0.9.0
Andreagit97
released this
14 Oct 12:18
·
10 commits
to release/0.9.0
since this release
What's Changed
- update(gvisor): add retries and ignore_setup_error to gvisor config g… by @loresuso in #488
- fix: thread-safety issue in proclist savefile by @deepskyblue86 in #473
- update(OWNERS): move inactive approvers to emeritus_approvers by @jasondellaluce in #489
- feat: Add new return code for filtered events(1/3) by @nathan-b in #490
- Lookup retry on asynchronous container engines by @deepskyblue86 in #402
- Convert savefile (scap file reader) to a scap engine [3/n] by @gnosek in #487
- new(CI): add GH actions for modern BPF probe by @Andreagit97 in #496
- cleanup(libsinsp): remove redundant string in validate_filter_value by @LucaGuerra in #507
- fix(userspace/libscap): fix windows and macos linking of binaries. by @FedeDP in #502
- fix(libsinsp): retain compatibility with PPME_SYSCALL_DUP_X by @LucaGuerra in #508
- new(userspace/libsinsp): support loading users and groups from overlayfs for containers by @FedeDP in #493
- new(sinsp/test): add event based tests by @LucaGuerra in #485
- update(libsinsp): drop also untracked syscalls in kernel-side simple consumer mode by @Andreagit97 in #211
- Don't use C99 initializers in C++ by @gnosek in #511
- update(CI): build also
bpf_test
in ARM64 job by @Andreagit97 in #510 - Track container user info and expose via user.name by @mstemm in #332
- Fix threadinfo leaks when threaded programs exec by @mstemm in #336
- feat(filterchecks): add optional metrics struct for caching by @mstemm in #351
- Add ast as string by @mstemm in #394
- fix(scap/gvisor): do not use C99 initializers in C++ in gVisor by @LucaGuerra in #519
- fix(gvisor): cleanup tests, consistent return values by @LucaGuerra in #520
- Detect valijson on the system and use it when requested by @ovalenti in #491
- fix(libscap): Use fdopen if gzdopen isn't available. by @geraldcombs in #523
- update(tests): automatically run libscap tests in CI by @LucaGuerra in #522
- update(scap-open): handle all scap return codes by @jasondellaluce in #528
- chore(PULL_REQUEST_TEMPLATE.md): add savefile engine entry by @jasondellaluce in #529
- update(userspace/libscap): support scap reader for stream data by @jasondellaluce in #525
- fix(userspace/libsinsp): revert container.mount source and dest extraction by @jasondellaluce in #532
- fix(libsinsp/tests): fix two simple memory leaks in tests by @LucaGuerra in #534
- fix(ci): fixed checkout action fetch depth. by @FedeDP in #533
- chore(userspace/libscap): fixed printf on error when check_api_compatibility() fails by @FedeDP in #527
- new(ci): build libs and modern-bpf for s390x by @hbrueckner in #538
- cleanup(userspace/libsinsp): remove legacy references by @jasondellaluce in #539
- update(OWNERS): add Luca Guerra (LucaGuerra) to owners by @LucaGuerra in #536
- Fixup our Win32 checks. by @geraldcombs in #541
- fix(libsinsp): consider
<NA>
as an empty param by @Andreagit97 in #499 - update(userspace/libscap): improve scap reader by @jasondellaluce in #545
- create static method to clone existing sinsp_evt by @VadimZy in #495
- new(libsinsp/tests): add basic dup/dup2/dup3 tests by @LucaGuerra in #537
- refactor(libsinsp): manage memory in ast/parser via unique_ptrs by @LucaGuerra in #535
- update(cmake): Remove old LuaJIT+macOS compiler flags. by @geraldcombs in #555
- update(libsinsp/drivers): send empty params from drivers and manage them in userspace by @Andreagit97 in #551
- fix(userspace/libscap): set gzerror fallback to static by @jasondellaluce in #557
- improve fields parsing performance by eliminating temp strings. by @VadimZy in #530
- update: add re2 dependency for portable and reliable regex matching by @jasondellaluce in #556
- fix(userspace/libsinsp): fix parse_field_name() wrong check (size_t, aka uint32_t, cast of max_fldlen) by @FedeDP in #562
- fix(userspace/libsinsp): solve assert errors in unit tests by @jasondellaluce in #563
- chore(userspace/libscap): give name to bpf programs by @alban in #559
- (fix) Fix compile error in sinsp_with_test_input by @gnosek in #564
- fix(libsinsp): retrieve the correct
exepath
withexecveat
syscall by @Andreagit97 in #552 - update(libsinsp)!: merge all the opening methods into just one by @Andreagit97 in #540
- fix(userspace/libsinsp/filter)!: use raw pointers in AST as_string signature by @jasondellaluce in #561
- fix(libsinsp): avoid unused variable by @gnosek in #566
- fix(readme): fixed small typo. by @FedeDP in #570
- Consider scap host root for passwd and group lookup by @deepskyblue86 in #542
- cleanup(sinsp): add output format option to sinsp-example by @incertum in #568
- fix(libsinsp): keep the copy of cgroups alive across the write by @deepskyblue86 in #575
- new(ci): run tests with AddressSanitizer on x86_64 by @LucaGuerra in #573
- update(build): bump c-ares to 1.18.1 by @LucaGuerra in #578
- update(userspace/plugin): bump plugin API version to 2.0.0 by @jasondellaluce in #547
- update(readme): add a beautiful archs badge that links to proper section in readme by @FedeDP in #586
- fix(userspace/libscap,userspace/libsinsp): properly add parsers for multiple EF_CREATES_FD events. by @FedeDP in #579
- update(userspace/libsinsp): k8s filterchecks documentation desc by @leogr in #589
- update(OWNERS): add Hendrik Brueckner (hbrueckner) as reviewer by @hbrueckner in #590
- new(libsinsp/test): Test open/openat/creat NULL filenames and enter/exit string disagreements by @LucaGuerra in #572
- Add e2e tests based on sinsp-example by @Molter73 in #506
- chore(userspace/libsinsp): improve
get_event_type
util method in sinsp-example by @FedeDP in #598 - new(userspace/libsinsp): provide multiple default sets for ppm_sc of interest by @FedeDP in #585
- Random cleanups by @gnosek in #588
- chore(userspace/libsinsp): move new
enforce_X_ppm_sc
near toenforce_sinsp_state_ppm_sc
by @FedeDP in #599 - Save parser positions ast by @mstemm in #560
- fix(userspace/libsinsp): use self instead of inspector's usergroup_manager by @deepskyblue86 in #602
- new(sinsp/tests): introduce sinsp_usergroup_manager test by @deepskyblue86 in #601
- add filter execution statistics to be analyzed by the clients by @VadimZy in #583
- new(libsinsp,engines): add support for variable shared buffer dimension by @Andreagit97 in #584
- fix(CI): remove an old reference by @Andreagit97 in #613
- new(libsinps): add a new API in sinsp to obtain the events associated with a set of
ppm_sc
by @Andreagit97 in #609 - update(build): use -Og when debugging by @LucaGuerra in #616
- new(libsinsp/test): add spawn process test by @LucaGuerra in #614
- mitigation for falco#1909 - fix(k8s-client): handle network related exceptions by @alacuku in #610
- mitigation for falco#1909 by @leogr in #591
- chore(libscap): Check handle for NULL in scap API by @nathan-b in #608
- build(.github): enable CI workflow on all branches by @leogr in #619
- new(test): add "Coverage" build type to generate test coverage info by @LucaGuerra in #603
- new(libsinsp)!: introduce new API + cleanup by @Andreagit97 in #620
- new(scap-open): add the
simple_set
mode by @Andreagit97 in #624 - fix(libsinsp): use consistent 32bit GID fields by @LucaGuerra in #631
- Initialize evtnum in sinsp_evt::init methods by @mstemm in #639
- fix(libsinsp): refresh user / group when detecting a container by @deepskyblue86 in #638
- fix(libsinsp): display invalid pids as by @LucaGuerra in #637
- fix(engine/gvisor): allow empty (default) root path by @LucaGuerra in #641
- fix(userspace/libsinsp): properly load users and groups from pre-existing containers on init by @FedeDP in #635
- fix(libsinsp): fix path handling in open_by_handle_at by @LucaGuerra in #650
- fix(userspace/libsinsp): properly manage EC_SYSCALL/TRACEPOINT/PLUGIN category "origin"mask by @FedeDP in #643
- fix(sinsp): don't look up thread -1 in the table by @gnosek in #651
- fix(libsinsp, libscap): fix compiler warning about uninitialized var by @LucaGuerra in #653
- fix(userspace/libsinsp): set event number consistently by @jasondellaluce in #655
- new(libsinsp,libscap): add a new generable event API by @Andreagit97 in #656
- update(libscap-engine-kmod): avoid a write operation when not necessary by @Andreagit97 in #661
- fix(userspace): add compat syscalls header by @FedeDP in #662
- fix(userspace/sinsp): return event names of generic syscall events by @jasondellaluce in #663
- fix(userspace): split is_unused from is_skip_parse_reset event checks by @jasondellaluce in #665
- fix(userspace/libsinsp): do proper checks on syscall.type filtercheck by @jasondellaluce in #669
New Contributors
- @nathan-b made their first contribution in #490
- @hbrueckner made their first contribution in #504
- @ovalenti made their first contribution in #491
- @alban made their first contribution in #559
Full Changelog: 0.8.0...0.9.0