gnu: Add falcosecurity-libs.

* gnu/packages/linux.scm (falcosecurity-libs): New variable. * gnu/packages/patches/falcosecurity-libs-install-pman.patch * gnu/packages/patches/falcosecurity-libs-libscap-pc.patch * gnu/packages/patches/falcosecurity-libs-pkg-config.patch * gnu/packages/patches/falcosecurity-libs-shared-library-fix.patch * gnu/packages/patches/falcosecurity-libs-libsinsp-pkg-config.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them. Change-Id: I0cb15e6a25256598678fc20eb298ad947d699ef4
author: Maxim Cournoyer <maxim.cournoyer@gmail.com> 2024-04-30 12:44:17 -0400
committer: Maxim Cournoyer <maxim.cournoyer@gmail.com> 2024-05-29 21:55:24 -0400
commit: 07fbaa87e16408fca58b6c5f4320e37b130fb491 (patch)
tree: ed8a44ca636e17ca537b4501f8825960bd2ae566 /gnu/packages/patches
parent: 12d2a6e5a6f412d91ba0c34a1c3c080c6c587cc6 (diff)
download: guix-07fbaa87e16408fca58b6c5f4320e37b130fb491.tar
guix-07fbaa87e16408fca58b6c5f4320e37b130fb491.tar.gz
5 files changed, 258 insertions, 0 deletions
diff --git a/gnu/packages/patches/falcosecurity-libs-install-pman.patch b/gnu/packages/patches/falcosecurity-libs-install-pman.patch
new file mode 100644
index 0000000000..38dcc0c4b8
--- /dev/null
+++ b/gnu/packages/patches/falcosecurity-libs-install-pman.patch
@@ -0,0 +1,14 @@
+Install the pman library and its header.
+Upstream status: https://github.com/falcosecurity/libs/pull/1842
+
+diff --git a/userspace/libpman/CMakeLists.txt b/userspace/libpman/CMakeLists.txt
+index da92e9f27..4b57365fe 100644
+--- a/userspace/libpman/CMakeLists.txt
++++ b/userspace/libpman/CMakeLists.txt
+@@ -58,3 +58,6 @@ endif()
+ if(USE_BUNDLED_LIBBPF)
+     add_dependencies(pman libbpf)
+ endif()
++
++install(TARGETS pman LIBRARY ARCHIVE FRAMEWORK)
++install(FILES include/libpman.h DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})
diff --git a/gnu/packages/patches/falcosecurity-libs-libscap-pc.patch b/gnu/packages/patches/falcosecurity-libs-libscap-pc.patch
new file mode 100644
index 0000000000..ff650942ff
--- /dev/null
+++ b/gnu/packages/patches/falcosecurity-libs-libscap-pc.patch
@@ -0,0 +1,16 @@
+libscap: Guard against install_lib_link_libraries-NOTFOUND.
+Upstream status: https://github.com/falcosecurity/libs/pull/1842
+
+diff --git a/cmake/modules/libscap.cmake b/cmake/modules/libscap.cmake
+index 81ad2d28d..8b6b4197e 100644
+--- a/cmake/modules/libscap.cmake
++++ b/cmake/modules/libscap.cmake
+@@ -95,7 +95,7 @@ foreach(libscap_install_lib ${LIBSCAP_INSTALL_LIBS})
+ 	list(APPEND libscap_link_libraries ${libscap_install_lib})
+ 	get_target_property(install_lib_link_libraries ${libscap_install_lib} LINK_LIBRARIES)
+ 	foreach (install_lib_link_library ${install_lib_link_libraries})
+-		if (NOT ${install_lib_link_library} IN_LIST libscap_subdir_targets)
++		if (${install_lib_link_library} AND (NOT ${install_lib_link_library} IN_LIST libscap_subdir_targets))
+ 			if(${install_lib_link_library} MATCHES "/")
+ 				# We have a path. Convert it to -L<dir> + -l<lib>.
+ 				get_filename_component(scap_lib_dir ${install_lib_link_library} DIRECTORY)
diff --git a/gnu/packages/patches/falcosecurity-libs-libsinsp-pkg-config.patch b/gnu/packages/patches/falcosecurity-libs-libsinsp-pkg-config.patch
new file mode 100644
index 0000000000..b2d38e42e0
--- /dev/null
+++ b/gnu/packages/patches/falcosecurity-libs-libsinsp-pkg-config.patch
@@ -0,0 +1,155 @@
+libsinsp: Refine pkg-config file generation.
+Upstream status: https://github.com/falcosecurity/libs/pull/1842
+
+diff --git a/userspace/libscap/libscap.pc.in b/userspace/libscap/libscap.pc.in
+index c5948489f..829bcd19b 100644
+--- a/userspace/libscap/libscap.pc.in
++++ b/userspace/libscap/libscap.pc.in
+@@ -1,4 +1,4 @@
+-prefix=${pcfiledir}/../..
++prefix=@CMAKE_INSTALL_PREFIX@
+ libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@
+ includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@
+ 
+@@ -6,5 +6,6 @@ Name: libscap
+ Description: lib for System CAPture
+ Version: @FALCOSECURITY_LIBS_VERSION@
+ 
+-Libs: -L${libdir} @LIBSCAP_LINK_LIBDIRS_FLAGS@ @LIBSCAP_LINK_LIBRARIES_FLAGS@
++Requires: zlib
++Libs: -L${libdir} -L{libdir}/@LIBS_PACKAGE_NAME@/libscap @LIBSCAP_LINK_LIBDIRS_FLAGS@ @LIBSCAP_LINK_LIBRARIES_FLAGS@
+ Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libscap -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@ -I@UTHASH_INCLUDE@
+diff --git a/userspace/libsinsp/CMakeLists.txt b/userspace/libsinsp/CMakeLists.txt
+index 6104603e8..832f86067 100644
+--- a/userspace/libsinsp/CMakeLists.txt
++++ b/userspace/libsinsp/CMakeLists.txt
+@@ -169,13 +169,9 @@ target_link_libraries(sinsp
+ 			"${RE2_LIB}"
+ )
+ 
+-set(SINSP_PKGCONFIG_LIBRARIES
+-	scap
+-	"${ZLIB_LIB}"
+-	"${CURL_LIBRARIES}"
+-	"${JSONCPP_LIB}"
+-	"${RE2_LIB}"
+-)
++set(SINSP_PKGCONFIG_LIBRARIES)
++set(SINSP_PKGCONFIG_REQUIRES jsoncpp)
++set(SINSP_PKGCONFIG_REQUIRES_PRIVATE libcurl re2)
+ 
+ if(NOT EMSCRIPTEN)
+ 	target_link_libraries(sinsp
+@@ -184,7 +180,8 @@ if(NOT EMSCRIPTEN)
+ 		PRIVATE
+ 		"${TBB_LIB}"
+ 	)
+-	list(APPEND SINSP_PKGCONFIG_LIBRARIES "${CARES_LIB}")
++	list(APPEND SINSP_PKGCONFIG_REQUIRES libcares)
++	list(APPEND SINSP_PKGCONFIG_REQUIRES_PRIVATE tbb)
+ endif()
+ 
+ if(USE_BUNDLED_VALIJSON)
+@@ -248,14 +245,12 @@ if(NOT WIN32)
+ 						"${PROTOBUF_LIB}"
+ 						"${CARES_LIB}"
+ 			)
+-			list(APPEND SINSP_PKGCONFIG_LIBRARIES
+-						"${GRPC_LIBRARIES}"
+-						"${GRPCPP_LIB}"
+-						"${GRPC_LIB}"
+-						"${GPR_LIB}"
+-						"${PROTOBUF_LIB}"
+-						"${CARES_LIB}"
+-			)
++			list(APPEND SINSP_PKGCONFIG_REQUIRES
++				gpr
++				grpc
++				grpc++
++				protobuf
++				libcares)
+ 
+ 			if(NOT MUSL_OPTIMIZED_BUILD)
+ 				target_link_libraries(sinsp INTERFACE rt anl)
+@@ -269,7 +264,7 @@ if(NOT WIN32)
+ 	endif() # NOT APPLE
+ 
+ 	target_link_libraries(sinsp INTERFACE "${OPENSSL_LIBRARIES}")
+-	list(APPEND SINSP_PKGCONFIG_LIBRARIES "${OPENSSL_LIBRARIES}")
++	list(APPEND SINSP_PKGCONFIG_REQUIRES libcrypto libssl)
+ 
+ 	target_link_libraries(sinsp INTERFACE dl pthread)
+ 	list(APPEND SINSP_PKGCONFIG_LIBRARIES dl pthread)
+@@ -306,41 +301,17 @@ if(NOT DEFINED SINSP_AGENT_CGROUP_MEM_PATH_ENV_VAR)
+ endif()
+ add_definitions(-DSINSP_AGENT_CGROUP_MEM_PATH_ENV_VAR="${SINSP_AGENT_CGROUP_MEM_PATH_ENV_VAR}")
+ 
+-# Build our pkg-config "Libs:" flags. For now, loop over SINSP_PKGCONFIG_LIBRARIES. If
+-# we ever start using pkg_search_module or pkg_check_modules in cmake/modules
+-# we could add each module to our "Requires:" line instead. We might need to
+-# expand this to use some of the techniques in
+-# https://github.com/curl/curl/blob/curl-7_84_0/CMakeLists.txt#L1539
+-set(SINSP_PKG_CONFIG_LIBS)
+-set(SINSP_PKG_CONFIG_LIBDIRS "")
+-foreach(sinsp_lib ${SINSP_PKGCONFIG_LIBRARIES})
+-	if(${sinsp_lib} MATCHES "^-")
+-		# We have a flag. Pass it through unchanged.
+-		list(APPEND SINSP_PKG_CONFIG_LIBS ${sinsp_lib})
+-	elseif(${sinsp_lib} MATCHES "/")
+-		# We have a path. Convert it to -L<dir> + -l<lib>.
+-		get_filename_component(sinsp_lib_dir ${sinsp_lib} DIRECTORY)
+-		list(APPEND SINSP_PKG_CONFIG_LIBDIRS -L${sinsp_lib_dir})
+-		get_filename_component(sinsp_lib_base ${sinsp_lib} NAME_WE)
+-		string(REGEX REPLACE "^lib" "" sinsp_lib_base ${sinsp_lib_base})
+-		list(APPEND SINSP_PKG_CONFIG_LIBS -l${sinsp_lib_base})
+-	elseif(${sinsp_lib} STREQUAL "scap")
+-		# We require libscap.pc, so skip it.
+-	else()
+-		# Assume we have a plain library name. Prefix it with "-l".
+-		list(APPEND SINSP_PKG_CONFIG_LIBS -l${sinsp_lib})
+-	endif()
+-endforeach()
++list(REMOVE_DUPLICATES SINSP_PKGCONFIG_LIBRARIES)
++list(REMOVE_DUPLICATES SINSP_PKGCONFIG_REQUIRES)
++list(REMOVE_DUPLICATES SINSP_PKGCONFIG_REQUIRES_PRIVATE)
+ 
+-# Build our pkg-config "Cflags:" flags.
+-set(SINSP_PKG_CONFIG_INCLUDES "")
+-foreach(sinsp_include_directory ${LIBSINSP_INCLUDE_DIRS})
+-	list(APPEND SINSP_PKG_CONFIG_INCLUDES -I${sinsp_include_directory})
++set(SINSP_LINK_FLAGS)
++foreach(sinsp_link_library ${SINSP_PKGCONFIG_LIBRARIES})
++	list(APPEND SINSP_LINK_FLAGS "-l${sinsp_link_library}")
+ endforeach()
+ 
+-string(REPLACE ";" " " SINSP_PKG_CONFIG_LIBS "${SINSP_PKG_CONFIG_LIBS}")
+-list(REMOVE_DUPLICATES SINSP_PKG_CONFIG_LIBDIRS)
+-string(REPLACE ";" " " SINSP_PKG_CONFIG_LIBDIRS "${SINSP_PKG_CONFIG_LIBDIRS}")
+-list(REMOVE_DUPLICATES SINSP_PKG_CONFIG_INCLUDES)
+-string(REPLACE ";" " " SINSP_PKG_CONFIG_INCLUDES "${SINSP_PKG_CONFIG_INCLUDES}")
++string(REPLACE ";" " " LIBSINSP_LINK_FLAGS "${SINSP_LINK_FLAGS}")
++string(REPLACE ";" " " LIBSINSP_REQUIRES "${SINSP_PKGCONFIG_REQUIRES}")
++string(REPLACE ";" " " LIBSINSP_REQUIRES_PRIVATE "${SINSP_PKGCONFIG_REQUIRES_PRIVATE}")
++
+ configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libsinsp.pc.in ${CMAKE_CURRENT_BINARY_DIR}/libsinsp.pc @ONLY)
+diff --git a/userspace/libsinsp/libsinsp.pc.in b/userspace/libsinsp/libsinsp.pc.in
+index 9292e73ce..f20da76b3 100644
+--- a/userspace/libsinsp/libsinsp.pc.in
++++ b/userspace/libsinsp/libsinsp.pc.in
+@@ -1,4 +1,4 @@
+-prefix=${pcfiledir}/../..
++prefix=@CMAKE_INSTALL_PREFIX@
+ libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@
+ includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@
+ 
+@@ -6,6 +6,7 @@ Name: libsinsp
+ Description: lib for System INSPection
+ Version: @FALCOSECURITY_LIBS_VERSION@
+ 
+-Requires: libscap
+-Libs: -L${libdir} -lsinsp @SINSP_PKG_CONFIG_LIBDIRS@ @SINSP_PKG_CONFIG_LIBS@
+-Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libsinsp -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@ @SINSP_PKG_CONFIG_INCLUDES@
++Requires: libscap @LIBSINSP_REQUIRES@
++Requires.private: @LIBSINSP_REQUIRES_PRIVATE@
++Libs: -L${libdir} -lsinsp @LIBSINSP_LINK_FLAGS@
++Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libsinsp -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@
diff --git a/gnu/packages/patches/falcosecurity-libs-pkg-config.patch b/gnu/packages/patches/falcosecurity-libs-pkg-config.patch
new file mode 100644
index 0000000000..f686cec3f7
--- /dev/null
+++ b/gnu/packages/patches/falcosecurity-libs-pkg-config.patch
@@ -0,0 +1,23 @@
+userspace: Extend CFLAGS of libscap.pc and libsinsp.pc.
+Upstream status: https://github.com/falcosecurity/libs/pull/1842
+
+diff --git a/userspace/libscap/libscap.pc.in b/userspace/libscap/libscap.pc.in
+index 40b6e96ed..c5948489f 100644
+--- a/userspace/libscap/libscap.pc.in
++++ b/userspace/libscap/libscap.pc.in
+@@ -7,4 +7,4 @@ Description: lib for System CAPture
+ Version: @FALCOSECURITY_LIBS_VERSION@
+ 
+ Libs: -L${libdir} @LIBSCAP_LINK_LIBDIRS_FLAGS@ @LIBSCAP_LINK_LIBRARIES_FLAGS@
+-Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libscap
++Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libscap -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@ -I@UTHASH_INCLUDE@
+diff --git a/userspace/libsinsp/libsinsp.pc.in b/userspace/libsinsp/libsinsp.pc.in
+index c1cc4a1e2..9292e73ce 100644
+--- a/userspace/libsinsp/libsinsp.pc.in
++++ b/userspace/libsinsp/libsinsp.pc.in
+@@ -8,4 +8,4 @@ Version: @FALCOSECURITY_LIBS_VERSION@
+ 
+ Requires: libscap
+ Libs: -L${libdir} -lsinsp @SINSP_PKG_CONFIG_LIBDIRS@ @SINSP_PKG_CONFIG_LIBS@
+-Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libsinsp @SINSP_PKG_CONFIG_INCLUDES@
++Cflags: -I${includedir}/@LIBS_PACKAGE_NAME@/libsinsp -I${includedir}/@LIBS_PACKAGE_NAME@/driver -I${includedir}/@LIBS_PACKAGE_NAME@ @SINSP_PKG_CONFIG_INCLUDES@
diff --git a/gnu/packages/patches/falcosecurity-libs-shared-library-fix.patch b/gnu/packages/patches/falcosecurity-libs-shared-library-fix.patch
new file mode 100644
index 0000000000..3334a89516
--- /dev/null
+++ b/gnu/packages/patches/falcosecurity-libs-shared-library-fix.patch
@@ -0,0 +1,50 @@
+Fix shared library build.
+Upstream status: https://github.com/falcosecurity/libs/pull/1842
+
+diff --git a/driver/CMakeLists.txt b/driver/CMakeLists.txt
+index 80229cc03..70c9ba65b 100644
+--- a/driver/CMakeLists.txt
++++ b/driver/CMakeLists.txt
+@@ -152,6 +152,11 @@ set(DRIVER_SOURCES
+ 	ppm_consumer.h
+ 	capture_macro.h
+ 	socketcall_to_syscall.h
++	syscall_compat_loongarch64.h
++	syscall_compat_ppc64le.h
++	syscall_compat_riscv64.h
++	syscall_compat_s390x.h
++	syscall_compat_x86_64.h
+ 	syscall_ia32_64_map.c
+ )
+ 
+diff --git a/test/libscap/CMakeLists.txt b/test/libscap/CMakeLists.txt
+index e88603ebd..fa26ba7ee 100644
+--- a/test/libscap/CMakeLists.txt
++++ b/test/libscap/CMakeLists.txt
+@@ -45,6 +45,7 @@ set(LIBSCAP_TESTS_LIBRARIES
+ 	"${GTEST_LIB}"
+ 	"${GTEST_MAIN_LIB}"
+ 	"${CMAKE_THREAD_LIBS_INIT}"
++	"${PROTOBUF_LIB}"
+ 	scap
+ )
+ 
+diff --git a/userspace/libscap/engine/gvisor/CMakeLists.txt b/userspace/libscap/engine/gvisor/CMakeLists.txt
+index 6dfbafb14..875847b5d 100644
+--- a/userspace/libscap/engine/gvisor/CMakeLists.txt
++++ b/userspace/libscap/engine/gvisor/CMakeLists.txt
+@@ -76,6 +76,14 @@ if (BUILD_SHARED_LIBS)
+     add_dependencies(scap_engine_gvisor_o uthash)
+     add_dependencies(scap scap_engine_gvisor_o)
+     target_sources(scap PRIVATE $<TARGET_OBJECTS:scap_engine_gvisor_o>)
++
++    target_include_directories(scap_engine_gvisor_o
++        PRIVATE
++        ${CMAKE_BINARY_DIR}
++        ${CMAKE_CURRENT_BINARY_DIR}
++        ${CMAKE_SOURCE_DIR}
++        ${CMAKE_SOURCE_DIR}/userspace
++    )
+ else()
+     add_library(scap_engine_gvisor
+         ${scap_engine_gvisor_sources}
author	Maxim Cournoyer <maxim.cournoyer@gmail.com>	2024-04-30 12:44:17 -0400
committer	Maxim Cournoyer <maxim.cournoyer@gmail.com>	2024-05-29 21:55:24 -0400
commit	07fbaa87e16408fca58b6c5f4320e37b130fb491 (patch)
tree	ed8a44ca636e17ca537b4501f8825960bd2ae566 /gnu/packages/patches
parent	12d2a6e5a6f412d91ba0c34a1c3c080c6c587cc6 (diff)
download	guix-07fbaa87e16408fca58b6c5f4320e37b130fb491.tar guix-07fbaa87e16408fca58b6c5f4320e37b130fb491.tar.gz