From patchwork Tue May 14 10:39:55 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adolf Belka <adolf.belka@ipfire.org>
X-Patchwork-Id: 7781
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4VdtCs1PDfz3wtx
	for <patchwork@web04.haj.ipfire.org>; Tue, 14 May 2024 10:40:09 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4VdtCp64RSz1Ft;
	Tue, 14 May 2024 10:40:06 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4VdtCp3xcCz3340;
	Tue, 14 May 2024 10:40:06 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1)
	 client-signature ECDSA (secp384r1))
	(Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK))
	by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4VdtCl56qKz2xLq
	for <development@lists.ipfire.org>; Tue, 14 May 2024 10:40:03 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 4VdtCk3JXJz1Fh;
	Tue, 14 May 2024 10:40:02 +0000 (UTC)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=202003ed25519; t=1715683202;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=UTsyI27TEX+4v+Fw1qJ2FcJjQc5swxkJwcApUWIzsZI=;
	b=5Eohg1MmEVulQqadJ6aPNtOcIYgbnJf72jLflSAWPfzv2dcbFwhcnabN7u2wVm1fKYUEjI
	CyGgxJf0IC6V9eAA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
	t=1715683202;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=UTsyI27TEX+4v+Fw1qJ2FcJjQc5swxkJwcApUWIzsZI=;
	b=F8ieWwl6rN6zdSMijWVlXd27hCe5SU1X25kJ3PcnyzmcOlqC+pueZ4/DGuA/VkWS+jypOk
	Vuy/RiEle+f+3XnNbvrcIqy7PyqZSWjCUV3kouvRKUsNCkTwxxv9wdrGD14mz1A4XszqfS
	b2R4vdZP4MpkjvrIavuGzixDkGb6O+U/s+29lIjLQBLWZWPJut84ojVHzLFCdQggMwBZ7z
	kt4RCwrBTqITgBCDPdM1sHLzF5gP33WFa7Kq2tsldJJyaI9RuyE45s56ivPn/F2otzuJDF
	X/QYv5Gk2MSUVCzWJKYOvbE5lBxnrOdSbzYXd6EEjpxVL4Z7jqTyDkONx8r4fw==
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 1/2] vectorscan: Install vectorscan to replace hypersan
Date: Tue, 14 May 2024 12:39:55 +0200
Message-ID: <20240514103956.3559-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Message-ID-Hash: OE2W6YP2LY7PZYV57A3WAMGZS2ODZDPA
X-Message-ID-Hash: OE2W6YP2LY7PZYV57A3WAMGZS2ODZDPA
X-MailFrom: adolf.belka@ipfire.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 digests; suspicious-header
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
Archived-At: 
 <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/message/OE2W6YP2LY7PZYV57A3WAMGZS2ODZDPA/>
List-Archive: 
 <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Owner: <mailto:development-owner@lists.ipfire.org>
List-Post: <mailto:development@lists.ipfire.org>
List-Subscribe: <mailto:development-join@lists.ipfire.org>
List-Unsubscribe: <mailto:development-leave@lists.ipfire.org>

- It has been announced that from hyperscan-5.5 onwards the licence for this package
   will change from BSD tp proprietarty paid for version
- This patch submission installs vectorscan whihc was created as a fork from hyperscan
   andf that is being maintained and has indicated it will suay Open Source
- Created new lfs file
- Created nbew rootfile. This looks to match the hyperscan rootfile closely
- Added vector scan to the make.sh file and removed hyperscan from it.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/rootfiles/common/vectorscan | 13 +++++
 lfs/vectorscan                     | 86 ++++++++++++++++++++++++++++++
 make.sh                            |  2 +-
 3 files changed, 100 insertions(+), 1 deletion(-)
 create mode 100644 config/rootfiles/common/vectorscan
 create mode 100644 lfs/vectorscan

diff --git a/config/rootfiles/common/vectorscan b/config/rootfiles/common/vectorscan
new file mode 100644
index 000000000..160dc3ae7
--- /dev/null
+++ b/config/rootfiles/common/vectorscan
@@ -0,0 +1,13 @@
+#usr/include/hs
+#usr/include/hs/hs.h
+#usr/include/hs/hs_common.h
+#usr/include/hs/hs_compile.h
+#usr/include/hs/hs_runtime.h
+#usr/include/hs/hs_version.h
+#usr/lib/libhs.so
+usr/lib/libhs.so.5
+usr/lib/libhs.so.5.4.11
+#usr/lib/libhs_runtime.so
+usr/lib/libhs_runtime.so.5
+usr/lib/libhs_runtime.so.5.4.11
+#usr/lib/pkgconfig/libhs.pc
diff --git a/lfs/vectorscan b/lfs/vectorscan
new file mode 100644
index 000000000..0b60e19c9
--- /dev/null
+++ b/lfs/vectorscan
@@ -0,0 +1,86 @@
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2007-2024  IPFire Team  <info@ipfire.org>                     #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER        = 5.4.11
+
+THISAPP    = vectorscan-vectorscan-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
+DL_FROM    = $(URL_IPFIRE)
+DIR_APP    = $(DIR_SRC)/$(THISAPP)
+TARGET     = $(DIR_INFO)/$(THISAPP)
+
+# The compiler uses a lot of memory to compile hyperscan, hence we reduce
+# the total number of processes a little bit to be able to build on
+# smaller machines
+MAX_PARALLELISM = $(shell echo $$(( $(SYSTEM_MEMORY) / 1024)))
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_BLAKE2 = a8f5a1230af0ddf7d9fb9299769ec1736d37ac3284f6a98b1e650af461206cf459eac35d13a47beb6683786c6529539b2d082edf426e7d4890ed11804c76268b
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+b2 : $(subst %,%_BLAKE2,$(objects))
+
+###############################################################################
+# Downloading, checking, b2sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+	@$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+	@$(LOAD)
+
+$(subst %,%_BLAKE2,$(objects)) :
+	@$(B2SUM)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+	@$(PREBUILD)
+	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+	cd $(DIR_APP) && cmake . \
+		-DCMAKE_INSTALL_PREFIX:PATH=/usr \
+		-DBUILD_SHARED_LIBS=ON \
+		-DCMAKE_BUILD_TYPE=RELEASE \
+		-DBUILD_EXAMPLES=OFF
+	cd $(DIR_APP) && make $(MAKETUNING)
+	cd $(DIR_APP) && make install
+	@rm -rf $(DIR_APP)
+	@$(POSTBUILD)
diff --git a/make.sh b/make.sh
index a4ba09326..9977e762b 100755
--- a/make.sh
+++ b/make.sh
@@ -1402,7 +1402,7 @@ buildipfire() {
   lfsmake2 libhtp
   lfsmake2 colm
   lfsmake2 ragel
-  lfsmake2 hyperscan
+  lfsmake2 vectorscan
   lfsmake2 suricata
   lfsmake2 ids-ruleset-sources
   lfsmake2 ipblocklist-sources