Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Elastic Defend arm64 is not supported on Windows yet #4155

Merged
merged 35 commits into from
Feb 13, 2024
Merged

Elastic Defend arm64 is not supported on Windows yet #4155

Show file tree
Hide file tree
Changes from 12 commits
Commits
Show all changes
35 commits
Select commit Hold shift + click to select a range
42b06d7
Elastic Defend arm64 is not supported on Windows yet
intxgo Jan 26, 2024
030962e
fix lint
intxgo Jan 27, 2024
aed78cf
correct platform condition
intxgo Jan 27, 2024
7e5b325
machine architecture constants from MSDN
intxgo Jan 29, 2024
287a839
fix const declaration
intxgo Jan 29, 2024
12ddaf5
refactoring; test fix
intxgo Jan 30, 2024
69c326d
return fix
intxgo Jan 30, 2024
d441719
refactoring
intxgo Jan 30, 2024
fea0076
Merge branch 'main' of github.com:intxgo/elastic-agent into lesio/arm…
intxgo Jan 30, 2024
e711ac3
refactoring
intxgo Jan 30, 2024
6cd6a74
fix lint errors on legacy code
intxgo Jan 31, 2024
98e1366
remove unnecessary access query mask
intxgo Jan 31, 2024
fd4307b
Merge branch 'main' of github.com:intxgo/elastic-agent into lesio/arm…
intxgo Jan 31, 2024
0e306b7
Merge branch 'elastic:main' into lesio/arm64-not-supported-on-windows
intxgo Jan 31, 2024
47a8211
Merge branch 'main' into lesio/arm64-not-supported-on-windows
michalpristas Feb 9, 2024
618952b
use updated go-sysinfo
intxgo Feb 12, 2024
69ad4a0
fix unit test
intxgo Feb 12, 2024
0768c59
revert accidental change
intxgo Feb 12, 2024
8bb8d76
Merge branch 'main' into lesio/arm64-not-supported-on-windows
intxgo Feb 12, 2024
9e4febb
update go-sysinfo to official release
intxgo Feb 12, 2024
f3aca60
go mod tidy
intxgo Feb 12, 2024
c788a5b
update go-sysinfo
intxgo Feb 13, 2024
73e7039
Merge branch 'main' into lesio/arm64-not-supported-on-windows
intxgo Feb 13, 2024
1a30c8a
go mod tidy
intxgo Feb 13, 2024
39a4ee9
hex edit version
intxgo Feb 13, 2024
93f1086
Revert "hex edit version"
intxgo Feb 13, 2024
6139af4
hex edit
intxgo Feb 13, 2024
a40afc7
Merge branch 'main' into lesio/arm64-not-supported-on-windows
intxgo Feb 13, 2024
5f4b3dd
go-sysinfo HostInfo.Architecture and HostInfo.NativeArchitecture use …
intxgo Feb 13, 2024
eb9dadb
unify amd64 arch in Agent
intxgo Feb 13, 2024
676a2fb
aarch64 to arm64
intxgo Feb 13, 2024
2364e13
lint fix: don't use Yoda ifs
intxgo Feb 13, 2024
9a202b3
try to increase test coverage ratio
intxgo Feb 13, 2024
75dc15e
Merge branch 'main' into lesio/arm64-not-supported-on-windows
intxgo Feb 13, 2024
fc0ee5b
fix goimports
intxgo Feb 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/component-specs.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,7 @@ The variables that can be accessed by a condition are:

- `runtime.os`: the operating system, either `"windows"`, `"darwin"`, `"linux"`, or `"container"`.
- `runtime.arch`: the CPU architecture, either `"amd64"` or `"arm64"`.
- `runtime.native_arch`: the machine CPU architecture, either `"amd64"` or `"arm64"`.
- `runtime.platform`: a string combining the OS and architecture, e.g. `"windows/amd64"`, `"darwin/arm64"`.
- `runtime.family`: OS family, e.g. `"debian"`, `"redhat"`, `"windows"`, `"darwin"`
- `runtime.major`, `runtime.minor`: the operating system version. Note that these are strings not integers, so they must be converted in order to use numeric comparison. For example to check if the OS major version is at most 12, use `number(runtime.major) <= 12`.
Expand Down
1 change: 1 addition & 0 deletions internal/pkg/agent/application/info/inject_config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ func agentGlobalConfig() (map[string]interface{}, error) {
},
"runtime.os": runtime.GOOS,
"runtime.arch": runtime.GOARCH,
"runtime.native_arch": nativeArchitecture(),
"runtime.osinfo.type": hostInfo.Info().OS.Type,
"runtime.osinfo.family": hostInfo.Info().OS.Family,
"runtime.osinfo.version": hostInfo.Info().OS.Version,
Expand Down
5 changes: 5 additions & 0 deletions internal/pkg/agent/application/info/svc_unix.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,3 +13,8 @@ import "os"
func RunningUnderSupervisor() bool {
return os.Getppid() == 1
}

func nativeArchitecture() string {
// unknown native architecture
return ""
}
39 changes: 37 additions & 2 deletions internal/pkg/agent/application/info/svc_windows.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@
package info

import (
"fmt"

"golang.org/x/sys/windows"
)

Expand All @@ -21,9 +23,10 @@ func RunningUnderSupervisor() bool {
if err != nil {
return false
}
defer windows.FreeSid(serviceSid)
defer func() { _ = windows.FreeSid(serviceSid) }()
intxgo marked this conversation as resolved.
Show resolved Hide resolved

t, err := windows.OpenCurrentProcessToken()
var t windows.Token
err = windows.OpenProcessToken(windows.CurrentProcess(), windows.TOKEN_QUERY, &t)
intxgo marked this conversation as resolved.
Show resolved Hide resolved
if err != nil {
return false
}
Expand Down Expand Up @@ -51,3 +54,35 @@ func allocSid(subAuth0 uint32) (*windows.SID, error) {
}
return sid, nil
}

func nativeArchitecture() string {
var processMachine, nativeMachine uint16
// the pseudo handle doesn't need to be closed
var currentProcessHandle = windows.CurrentProcess()

err := windows.IsWow64Process2(currentProcessHandle, &processMachine, &nativeMachine)
if err != nil {
// unknown native architecture
return ""
}

// https://learn.microsoft.com/en-us/windows/win32/sysinfo/image-file-machine-constants
const (
IMAGE_FILE_MACHINE_AMD64 = 0x8664
IMAGE_FILE_MACHINE_ARM64 = 0xAA64
)

var nativeMachineStr string

switch nativeMachine {
case IMAGE_FILE_MACHINE_AMD64:
nativeMachineStr = "amd64"
case IMAGE_FILE_MACHINE_ARM64:
nativeMachineStr = "arm64"
default:
// other unknown or unsupported by Elastic architectures
nativeMachineStr = fmt.Sprintf("0x%x", nativeMachine)
}

return nativeMachineStr
}
13 changes: 7 additions & 6 deletions pkg/component/component_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1980,12 +1980,13 @@ func TestPreventionsAreValid(t *testing.T) {
"in_default": true,
},
"runtime": map[string]interface{}{
"platform": "platform",
"os": "os",
"arch": "arch",
"family": "family",
"major": "major",
"minor": "minor",
"platform": "platform",
"os": "os",
"arch": "arch",
"native_arch": "native_arch",
"family": "family",
"major": "major",
"minor": "minor",
},
"user": map[string]interface{}{
"root": false,
Expand Down
2 changes: 2 additions & 0 deletions specs/endpoint-security.spec.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,8 @@ inputs:
message: "Elastic Defend requires Elastic Agent be running as Administrator or SYSTEM"
- condition: ${install.in_default} == false
message: "Elastic Defend requires Elastic Agent be installed at the default installation path"
- condition: ${runtime.native_arch} != 'amd64'
message: "Elastic Defend cannot be installed on Windows running on non-AMD64 CPU"
service:
cport: 6788
log:
Expand Down
Loading