Releases: falcosecurity/libs
Releases · falcosecurity/libs
0.13.0-rc2
What's Changed
- sync: release 0.13.x by @FedeDP in #1335
- sync: release 0.13.x by @Andreagit97 in #1344
- sync: release 0.13.x by @FedeDP in #1351
Full Changelog: 0.13.0-rc1...0.13.0-rc2
Contributors
FedeDP and Andreagit97
Assets 2
0.13.0-rc1
What's Changed
- update(ci): bump kernel-testing to v.2.2 by @alacuku in #1234
- fix(modern_bpf): fix NULL dereference in signal_deliver filler by @gnosek in #1236
- update(readme): update readme, link to the falco website by @LucaGuerra in #1237
- new(ci): add a release-body CI for drivers releases. by @FedeDP in #1238
- fix(ci): fixed release-body workflow to avoid using ed. by @FedeDP in #1239
- fix(ci): fixed release-body matrixes path. by @FedeDP in #1240
- fix(ci): force tag_name in release-body workflow. by @FedeDP in #1241
- fix(ci): match release branches in release-body by @FedeDP in #1243
- fix(userspace/libsinsp): make sinsp struct size independent from compilation flags by @jasondellaluce in #1245
- fix(userspace/libsinsp): solve ambiguous move casting by @jasondellaluce in #1246
- update(ci): bumped kernel_tests to v0.2.3 by @FedeDP in #1247
- fix(libscap): off-by-one bug in cgroup v1 parser by @mattnite in #1252
- fix(scap): remove unnecessary and harmful strchr(
=) by @gnosek in #1262 - fix(ci): fixed release-body CI trigger. by @FedeDP in #1264
- new(build): upgrade to OpenSSL 3.1.1 by @LucaGuerra in #1258
- update(cmake/modules): bump luajit by @therealbobo in #1268
- fix: ignore whitespace only cpuset.cpus entries by @greyhame-s in #1272
- cleanup(libsinsp): swap check order in is_in_pid_namespace() by @incertum in #1274
- cleanup: re-audit some critical code paths to avoid nullptr dereference by @Andreagit97 in #1251
- chore: realign drivers license by @Andreagit97 in #1275
- cleanup(cmake,userspace): moved tinydir and jsoncpp from third-party folder to full cmake modules by @FedeDP in #1271
- cleanup(scap,sinsp): assorted cleanups by @gnosek in #1254
- fix(userspace): obtain a reliable process lineage from thread info by @Andreagit97 in #1182
- fix(driver, userspace): fix
loginuid,euidandttytypes to uint32_t by @incertum in #1192 - docs: enforce bumping driver api and schema versions at every change by @jasondellaluce in #1273
- fix(.github): read right file for schema version checks by @jasondellaluce in #1277
- chore(userspace/libsinsp/test): skip scap file download if already present by @jasondellaluce in #1278
- update: support build for wasm by @Rohith-Raju in #1156
- new: introduce a new sinsp binary to improve scap-file debugging by @Andreagit97 in #1279
- chore: use uthash tag 1.9.8 + some minor patches on top of it by @Andreagit97 in #1281
- fix(cmake/modules/openssl): fix compilation on aarch64 by @therealbobo in #1282
- fix(sinsp): correctly manage
runcprocess in old scap-files by @Andreagit97 in #1284 - cleanup(libsinsp): add libs g_logger to sinsp-example by @incertum in #1288
- cleanup(libsinsp): improve evt.hostname docs by @incertum in #1287
- cleanup(test/vm): remove py matplotlib by @incertum in #1286
- cleanup: remove
requirements.txtfile by @Andreagit97 in #1289 - fix: solve issues with emscripten build by @jasondellaluce in #1290
- fix(userspace/libsinsp): solve cmake link typo by @jasondellaluce in #1291
- Scoped target_link_libraries() commands for libsinsp by @mprzybylski in #1280
- fix(libsinsp): typo in source_idx_by_plugin_id iterator by @therealbobo in #1295
- docs(README.VERSION.md): clarify when internal version must not be bumped and general improvements by @leogr in #1296
- refactor: versioning with cmake by @leogr in #1294
- fix(cmake/modules): make GetVersionFromGit when no git info by @leogr in #1297
- fix: remove an unused variable in the kmod by @Andreagit97 in #1293
- fix(scap): initialize cgroup interface during platform init. by @wigol in #1301
- fix listen syscall backlog field size by @oheifetz in #1256
- fix umount2 syscall flags type, add conversion helper function by @oheifetz in #1255
- cleanup(docs): update readme + include more verbose testing instructions by @incertum in #1302
- cleanup(test/libscap): ensure each libscap test suite is activated, deprecate old userspace/libscap/test by @incertum in #1305
- Add fcntl enter arguments to exit event by @mstemm in #1304
- new(libsinsp,driver): add evt.is_open_create syscall event field by @mrgian in #1299
- cleanup(build): update REPLACE cmd in modern_bpf CMakeLists by @incertum in #1306
- Update:(libsinsp/parsers): extend parseres to support pidfd. by @Rohith-Raju in #1257
- fix(userspace/libsinsp): set a timeout on the curl handle when retrieving docker info by @FedeDP in #1308 (many thanks to @zhoujun24 for having spotted the issue and provided a quick fix!)
- cleanup(docs): edit libs page content for technical clarity by @incertum in #1307
- fix(scap): turn on cgroup namespace detection. by @wigol in #1313
- cleanup: use header only b64 library by @Andreagit97 in #1316
- fix(userspace/libscap): avoid possible double free while loading users and groups by @FedeDP in #1317
- chore: enforce
b64include at every cmake build by @Andreagit97 in #1319 - fix(libsinsp): race condition in async event by @therealbobo in #1310
- fix(sinsp): Improve podman container detection on Alpine Linux and when running in a container by @gnosek in #1320
- ci: unit tests on other platforms by @therealbobo in #1311
- sync: release 0.13.x by @FedeDP in #1330
New Contributors
- @mprzybylski made their first contribution in #1280
- @mrgian made their first contribution in #1299
Full Changelog: 0.12.0...0.13.0-rc1
Contributors
gnosek, leogr, and 16 other contributors
Assets 2
6.0.0+driver
What's Changed
- fix(modern_bpf): fix NULL dereference in signal_deliver filler by @gnosek in #1236
- update(driver): update syscalls tables and driver report. by @github-actions in #1267
- feat(driver): support for init_module, finit_module syscalls by @therealbobo in #1242
- feat(driver): support for mknod/mknodat syscall by @therealbobo in #1270
- chore(driver): realign drivers license by @Andreagit97 in #1275
- chore(kmod,bpf): resolved some type confusion issues by @therealbobo in #1250
- fix(driver): fix build on RHEL 8.9 kernels by @iurly in #1276
- fix(driver, userspace): fix
loginuid,euidandttytypes to uint32_t by @incertum in #1192 - fix(driver): remove an unused variable in the kmod by @Andreagit97 in #1293
- fix(driver): listen syscall backlog field size by @oheifetz in #1256
- fix(driver): umount2 syscall flags type, add conversion helper function by @oheifetz in #1255
- new(driver): add 2 new scap stats by @Andreagit97 in #1303
- update(driver): add fcntl enter arguments to exit event by @mstemm in #1304
- new(driver): add evt.is_open_create syscall event field by @mrgian in #1299
- new(driver): resolve executable path symlink by @Andreagit97 in #1300
- update(driver): update syscalls tables and driver report. by @github-actions in #1318
New Contributors
- @mprzybylski made their first contribution in #1280
- @mrgian made their first contribution in #1299
Full Changelog: 5.1.0+driver...6.0.0+driver
Driver Testing Matrix amd64
| KERNEL | CMAKE-CONFIGURE | KMOD BUILD | KMOD SCAP-OPEN | BPF-PROBE BUILD | BPF-PROBE SCAP-OPEN | MODERN-BPF SCAP-OPEN |
|---|---|---|---|---|---|---|
| amazonlinux2-4.19 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| amazonlinux2-5.10 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| amazonlinux2-5.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| amazonlinux2-5.4 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| amazonlinux2022-5.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| amazonlinux2023-6.1 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| archlinux-6.0 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| centos-3.10 | 🟢 | 🟢 | 🟢 | 🟡 | 🟡 | 🟡 |
| centos-4.18 | 🟢 | ❌ | ❌ | 🟢 | 🟢 | 🟢 |
| centos-5.14 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| fedora-5.17 | 🟢 | ❌ | ❌ | 🟢 | 🟢 | 🟢 |
| fedora-5.8 | 🟢 | 🟢 | 🟢 | 🟢 | ❌ | 🟢 |
| fedora-6.2 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| oraclelinux-3.10 | 🟢 | 🟢 | 🟢 | 🟡 | 🟡 | 🟡 |
| oraclelinux-4.14 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| oraclelinux-5.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| oraclelinux-5.4 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| ubuntu-4.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| ubuntu-6.3 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
Driver Testing Matrix arm64
| KERNEL | CMAKE-CONFIGURE | KMOD BUILD | KMOD SCAP-OPEN | BPF-PROBE BUILD | BPF-PROBE SCAP-OPEN | MODERN-BPF SCAP-OPEN |
|---|---|---|---|---|---|---|
| amazonlinux2-5.4 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| amazonlinux2022-5.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| fedora-6.2 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| oraclelinux-4.14 | 🟢 | 🟢 | 🟢 | 🟡 | 🟡 | 🟡 |
| oraclelinux-5.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| ubuntu-6.3 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
Contributors
gnosek, mprzybylski, and 7 other contributors
Assets 2
5.1.0+driver
What's Changed
- fix(driver): fixed 6.4 kernel build by @hhoffstaette in #1110
- fix(driver): correctly convert socketcall codes on 32 bits by @Andreagit97 in #1122
- fix(driver): correctly retrieve src ip+port from UDP
recvmsgandrecvfromby @Andreagit97 in #1123 - fix(driver): manage syscalls only defined with socketcall by @Andreagit97 in #1128
- update(driver): update syscalls tables and driver report. by @github-actions in #1132
- new(ci): build latest mainline kernel (even RC!) in latest-kernel job. by @FedeDP in #1090
- chore(driver): avoid useless structure copy in syscall_enter/exit_probe. by @FedeDP in #1133
- cleanup(ci): improve latest-kernel workflow. by @FedeDP in #1137
- chore(driver): avoid static_assert event_table size while building kmod. by @FedeDP in #1146
- fix(driver): fixed kmod build on 6.3 kernels arm64. by @FedeDP in #1147
- fix(tests, bpf): correct build and test case failures on s390x by @hbrueckner in #1150
- fix(driver): remove useless include which causes compilation issues on Centos6 by @Andreagit97 in #1152
- new: Support for memfd_create syscall by @Rohith-Raju in #1127
- tests(driver): add some test to
clone3to check ptid and flags value by @Andreagit97 in #1056 - Feat: Support for pidfd_getfd syscall by @Rohith-Raju in #1145
- fix: introduce a COS workaround to fix regression #1157 by @Andreagit97 in #1160
- new(driver, libscap, libsinsp): Add support for detecting executions from binaries referenced by a memfd by @lrishi in #1066
- fix(driver/modern-bpf): improve CO-RE detection by @Andreagit97 in #1173
- fix(driver): fix build on RHEL 9.3 kernels by @iurly in #1174
- fix(driver): fix memfd detection in the kmod by @Andreagit97 in #1163
- new(drivers): collect
reaper_pidfrom the kernel by @Andreagit97 in #1151 - new(proposals): driver kernel testing framework by @incertum in #1131
- new(ci:) add driverkit tests for arm64 by @FedeDP in #1185
- new(ci): dynamic badge for latest kernel workflow by @FedeDP in #1186
- new(test): add
test/vmfor localhost VM-based driver kernel compatibility tests by @incertum in #524 - fix(bpf): Compile eBPF probe with -Wno-unknown-attributes by @LucaGuerra in #1210
- Support pidfd_open syscall by @Rohith-Raju in #1187
- Remove ALWAYS_DROP setting for setsid system call by @jcpittman144 in #1213
- new: kernel testing matrix by @FedeDP in #1223
- chore(docs): update gh pages urls and title. by @FedeDP in #1225
- fix(docs): fixed readme link to kenrel_tests workflow. by @FedeDP in #1226
- update(ci/kernel-tests): run kernel tests step by step by @alacuku in #1229
- update(ci): bumped kernel_tests to kernel-testing v0.2.0. by @FedeDP in #1230
- chore(ci): switch kernel_tests repo to falcosecurity org. by @FedeDP in #1231
- update(ci): bumped kernel-testing to v0.2.1. by @FedeDP in #1233
- Port ebpf null fix to 0.12.x branch by @LucaGuerra in #1244
- sync: port #1245 and #1246 to the release-0.12.x branch by @jasondellaluce in #1248
- sync: release 0.12.x by @FedeDP in #1249
- sync: release 0.12.x by @FedeDP in #1261
- sync: release 0.12.x by @FedeDP in #1263
- sync: release 0.12.x by @FedeDP in #1265
- sync: release 0.12.x by @FedeDP in #1269
New Contributors
- @Rohith-Raju made their first contribution in #1135
- @lrishi made their first contribution in #1066
- @simonhf made their first contribution in #1159
- @oheifetz made their first contribution in #1195
Full Changelog: 5.0.1+driver...5.1.0+driver
Driver Testing Matrix amd64
| KERNEL | CMAKE-CONFIGURE | KMOD BUILD | KMOD SCAP-OPEN | BPF-PROBE BUILD | BPF-PROBE SCAP-OPEN | MODERN-BPF SCAP-OPEN |
|---|---|---|---|---|---|---|
| amazonlinux2-4.19 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| amazonlinux2-5.10 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| amazonlinux2-5.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| amazonlinux2-5.4 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| amazonlinux2022-5.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| amazonlinux2023-6.1 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| archlinux-6.0 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| centos-3.10 | 🟢 | 🟢 | 🟢 | 🟡 | 🟡 | 🟡 |
| centos-4.18 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| centos-5.14 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| fedora-5.17 | 🟢 | ❌ | ❌ | 🟢 | 🟢 | 🟢 |
| fedora-5.8 | 🟢 | 🟢 | 🟢 | 🟢 | ❌ | 🟢 |
| fedora-6.2 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| oraclelinux-3.10 | 🟢 | 🟢 | 🟢 | 🟡 | 🟡 | 🟡 |
| oraclelinux-4.14 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| oraclelinux-5.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
| oraclelinux-5.4 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| ubuntu-4.15 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟡 |
| ubuntu-6.3 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 | 🟢 |
Driver Testing Ma...
Contributors
simonhf, hhoffstaette, and 12 other contributors
Assets 2
0.12.0
0.12.0-rc3
Contributors
FedeDP and jasondellaluce
Assets 2
0.12.0-rc2
fix(modern_bpf): fix NULL dereference in signal_deliver filler The `signal_deliver` filler can be called with info=NULL (`SEND_SIG_NOINFO`). Despite all I've been led to believe with eBPF, this does cause an actual NULL dereference in the kernel, promptly killing the machine (as the offending thread dies while holding the spinlock in get_signal). So let's check the pointer before we dereference it. Signed-off-by: Grzegorz Nosek <[email protected]> Co-Authored-By: Andrea Terzolo <[email protected]>
0.12.0-rc1
update(ci): bumped kernel-testing to v0.2.1. Signed-off-by: Federico Di Pierro <[email protected]>
0.11.3
See milestone: https://github.com/falcosecurity/libs/milestone/22