8000 feat(userspace/libsinsp)!: isolate `sinsp_threadinfo` from `sinsp` by ekoops · Pull Request #2335 · falcosecurity/libs · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

feat(userspace/libsinsp)!: isolate sinsp_threadinfo from sinsp #2335

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Apr 17, 2025
Merged

feat(userspace/libsinsp)!: isolate sinsp_threadinfo from sinsp #2335

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
61e5bac
feat(userspace/libsinsp)!: isolate immutable `sinsp_threadinfo` deps
ekoops Apr 9, 2025
8dc43e0
feat(userspace/libsinsp)!: isolate mutable `sinsp_threadinfo` deps
ekoops Apr 9, 2025
8c283e3
feat(userspace/libsinsp)!: remove unused `sinsp` public APIs
ekoops Apr 9, 2025
138dc83
feat(userspace/libsinsp)!: reduce threadinfo's params resources waste
ekoops Apr 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 19 additions & 10 deletions userspace/libsinsp/sinsp.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -158,12 +158,23 @@ sinsp::sinsp(bool with_metrics):
m_sinsp_stats_v2,
m_platform})},
m_fdtable_factory{m_fdtable_ctor_params},
m_threadinfo_factory{this,
m_external_event_processor,
m_thread_manager_dyn_fields,
m_fdtable_dyn_fields,
m_fdinfo_factory,
m_fdtable_factory},
// After m_threadinfo_ctor_params initialization, the thread manager and the usergroup
// manager refer to non-initialized sinsp's fields. This is not a problem as long
// as the m_threadinfo_factory (which will use the m_threadinfo_ctor_params) is not used
// before the initialization of these fields is completed.
m_threadinfo_ctor_params{std::make_shared<sinsp_threadinfo::ctor_params>(
sinsp_threadinfo::ctor_params{m_network_interfaces,
m_fdinfo_factory,
m_fdtable_factory,
m_thread_manager_dyn_fields,
m_thread_manager,
m_usergroup_manager})},
m_threadinfo_factory{
this,
m_threadinfo_ctor_params,
m_external_event_processor,
m_fdtable_dyn_fields,
},
m_table_registry{std::make_shared<libsinsp::state::table_registry>()},
m_async_events_queue(DEFAULT_ASYNC_EVENT_QUEUE_SIZE),
m_inited(false) {
Expand Down Expand Up @@ -1969,10 +1980,8 @@ bool sinsp_thread_manager::remove_inactive_threads() {
}

std::unique_ptr<sinsp_threadinfo> libsinsp::event_processor::build_threadinfo(sinsp* inspector) {
return std::make_unique<sinsp_threadinfo>(inspector->get_fdinfo_factory(),
inspector->get_fdtable_factory(),
inspector,
inspector->get_thread_manager_dyn_fields());
return sinsp_threadinfo_factory::create_unique_attorney::create(
inspector->get_threadinfo_factory());
}

std::unique_ptr<sinsp_fdinfo> libsinsp::event_processor::build_fdinfo(sinsp* inspector) {
Expand Down
8 changes: 3 additions & 5 deletions userspace/libsinsp/sinsp.h
View file
Open in desktop
Original file line number Diff line number Diff line change
< 8000 /a> Expand Up @@ -587,7 +587,7 @@ class SINSP_PUBLIC sinsp : public capture_stats_source {
/*!
\brief Returns true if truncated environments should be loaded from /proc
*/
inline bool large_envs_enabled() const {
bool large_envs_enabled() const {
return (is_live() || is_syscall_plugin()) && m_large_envs_enabled;
}

Expand Down Expand Up @@ -980,6 +980,8 @@ class SINSP_PUBLIC sinsp : public capture_stats_source {
const sinsp_fdinfo_factory m_fdinfo_factory;
const std::shared_ptr<sinsp_fdtable::ctor_params> m_fdtable_ctor_params;
const sinsp_fdtable_factory m_fdtable_factory;
// Parameter shared with each single sinsp_threadinfo instance.
const std::shared_ptr<sinsp_threadinfo::ctor_params> m_threadinfo_ctor_params;
const sinsp_threadinfo_factory m_threadinfo_factory;
// A registry that manages the state tables of this inspector.
std::shared_ptr<libsinsp::state::table_registry> m_table_registry;
Expand All @@ -994,10 +996,6 @@ class SINSP_PUBLIC sinsp : public capture_stats_source {
return m_fdtable_dyn_fields;
}

const sinsp_fdinfo_factory& get_fdinfo_factory() const { return m_fdinfo_factory; }

const sinsp_fdtable_factory& get_fdtable_factory() const { return m_fdtable_factory; }

const sinsp_threadinfo_factory& get_threadinfo_factory() const { return m_threadinfo_factory; }

std::shared_ptr<sinsp_thread_manager> m_thread_manager;
Expand Down
60 changes: 36 additions & 24 deletions userspace/libsinsp/sinsp_threadinfo_factory.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,42 +20,54 @@ limitations under the License.
#include <libsinsp/sinsp_external_processor.h>
#include <libsinsp/threadinfo.h>

class sinsp;

/*!
\brief Factory hiding sinsp_threadinfo creation details.
*/
class sinsp_threadinfo_factory {
sinsp* m_sinsp;
const std::shared_ptr<sinsp_threadinfo::ctor_params>& m_params;
libsinsp::event_processor* const& m_external_event_processor;
const std::shared_ptr<libsinsp::state::dynamic_struct::field_infos>&m_thread_manager_dyn_fields,
m_fdtable_dyn_fields;
const sinsp_fdinfo_factory& m_fdinfo_factory;
const sinsp_fdtable_factory& m_fdtable_factory;
const std::shared_ptr<libsinsp::state::dynamic_struct::field_infos>& m_fdtable_dyn_fields;

// `create_unique` is only provided in order to let an external event processor create a
// threadinfo without tracking all the needed dependencies and, at the same time, avoiding code
// repetition. The access is granted through the
// `sinsp_threadinfo_factory::create_unique_attorney` class (see its definition for more
// details).
std::unique_ptr<sinsp_threadinfo> create_unique() const {
return std::make_unique<sinsp_threadinfo>(m_params);
}

public:
sinsp_threadinfo_factory(
sinsp* sinsp,
libsinsp::event_processor* const& external_event_processor,
const std::shared_ptr<libsinsp::state::dynamic_struct::field_infos>&
thread_manager_dyn_fields,
const std::shared_ptr<libsinsp::state::dynamic_struct::field_infos>& fdtable_dyn_fields,
const sinsp_fdinfo_factory& fdinfo_factory,
const sinsp_fdtable_factory& fdtable_factory):
/*!
\brief This class follows the attorney-client idiom to limit the access to
`sinsp_threadinfo_factory::create_unique()` only to `libsinsp::event_processor`.
*/
class create_unique_attorney {
static std::unique_ptr<sinsp_threadinfo> create(sinsp_threadinfo_factory const& factory) {
return factory.create_unique();
}
friend libsinsp::event_processor;
};

sinsp_threadinfo_factory(sinsp* sinsp,
const std::shared_ptr<sinsp_threadinfo::ctor_params>& params,
libsinsp::event_processor* const& external_event_processor,
const std::shared_ptr<libsinsp::state::dynamic_struct::field_infos>&
fdtable_dyn_fields):
m_sinsp{sinsp},
m_params{params},
m_external_event_processor{external_event_processor},
m_thread_manager_dyn_fields{thread_manager_dyn_fields},
m_fdtable_dyn_fields{fdtable_dyn_fields},
m_fdinfo_factory{fdinfo_factory},
m_fdtable_factory{fdtable_factory} {}
m_fdtable_dyn_fields{fdtable_dyn_fields} {}

std::unique_ptr<sinsp_threadinfo> create() const {
std::unique_ptr<sinsp_threadinfo> tinfo =
m_external_event_processor
? m_external_event_processor->build_threadinfo(m_sinsp)
: std::make_unique<sinsp_threadinfo>(m_fdinfo_factory,
m_fdtable_factory,
m_sinsp,
m_thread_manager_dyn_fields);
m_external_event_processor ? m_external_event_processor->build_threadinfo(m_sinsp)
: create_unique();
if(tinfo->dynamic_fields() == nullptr) {
tinfo->set_dynamic_fields(m_thread_manager_dyn_fields);
tinfo->set_dynamic_fields(m_params->thread_manager_dyn_fields);
}
tinfo->get_fdtable().set_dynamic_fields(m_fdtable_dyn_fields);
return tinfo;
Expand All @@ -65,6 +77,6 @@ class sinsp_threadinfo_factory {
// create_shared is currently used in contexts not handled by any external event processor,
// nor by any component needing dynamic fields to be initialized: for these reasons, for the
// moment, it is just a simplified (shared) version of what `create` does.
return std::make_shared<sinsp_threadinfo>(m_fdinfo_factory, m_fdtable_factory);
return std::make_shared<sinsp_threadinfo>(m_params);
}
};
65 changes: 29 additions & 36 deletions
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@
#include <stdio.h>
#include <algorithm>
#include <libscap/strl.h>
#include <libsinsp/sinsp.h>
#include <libsinsp/sinsp_int.h>
#include <libscap/scap-int.h>
#include <libsinsp/user.h>
Expand All @@ -38,15 +37,10 @@
dest[3] = src[3];
}

sinsp_threadinfo::sinsp_threadinfo(
const sinsp_fdinfo_factory& fdinfo_factory,
const sinsp_fdtable_factory& fdtable_factory,
sinsp* inspector,
const std::shared_ptr<libsinsp::state::dynamic_struct::field_infos>& dyn_fields):
table_entry(dyn_fields),
m_inspector(inspector),
m_fdinfo_factory{fdinfo_factory},
m_fdtable{fdtable_factory.create()},
sinsp_threadinfo::sinsp_threadinfo(const std::shared_ptr<ctor_params>& params):
table_entry(params->thread_manager_dyn_fields),
m_params{params},
m_fdtable{params->fdtable_factory.create()},
m_main_fdtable(m_fdtable.table_ptr()),
m_args_table_adapter("args", m_args),
m_env_table_adapter("env", m_env),
Expand Down Expand Up @@ -211,7 +205,7 @@

sinsp_fdinfo* sinsp_threadinfo::add_fd_from_scap(const scap_fdinfo& fdi,
const bool resolve_hostname_and_port) {
auto newfdi = m_fdinfo_factory.create();
auto newfdi = m_params->fdinfo_factory.create();

newfdi->m_type = fdi.type;
newfdi->m_openflags = 0;
Expand All @@ -230,7 +224,7 @@
if(fdi.info.ipv4info.l4proto == SCAP_L4_TCP) {
newfdi->m_flags |= sinsp_fdinfo::FLAGS_SOCKET_CONNECTED;
}
m_inspector->get_ifaddr_list().update_fd(*newfdi);
m_params->network_interfaces.update_fd(*newfdi);
newfdi->m_name =
ipv4tuple_to_string(newfdi->m_sockinfo.m_ipv4info, resolve_hostname_and_port);
break;
Expand Down Expand Up @@ -258,7 +252,7 @@
if(fdi.info.ipv6info.l4proto == SCAP_L4_TCP) {
newfdi->m_flags |= sinsp_fdinfo::FLAGS_SOCKET_CONNECTED;
}
m_inspector->get_ifaddr_list().update_fd(*newfdi);
m_params->network_interfaces.update_fd(*newfdi);
newfdi->m_name =
ipv4tuple_to_string(newfdi->m_sockinfo.m_ipv4info, resolve_hostname_and_port);
} else {
Expand Down Expand Up @@ -387,19 +381,18 @@

set_cgroups(pinfo.cgroups.path, pinfo.cgroups.len);
m_root = pinfo.root;
ASSERT(m_inspector);

set_group(pinfo.gid, notify_group_update);
set_user(pinfo.uid, notify_user_update);
set_loginuid((uint32_t)pinfo.loginuid);
set_loginuid(pinfo.loginuid);
}

const sinsp_threadinfo::cgroups_t& sinsp_threadinfo::cgroups() const {
return m_cgroups;
}

std::shared_ptr<sinsp_thread_manager> sinsp_threadinfo::get_thread_manager() const {
return m_inspector->m_thread_manager;
return m_params->thread_manager;

Check warning on line 395 in userspace/libsinsp/threadinfo.cpp

View check run for this annotation

Codecov / codecov/patch

userspace/libsinsp/threadinfo.cpp#L395 

Added line #L395 was not covered by tests
}

std::string sinsp_threadinfo::get_comm() const {
Expand All @@ -417,7 +410,7 @@
std::string sinsp_threadinfo::get_container_id() {
std::string container_id;

const auto accessor = m_inspector->m_thread_manager->get_field_accessor(
const auto accessor = m_params->thread_manager->get_field_accessor(
sinsp_thread_manager::s_container_id_field_name);
if(accessor) {
get_dynamic_field(*accessor, container_id);
Expand All @@ -430,8 +423,8 @@

const auto container_id = get_container_id();
if(!container_id.empty()) {
auto table = m_inspector->m_thread_manager->get_table(
sinsp_thread_manager::s_containers_table_name);
auto table =

Check warning on line 426 in userspace/libsinsp/threadinfo.cpp

View check run for this annotation

Codecov / codecov/patch

userspace/libsinsp/threadinfo.cpp#L426 

Added line #L426 was not covered by tests
m_params->thread_manager->get_table(sinsp_thread_manager::s_containers_table_name);
if(table != nullptr) {
auto fld = table->get_field<std::string>(
sinsp_thread_manager::s_containers_table_field_user);
Expand All @@ -453,8 +446,8 @@

const auto container_id = get_container_id();
if(!container_id.empty()) {
auto table = m_inspector->m_thread_manager->get_table(
sinsp_thread_manager::s_containers_table_name);
auto table =

Check warning on line 449 in userspace/libsinsp/threadinfo.cpp

View check run for this annotation

Codecov / codecov/patch

userspace/libsinsp/threadinfo.cpp#L449 

Added line #L449 was not covered by tests
m_params->thread_manager->get_table(sinsp_thread_manager::s_containers_table_name);
if(table != nullptr) {
auto fld = table->get_field<std::string>(
sinsp_thread_manager::s_containers_table_field_ip);
Expand All @@ -475,31 +468,30 @@
const auto container_id = get_container_id();
m_uid = uid;
// Do not notify if the user is already present.
if(m_inspector->m_usergroup_manager->get_user(container_id, uid)) {
if(m_params->usergroup_manager->get_user(container_id, uid)) {
return;
}
// For uid 0 force set root related info.
if(uid == 0) {
m_inspector->m_usergroup_manager
m_params->usergroup_manager
->add_user(container_id, m_pid, uid, m_gid, "root", "/root", {}, notify);
} else {
m_inspector->m_usergroup_manager
->add_user(container_id, m_pid, uid, m_gid, {}, {}, {}, notify);
m_params->usergroup_manager->add_user(container_id, m_pid, uid, m_gid, {}, {}, {}, notify);
}
}

void sinsp_threadinfo::set_group(const uint32_t gid, const bool notify) {
const auto container_id = get_container_id();
m_gid = gid;
// Do not notify if the group is already present.
if(m_inspector->m_usergroup_manager->get_group(container_id, gid)) {
if(m_params->usergroup_manager->get_group(container_id, gid)) {
return;
}
// For gid 0 force set root related info.
if(gid == 0) {
m_inspector->m_usergroup_manager->add_group(container_id, m_pid, gid, "root", notify);
m_params->usergroup_manager->add_group(container_id, m_pid, gid, "root", notify);
} else {
m_inspector->m_usergroup_manager->add_group(container_id, m_pid, gid, {}, notify);
m_params->usergroup_manager->add_group(container_id, m_pid, gid, {}, notify);
}
}

Expand All @@ -508,10 +500,11 @@
}

scap_userinfo* sinsp_threadinfo::get_user() {
auto user = m_inspector->m_usergroup_manager->get_user(get_container_id(), m_uid);
if(user != nullptr) {
if(const auto user = m_params->usergroup_manager->get_user(get_container_id(), m_uid);
user != nullptr) {
return user;
}

static scap_userinfo usr{};
usr.uid = m_uid;
usr.gid = m_gid;
Expand All @@ -522,8 +515,8 @@
}

scap_groupinfo* sinsp_threadinfo::get_group() {
auto group = m_inspector->m_usergroup_manager->get_group(get_container_id(), m_gid);
if(group != nullptr) {
if(const auto group = m_params->usergroup_manager->get_group(get_container_id(), m_gid);
group != nullptr) {
return group;
}
static scap_groupinfo grp = {};
Expand All @@ -533,8 +526,8 @@
}

scap_userinfo* sinsp_threadinfo::get_loginuser() {
auto user = m_inspector->m_usergroup_manager->get_user(get_container_id(), m_loginuid);
if(user != nullptr) {
if(const auto user = m_params->usergroup_manager->get_user(get_container_id(), m_loginuid);
user != nullptr) {
return user;
}
static scap_userinfo usr{};
Expand Down Expand Up @@ -711,7 +704,7 @@
}

sinsp_threadinfo* sinsp_threadinfo::get_parent_thread() {
return m_inspector->get_thread_ref(m_ptid, false).get();
return m_params->thread_manager->get_thread_ref(m_ptid).get();
}

sinsp_threadinfo* sinsp_threadinfo::get_ancestor_process(uint32_t n) {
Expand Down Expand Up @@ -882,7 +875,7 @@
// if is_virtual_id == false we don't care about the namespace in which we are
sinsp_threadinfo* leader = nullptr;
if(!is_virtual_id || !is_in_pid_namespace()) {
leader = m_inspector->get_thread_ref(id, false).get();
leader = m_params->thread_manager->get_thread_ref(id).get();
if(leader != nullptr) {
return leader;
}
Expand Down
Loading
Loading
0