as line continuation on Windows. - name: Prepare project run: | - cmake -B build -S . -DCMAKE_BUILD_TYPE=${{ inputs.build_type }} -DMINIMAL_BUILD=On -DUSE_BUNDLED_DEPS=On -DBUILD_FALCO_UNIT_TESTS=On -DFALCO_VERSION=${{ inputs.version }} + cmake -B build -S . -DCMAKE_BUILD_TYPE=Release -DMINIMAL_BUILD=On -DUSE_BUNDLED_DEPS=On -DBUILD_FALCO_UNIT_TESTS=On -DFALCO_VERSION=${{ inputs.version }} - name: Build project run: | - cmake --build build --target package --config ${{ inputs.build_type }} + cmake --build build --target package --config Release - name: Run unit Tests run: | - build/unit_tests/${{ inputs.build_type }}/falco_unit_tests.exe + build/unit_tests/Release/falco_unit_tests.exe - name: Upload Falco win32 installer uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: - name: falco-installer-${{ inputs.version }}-win32.exe + name: falco-installer-Release-win32.exe path: build/falco-*.exe - name: Upload Falco win32 package uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 with: - name: falco-${{ inputs.version }}-win32.exe + name: falco-Release-win32.exe path: | - ${{ github.workspace }}/build/userspace/falco/${{ inputs.build_type }}/falco.exe + ${{ github.workspace }}/build/userspace/falco/Release/falco.exe build-macos-package: if: ${{ inputs.arch == 'x86_64' }} diff --git a/.github/workflows/reusable_publish_packages.yaml b/.github/workflows/reusable_publish_packages.yaml index 1fb34d68112..b408edd5025 100644 --- a/.github/workflows/reusable_publish_packages.yaml +++ b/.github/workflows/reusable_publish_packages.yaml @@ -65,10 +65,7 @@ jobs: name: falco-${{ inputs.version }}-aarch64.tar.gz path: /tmp/falco-build-bin - # The musl build job is currently disabled because we link libelf dynamically and it is - # not possible to dynamically link with musl - name: Download static binary x86_64 - if: false uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: falco-${{ inputs.version }}-static-x86_64.tar.gz @@ -102,11 +99,8 @@ jobs: run: | ./scripts/publish-bin -f /tmp/falco-build-bin/falco-${{ inputs.version }}-x86_64.tar.gz -r bin${{ inputs.bucket_suffix }} -a x86_64 ./scripts/publish-bin -f /tmp/falco-build-bin/falco-${{ inputs.version }}-aarch64.tar.gz -r bin${{ inputs.bucket_suffix }} -a aarch64 - - # The musl build job is currently disabled because we link libelf dynamically and it is - # not possible to dynamically link with musl + - name: Publish static - if: false run: | ./scripts/publish-bin -f /tmp/falco-build-bin-static/falco-${{ inputs.version }}-static-x86_64.tar.gz -r bin${{ inputs.bucket_suffix }} -a x86_64 diff --git a/.github/workflows/reusable_test_packages.yaml b/.github/workflows/reusable_test_packages.yaml index 2fe5243d085..c69652ed575 100644 --- a/.github/workflows/reusable_test_packages.yaml +++ b/.github/workflows/reusable_test_packages.yaml @@ -66,3 +66,4 @@ jobs: static: ${{ inputs.static && 'true' || 'false' }} test-drivers: ${{ inputs.arch == 'x86_64' && 'true' || 'false' }} show-all: 'true' + report-name-suffix: ${{ inputs.static && '-static' || '' }}${{ inputs.sanitizers && '-sanitizers' || '' }} diff --git a/CMakeLists.txt b/CMakeLists.txt index a28d0b62a3e..59edf1716da 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -17,7 +17,7 @@ cmake_minimum_required(VERSION 3.5.1) project(falco) option(USE_BUNDLED_DEPS "Bundle hard to find dependencies into the Falco binary" ON) -option(USE_DYNAMIC_LIBELF "Dynamically link libelf" ON) +option(USE_DYNAMIC_LIBELF "Dynamically link libelf" OFF) option(BUILD_WARNINGS_AS_ERRORS "Enable building with -Wextra -Werror flags" OFF) option( MINIMAL_BUILD diff --git a/cmake/modules/CPackConfig.cmake b/cmake/modules/CPackConfig.cmake index e4074359d9c..23ac61f5695 100644 --- a/cmake/modules/CPackConfig.cmake +++ b/cmake/modules/CPackConfig.cmake @@ -24,7 +24,11 @@ set(CPACK_PACKAGE_VERSION_MAJOR "${FALCO_VERSION_MAJOR}") set(CPACK_PACKAGE_VERSION_MINOR "${FALCO_VERSION_MINOR}") set(CPACK_PACKAGE_VERSION_PATCH "${FALCO_VERSION_PATCH}") set(CPACK_PROJECT_CONFIG_FILE "${PROJECT_SOURCE_DIR}/cmake/cpack/CMakeCPackOptions.cmake") -set(CPACK_STRIP_FILES "ON") +if(CMAKE_BUILD_TYPE STREQUAL "debug") + set(CPACK_STRIP_FILES "OFF") +else() + set(CPACK_STRIP_FILES "ON") +endif() set(CPACK_PACKAGE_RELOCATABLE "OFF") if(EMSCRIPTEN) set(CPACK_PACKAGE_FILE_NAME "${CPACK_PACKAGE_NAME}-${CPACK_PACKAGE_VERSION}-wasm") diff --git a/cmake/modules/cpp-httplib.cmake b/cmake/modules/cpp-httplib.cmake index 3af5cf8a09f..5e3f1c16362 100644 --- a/cmake/modules/cpp-httplib.cmake +++ b/cmake/modules/cpp-httplib.cmake @@ -18,6 +18,8 @@ option(USE_BUNDLED_CPPHTTPLIB "Enable building of the bundled cpp-httplib" ${USE if(USE_BUNDLED_CPPHTTPLIB) set(HTTPLIB_USE_BROTLI_IF_AVAILABLE OFF) set(HTTPLIB_REQUIRE_BROTLI OFF) + set(HTTPLIB_USE_ZLIB_IF_AVAILABLE OFF) + set(HTTPLIB_REQUIRE_ZLIB OFF) include(FetchContent) FetchContent_Declare( cpp-httplib diff --git a/cmake/modules/driver.cmake b/cmake/modules/driver.cmake index 9c7db59c8a1..bc5fdd0d639 100644 --- a/cmake/modules/driver.cmake +++ b/cmake/modules/driver.cmake @@ -35,9 +35,9 @@ else() # FALCOSECURITY_LIBS_VERSION. In case you want to test against another driver version (or # branch, or commit) just pass the variable - ie., `cmake -DDRIVER_VERSION=dev ..` if(NOT DRIVER_VERSION) - set(DRIVER_VERSION "12c8b09a4c50a8db52b07105d29eb6eee826b3e9") + set(DRIVER_VERSION "9ee57c8d583c8d22e8c032011d48bdc8897bc9af") set(DRIVER_CHECKSUM - "SHA256=345665169f7fce64af926ef018ad4c62170ff15c6d07ad2f5cb7ff23431f6af1" + "SHA256=051f090beed8424b1b531612fb3e522d4c09a1417edeea1358966de61d7b0248" ) endif() diff --git a/cmake/modules/falcosecurity-libs.cmake b/cmake/modules/falcosecurity-libs.cmake index b9cbdee8cf4..2566c8ee017 100644 --- a/cmake/modules/falcosecurity-libs.cmake +++ b/cmake/modules/falcosecurity-libs.cmake @@ -42,9 +42,9 @@ else() # version (or branch, or commit) just pass the variable - ie., `cmake # -DFALCOSECURITY_LIBS_VERSION=dev ..` if(NOT FALCOSECURITY_LIBS_VERSION) - set(FALCOSECURITY_LIBS_VERSION "12c8b09a4c50a8db52b07105d29eb6eee826b3e9") + set(FALCOSECURITY_LIBS_VERSION "9ee57c8d583c8d22e8c032011d48bdc8897bc9af") set(FALCOSECURITY_LIBS_CHECKSUM - "SHA256=345665169f7fce64af926ef018ad4c62170ff15c6d07ad2f5cb7ff23431f6af1" + "SHA256=051f090beed8424b1b531612fb3e522d4c09a1417edeea1358966de61d7b0248" ) endif() diff --git a/userspace/engine/falco_engine_version.h b/userspace/engine/falco_engine_version.h index 778af2ddfe3..f11e0bc904d 100644 --- a/userspace/engine/falco_engine_version.h +++ b/userspace/engine/falco_engine_version.h @@ -20,7 +20,7 @@ limitations under the License. // The version of this Falco engine #define FALCO_ENGINE_VERSION_MAJOR 0 -#define FALCO_ENGINE_VERSION_MINOR 44 +#define FALCO_ENGINE_VERSION_MINOR 45 #define FALCO_ENGINE_VERSION_PATCH 0 #define FALCO_ENGINE_VERSION \ @@ -36,4 +36,4 @@ limitations under the License. // It represents the fields supported by this version of Falco, // the event types, and the underlying driverevent schema. It's used to // detetect changes in engine version in our CI jobs. -#define FALCO_ENGINE_CHECKSUM "ff12f0e76bed0e9a512ab22f039c199a3b166540ccfe6eb5177d0b08a6cae251" +#define FALCO_ENGINE_CHECKSUM "e70717b7c18f98c9067bb50f6990132b0f6e7c9a403106ba5b80ccb30e9d8f42" diff --git a/userspace/falco/webserver.cpp b/userspace/falco/webserver.cpp index c08f02687ce..37d63d21f4b 100644 --- a/userspace/falco/webserver.cpp +++ b/userspace/falco/webserver.cpp @@ -69,9 +69,8 @@ void falco_webserver::start(const falco::app::state &state, throw falco_exception("invalid webserver configuration"); } - std::atomic failed; - failed.store(false, std::memory_order_release); - m_server_thread = std::thread([this, webserver_config, &failed] { + m_failed.store(false, std::memory_order_release); + m_server_thread = std::thread([this, webserver_config] { try { this->m_server->listen(webserver_config.m_listen_address, webserver_config.m_listen_port); @@ -79,16 +78,16 @@ void falco_webserver::start(const falco::app::state &state, falco_logger::log(falco_logger::level::ERR, "falco_webserver: " + std::string(e.what()) + "\n"); } - failed.store(true, std::memory_order_release); + this->m_failed.store(true, std::memory_order_release); }); // wait for the server to actually start up // note: is_running() is atomic - while(!m_server->is_running() && !failed.load(std::memory_order_acquire)) { + while(!m_server->is_running() && !m_failed.load(std::memory_order_acquire)) { std::this_thread::yield(); } m_running = true; - if(failed.load(std::memory_order_acquire)) { + if(m_failed.load(std::memory_order_acquire)) { stop(); throw falco_exception("an error occurred while starting webserver"); } diff --git a/userspace/falco/webserver.h b/userspace/falco/webserver.h index 8e3b4ba215e..2c5c08b00ef 100644 --- a/userspace/falco/webserver.h +++ b/userspace/falco/webserver.h @@ -45,4 +45,5 @@ class falco_webserver { bool m_running = false; std::unique_ptr m_server = nullptr; std::thread m_server_thread; + std::atomic m_failed; };