0.17.3-rc1

fix: class definitions with duplicate names

Signed-off-by: Federico Aponte <[email protected]>

0.17.2

v0.17.2

Released on 2024-06-17

Minor Changes

• update(build): update c-ares to 1.30.0 [#1900] - @LucaGuerra

Bug Fixes

• fix(libsinsp): fix signed compare operator [#1905] - @LucaGuerra
• fix(plugin_api): wrong metrics type enums [#1885] - @mrgian

Non user-facing changes

• fix: Ignore NSS user and group entries [#1909] - @federico-sysdig
• chore(cmake): workaround CI issue for windows. [#1902] - @FedeDP

Statistics

MERGED PRS	NUMBER
Not user-facing	2
Release note	3
Total	5

Release Manager @FedeDP

0.17.1

v0.17.1

Released on 2024-05-29

Major Changes

• new(userspace/libsinsp): support lxc 4.0 cgroup layout. [#1879] - @FedeDP

Bug Fixes

• fix(userspace/libsinsp): fixed possible buffer overflow in sinsp_plugin::get_metrics [#1880] - @FedeDP

Statistics

MERGED PRS	NUMBER
Not user-facing	0
Release note	2
Total	2

Release Manager @FedeDP

7.2.0+driver

Driver Testing Matrix amd64

KERNEL	CMAKE-CONFIGURE	KMOD BUILD	KMOD SCAP-OPEN	BPF-PROBE BUILD	BPF-PROBE SCAP-OPEN	MODERN-BPF SCAP-OPEN
amazonlinux2-4.19	🟢	🟢	🟢	🟢	❌	🟡
amazonlinux2-5.10	🟢	🟢	🟢	🟢	🟢	🟢
amazonlinux2-5.15	🟢	🟢	🟢	🟢	🟢	🟢
amazonlinux2-5.4	🟢	🟢	🟢	🟢	🟢	🟡
amazonlinux2022-5.15	🟢	🟢	🟢	🟢	🟢	🟢
amazonlinux2023-6.1	🟢	🟢	🟢	🟢	🟢	🟢
archlinux-6.0	🟢	🟢	🟢	🟢	🟢	🟢
archlinux-6.7	🟢	🟢	🟢	🟢	🟢	🟢
centos-3.10	🟢	🟢	🟢	🟡	🟡	🟡
centos-4.18	🟢	🟢	🟢	🟢	🟢	🟢
centos-5.14	🟢	🟢	🟢	🟢	🟢	🟢
fedora-5.17	🟢	🟢	🟢	🟢	🟢	🟢
fedora-5.8	🟢	🟢	🟢	🟢	🟢	🟢
fedora-6.2	🟢	🟢	🟢	🟢	🟢	🟢
oraclelinux-3.10	🟢	🟢	🟢	🟡	🟡	🟡
oraclelinux-4.14	🟢	🟢	🟢	🟢	🟢	🟡
oraclelinux-5.15	🟢	🟢	🟢	🟢	🟢	🟢
oraclelinux-5.4	🟢	🟢	🟢	🟢	🟢	🟡
ubuntu-4.15	🟢	🟢	🟢	🟢	🟢	🟡
ubuntu-5.8	🟢	🟢	🟢	🟢	🟢	🟡
ubuntu-6.5	🟢	🟢	🟢	🟢	🟢	🟢

Driver Testing Matrix arm64

KERNEL	CMAKE-CONFIGURE	KMOD BUILD	KMOD SCAP-OPEN	BPF-PROBE BUILD	BPF-PROBE SCAP-OPEN	MODERN-BPF SCAP-OPEN
amazonlinux2-5.4	🟢	🟢	🟢	🟢	🟢	🟡
amazonlinux2022-5.15	🟢	🟢	🟢	🟢	🟢	🟢
fedora-6.2	🟢	🟢	🟢	🟢	🟢	🟢
oraclelinux-4.14	🟢	🟢	🟢	🟡	🟡	🟡
oraclelinux-5.15	🟢	🟢	🟢	🟢	🟢	🟢
ubuntu-6.5	🟢	🟢	🟢	🟢	🟢	🟢

v7.2.0+driver

Released on 2024-05-23

Bug Fixes

• fix(driver/bpf): not sending entire arguments array on execve fail [#1760] - @mrgian
• fix(driver/bpf): fixed old bpf probe with clang-18. [#1874] - @FedeDP
• fix: filtering for 'mmap' and 'mmap2' using fd values [#1832] - @eddyduer-sysdig

Non user-facing changes

• fix(driver/configure): properly pass CC variable as make argument. [#1873] - @FedeDP

Statistics

MERGED PRS	NUMBER
Not user-facing	1
Release note	3
Total	4

Release Manager @FedeDP

0.17.0

v0.17.0

Released on 2024-05-23

Breaking Changes ⚠️

• update(userspace/libsinsp)!: support field transformers in filter grammar, ast, parser, and data structures [#1831] - @jasondellaluce

Major Changes

• new(plugin_api): add plugin metrics support [#1828] - @mrgian

Minor Changes

• refactor!(userspace/libsinsp): unique_ptr to arrays in sinsp_evt::from_scap_evt method [#1836] - @federico-sysdig
• chore(userspace/libscap): limit MIN/MAX macros to plain C [#1860] - @federico-sysdig
• refactor(userspace/libsinsp): catch filter field-operator compatibility at compile-time instead of run-time [#1857] - @jasondellaluce
• update(userspace/libsinsp): support array-like types as state fields in thread infos, compatible with plugin API [#1868] - @jasondellaluce
• update(userspace/libsinsp): expose file descriptors as state subtable fields compatible with plugins [#1866] - @jasondellaluce
• update(userspace): define subtable field type in plugin API and sinsp state API [#1849] - @jasondellaluce
• refactor(userspace/libsinsp): support field transformers in formatters [#1847] - @jasondellaluce
• refactor(userspace/libsinsp): optimize allocations of filter checks [#1841] - @jasondellaluce
• refactor(userspace/libsinsp): minor changes in state API, expose new threadinfo fields [#1838] - @jasondellaluce
• update(userspace/libsinsp): support field transformers in filtercheck data structures [#1795] - @jasondellaluce

Bug Fixes

• fix(libsinsp): make sure formatted bytebuf doesn't contain irregular characters [#1862] - @mrgian
• fix(userspace/libsinsp): podman support during scap files replay [#1851] - @FedeDP
• fix(userspace/libsinsp): solve a bunch of bugs in the filter checks area [#1854] - @jasondellaluce

Non user-facing changes

• feat(tests): new e2e tests [7/N] [#1814] - @therealbobo
• test(drivers): add some tests for ia32 syscalls [#1872] - @Andreagit97
• cleanup(modern): clear some arrays before using them [#1869] - @Andreagit97
• new(ci): add a test-drivers-ppc64le workflow. [#1824] - @FedeDP
• chore(userspace/libsinsp): disable flaky test on arm64. [#1865] - @FedeDP
• new(libsinsp): async event queue capacity setter [#1815] - @mrgian
• fix(modern): try to address a page fault caused by bpf_probe_read_kernel [#1858] - @Andreagit97
• fix(sinsp): remove wrong unix parsing logic [#1864] - @Andreagit97
• sinsp_cgroup goodies [#1861] - @deepskyblue86
• chore(test/e2e): redirect stderr to stdout. [#1863] - @FedeDP
• new(test): add a test for a bind with unix socket [#1852] - @Andreagit97
• fix(ci): fixed drivers_ci if condition for kernel headers install steps [#1859] - @FedeDP
• chore(ci): use get-kernel-sources master sha. [#1856] - @FedeDP
• cleanup(libsinsp): remove unused member from threadinfo [#1853] - @therealbobo
• fix(ci): fix drivers_ci trigger and update get-kernel-sources sha [#1855] - @FedeDP
• chore(docs): replace IN and OUT macros with docs [#1817] - @Molter73
• new(tests): check vdso-vsyscalls involved syscalls on 32/64 bits [#1839] - @Andreagit97
• fix(userspace/libsinsp): solve cases of unsafe string_view access [#1846] - @jasondellaluce
• fix(libpman): manage discarded events [#1845] - @Andreagit97
• new(scap-open): add stats for syscalls received in userspace [#1844] - @Andreagit97
• chore(ci): merge release body workflows [#1829] - @FedeDP
• refactor: use C++ std lib for sinsp::get_file_size [#1837] - @federico-sysdig
• fix(userspace/libsinsp): remove wrong ASSERTs [#1833] - @jasondellaluce
• refactor: smart pointer usage [#1835] - @federico-sysdig
• fix(libsinsp): avoid unintented copies [#1834] - @therealbobo
• fix(userspace/libsinsp): make sure simple sinsp wrapper methods are inlined [#1830] - @jasondellaluce
• refactor: Use string_view in event filters and more [#1797] - @federico-sysdig

Statistics

MERGED PRS	NUMBER
Not user-facing	27
Release note	15
Total	42

Release Manager @FedeDP

0.17.0-rc2

What's Changed

• sync: release 0.17.x by @FedeDP in #1876

Full Changelog: 0.17.0-rc1...0.17.0-rc2

0.17.0-rc1

fix(driver/configure): properly pass `CC` variable as make argument.

Signed-off-by: Federico Di Pierro <[email protected]>

7.1.0+driver

Driver Testing Matrix amd64

KERNEL	CMAKE-CONFIGURE	KMOD BUILD	KMOD SCAP-OPEN	BPF-PROBE BUILD	BPF-PROBE SCAP-OPEN	MODERN-BPF SCAP-OPEN
amazonlinux2-4.19	🟢	🟢	🟢	🟢	❌	🟡
amazonlinux2-5.10	🟢	🟢	🟢	🟢	🟢	🟢
amazonlinux2-5.15	🟢	🟢	🟢	🟢	🟢	🟢
amazonlinux2-5.4	🟢	🟢	🟢	🟢	🟢	🟡
amazonlinux2022-5.15	🟢	🟢	🟢	🟢	🟢	🟢
amazonlinux2023-6.1	🟢	🟢	🟢	🟢	🟢	🟢
archlinux-6.0	🟢	🟢	🟢	🟢	🟢	🟢
archlinux-6.7	🟢	🟢	🟢	🟢	🟢	🟢
centos-3.10	🟢	🟢	🟢	🟡	🟡	🟡
centos-4.18	🟢	🟢	🟢	🟢	🟢	🟢
centos-5.14	🟢	🟢	🟢	🟢	🟢	🟢
fedora-5.17	🟢	🟢	🟢	🟢	🟢	🟢
fedora-5.8	🟢	🟢	🟢	🟢	🟢	🟢
fedora-6.2	🟢	🟢	🟢	🟢	🟢	🟢
oraclelinux-3.10	🟢	🟢	🟢	🟡	🟡	🟡
oraclelinux-4.14	🟢	🟢	🟢	🟢	🟢	🟡
oraclelinux-5.15	🟢	🟢	🟢	🟢	🟢	🟢
oraclelinux-5.4	🟢	🟢	🟢	🟢	🟢	🟡
ubuntu-4.15	🟢	🟢	🟢	🟢	🟢	🟡
ubuntu-5.8	🟢	🟢	🟢	🟢	🟢	🟡
ubuntu-6.5	🟢	🟢	🟢	🟢	🟢	🟢

Driver Testing Matrix arm64

KERNEL	CMAKE-CONFIGURE	KMOD BUILD	KMOD SCAP-OPEN	BPF-PROBE BUILD	BPF-PROBE SCAP-OPEN	MODERN-BPF SCAP-OPEN
amazonlinux2-5.4	🟢	🟢	🟢	🟢	🟢	🟡
amazonlinux2022-5.15	🟢	🟢	🟢	🟢	🟢	🟢
fedora-6.2	🟢	🟢	🟢	🟢	🟢	🟢
oraclelinux-4.14	🟢	🟢	🟢	🟡	🟡	🟡
oraclelinux-5.15	🟢	🟢	🟢	🟢	🟢	🟢
ubuntu-6.5	🟢	🟢	🟢	🟢	🟢	🟢

v7.1.0+driver

Released on 2024-05-02

Major Changes

• new(driver): collect dev and inode in all open-family syscalls [#1755] - @mrgian
• feat(driver): add support for newfstatat syscall [#1628] - @mrgian

Minor Changes

• Update(driver): Introduce the BPF commands name [#1545] - @Rohith-Raju

Bug Fixes

• fix(driver): exe_writable is not being filled with the correct value with kernels <3.1.0 [#1629] - @therealbobo
• fix(drivers): add always a null terminator after args and envs [#1800] - @Andreagit97
• fix(modern_bpf): recvmsg filler sending empty addres for udp connections [#1773] - @mrgian
• fix(driver): avoid sending a NULL tuple in recvfrom syscall [#1767] - @mrgian
• fix(driver-kmod): error: too many arguments to function ‘class_create’ [#1725] - @deepskyblue86

Non user-facing changes

• fix(ci): fixed release-body-driver workflow. [#1823] - @FedeDP
• Use config check to enable memfd related processing [#1819] - @lrishi
• fix(driver/modern_bpf,test/drivers): fixed drivers_test on ppc64le [#1739] - @FedeDP
• feat(driver): Add loongarch64 kernel module support [#1803] - @yzewei
• docs(driver/bpf): minimum kernel release ver for bpf for ppc64le is 5.1. [#1794] - @FedeDP
• fix(driver/modern_bpf): correctly set dyn snaplen w/ sendmsg and sendto [#1778] - @therealbobo
• fix(driver/bpf) honor CLANG and LLC from the env [#1772] - @iurly
• fix(driver/bpf): report correct args of getresuid syscall [#1769] - @therealbobo
• fix(fillers): remove user-triggerable assertions in flag conversion code [#1764] - @gnosek
• fix(driver/modern_bpf): avoid type confusion setting snaplen [#1762] - @therealbobo
• fix(kmod): fix signedness on fd of dup syscalls [#1761] - @therealbobo
• new: add support for delete_module syscall [#1717] - @loresuso
• fix(test): improve process_vm_readvX failure test [#1716] - @therealbobo
• fix(driver/kmod): always send fds to userspace in poll/ppoll syscall exit [#1714] - @mrgian
• chore(driver): properly use strscpy. [#1632] - @FedeDP
• fix(modern_bpf): null destination address in sendto and sendmsg syscalls [#1687] - @mrgian
• fix(driver): configure newfstatat with UF_ALWAYS_DROP [#1683] - [@wigol](https://git...

0.16.0

v0.16.0

Released on 2024-05-02

Minor Changes

• refactor(userspace/libsinsp): improve performance of endswith filter operator [#1796] - @jasondellaluce
• refactor(libsinsp): better clarify filtercheck subclass extracting only one value [#1792] - @jasondellaluce
• refactor!(chisels): deprecate chisels [#1785] - @therealbobo

Bug Fixes

• fix(sinsp): set a null terminator instead of throwing an exception [#1818] - @Andreagit97
• fix(libscap): fix libscap crashing if scap functions are called with a NULL handle [#1802] - @LucaGuerra
• fix(userspace/libsinsp): solve formatts being cropped with fd.types [#1781] - @jasondellaluce
• fix(gvisor): fix duplicated command names [#1777] - @LucaGuerra

Non user-facing changes

• cleanup(libscap): Allow retries after encountering SCAP_EOF [#1809] - @geraldcombs
• new(userspace/libsinsp): allow to not retrieve detailed user info [#1765] - @erthalion
• fix(userspace/libsinsp): properly set successful lookup state when parsing old container json events [#1811] - @FedeDP
• fix(libscap): send a consistent length when reading scap files [#1812] - @LucaGuerra
• fix(userspace/libsinsp): properly use strlen instead of sizeof when assigning user/group string infos [#1813] - @FedeDP
• cleanup(libsinsp): throw exception for invalid parsed string vectors [#1810] - @LucaGuerra
• fix(e2e_ci): always update apt index [#1808] - @therealbobo
• fix(driver/modern_bpf): address task_struct has no embedded thread_info [#1806] - @Andreagit97
• new(userspace/libsinsp): check usage of wrong-sized variadic arguments in sinsp tests [#1799] - @FedeDP
• fix(libsinsp_e2e): disable flaky sys_call_test.forking_clone_fs e2e test [#1801] - @therealbobo
• fix(userspace/libsinsp): fixed multiple proc related tests variadic arguments types [#1798] - @FedeDP
• new(tests): add some libsinsp tests [#1791] - @Andreagit97
• cleanup(userspace/libsinsp): improved sinsp metrics_collector to make it more future proof [#1745] - @FedeDP
• new(userspace/libsinsp): add building blocks for filter field transformers [#1793] - @jasondellaluce
• feat(libsinsp/container_info): change default / init lookup state to FAILED [#1707] - @incertum
• Reviewing and enhancing fields inline documentation [1/N] (proc.*) [#1779] - @leogr
• feat(tests): new e2e tests [6/N] [#1776] - @therealbobo
• fix(userspace): remove some wrong asserts [#1790] - @Andreagit97
• fix(cmake/modules/re2): use sed compatible syntax w/ macos [#1788] - @therealbobo
• test(userspace/libsinsp): add cases for formatters and minor improvements [#1787] - @jasondellaluce
• fix(libsinsp_e2e): make forking_clone_fs more reliable [#1783] - @therealbobo
• fix(cmake/modules/re2): fix configure issue on cmake >=3.29.1 [#1786] - @therealbobo
• new(scap-open): collect the average dimension of events [#1780] - @Andreagit97
• fix(build): use ENABLE_COVERAGE for coverage, fix segfault [#1766] - @LucaGuerra
• fix(tests/gvisor): fix build and sanitizer exec in gvisor parser tests [#1782] - @LucaGuerra
• feat(tests): new e2e tests [5/N] [#1771] - @therealbobo
• new(libsinsp/test): new unit tests for logger [#1770] - @therealbobo
• update(build): update libcurl to 8.7.1 [#1774] - @LucaGuerra
• chore(.github): enhance heuristics API_VERSION and SCHEMA_VERSION checks [#1768] - @leogr
• feat(tests): new e2e tests [4/N] [#1763] - @therealbobo
• feat(tests): new e2e tests [3/N] [#1720] - @therealbobo
• chore(ci): libsinsp e2e CI caching [#1756] - @therealbobo
• Revert "update(sinsp): implement suppressed tid cache in sinsp_suppress" [#1748] - @gnosek
• fix(libpman): fix compilation issue with -Werror [#1752] - @therealbobo

Statistics

MERGED PRS	NUMBER
Not user-facing	34
Release note	7
Total	41

Release Manager @FedeDP

0.16.0-rc4

Use config check to enable memfd related processing (#550)

Signed-off-by: Lovel Rishi <[email protected]>