diff --git a/nixos/tests/tracee.nix b/nixos/tests/tracee.nix index af9e173bca95..050e7f6a66be 100644 --- a/nixos/tests/tracee.nix +++ b/nixos/tests/tracee.nix @@ -20,13 +20,15 @@ import ./make-test-python.nix ( # Test_EventFilters/trace_only_events_from_"dockerd"_binary_and_contain_it's_pid # require docker/dockerd virtualisation.docker.enable = true; - - environment.systemPackages = with pkgs; [ - # required by Test_EventFilters/trace_events_from_ls_and_which_binary_in_separate_scopes - which - # the go integration tests as a binary - tracee.passthru.tests.integration-test-cli - ]; + environment = { + variables.PATH = "/tmp/testdir"; + systemPackages = with pkgs; [ + # 'ls', 'uname' and 'who' are required by many tests in event_filters_test.go + coreutils + # the go integration tests as a binary + tracee.passthru.tests.integration-test-cli + ]; + }; }; }; @@ -38,11 +40,18 @@ import ./make-test-python.nix ( # the policies and run tracee myself but doesn't work in the integration # test either with the automatic run or running the commands by hand # while it's searching. - "Test_EventFilters/comm:_event:_args:_trace_event_set_in_a_specific_policy_with_args_from_ls_command" + "Test_EventFilters/comm:_event:_data:_trace_event_magic_write_set_in_multiple_policies_using_multiple_filter_types" + "Test_EventFilters/comm:_event:_data:_trace_event_security_file_open_and_magic_write_using_multiple_filter_types" + "Test_EventFilters/comm:_event:_data:_trace_event_security_file_open_and_magic_write_using_multiple_filter_types_combined" + "Test_EventFilters/comm:_event:_data:_trace_event_security_file_open_set_in_multiple_policies_\\(with_and_without_in-kernel_filter\\)" + "Test_EventFilters/comm:_event:_data:_trace_event_security_file_open_set_in_multiple_policies_using_multiple_filter_types" + "Test_EventFilters/comm:_event:_data:_trace_event_set_in_a_specific_policy_with_data_from_ls_command" "Test_EventFilters/comm:_event:_trace_events_set_in_two_specific_policies_from_ls_and_uname_commands" - - # worked at some point, seems to be flakey - "Test_EventFilters/pid:_event:_args:_trace_event_sched_switch_with_args_from_pid_0" + "Test_EventFilters/pid:_event:_data:_trace_event_sched_switch_with_data_from_pid_0" + "Test_EventsDependencies/non_existing_ksymbol_dependency_with_sanity" + "Test_EventsDependencies/non_existing_probe_function_with_sanity" + "Test_EventsDependencies/sanity_of_exec_test_event" + "Test_TraceeCapture/capture_packet_context" ]; in '' @@ -61,11 +70,11 @@ import ./make-test-python.nix ( ) with subtest("run integration tests"): - # Test_EventFilters/trace_event_set_in_a_specific_scope expects to be in a dir that includes "integration" + # Test_EventFilters/comm:_event:_data:_trace_event_set_in_a_specific_policy_with_data_from_ls_command expects to be in a dir that includes "integration" # tests must be ran with 1 process print(machine.succeed( 'mkdir /tmp/integration', - 'cd /tmp/integration && export PATH="/tmp/testdir:$PATH" && integration.test -test.v -test.parallel 1 -test.skip="^${builtins.concatStringsSep "$|^" skippedTests}$"' + 'cd /tmp/integration && integration.test -test.v -test.parallel 1 -test.skip="^${builtins.concatStringsSep "$|^" skippedTests}$"' )) ''; } diff --git a/pkgs/by-name/tr/tracee/0001-fix-do-not-build-libbpf.patch b/pkgs/by-name/tr/tracee/0001-fix-do-not-build-libbpf.patch new file mode 100644 index 000000000000..f4f20839fd4e --- /dev/null +++ b/pkgs/by-name/tr/tracee/0001-fix-do-not-build-libbpf.patch @@ -0,0 +1,60 @@ +From 9a900efb997dee158ce25114633cd07f44ef617a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tim=20H=C3=A4ring?= +Date: Sat, 17 May 2025 18:19:45 +0200 +Subject: [PATCH] fix: do not build libbpf + +--- + Makefile | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +diff --git a/Makefile b/Makefile +index 0fce8de12..bb9937ed5 100644 +--- a/Makefile ++++ b/Makefile +@@ -77,7 +77,7 @@ get_priv_reqs_recursive() { \ + fi; \ + processed_libs="$$processed_libs $$lib"; \ + if [ "$$lib" = "libbpf" ]; then \ +- priv_reqs=$$(PKG_CONFIG_PATH=$(PKG_CONFIG_PATH) $(CMD_PKGCONFIG) --print-requires-private $$lib); \ ++ priv_reqs=$$($(CMD_PKGCONFIG) --print-requires-private $$lib); \ + else \ + echo $$lib; \ + priv_reqs=$$($(CMD_PKGCONFIG) --print-requires-private $$lib); \ +@@ -374,7 +374,7 @@ LIBBPF_DESTDIR = $(OUTPUT_DIR)/libbpf + LIBBPF_OBJDIR = $(LIBBPF_DESTDIR)/obj + LIBBPF_OBJ = $(LIBBPF_OBJDIR)/libbpf.a + +-$(LIBBPF_OBJ): .build_libbpf .build_libbpf_fix ++$(LIBBPF_OBJ): + + .build_libbpf: \ + $(LIBBPF_SRC) \ +@@ -413,7 +413,7 @@ LIBBPF_INCLUDE_UAPI = ./3rdparty/libbpf/include/uapi/linux + @$(CMD_TOUCH) $@ + + +-TRACEE_EBPF_CFLAGS = $(shell PKG_CONFIG_PATH=$(PKG_CONFIG_PATH) $(CMD_PKGCONFIG) $(PKG_CONFIG_FLAG) --cflags $(LIB_BPF)) ++TRACEE_EBPF_CFLAGS = $(shell $(CMD_PKGCONFIG) $(PKG_CONFIG_FLAG) --cflags $(LIB_BPF)) + + .ONESHELL: + .eval_goenv: $(LIBBPF_OBJ) +@@ -430,7 +430,7 @@ endif + $(eval GO_ENV_EBPF += GOARCH=$(GO_ARCH)) + $(eval CUSTOM_CGO_CFLAGS := "$(TRACEE_EBPF_CFLAGS)") + $(eval GO_ENV_EBPF += CGO_CFLAGS=$(CUSTOM_CGO_CFLAGS)) +- $(eval CUSTOM_CGO_LDFLAGS := "$(shell PKG_CONFIG_PATH=$(PKG_CONFIG_PATH) $(CMD_PKGCONFIG) $(PKG_CONFIG_FLAG) --libs $(LIB_BPF))") ++ $(eval CUSTOM_CGO_LDFLAGS := "$(shell $(CMD_PKGCONFIG) $(PKG_CONFIG_FLAG) --libs $(LIB_BPF))") + $(eval GO_ENV_EBPF := $(GO_ENV_EBPF) CGO_LDFLAGS=$(CUSTOM_CGO_LDFLAGS)) + export GO_ENV_EBPF=$(GO_ENV_EBPF) + echo 'GO_ENV_EBPF := $(GO_ENV_EBPF)' > $(GOENV_MK) +@@ -486,7 +486,6 @@ TRACEE_SRC_DIRS = ./cmd/ ./pkg/ ./signatures/ + TRACEE_SRC = $(shell find $(TRACEE_SRC_DIRS) -type f -name '*.go' ! -name '*_test.go') + GO_TAGS_EBPF = core,ebpf + CGO_EXT_LDFLAGS_EBPF = +-PKG_CONFIG_PATH = $(LIBBPF_OBJDIR) + PKG_CONFIG_FLAG = + + TRACEE_PROTOS = ./api/v1beta1/*.proto +-- +2.49.0 + diff --git a/pkgs/tools/security/tracee/integration-tests.nix b/pkgs/by-name/tr/tracee/integration-tests.nix similarity index 86% rename from pkgs/tools/security/tracee/integration-tests.nix rename to pkgs/by-name/tr/tracee/integration-tests.nix index b83fb189cabf..99c38857d1e8 100644 --- a/pkgs/tools/security/tracee/integration-tests.nix +++ b/pkgs/by-name/tr/tracee/integration-tests.nix @@ -18,6 +18,11 @@ tracee.overrideAttrs (oa: { --replace-fail 'syscallerAbsPath := filepath.Join("..", "..", "dist", "syscaller")' "syscallerAbsPath := filepath.Join(\"$out/bin/syscaller\")" substituteInPlace tests/integration/exec_test.go \ --replace-fail "/usr/bin" "/run/current-system/sw/bin" + substituteInPlace tests/integration/dependencies_test.go \ + --replace-fail "/bin" "/run/current-system/sw/bin" \ + --replace-fail "/tmp/test" "/tmp/ls" + substituteInPlace tests/testutils/tracee.go \ + --replace-fail "../../dist/tracee" "${lib.getExe tracee}" ''; nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ makeWrapper ]; buildPhase = '' diff --git a/pkgs/tools/security/tracee/default.nix b/pkgs/by-name/tr/tracee/package.nix similarity index 86% rename from pkgs/tools/security/tracee/default.nix rename to pkgs/by-name/tr/tracee/package.nix index 854f49823e43..2fa919eb5c13 100644 --- a/pkgs/tools/security/tracee/default.nix +++ b/pkgs/by-name/tr/tracee/package.nix @@ -3,12 +3,13 @@ buildGoModule, fetchFromGitHub, - clang, + clang_14, pkg-config, - zlib, elfutils, libbpf, + zlib, + zstd, nixosTests, testers, @@ -18,23 +19,20 @@ buildGoModule rec { pname = "tracee"; - version = "0.20.0"; + version = "0.23.1"; + # src = /home/tim/repos/tracee; src = fetchFromGitHub { owner = "aquasecurity"; repo = pname; # project has branches and tags of the same name tag = "v${version}"; - hash = "sha256-OnOayDxisvDd802kDKGctaQc5LyoyFfdfvC+2JpRjHY="; + hash = "sha256-9uP0yoW+xRYv7wHuCfUMU8B2oTQjiSW5p/Ty76ni2wo="; }; - vendorHash = "sha256-26sAKTJQ7Rf5KRlu7j5XiZVr6CkAC6fm60Pam7KH0uA="; + vendorHash = "sha256-2+4UN9WB6eGzedogy5dMvhHj1x5VeUUkDM0Z28wKQgM="; patches = [ - ./use-our-libbpf.patch - # can not vendor dependencies with old pyroscope - # remove once https://github.com/aquasecurity/tracee/pull/3927 - # makes it to a release - ./update-pyroscope.patch + ./0001-fix-do-not-build-libbpf.patch ]; enableParallelBuilding = true; @@ -42,17 +40,18 @@ buildGoModule rec { hardeningDisable = [ "stackprotector" ]; nativeBuildInputs = [ + clang_14 pkg-config - clang ]; buildInputs = [ elfutils libbpf - zlib + zlib.dev + zstd.dev ]; makeFlags = [ - "VERSION=v${version}" + "RELEASE_VERSION=v${version}" "GO_DEBUG_FLAG=-s -w" # don't actually need git but the Makefile checks for it "CMD_GIT=echo" diff --git a/pkgs/tools/security/tracee/update-pyroscope.patch b/pkgs/tools/security/tracee/update-pyroscope.patch deleted file mode 100644 index 17f27e6b88dd..000000000000 --- a/pkgs/tools/security/tracee/update-pyroscope.patch +++ /dev/null @@ -1,229 +0,0 @@ -diff --git a/go.mod b/go.mod -index 8288d7d0a..0ac753fa1 100644 ---- a/go.mod -+++ b/go.mod -@@ -16,6 +16,7 @@ require ( - github.com/docker/docker v24.0.7+incompatible - github.com/golang/protobuf v1.5.3 - github.com/google/gopacket v1.1.19 -+ github.com/grafana/pyroscope-go v1.1.1 - github.com/hashicorp/golang-lru v0.5.4 - github.com/hashicorp/golang-lru/v2 v2.0.2 - github.com/mennanov/fmutils v0.2.0 -@@ -23,7 +24,6 @@ require ( - github.com/mitchellh/mapstructure v1.5.0 - github.com/open-policy-agent/opa v0.52.0 - github.com/prometheus/client_golang v1.16.0 -- github.com/pyroscope-io/pyroscope v0.37.2 - github.com/sashabaranov/go-gpt3 v1.4.0 - github.com/spf13/cobra v1.7.0 - github.com/spf13/viper v1.15.0 -@@ -57,15 +57,14 @@ require ( - github.com/go-logr/logr v1.2.4 // indirect - github.com/go-logr/stdr v1.2.2 // indirect - github.com/go-logr/zapr v1.2.4 // indirect -- github.com/go-ole/go-ole v1.2.6 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect - github.com/google/gnostic-models v0.6.8 // indirect - github.com/google/gofuzz v1.2.0 // indirect -+ github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26 // indirect - github.com/gorilla/websocket v1.5.0 // indirect -- github.com/hashicorp/errwrap v1.1.0 // indirect -- github.com/hashicorp/go-multierror v1.1.1 // indirect -+ github.com/grafana/pyroscope-go/godeltaprof v0.1.6 // indirect - github.com/hashicorp/hcl v1.0.0 // indirect - github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/josharian/intern v1.0.0 // indirect -@@ -73,24 +72,18 @@ require ( - github.com/magiconair/properties v1.8.7 // indirect - github.com/mailru/easyjson v0.7.7 // indirect - github.com/mattn/go-runewidth v0.0.10 // indirect -- github.com/mitchellh/go-ps v1.0.0 // indirect - github.com/moby/sys/sequential v0.5.0 // indirect - github.com/moby/term v0.5.0 // indirect -+ github.com/morikuni/aec v1.0.0 // indirect - github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pelletier/go-toml/v2 v2.0.7 // indirect - github.com/philhofer/fwd v1.1.2 // indirect -- github.com/pyroscope-io/dotnetdiag v1.2.1 // indirect - github.com/rivo/uniseg v0.2.0 // indirect -- github.com/shirou/gopsutil v3.21.11+incompatible // indirect - github.com/spf13/afero v1.9.5 // indirect - github.com/spf13/jwalterweatherman v1.1.0 // indirect - github.com/spf13/pflag v1.0.5 // indirect - github.com/subosito/gotenv v1.4.2 // indirect - github.com/tinylib/msgp v1.1.8 // indirect -- github.com/tklauser/go-sysconf v0.3.11 // indirect -- github.com/tklauser/numcpus v0.6.0 // indirect -- github.com/valyala/bytebufferpool v1.0.0 // indirect -- github.com/yusufpapurcu/wmi v1.2.2 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 // indirect - go.opentelemetry.io/otel v1.19.0 // indirect - go.opentelemetry.io/otel/metric v1.19.0 // indirect -@@ -145,7 +138,7 @@ require ( - github.com/huandu/xstrings v1.4.0 // indirect - github.com/imdario/mergo v0.3.15 // indirect - github.com/json-iterator/go v1.1.12 // indirect -- github.com/klauspost/compress v1.16.5 // indirect -+ github.com/klauspost/compress v1.17.3 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect - github.com/mitchellh/copystructure v1.2.0 // indirect - github.com/mitchellh/reflectwalk v1.0.2 // indirect -diff --git a/go.sum b/go.sum -index 2ecdafafc..598416eeb 100644 ---- a/go.sum -+++ b/go.sum -@@ -53,7 +53,6 @@ github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0 - github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= - github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= - github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= --github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= - github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow= - github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM= - github.com/Microsoft/hcsshim v0.11.4 h1:68vKo2VN8DE9AdN4tnkWnmdhqdbpUFM8OF3Airm7fz8= -@@ -144,8 +143,6 @@ github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCv - github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= - github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= - github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= --github.com/felixge/fgprof v0.9.1 h1:E6FUJ2Mlv043ipLOCFqo8+cHo9MhQ203E2cdEK/isEs= --github.com/felixge/fgprof v0.9.1/go.mod h1:7/HK6JFtFaARhIljgP2IV8rJLIoHDoOYoUphsnGvqxE= - github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= - github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= - github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= -@@ -169,8 +166,6 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= - github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= - github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= - github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= --github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= --github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= - github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= - github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= - github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -@@ -266,11 +261,10 @@ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5m - github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= - github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= - github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= --github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= --github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= --github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= --github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= --github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -+github.com/grafana/pyroscope-go v1.1.1 h1:PQoUU9oWtO3ve/fgIiklYuGilvsm8qaGhlY4Vw6MAcQ= -+github.com/grafana/pyroscope-go v1.1.1/go.mod h1:Mw26jU7jsL/KStNSGGuuVYdUq7Qghem5P8aXYXSXG88= -+github.com/grafana/pyroscope-go/godeltaprof v0.1.6 h1:nEdZ8louGAplSvIJi1HVp7kWvFvdiiYg3COLlTwJiFo= -+github.com/grafana/pyroscope-go/godeltaprof v0.1.6/go.mod h1:Tk376Nbldo4Cha9RgiU7ik8WKFkNpfds98aUzS8omLE= - github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= - github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= - github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= -@@ -300,8 +294,8 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1 - github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= - github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= - github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= --github.com/klauspost/compress v1.16.5 h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI= --github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= -+github.com/klauspost/compress v1.17.3 h1:qkRjuerhUU1EmXLYGkSH6EZL+vPSxIrYjLNAK4slzwA= -+github.com/klauspost/compress v1.17.3/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= - github.com/klauspost/cpuid/v2 v2.2.3 h1:sxCkb+qR91z4vsqw4vGGZlDgPz3G7gjaLyK3V8y70BU= - github.com/klauspost/cpuid/v2 v2.2.3/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= - github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= -@@ -331,8 +325,6 @@ github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5 - github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= - github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= - github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= --github.com/mitchellh/go-ps v1.0.0 h1:i6ampVEEF4wQFF+bkYfwYgY+F/uYJDktmvLPf7qIgjc= --github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg= - github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= - github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= - github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -@@ -397,10 +389,6 @@ github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO - github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= - github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= - github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= --github.com/pyroscope-io/dotnetdiag v1.2.1 h1:3XEMrfFJnZ87BiEhozyQKmCUAuMd/Spq7KChPuD2Cf0= --github.com/pyroscope-io/dotnetdiag v1.2.1/go.mod h1:eFUEHCp4eD1TgcXMlJihC+R4MrqGf7nTRdWxNADbDHA= --github.com/pyroscope-io/pyroscope v0.37.2 h1:MOgLU/oO7VfV6jWqb0xoFH/YPSVbWD5pGsX+tZVGh98= --github.com/pyroscope-io/pyroscope v0.37.2/go.mod h1:r4wq4ajJvN7g1OeXGyNvmwzBfQ+Tm5alYvmxqEQSTsc= - github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM= - github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= - github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -@@ -414,13 +402,10 @@ github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf - github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= - github.com/sashabaranov/go-gpt3 v1.4.0 h1:UqHYdXgJNtNvTtbzDnnQgkQ9TgTnHtCXx966uFTYXvU= - github.com/sashabaranov/go-gpt3 v1.4.0/go.mod h1:BIZdbwdzxZbCrcKGMGH6u2eyGe1xFuX9Anmh3tCP8lQ= --github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI= --github.com/shirou/gopsutil v3.21.11+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA= - github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= - github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= - github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= - github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= --github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= - github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= - github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= - github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -@@ -456,14 +441,8 @@ github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BG - github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= - github.com/tinylib/msgp v1.1.8 h1:FCXC1xanKO4I8plpHGH2P7koL/RzZs12l/+r7vakfm0= - github.com/tinylib/msgp v1.1.8/go.mod h1:qkpG+2ldGg4xRFmx+jfTvZPxfGFhi64BcnL9vkCm/Tw= --github.com/tklauser/go-sysconf v0.3.11 h1:89WgdJhk5SNwJfu+GKyYveZ4IaJ7xAkecBo+KdJV0CM= --github.com/tklauser/go-sysconf v0.3.11/go.mod h1:GqXfhXY3kiPa0nAXPDIQIWzJbMCB7AmcWpGR8lSZfqI= --github.com/tklauser/numcpus v0.6.0 h1:kebhY2Qt+3U6RNK7UqpYNA+tJ23IBEGKkB7JQBfDYms= --github.com/tklauser/numcpus v0.6.0/go.mod h1:FEZLMke0lhOUG6w2JadTzp0a+Nl8PF/GFkQ5UVIcaL4= - github.com/urfave/cli/v2 v2.3.0 h1:qph92Y649prgesehzOrQjdWyxFOp/QVM+6imKHad91M= - github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= --github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= --github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= - github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= - github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= - github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= -@@ -476,8 +455,6 @@ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de - github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= - github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= - github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= --github.com/yusufpapurcu/wmi v1.2.2 h1:KBNDSne4vP5mbSWnJbO+51IMOXJB67QiYCSBrubbPRg= --github.com/yusufpapurcu/wmi v1.2.2/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= - go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= - go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= - go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -@@ -629,7 +606,6 @@ golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7w - golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= --golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= - golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -diff --git a/pkg/server/http/server.go b/pkg/server/http/server.go -index 898344591..85ccc68ed 100644 ---- a/pkg/server/http/server.go -+++ b/pkg/server/http/server.go -@@ -7,7 +7,7 @@ import ( - "net/http/pprof" - - "github.com/prometheus/client_golang/prometheus/promhttp" -- "github.com/pyroscope-io/pyroscope/pkg/agent/profiler" -+ "github.com/grafana/pyroscope-go" - - "github.com/aquasecurity/tracee/pkg/logger" - ) -@@ -17,7 +17,7 @@ type Server struct { - hs *http.Server - mux *http.ServeMux // just an exposed copy of hs.Handler - metricsEnabled bool -- pyroProfiler *profiler.Profiler -+ pyroProfiler *pyroscope.Profiler - } - - // New creates a new server -@@ -90,8 +90,8 @@ func (s *Server) EnablePProfEndpoint() { - // EnablePyroAgent enables pyroscope agent in golang push mode - // TODO: make this configurable - func (s *Server) EnablePyroAgent() error { -- p, err := profiler.Start( -- profiler.Config{ -+ p, err := pyroscope.Start( -+ pyroscope.Config{ - ApplicationName: "tracee", - ServerAddress: "http://localhost:4040", - }, diff --git a/pkgs/tools/security/tracee/use-our-libbpf.patch b/pkgs/tools/security/tracee/use-our-libbpf.patch deleted file mode 100644 index 4f6dc5957a77..000000000000 --- a/pkgs/tools/security/tracee/use-our-libbpf.patch +++ /dev/null @@ -1,48 +0,0 @@ -diff --git a/Makefile b/Makefile -index 29be1ae71..b88f31cba 100644 ---- a/Makefile -+++ b/Makefile -@@ -54,6 +54,7 @@ CMD_CONTROLLER_GEN ?= controller-gen - # libs - # - -+LIB_BPF ?= libbpf - LIB_ELF ?= libelf - LIB_ZLIB ?= zlib - -@@ -299,8 +300,6 @@ OUTPUT_DIR = ./dist - $(OUTPUT_DIR): - # - @$(CMD_MKDIR) -p $@ -- $(CMD_MKDIR) -p $@/libbpf -- $(CMD_MKDIR) -p $@/libbpf/obj - - # - # embedded btfhub -@@ -353,7 +352,6 @@ TRACEE_EBPF_OBJ_HEADERS = $(shell find pkg/ebpf/c -name *.h) - bpf: $(OUTPUT_DIR)/tracee.bpf.o - - $(OUTPUT_DIR)/tracee.bpf.o: \ -- $(OUTPUT_DIR)/libbpf/libbpf.a \ - $(TRACEE_EBPF_OBJ_SRC) \ - $(TRACEE_EBPF_OBJ_HEADERS) - # -@@ -391,8 +389,8 @@ endif - TRACEE_SRC_DIRS = ./cmd/ ./pkg/ ./signatures/ - TRACEE_SRC = $(shell find $(TRACEE_SRC_DIRS) -type f -name '*.go' ! -name '*_test.go') - --CUSTOM_CGO_CFLAGS = "-I$(abspath $(OUTPUT_DIR)/libbpf)" --CUSTOM_CGO_LDFLAGS = "$(shell $(call pkg_config, $(LIB_ELF))) $(shell $(call pkg_config, $(LIB_ZLIB))) $(abspath $(OUTPUT_DIR)/libbpf/libbpf.a)" -+CUSTOM_CGO_CFLAGS = "" -+CUSTOM_CGO_LDFLAGS = "$(shell $(call pkg_config, $(LIB_BPF))) $(shell $(call pkg_config, $(LIB_ELF))) $(shell $(call pkg_config, $(LIB_ZLIB)))" - - GO_ENV_EBPF = - GO_ENV_EBPF += GOOS=linux -@@ -437,6 +435,7 @@ $(OUTPUT_DIR)/tracee: \ - $(OUTPUT_DIR)/tracee.bpf.o \ - $(TRACEE_SRC) \ - | .checkver_$(CMD_GO) \ -+ .checklib_$(LIB_BPF) \ - .checklib_$(LIB_ELF) \ - .checklib_$(LIB_ZLIB) \ - btfhub \ diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 9e37d2723b1e..11064a96bdd4 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -4608,10 +4608,6 @@ with pkgs; kernelshark = qt6Packages.callPackage ../os-specific/linux/trace-cmd/kernelshark.nix { }; - tracee = callPackage ../tools/security/tracee { - clang = clang_14; - }; - translatelocally-models = recurseIntoAttrs (callPackages ../misc/translatelocally-models { }); translatepy = with python3.pkgs; toPythonApplication translatepy;