Summary:
Continuing to march toward low-overhead, type-safe table rows, this commit
converts the Darwin `processes` table to using the generated row types.
My march concludes here, but there's a lot of work yet to be done with
migrating other tables.
(Adapted from https://github.com/facebook/osquery/pull/5199)
Reviewed By: guliashvili
Differential Revision: D13438014
fbshipit-source-id: 0e8365f26fe95131fe53ba3491cf07899600e997
Summary:
Continuing to march toward low-overhead, type-safe table rows, this commit
introduces the code generation for said rows. Nothing uses it yet; see the
next commit for that.
(Adapted from https://github.com/facebook/osquery/pull/5199)
Reviewed By: guliashvili
Differential Revision: D13438017
fbshipit-source-id: 959a6e092aee38d33e1c6539cbe14b85172c0135
Summary:
Continuing to march toward low-overhead, type-safe table rows, this commit
changes `TableRow` to be an interface rather than simply an alias for `Row`.
Accordingly, `DynamicTableRow` becomes an implementation of that interface
backed by a `Row`. The few remaining pieces of code that treated `TableRow`s as
`Row`s now call methods on the `TableRow` interface. Subsequent commits will
add code generation for strongly-typed table-specific implementations of
`TableRow`.
(Adapted from https://github.com/facebook/osquery/pull/5198)
Reviewed By: guliashvili
Differential Revision: D13438015
fbshipit-source-id: 61d5547e878e519c9706f94f844aab9d3e553410
Summary:
Continuing to march toward low-overhead, type-safe table rows, this commit changes
much of the code that uses `TableRow`s to stop assuming that they're just `vector`s
by another name. (`TableRow` is on the way to becoming an interface with multiple
implementations.) They're now held in `unique_ptr`s (`TableRowHolder`). For cases
where we really want a `vector`-backed `TableRow` (mostly test code and extension
support), we have a factory function (`make_table_row`) and a helper class
(`DynamicTableRowHolder`) to make that smoother.
(Adapted from https://github.com/facebook/osquery/pull/5198)
Reviewed By: mkareta
Differential Revision: D13438016
fbshipit-source-id: 2de9ce46a64c0a067b5d3299c59bbe3ccacd4abe
Summary:
Continuing to march toward low-overhead, type-safe table rows, this commit introduces
a distinction between rows being returned from a table (`TableRows`) and as the
result of a query (`QueryData`). Right now the two are simply aliases for each other;
that will change shortly.
(Adapted from https://github.com/facebook/osquery/pull/5198)
Reviewed By: guliashvili
Differential Revision: D13438019
fbshipit-source-id: 6563fc8c372d9d6c4b05705943ddf39b42260feb
Summary:
Step towards completion of https://github.com/facebook/osquery/pull/4904
- Add boost variant (typed) counterparts for RowData, Row, and QueryData.
- Add a queryInternal to sqlite_util that returns QueryDataTyped.
- Replace the queryInternal that returns QueryData with one that's a simple wrapper around the new typed implementation.
Reviewed By: guliashvili
Differential Revision: D13586036
fbshipit-source-id: d1d9b56470fbfcfb5802de422f87d9b9d6da7fb7
Summary:
Pull Request resolved: https://github.com/facebook/osquery/pull/5332
malloc might return null and memcpy will crash in that case
Reviewed By: akindyakov
Differential Revision: D13517060
fbshipit-source-id: 261f493823974dcc40a40139094eb4a98cd24dec
Summary:
Pull Request resolved: https://github.com/facebook/osquery/pull/5331
Let's use attributes to prevent such mistakes (see previous diff in the stack)
Reviewed By: guliashvili
Differential Revision: D13504146
fbshipit-source-id: 7cab2dd345599b036fa2a27bf682f2a159fd1c08
Summary:
Hand port of https://github.com/facebook/osquery/pull/5154 to the new build system
I'm moving toward generating constants for each column so that we
can do used column lookups without having to do a string set lookup,
but first I need to have the used columns information plumbed through
as a bitfield.
Once the code generation is in and all cases have been migrated to it,
I'll remove the string variants of `isColumnUsed`/`isAnyColumnUsed`.
Reviewed By: guliashvili
Differential Revision: D13423615
fbshipit-source-id: 6a2afe7dad42942610dfe0f6f55bcee4603a25af
Summary:
Manual port of https://github.com/facebook/osquery/pull/5153 to the new build system.
New methods to allow adding larger numeric types.
Reviewed By: guliashvili
Differential Revision: D13422612
fbshipit-source-id: 6b503553f05139351f803ea6fcc5c825e62c35ea
Summary:
This is a manual port of https://github.com/facebook/osquery/pull/5216 to the new build system.
This table allows you to fetch a list of running applications on OSX. Contains PID, Bundle ID and whether or not the application is in focus. (The latter can be used to figure out what application was being used at a given moment.)
Reviewed By: guliashvili
Differential Revision: D13422150
fbshipit-source-id: 236b28d9140a9a9062fb913815d0c9f1da21c8b5
Summary:
Pull Request resolved: https://github.com/facebook/osquery/pull/5318
This is most likely broken and is causing problems with some toolchains (e.g. clang on Ubuntu xenial).
Reviewed By: guliashvili
Differential Revision: D13415457
fbshipit-source-id: b4aa686913d3cfe6bb26089b0525144fae7cc928
Summary: These missing includes make the build fail with some toolchains.
Reviewed By: guliashvili
Differential Revision: D13414926
fbshipit-source-id: b9a7992e37751da81ec1f5a9055703bc1e3cc4bc
Summary: Switch off osquery/remote tests for windows, it takes time to fix it. I'll do it later.
Reviewed By: fmanco
Differential Revision: D13378357
fbshipit-source-id: 21077630864fc4a27ba65078c634e115875f3970
Summary: It turns out we already fixed that old issue
Reviewed By: guliashvili
Differential Revision: D13376876
fbshipit-source-id: a7822a1c79aa180e40f7ce54faa7c811b0d1b24b
Summary: Windows named pipe requires a bit different name format in compare to posix platforms.
Reviewed By: guliashvili
Differential Revision: D13376805
fbshipit-source-id: 443c8f963863adbacd1edb76945919f00a1a2e4e
The iptables uapi kernel headers are incompatible with C++. To avoid
depending on modified kernel headers query iptables from a C based
proxy. This is a temporary solution until the problem is fixed on
upstream Linux.
Directory creation function to osquery/filesystem.h
Status was used as a return value, as far as all function in this file operate with Status not Expected. Let's move from Status to Expected in another PR.
