cleanup: drop MINIMAL_BUILD.

Nowadays, it was only filtering out gvisor (and thus protobuf), but we already have the `BUILD_LIBSCAP_GVISOR` flag for that.

Signed-off-by: Federico Di Pierro <[email protected]>

.github/workflows/ci.yml

@@ -21,14 +21,12 @@ jobs:
       fail-fast: false
       matrix:
         arch: [amd64, arm64]
-        name: [system_deps, bundled_deps, system_deps_minimal, sanitizers, zig]
+        name: [system_deps, bundled_deps, sanitizers, zig]
         include:
           - name: system_deps
             cmake_opts: -DBUILD_WARNINGS_AS_ERRORS=On -DBUILD_BPF=On -DUSE_BUNDLED_DEPS=False
           - name: bundled_deps
             cmake_opts: -DBUILD_WARNINGS_AS_ERRORS=On -DBUILD_BPF=On -DUSE_BUNDLED_DEPS=True
-          - name: system_deps_minimal
-            cmake_opts: -DBUILD_WARNINGS_AS_ERRORS=On -DUSE_BUNDLED_DEPS=False -DMINIMAL_BUILD=True
           - name: sanitizers
             cmake_opts: -DUSE_ASAN=On -DUSE_UBSAN=On -DUSE_BUNDLED_DEPS=False
           - name: zig
@@ -134,7 +132,7 @@ jobs:
       - name: Build and test 🏗️🧪
         run: |
           mkdir -p build
-          cd build && cmake -DBUILD_SHARED_LIBS=True -DUSE_BUNDLED_DEPS=False -DMINIMAL_BUILD=True -DCMAKE_INSTALL_PREFIX=/tmp/libs-test -DENABLE_THREAD_POOL=ON ../
+          cd build && cmake -DBUILD_SHARED_LIBS=True -DUSE_BUNDLED_DEPS=False -DCMAKE_INSTALL_PREFIX=/tmp/libs-test -DENABLE_THREAD_POOL=ON ../
           make -j4
           make run-unit-tests
 
@@ -174,7 +172,7 @@ jobs:
       - name: Build and test 🏗️🧪
         run: |
           mkdir -p build
-          cd build && cmake -DUSE_BUNDLED_DEPS=ON -DCMAKE_BUILD_TYPE=Release -DCMAKE_MSVC_RUNTIME_LIBRARY=${{ matrix.crt }} -DCREATE_TEST_TARGETS=ON -DMINIMAL_BUILD=ON -DENABLE_THREAD_POOL=ON ..
+          cd build && cmake -DUSE_BUNDLED_DEPS=ON -DCMAKE_BUILD_TYPE=Release -DCMAKE_MSVC_RUNTIME_LIBRARY=${{ matrix.crt }} -DCREATE_TEST_TARGETS=ON -DENABLE_THREAD_POOL=ON ..
           cmake --build . --config Release --parallel 4 && make run-unit-tests || libsinsp\test\Release\unit-test-libsinsp.exe
 
   build-shared-libs-macos-amd64:
@@ -193,7 +191,7 @@ jobs:
       - name: Build 🏗️
         run: |
           mkdir -p build
-          cd build && cmake -DBUILD_SHARED_LIBS=True -DUSE_BUNDLED_DEPS=False -DUSE_BUNDLED_VALIJSON=ON -DUSE_BUNDLED_BS_THREADPOOL=ON -DENABLE_THREAD_POOL=ON -DCMAKE_BUILD_TYPE=Release -DCREATE_TEST_TARGETS=OFF -DMINIMAL_BUILD=ON -DCMAKE_INSTALL_PREFIX=/tmp/libs-test ..
+          cd build && cmake -DBUILD_SHARED_LIBS=True -DUSE_BUNDLED_DEPS=False -DUSE_BUNDLED_VALIJSON=ON -DUSE_BUNDLED_BS_THREADPOOL=ON -DENABLE_THREAD_POOL=ON -DCMAKE_BUILD_TYPE=Release -DCREATE_TEST_TARGETS=OFF -DCMAKE_INSTALL_PREFIX=/tmp/libs-test ..
           cmake --build . --config Release --parallel $(getconf _NPROCESSORS_ONLN)
 
       - name: Install

CMakeLists.txt

@@ -53,9 +53,6 @@ endif()
 project(falcosecurity-libs)
 
 option(USE_BUNDLED_DEPS "Enable bundled dependencies instead of using the system ones" ON)
-option(MINIMAL_BUILD
-	   "Produce a minimal build with only the essential features (no container metadata)" OFF
-)
 option(MUSL_OPTIMIZED_BUILD "Enable if you want a musl optimized build" OFF)
 option(USE_BUNDLED_DRIVER
 	   "Use the driver/ subdirectory in the build process (only available in Linux)" ON

CMakePresets.json

@@ -33,14 +33,14 @@
 		{
 			"name": "sinsp-minimal",
 			"inherits": "base",
-			"displayName": "Build sinsp in minimal build",
-			"description": "Build sinsp in minimal build with its tests",
+			"displayName": "Build minimal sinsp",
+			"description": "Build sinsp without gvisor and protobuf deps",
 			"binaryDir": "${sourceDir}/build-sinsp-minimal",
 			"cacheVariables": {
 				"USE_BUNDLED_DEPS": "ON",
+				"BUILD_LIBSCAP_GVISOR": "OFF",
 				"CREATE_TEST_TARGETS": "ON",
-				"MINIMAL_BUILD": "ON",
-				"SCAP_FILES_SUITE_ENABLE": "OFF"
+				"SCAP_FILES_SUITE_ENABLE": "OFF",
 			}
 		}
 	]

cmake/modules/CompilerFlags.cmake

@@ -33,11 +33,6 @@ if(NOT MSVC)
 	set(FALCOSECURITY_LIBS_COMMON_FLAGS "-Wall -ggdb")
 	set(FALCOSECURITY_LIBS_DEBUG_FLAGS "-Og -D_DEBUG")
 	set(FALCOSECURITY_LIBS_RELEASE_FLAGS "-O3 -fno-strict-aliasing -DNDEBUG")
-
-	if(MINIMAL_BUILD)
-		set(FALCOSECURITY_LIBS_COMMON_FLAGS "${FALCOSECURITY_LIBS_COMMON_FLAGS} -DMINIMAL_BUILD")
-	endif()
-
 	if(MUSL_OPTIMIZED_BUILD)
 		set(FALCOSECURITY_LIBS_COMMON_FLAGS "${FALCOSECURITY_LIBS_COMMON_FLAGS} -static -Os")
 	endif()
@@ -121,10 +116,8 @@ if(NOT MSVC)
 	add_definitions(-D__STDC_FORMAT_MACROS)
 
 else() # MSVC
-	set(MINIMAL_BUILD ON)
-
 	set(FALCOSECURITY_LIBS_COMMON_FLAGS
-		"-D_CRT_SECURE_NO_WARNINGS -DWIN32 -DMINIMAL_BUILD /EHsc /W3 /Zi /std:c++17"
+		"-D_CRT_SECURE_NO_WARNINGS -DWIN32 /EHsc /W3 /Zi /std:c++17"
 	)
 	if(CMAKE_VERSION VERSION_LESS 3.15.0)
 		set(FALCOSECURITY_LIBS_DEBUG_FLAGS "/MTd /Od")

cmake/modules/engine_config.cmake

@@ -23,10 +23,7 @@ if(CMAKE_SYSTEM_NAME MATCHES "Linux")
 endif()
 
 # gVisor is currently only supported on Linux x86_64
-if(CMAKE_SYSTEM_PROCESSOR STREQUAL "x86_64"
-   AND CMAKE_SYSTEM_NAME MATCHES "Linux"
-   AND NOT MINIMAL_BUILD
-)
+if(CMAKE_SYSTEM_PROCESSOR STREQUAL "x86_64" AND CMAKE_SYSTEM_NAME MATCHES "Linux")
 	option(BUILD_LIBSCAP_GVISOR "Build gVisor support" ON)
 	if(BUILD_LIBSCAP_GVISOR)
 		set(HAS_ENGINE_GVISOR On)

userspace/libsinsp/CMakeLists.txt

@@ -148,7 +148,7 @@ endif()
 
 if(NOT WIN32)
 	if(NOT APPLE)
-		if(NOT MINIMAL_BUILD AND NOT EMSCRIPTEN)
+		if(NOT EMSCRIPTEN)
 			if(NOT MUSL_OPTIMIZED_BUILD)
 				find_library(LIB_ANL anl)
 				if(LIB_ANL)
@@ -160,7 +160,7 @@ if(NOT WIN32)
 
 		else()
 			target_link_libraries(sinsp INTERFACE rt)
-		endif() # NOT MINIMAL_BUILD
+		endif() # NOT EMSCRIPTEN
 	endif() # NOT APPLE
 
 	target_link_libraries(sinsp INTERFACE dl pthread)

userspace/libsinsp/dns_manager.cpp

@@ -168,10 +168,12 @@ std::string sinsp_dns_manager::name_of(int af, void *addr, uint64_t ts) {
 }
 
 void sinsp_dns_manager::cleanup() {
+#if !defined(__EMSCRIPTEN__)
 	if(m_resolver) {
 		m_exit_signal.set_value();
 		m_resolver->join();
 		m_resolver.reset();
 		m_exit_signal = std::promise<void>();
 	}
+#endif
 }

userspace/libsinsp/sinsp.cpp

@@ -205,11 +205,9 @@ sinsp::sinsp(bool with_metrics):
 sinsp::~sinsp() {
 	close();
 
-#if !defined(MINIMAL_BUILD) && !defined(__EMSCRIPTEN__)
 	if(--instance_count == 0) {
 		sinsp_dns_manager::get().cleanup();
 	}
-#endif
 }
 
 bool sinsp::is_initialstate_event(scap_evt* pevent) const {

userspace/libsinsp/sinsp_debug/README.md

@@ -8,7 +8,7 @@ Right now it prints relevant info about processes but in the next future it coul
 From the build directory:
 
 ```bash
-cmake -DBUILD_DRIVER=On -DUSE_BUNDLED_DEPS=Off -DMINIMAL_BUILD=On ..
+cmake -DBUILD_DRIVER=On -DUSE_BUNDLED_DEPS=Off ..
 make sinsp-debug
 # It takes just one arg, the path to the scap-file (relative or absolute)
 sudo ./libsinsp/sinsp_debug/sinsp-debug <path_to_scap_file>

userspace/libsinsp/test/CMakeLists.txt

@@ -19,9 +19,7 @@ if(NOT EMSCRIPTEN)
 endif()
 
 if(WIN32)
-	set(CMAKE_CXX_FLAGS
-		"-D_CRT_SECURE_NO_WARNINGS -DWIN32 -DMINIMAL_BUILD /EHsc /W3 /Zi /std:c++17"
-	)
+	set(CMAKE_CXX_FLAGS "-D_CRT_SECURE_NO_WARNINGS -DWIN32 /EHsc /W3 /Zi /std:c++17")
 	set(CMAKE_CXX_FLAGS_DEBUG ${FALCOSECURITY_LIBS_DEBUG_FLAGS})
 	set(CMAKE_CXX_STANDARD 17)
 endif()
@@ -145,13 +143,15 @@ elseif(APPLE OR EMSCRIPTEN)
 	)
 endif()
 
-if(NOT MINIMAL_BUILD)
-	list(APPEND LIBSINSP_UNIT_TESTS_SOURCES procfs_utils.ut.cpp)
-endif()
-
 if(CMAKE_SYSTEM_NAME MATCHES "Linux")
-	list(APPEND LIBSINSP_UNIT_TESTS_SOURCES filter_ppm_codes.ut.cpp public_sinsp_API/events_set.cpp
-		 public_sinsp_API/interesting_syscalls.cpp public_sinsp_API/ppm_sc_codes.cpp
+	list(
+		APPEND
+		LIBSINSP_UNIT_TESTS_SOURCES
+		filter_ppm_codes.ut.cpp
+		procfs_utils.ut.cpp
+		public_sinsp_API/events_set.cpp
+		public_sinsp_API/interesting_syscalls.cpp
+		public_sinsp_API/ppm_sc_codes.cpp
 	)
 endif()
 

userspace/libsinsp/test/events_proc.ut.cpp

@@ -820,152 +820,6 @@ TEST_F(sinsp_with_test_input, spawn_process) {
 	ASSERT_EQ(get_field_as_string(evt, "proc.aenv[TEST_ENV_PARENT_LINEAGE]"), "secret");
 }
 
-// check parsing of container events (possibly from capture files)
-#if !defined(MINIMAL_BUILD) and \
-        !defined(__EMSCRIPTEN__)  // MINIMAL_BUILD and emscripten don't support containers at all
-TEST_F(sinsp_with_test_input, spawn_process_container) {
-	add_default_init_thread();
-
-	open_inspector();
-	sinsp_evt *evt = NULL;
-
-	uint64_t parent_pid = 1, parent_tid = 1, child_pid = 20, child_tid = 20;
-	uint64_t fdlimit = 1024, pgft_maj = 0, pgft_min = 1;
-	uint64_t exe_ino = 242048, ctime = 1676262698000004577, mtime = 1676262698000004588;
-	uint32_t loginuid = UINT32_MAX, euid = UINT32_MAX;
-
-	scap_const_sized_buffer empty_bytebuf = {.buf = nullptr, .size = 0};
-
-	add_event_advance_ts(increasing_ts(), parent_tid, PPME_SYSCALL_CLONE_20_E, 0);
-	std::vector<std::string> cgroups = {
-	        "cgroups=cpuset=/docker/"
-	        "f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "cpu=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "cpuacct=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "io=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "memory=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "devices=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "freezer=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "net_cls=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "perf_event=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "net_prio=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "hugetlb=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "pids=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "rdma=/docker/f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066",
-	        "misc=/"};
-	std::string cgroupsv = test_utils::to_null_delimited(cgroups);
-	std::vector<std::string> env = {"SHELL=/bin/bash", "PWD=/home/user", "HOME=/home/user"};
-	std::string envv = test_utils::to_null_delimited(env);
-	std::vector<std::string> args = {"-c", "'echo aGVsbG8K | base64 -d'"};
-	std::string argsv = test_utils::to_null_delimited(args);
-
-	std::string container =
-	        R"({"container":{"Mounts":[],"cpu_period":100000,"cpu_quota":0,"cpu_shares":1024,"cpuset_cpu_count":0,"created_time":1663770709,"env":[],"full_id":"f9c7a020960a15738167a77594bff1f7ac5f5bfdb6646ecbc9b17c7ed7ec5066","id":"f9c7a020960a","image":"ubuntu","imagedigest":"sha256:a0d9e826ab87bd665cfc640598a871b748b4b70a01a4f3d174d4fb02adad07a9","imageid":"597ce1600cf4ac5f449b66e75e840657bb53864434d6bd82f00b172544c32ee2","imagerepo":"ubuntu","imagetag":"latest","ip":"172.17.0.2","is_pod_sandbox":false,"labels":null,"lookup_state":1,"memory_limit":0,"metadata_deadline":0,"name":"eloquent_mirzakhani","port_mappings":[],"privileged":false,"swap_limit":0,"type":0}})";
-
-	/* Caller clone exit event.
-	 * The child is in a container the caller event won't generate the child thread info
-	 */
-	add_event_advance_ts(increasing_ts(),
-	                     parent_tid,
-	                     PPME_SYSCALL_CLONE_20_X,
-	                     20,
-	                     child_tid,
-	                     "bash",
-	                     empty_bytebuf,
-	                     (uint64_t)1,
-	                     (uint64_t)1,
-	                     (uint64_t)0,
-	                     "",
-	                     fdlimit,
-	                     pgft_maj,
-	                     pgft_min,
-	                     (uint32_t)12088,
-	                     (uint32_t)7208,
-	                     (uint32_t)0,
-	                     "bash",
-	                     scap_const_sized_buffer{cgroupsv.data(), cgroupsv.size()},
-	                     (uint32_t)(PPM_CL_CLONE_CHILD_CLEARTID | PPM_CL_CLONE_CHILD_SETTID |
-	                                PPM_CL_CLONE_NEWPID | PPM_CL_CHILD_IN_PIDNS),
-	                     (uint32_t)1000,
-	                     (uint32_t)1000,
-	                     (uint64_t)parent_tid,
-	                     (uint64_t)parent_pid);
-
-	/* Child clone exit event */
-	add_event_advance_ts(increasing_ts(),
-	                     child_tid,
-	                     PPME_SYSCALL_CLONE_20_X,
-	                     20,
-	                     (uint64_t)0,
-	                     "bash",
-	                     empty_bytebuf,
-	                     child_tid,
-	                     child_pid,
-	                     (uint64_t)1,
-	                     "",
-	                     fdlimit,
-	                     pgft_maj,
-	                     pgft_min,
-	                     (uint32_t)12088,
-	                     (uint32_t)3764,
-	                     (uint32_t)0,
-	                     "bash",
-	                     scap_const_sized_buffer{cgroupsv.data(), cgroupsv.size()},
-	                     (uint32_t)(PPM_CL_CLONE_CHILD_CLEARTID | PPM_CL_CLONE_CHILD_SETTID |
-	                                PPM_CL_CLONE_NEWPID | PPM_CL_CHILD_IN_PIDNS),
-	                     (uint32_t)1000,
-	                     (uint32_t)1000,
-	                     (uint64_t)1,
-	                     (uint64_t)1);
-	add_event_advance_ts(increasing_ts(), -1, PPME_CONTAINER_JSON_2_E, 1, container.c_str());
-
-	add_event_advance_ts(increasing_ts(), child_tid, PPME_SYSCALL_EXECVE_19_E, 1, "/bin/test-exe");
-	evt = add_event_advance_ts(increasing_ts(),
-	                           child_tid,
-	                           PPME_SYSCALL_EXECVE_19_X,
-	                           27,
-	                           (int64_t)0,
-	                           "/bin/test-exe",
-	                           scap_const_sized_buffer{argsv.data(), argsv.size()},
-	                           child_tid,
-	                           child_pid,
-	                           parent_tid,
-	                           "",
-	                           fdlimit,
-	                           pgft_maj,
-	                           pgft_min,
-	                           (uint32_t)29612,
-	                           (uint32_t)4,
-	                           (uint32_t)0,
-	                           "test-exe",
-	                           scap_const_sized_buffer{cgroupsv.data(), cgroupsv.size()},
-	                           scap_const_sized_buffer{envv.data(), envv.size()},
-	                           (int32_t)34818,
-	                           parent_pid,
-	                           loginuid,
-	                           (int32_t)PPM_EXE_UPPER_LAYER,
-	                           parent_pid,
-	                           parent_pid,
-	                           parent_pid,
-	                           exe_ino,
-	                           ctime,
-	                           mtime,
-	                           euid);
-
-	// check that the container has been correctly detected and the short ID is correct
-	ASSERT_EQ(get_field_as_string(evt, "container.id"), "f9c7a020960a");
-	// check that metadata is correctly parsed from the container event
-	ASSERT_EQ(get_field_as_string(evt, "container.image"), "ubuntu");
-	// check vpid reflecting container pid namespace
-	ASSERT_EQ(get_field_as_string(evt, "proc.vpid"), "1");
-	ASSERT_EQ(get_field_as_string(evt, "thread.vtid"), "1");
-	// check more fields
-	ASSERT_EQ(get_field_as_string(evt, "user.loginuid"), "-1");
-	ASSERT_EQ(get_field_as_string(evt, "proc.is_exe_upper_layer"), "true");
-	ASSERT_EQ(get_field_as_string(evt, "user.uid"), "4294967295");
-}
-#endif  // MINIMAL_BUILD
-
 TEST_F(sinsp_with_test_input, chdir_fchdir) {
 	add_default_init_thread();