diff --git a/CMakeLists.txt b/CMakeLists.txt index 8f1745d..eed76f3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -12,8 +12,10 @@ add_compile_options(-Wall -Wextra -Wpedantic -Wno-unused-result -Wno-unused-para set(CMAKE_EXPORT_COMPILE_COMMANDS ON) # option(with_execsnoop "enable program level proxy control feature, need bcc installed" ON) +option(build_execsnoop_dl "build libexecsnoop.so which will be dynamic loaded, otherwise built directly into cgproxy" ON) +option(build_static "build with static link prefered" OFF) option(build_tools OFF) -option(build_test OFF) +option(build_test "for develop" OFF) add_subdirectory(src) add_subdirectory(execsnoop-kernel) diff --git a/execsnoop-kernel/CMakeLists.txt b/execsnoop-kernel/CMakeLists.txt index 1187117..7cef479 100644 --- a/execsnoop-kernel/CMakeLists.txt +++ b/execsnoop-kernel/CMakeLists.txt @@ -1,9 +1,19 @@ # find libbpf -find_library(LIBBPF bpf) +if (build_static) + find_library(LIBBPF libbpf.a) +else() + find_library(LIBBPF bpf) +endif() + if (LIBBPF-NOTFOUND) message(FATAL_ERROR "libbpf not found") endif() -add_library(execsnoop MODULE execsnoop_share.cpp) -target_link_libraries(execsnoop PRIVATE bpf) -install(TARGETS execsnoop DESTINATION ${CMAKE_INSTALL_LIBDIR}/cgproxy/) \ No newline at end of file +if (build_execsnoop_dl) + add_library(execsnoop MODULE execsnoop_share.cpp) + install(TARGETS execsnoop DESTINATION ${CMAKE_INSTALL_LIBDIR}/cgproxy/) +else() + add_library(execsnoop execsnoop_share.cpp) +endif() + +target_link_libraries(execsnoop PRIVATE ${LIBBPF} -lelf -lz) \ No newline at end of file diff --git a/execsnoop-kernel/execsnoop_share.h b/execsnoop-kernel/execsnoop_share.h index 3657831..c465aae 100644 --- a/execsnoop-kernel/execsnoop_share.h +++ b/execsnoop-kernel/execsnoop_share.h @@ -10,9 +10,11 @@ namespace CGPROXY::EXECSNOOP { extern "C" void startThread(function c, promise _status); +#ifdef BUIlD_EXECSNOOP_DL // only for dlsym() using startThread_t=decltype(startThread); startThread_t *_startThread; +#endif } // namespace CGPROXY::EXECSNOOP #endif diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index aa18648..bfb4679 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -4,20 +4,20 @@ include_directories(${PROJECT_SOURCE_DIR}) include_directories(${PROJECT_SOURCE_DIR}/execsnoop-kernel/) include_directories(${CMAKE_CURRENT_SOURCE_DIR}) -add_executable(main main.cpp - common.cpp config.cpp cgroup_attach.cpp - socket_client.cpp socket_server.cpp) -target_link_libraries(main PRIVATE nlohmann_json::nlohmann_json Threads::Threads ${CMAKE_DL_LIBS}) -set_target_properties(main PROPERTIES LINKER_LANGUAGE CXX) + +if (build_execsnoop_dl) + add_definitions(-DBUIlD_EXECSNOOP_DL) + set(DL_LIB "-ldl") + set(EXECSNOOP_LIB "") +else() + set(EXECSNOOP_LIB "execsnoop") +endif() + +add_executable(main main.cpp common.cpp config.cpp cgroup_attach.cpp socket_client.cpp socket_server.cpp) +target_link_libraries(main PRIVATE nlohmann_json::nlohmann_json Threads::Threads ${DL_LIB} ${EXECSNOOP_LIB}) set_target_properties(main PROPERTIES OUTPUT_NAME cgproxy) install(TARGETS main RUNTIME) -# # execsnoop related -# set(execsnoop ${PROJECT_SOURCE_DIR}/execsnoop-libbpf/libexecsnoop.so) -# add_custom_command(OUTPUT ${execsnoop} -# COMMAND make CFLAGS=\"-O2 -Wall -s -DNDEBUG\" libexecsnoop.so -# WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}/execsnoop-libbpf -# BYPRODUCTS ${PROJECT_SOURCE_DIR}/execsnoop-libbpf/build -# ) -# add_custom_target(execsnoop ALL DEPENDS ${execsnoop}) -# install(PROGRAMS ${execsnoop} DESTINATION ${CMAKE_INSTALL_LIBDIR}/cgproxy/) \ No newline at end of file +if (build_static) + target_link_libraries(main PRIVATE -static-libgcc -static-libstdc++) +endif() diff --git a/src/cgproxyd.hpp b/src/cgproxyd.hpp index bfebbba..5a420b3 100644 --- a/src/cgproxyd.hpp +++ b/src/cgproxyd.hpp @@ -26,6 +26,7 @@ using namespace ::CGPROXY::CONFIG; using namespace ::CGPROXY::CGROUP; // using namespace ::CGPROXY::EXECSNOOP; +#ifdef BUIlD_EXECSNOOP_DL namespace CGPROXY::EXECSNOOP { bool loadExecsnoopLib() { try { @@ -48,6 +49,7 @@ bool loadExecsnoopLib() { } } } // namespace CGPROXY::EXECSNOOP +#endif namespace CGPROXY::CGPROXYD { @@ -232,14 +234,21 @@ class cgproxyd { } void startExecsnoopThread() { + #ifdef BUIlD_EXECSNOOP_DL if (!EXECSNOOP::loadExecsnoopLib() || EXECSNOOP::_startThread == NULL) { error("execsnoop not ready to start, maybe missing libbpf"); return; } + #endif promise status; future status_f = status.get_future(); + #ifdef BUIlD_EXECSNOOP_DL thread th(EXECSNOOP::_startThread, handle_pid_static, move(status)); + #else + thread th(EXECSNOOP::startThread, handle_pid_static, move(status)); + #endif + execsnoop_thread = move(th); future_status fstatus = status_f.wait_for(chrono::seconds(THREAD_TIMEOUT)); diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt index 5419a7b..41f33b5 100644 --- a/tools/CMakeLists.txt +++ b/tools/CMakeLists.txt @@ -2,11 +2,4 @@ include_directories(${PROJECT_SOURCE_DIR}) include_directories(${PROJECT_SOURCE_DIR}/src) add_executable(cgattach cgattach.cpp ../src/cgroup_attach.cpp ../src/common.cpp) -install(TARGETS cgattach DESTINATION /usr/bin PERMISSIONS ${basic_permission}) - -if (with_execsnoop) -add_executable(execsnoop_exec execsnoop.cpp ../src/common.cpp ../src/execsnoop.cpp) -set_target_properties(execsnoop_exec PROPERTIES OUTPUT_NAME execsnoop) -target_link_libraries(execsnoop_exec bcc) -install(TARGETS execsnoop_exec DESTINATION /usr/bin PERMISSIONS ${basic_permission}) -endif() \ No newline at end of file +install(TARGETS cgattach DESTINATION /usr/bin PERMISSIONS ${basic_permission}) \ No newline at end of file diff --git a/tools/execsnoop.cpp b/tools/execsnoop.cpp deleted file mode 100644 index c84f381..0000000 --- a/tools/execsnoop.cpp +++ /dev/null @@ -1,24 +0,0 @@ -#include "execsnoop.h" -#include "common.h" -#include -using namespace std; -using namespace CGPROXY::EXECSNOOP; - -#define PATH_MAX_LEN 128 - -int handle_pid(int pid) { - char path[PATH_MAX_LEN]; - auto size = readlink(to_str("/proc/", pid, "/exe").c_str(), path, PATH_MAX_LEN); - if (size == -1) error("readlink: %s", to_str("/proc/", pid, "/exe").c_str()); - path[size] = '\0'; - info("%d %s", pid, path); - return 0; -} - -int main() { - enable_debug = true; - enable_info = true; - callback = handle_pid; - execsnoop(); - return 0; -}