About suricata 7 compilation error on OpenWrt Snapshot/master

echelon · September 30, 2023, 5:38pm

Based on OpenWrt suricata package works by @Grommish , At first compilation are going through but suddenly I am stuck at probably “rustc” is not being found when compiling suricata 7 :

)
OpenWrt-libtool: link: (cd .libs/libhtp.lax/liblzma-c.a && x86_64-openwrt-linux-gnu-gcc-ar x "/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp/htp/lzma/.libs/liblzma-c.a")
OpenWrt-libtool: link: x86_64-openwrt-linux-gnu-gcc-ar cr .libs/libhtp.a   .libs/libhtp.lax/libhtp-c.a/bstr.o .libs/libhtp.lax/libhtp-c.a/bstr_builder.o .libs/libhtp.lax/libhtp-c.a/htp_base64.o .libs/libhtp.lax/libhtp-c.a/htp_config.o .libs/libhtp.lax/libhtp-c.a/htp_connection.o .libs/libhtp.lax/libhtp-c.a/htp_connection_parser.o .libs/libhtp.lax/libhtp-c.a/htp_content_handlers.o .libs/libhtp.lax/libhtp-c.a/htp_cookies.o .libs/libhtp.lax/libhtp-c.a/htp_decompressors.o .libs/libhtp.lax/libhtp-c.a/htp_hooks.o .libs/libhtp.lax/libhtp-c.a/htp_list.o .libs/libhtp.lax/libhtp-c.a/htp_multipart.o .libs/libhtp.lax/libhtp-c.a/htp_parsers.o .libs/libhtp.lax/libhtp-c.a/htp_php.o .libs/libhtp.lax/libhtp-c.a/htp_request.o .libs/libhtp.lax/libhtp-c.a/htp_request_apache_2_2.o .libs/libhtp.lax/libhtp-c.a/htp_request_generic.o .libs/libhtp.lax/libhtp-c.a/htp_request_parsers.o .libs/libhtp.lax/libhtp-c.a/htp_response.o .libs/libhtp.lax/libhtp-c.a/htp_response_generic.o .libs/libhtp.lax/libhtp-c.a/htp_table.o .libs/libhtp.lax/libhtp-c.a/htp_transaction.o .libs/libhtp.lax/libhtp-c.a/htp_transcoder.o .libs/libhtp.lax/libhtp-c.a/htp_urlencoded.o .libs/libhtp.lax/libhtp-c.a/htp_utf8_decoder.o .libs/libhtp.lax/libhtp-c.a/htp_util.o .libs/libhtp.lax/libhtp-c.a/strlcat.o .libs/libhtp.lax/libhtp-c.a/strlcpy.o  .libs/libhtp.lax/liblzma-c.a/LzFind.o .libs/libhtp.lax/liblzma-c.a/LzmaDec.o 
OpenWrt-libtool: link: x86_64-openwrt-linux-gnu-gcc-ranlib .libs/libhtp.a
OpenWrt-libtool: link: rm -fr .libs/libhtp.lax
OpenWrt-libtool: link: ( cd ".libs" && rm -f "libhtp.la" && ln -s "../libhtp.la" "libhtp.la" )
make[7]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp/htp'
make[6]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp/htp'
Making all in test
make[6]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp/test'
make[6]: Nothing to be done for 'all'.
make[6]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp/test'
Making all in docs
make[6]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp/docs'
make[6]: Nothing to be done for 'all'.
make[6]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp/docs'
make[6]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp'
make[6]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp'
make[5]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp'
make[4]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/libhtp'
Making all in rust
make[4]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust'
\
        CARGO_HOME="/home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo" \
        CARGO_TARGET_DIR="/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust/target" \
        /home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/bin/cargo build   \
                --features "lua  debug " 
warning: Both `/home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/config` and `/home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/config.toml` exist. Using `/home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/config`
error: could not execute process `rustc -vV` (never executed)

Caused by:
  No such file or directory (os error 2)
make[4]: *** [Makefile:545: all-local] Error 101
make[4]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust'
make[3]: *** [Makefile:491: all-recursive] Error 1
make[3]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2'
make[2]: *** [Makefile:188: /home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/.built] Error 2
make[2]: Leaving directory '/home/username/works/openwrt/feeds/packages/net/suricata'
time: package/feeds/packages/suricata/compile#58.37#39.06#100.12
    ERROR: package/feeds/packages/suricata failed to build.
make[1]: *** [package/Makefile:120: package/feeds/packages/suricata/compile] Error 1
make[1]: Leaving directory '/home/username/works/openwrt'
make: *** [/home/username/works/openwrt/include/toplevel.mk:232: package/suricata/compile] Error 2

While in my config.log , rustc & cargo is already being detected and found :

configure:29779: checking for rustc
configure:29815: result: /home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/bin/rustc
configure:29838: checking for cargo
configure:29874: result: /home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/bin/cargo
configure:29907: checking for Rust version 1.63.0 or newer
configure:29925: result: yes

My Suricata 7 OpenWrt Makefile :

# SPDX-License-Identifier: GPL-2.0-only

include $(TOPDIR)/rules.mk

PKG_NAME:=suricata
PKG_VERSION:=7.0.2
PKG_RELEASE:=1

PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=https://github.com/OISF/suricata.git
PKG_SOURCE_DATE:=2023-08-30
PKG_SOURCE_VERSION:=af4bb917dc9842229445683b5ce2f955faa464c2

PKG_FIXUP:=autoreconf
#PKG_REMOVE_FILES:=autogen.sh
PKG_FIXUP:=patch-libtool

PKG_BUILD_DEPENDS:=rust/host python3/host

include $(INCLUDE_DIR)/package.mk
include ../../lang/rust/rust-values.mk


PKG_CONFIG_DEPENDS:= \
	CONFIG_SURICATA_ENABLE_LUAJIT \
	CONFIG_SURICATA_ENABLE_PYTON \
	CONFIG_SURICATA_ENABLE_GCCPROTECT \
	CONFIG_SURICATA_ENABLE_GCCPROFILE \
	CONFIG_SURICATA_ENABLE_PROFILING \
	CONFIG_SURICATA_ENABLE_NFQUEUE \
	CONFIG_SURICATA_ENABLE_NFLOG \
	CONFIG_SURICATA_ENABLE_GEOIP \
	CONFIG_SURICATA_ENABLE_LIBMAGIC \
	CONFIG_SURICATA_ENABLE_DEBUG \
	CONFIG_SURICATA_ENABLE_HIREDIS \
	CONFIG_SURICATA_ENABLE_EBPF \

define Package/suricata/config
  source "$(SOURCE)/Config.in"
endef

CONFIGURE_VARS += \
  CARGO_HOME="$(STAGING_DIR)/host/cargo" \
  CLANG="$(STAGING_DIR_HOST)/llvm-bpf/bin/clang" \
  LLC="$(STAGING_DIR_HOST)/llvm-bpf/bin/llc" \
  ac_cv_path_CARGO="$(STAGING_DIR)/host/cargo/bin/cargo" \
  ac_cv_path_RUSTC="$(STAGING_DIR)/host/cargo/bin/rustc" \
  ac_cv_path_CBINDGEN="$(STAGING_DIR)/host/cargo/bin/cbindgen"\

CONFIGURE_ARGS += \
  --target=$(RUSTC_TARGET_ARCH) \
  --host=$(RUSTC_TARGET_ARCH) \
  --build=$(RUSTC_HOST_ARCH) \
  --enable-shared \
  --disable-gccmarch-native \
  --with-gnu-ld \
  --with-sysroot=$(STAGING_DIR_HOST)
#	--enable-non-bundled-htp \
#	--with-libhtp-includes=$(STAGING_DIR_HOSTPKG)/include \
#	--with-libhtp-libraries=$(STAGING_DIR_HOSTPKG)/lib
#	--with-sysroot=$(TOOLCHAIN_DIR)

ifeq ($(CONFIG_SURICATA_ENABLE_PYTHON),y)
CONFIGURE_ARGS += --enable-python
endif
ifeq ($(CONFIG_SURICATA_ENABLE_LUAJIT),y)
CONFIGURE_ARGS += --enable-luajit
endif
ifeq ($(CONFIG_SURICATA_ENABLE_GCCPROTECT),y)
CONFIGURE_ARGS += --enable-gccprotect
endif
ifeq ($(CONFIG_SURICATA_ENABLE_GCCPROFILE),y)
CONFIGURE_ARGS += --enable-gccprofile
endif

# For now, x86_64 targets can't use PIE
ifneq ($(CONFIG_TARGET_x86),y)
  ifeq ($(CONFIG_PKG_ASLR_PIE_ALL),y)
    CONFIGURE_ARGS += --enable-pie
  else
    ifeq ($(CONFIG_PKG_ASLR_PIE_REGULAR),y)
      CONFIGURE_ARGS += --enable-pie
    endif
  endif
endif

ifeq ($(CONFIG_SURICATA_ENABLE_NFQUEUE),y)
CONFIGURE_ARGS += --enable-nfqueue
endif

ifeq ($(CONFIG_SURICATA_ENABLE_GEOIP),y)
CONFIGURE_ARGS += --enable-geoip
endif

ifeq ($(CONFIG_SURICATA_ENABLE_LIBMAGIC),n)
CONFIGURE_ARGS += --disable-libmagic
endif

ifeq ($(CONFIG_SURICATA_ENABLE_DEBUG),y)
TARGET_CXXFLAGS += -ggdb3
CONFIGURE_ARGS += --enable-debug
endif

ifeq ($(CONFIG_SURICATA_ENABLE_HIREDIS),y)
CONFIGURE_ARGS += --enable-hiredis
endif

ifeq ($(CONFIG_SURICATA_ENABLE_EBPF),y)
CONFIGURE_ARGS += --enable-ebpf-build
endif

ifeq ($(CONFIG_SURICATA_ENABLE_NFLOG),y)
CONFIGURE_ARGS += --enable-nflog
endif

define Build/Prepare
	$(call Build/Prepare/Default)
	( \
		export PATH="$(CARGO_HOME)/bin:$(STAGING_DIR_HOST)/llvm-bpf/bin:$(PATH)" ; \
		export CARGO_HOME:=$(STAGING_DIR)/host/cargo ; \
		cd $(PKG_BUILD_DIR) ; \
		git clone https://github.com/OISF/libhtp.git ; \
		$(CONFIGURE_VARS) cargo install --root=$(CARGO_HOME) cbindgen ; \
		cd $(PKG_BUILD_DIR) && $(CONFIGURE_VARS) ./autogen.sh ; \
	)
endef

define Package/suricata
    SUBMENU:=Firewall
    SECTION:=net
    CATEGORY:=Network
    DEPENDS:=@!SMALL_FLASH @!LOW_MEMORY_FOOTPRINT +libexpat +jansson +libelf +libbpf +libbsd +libpcre +libyaml +libpcap +libcap-ng \
        +nspr +libnss +liblz4 +libatomic +libnet-1.2.x \
	+CONFIG_SURICATA_ENABLE_NFLOG:libnetfilter-log \
	+CONFIG_SURICATA_ENABLE_NFQUEUE:libnetfilter-queue +CONFIG_SURICATA_ENABLE_NFQUEUE:iptables-mod-nfqueue \
	+CONFIG_SURICATA_ENABLE_HIREDIS:libhiredis +CONFIG_SURICATA_ENABLE_HIREDIS:libevent2 \
	+CONFIG_SURICATA_ENABLE_LIBMAGIC:file \
	+CONFIG_SURICATA_ENABLE_GEOIP:libmaxminddb \
	+CONFIG_SURICATA_ENABLE_PYTHON:python3 +CONFIG_SURICATA_ENABLE_PYTHON:python3-yaml \
	@HAS_LUAJIT_ARCH +luajit
  TITLE:=OISF Suricata IDS
  URL:=https://www.openinfosecfoundation.org/
  MENU:=1
endef

define Package/suricata/description
	Suricata is an open source-based intrusion detection system (IDS), intrusion
	prevention system (IPS), and Network Monitoring System (NMS)
endef

define Package/suricata/conffiles
/etc/config/suricata
/etc/suricata/
endef

define Package/suricata/install
	$(INSTALL_DIR) $(1)/usr/bin
	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/suricata $(1)/usr/bin/suricata
	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/suricatactl $(1)/usr/bin/suricatactl
	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/suricatasc $(1)/usr/bin/suricatasc

	$(INSTALL_DIR) $(1)/usr/lib
	$(CP) -r $(PKG_INSTALL_DIR)/usr/lib/* $(1)/usr/lib/

	$(INSTALL_DIR) $(1)/usr/include
	$(CP) -r $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/

	$(INSTALL_DIR) $(1)/etc/suricata
	$(CP) $(PKG_BUILD_DIR)/suricata.yaml \
	$(PKG_BUILD_DIR)/etc/classification.config \
	$(PKG_BUILD_DIR)/threshold.config \
	$(PKG_BUILD_DIR)/etc/reference.config \
	$(1)/etc/suricata/

	$(INSTALL_DIR) $(1)/usr/share/suricata/rules
	$(CP) $(PKG_INSTALL_DIR)/usr/share/suricata/rules/* $(1)/usr/share/suricata/rules/

	$(INSTALL_DIR) $(1)/etc/init.d
	$(INSTALL_DIR) $(1)/etc/config

	$(INSTALL_BIN) ./files/etc/init.d/suricata $(1)/etc/init.d/suricata
	$(INSTALL_CONF) ./files/etc/config/suricata $(1)/etc/config/suricata
endef

$(eval $(call BuildPackage,suricata))

[EDIT]
In addition when configuring Suricata 7, rustc and cargo is also properly identified and detected :

  Rust support:                            yes
  Rust strict mode:                        no
  Rust compiler path:                      /home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/bin/rustc
  Rust compiler version:                   rustc 1.72.1 (d5c2e9c34 2023-09-13) (built from a source tarball)
  Cargo path:                              /home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/bin/cargo
  Cargo version:                           cargo 1.72.1

echelon · September 30, 2023, 9:51pm

Somehow fixed by changing the lines on the Makefile into the following :

define Build/Configure
	( \
		export PATH="$(CARGO_HOME)/bin:$(STAGING_DIR_HOST)/llvm-bpf/bin:$(PATH)" ; \
		export CARGO_HOME="$(STAGING_DIR)/host/cargo" ; \
		cd $(PKG_BUILD_DIR) ; \
		git clone https://github.com/OISF/libhtp.git ; \
		$(CONFIGURE_VARS) cargo install -f --root=$(CARGO_HOME) cbindgen ; \
		cd $(PKG_BUILD_DIR) && autoreconf -fv --install && $(CONFIGURE_VARS) $(PKG_BUILD_DIR)/configure --prefix=$(PKG_INSTALL_DIR) ; \
	)
	$(call Build/Configure/Default)
endef

Other question is how to generate ./rust/dist/rust_bindings.h if the Suricata 7 source code is gotten from github?

echelon · October 3, 2023, 1:59pm

Regarding 2 post above, please ignore about most of it, As I have managed to compile Suricata Release version 7.0.1 which has ./rush/dist/rust-bindings.h but currently as below, have problems when compiling directly from git.

There is seems some MUSL libc cross compiling issue for next Suricata 7.0.2 (vanilla from github), no matter what I have tried suricata build system seems failed to see cbindgen, while beforehand it managed to compile with rustc, here is the log :

   Compiling x509-parser v0.15.0
   Compiling suricata v7.0.2-dev (/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/rust)
warning: dropping unsupported crate type `cdylib` for target `x86_64-unknown-linux-musl`

warning: `suricata` (lib) generated 1 warning
    Finished dev [unoptimized + debuginfo] target(s) in 30.39s
if test -e ../rust/target/x86_64-unknown-linux-musl/debug/suricata.lib; then \
	cp -a ../rust/target/x86_64-unknown-linux-musl/debug/suricata.lib \
		../rust/target/x86_64-unknown-linux-musl/debug/libsuricata_rust.a; \
fi
if test -e ../rust/target/x86_64-unknown-linux-musl/debug/libsuricata.a; then \
	cp -a ../rust/target/x86_64-unknown-linux-musl/debug/libsuricata.a \
		../rust/target/x86_64-unknown-linux-musl/debug/libsuricata_rust.a; \
fi
make gen/rust-bindings.h
make[5]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/rust'
cbindgen --config /home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/rust/cbindgen.toml \
	--quiet --verify --output /home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/rust/gen/rust-bindings.h || true
/bin/bash: line 1: cbindgen: command not found
make[5]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/rust'
make[4]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/rust'
Making all in src
make[4]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/src'
make  all-am
make[5]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/src'
ccache x86_64-openwrt-linux-musl-gcc -DHAVE_CONFIG_H -I.   -I./../libhtp/ -I/home/username/works/openwrt/staging_dir/toolchain-x86_64_gcc-13.2.0_musl/usr/include -I/home/username/works/openwrt/staging_dir/toolchain-x86_64_gcc-13.2.0_musl/include/fortify -I/home/username/works/openwrt/staging_dir/toolchain-x86_64_gcc-13.2.0_musl/include  -I/usr/include/hs -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include/luajit-2.1 -D__SCFILENAME__=\"main\"  -Wextra -Werror-implicit-function-declaration  -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include -DLOCAL_STATE_DIR=\"/var\" -Wall -Wno-unused-parameter -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char -ggdb -O0 -march=tigerlake -mtune=tigerlake -O3 -funsafe-math-optimizations -ffp-contract=fast -ftree-vectorize -fno-caller-saves -fno-plt -march=tigerlake -mtune=tigerlake -O3 -funsafe-math-optimizations -ffp-contract=fast -ftree-vectorize -fhonour-copts -fmacro-prefix-map=/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2=suricata-7.0.2 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include  -fPIC -std=c11 -I./../rust/gen -I./../rust/dist -c -o main.o main.c
<command-line>: warning: "_FORTIFY_SOURCE" redefined
<command-line>: note: this is the location of the previous definition
ccache x86_64-openwrt-linux-musl-gcc -DHAVE_CONFIG_H -I.   -I./../libhtp/ -I/home/username/works/openwrt/staging_dir/toolchain-x86_64_gcc-13.2.0_musl/usr/include -I/home/username/works/openwrt/staging_dir/toolchain-x86_64_gcc-13.2.0_musl/include/fortify -I/home/username/works/openwrt/staging_dir/toolchain-x86_64_gcc-13.2.0_musl/include  -I/usr/include/hs -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include/luajit-2.1 -D__SCFILENAME__=\"alert-debuglog\"  -Wextra -Werror-implicit-function-declaration  -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include -DLOCAL_STATE_DIR=\"/var\" -Wall -Wno-unused-parameter -Wmissing-prototypes -Wmissing-declarations -Wstrict-prototypes -Wwrite-strings -Wbad-function-cast -Wformat-security -Wno-format-nonliteral -Wmissing-format-attribute -funsigned-char -ggdb -O0 -march=tigerlake -mtune=tigerlake -O3 -funsafe-math-optimizations -ffp-contract=fast -ftree-vectorize -fno-caller-saves -fno-plt -march=tigerlake -mtune=tigerlake -O3 -funsafe-math-optimizations -ffp-contract=fast -ftree-vectorize -fhonour-copts -fmacro-prefix-map=/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2=suricata-7.0.2 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/usr/include  -fPIC -std=c11 -I./../rust/gen -I./../rust/dist -c -o alert-debuglog.o alert-debuglog.c
<command-line>: warning: "_FORTIFY_SOURCE" redefined
<command-line>: note: this is the location of the previous definition
In file included from output-file.h:29,
                 from output.h:40,
                 from alert-debuglog.c:47:
rust.h:26:10: fatal error: rust-bindings.h: No such file or directory
   26 | #include "rust-bindings.h"
      |          ^~~~~~~~~~~~~~~~~
compilation terminated.
make[5]: *** [Makefile:3487: alert-debuglog.o] Error 1
make[5]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/src'
make[4]: *** [Makefile:2681: all] Error 2
make[4]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/src'
make[3]: *** [Makefile:491: all-recursive] Error 1
make[3]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2'
make[2]: *** [Makefile:189: /home/username/works/openwrt/build_dir/target-x86_64_musl_custom/suricata-7.0.2/.built] Error 2
make[2]: Leaving directory '/home/username/works/openwrt/feeds/packages/net/suricata'
time: package/feeds/packages/suricata/compile#427.10#128.22#169.17
    ERROR: package/feeds/packages/suricata failed to build.
make[1]: *** [package/Makefile:120: package/feeds/packages/suricata/compile] Error 1
make[1]: Leaving directory '/home/username/works/openwrt'
make: *** [/home/username/works/openwrt/include/toplevel.mk:232: package/suricata/compile] Error 2

From config.log

configure:30074: checking for cbindgen
configure:30110: result: /home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/host/cargo/bin/cbindgen
ac_cv_path_CBINDGEN=/home/username/works/openwrt/staging_dir/target-x86_64_musl_custom/host/cargo/bin/cbindgen
HAVE_CBINDGEN_FALSE='#'
HAVE_CBINDGEN_TRUE=''

echelon · October 3, 2023, 10:52pm

After reading builds.yml , so perhaps OpenWrt has the same mingw problems? , because in mingw there are notes :

      # hack: install our own cbindgen system wide as we can't get the
      # preinstalled one to be picked up by configure

So I’ve just tried it and it works!

$(CONFIGURE_VARS) cargo install --root /usr cbindgen ; \

Suricata build system now see cbindgen but somehow now the problems goes with ./rust/Cargo.toml Suricata 7 git :

make gen/rust-bindings.h
make[5]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust'
cbindgen --config /home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust/cbindgen.toml \
        --quiet --verify --output /home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust/gen/rust-bindings.h || true
ERROR: Couldn't execute `cargo metadata` with manifest "/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust/Cargo.toml": Io(Os { code: 2, kind: NotFound, message: "No such file or directory" })
ERROR: Couldn't generate bindings for /home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust.
make[5]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust'
make[4]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust'

Any helps would be really appreciated.

echelon · October 5, 2023, 10:41am

Sorry if this thread is confusing, the first two post (post #1 & #2) are ‘fixed’ and related with compilation with 7.0.1 release version which containing the ./rust/dist/rust-bindings.h, while the last two post above (post #3 & #4) are regarding compiling for Suricata 7.0.2-DEV or latest git. The problems now are regarding regarding compiling for Suricata 7.0.2-DEV or latest git. Already reported this configure “bug” in redmine.

echelon · October 5, 2023, 9:52pm

Went a bit further by patching ./rust/Makefile.am, now Suricata Configure able to pickup cbindgen location but sadly another failure comes out, something about Cargo.toml dependencies being not found? , hmm rust is currently beyond my skill-set.

   Compiling bendy v0.3.3
   Compiling asn1-rs v0.5.2
   Compiling kerberos-parser v0.7.1
   Compiling nom-derive v0.10.1
   Compiling ntp-parser v0.6.0
   Compiling num_enum v0.5.11
   Compiling sawp-modbus v0.12.1
   Compiling der-parser v8.2.0
   Compiling snmp-parser v0.9.0
   Compiling x509-parser v0.15.0
   Compiling suricata v7.0.2-dev (/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust)
    Finished dev [unoptimized + debuginfo] target(s) in 30.36s
if test -e ../rust/target/debug/suricata.lib; then \
        cp -a ../rust/target/debug/suricata.lib \
                ../rust/target/debug/libsuricata_rust.a; \
fi
if test -e ../rust/target/debug/libsuricata.a; then \
        cp -a ../rust/target/debug/libsuricata.a \
                ../rust/target/debug/libsuricata_rust.a; \
fi
make gen/rust-bindings.h
make[5]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust'
/home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/bin/cbindgen --config /home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust/cbindgen.toml \
        --quiet --verify --output /home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust/gen/rust-bindings.h || true
ERROR: Couldn't execute `cargo metadata` with manifest "/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust/Cargo.toml": Io(Os { code: 2, kind: NotFound, message: "No such file or directory" })
ERROR: Couldn't generate bindings for /home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust.
make[5]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust'
make[4]: Leaving directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust'
Making all in src
make[4]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/src'
make  all-am

Anyway here is the patch for that cbindgen :

diff -Naur a/rust/Makefile.am b/rust/Makefile.am
--- a/rust/Makefile.am
+++ b/rust/Makefile.am
@@ -81,7 +81,7 @@
 
 if HAVE_CBINDGEN
 gen/rust-bindings.h: $(RUST_SURICATA_LIB)
-	cbindgen --config $(abs_top_srcdir)/rust/cbindgen.toml \
+	$(CBINDGEN) --config $(abs_top_srcdir)/rust/cbindgen.toml \
 		--quiet --verify --output $(abs_top_builddir)/rust/gen/rust-bindings.h || true
 else
 gen/rust-bindings.h:
@@ -92,7 +92,7 @@
 
 if HAVE_CBINDGEN
 dist/rust-bindings.h:
-	cbindgen --config $(abs_top_srcdir)/rust/cbindgen.toml \
+	$(CBINDGEN) --config $(abs_top_srcdir)/rust/cbindgen.toml \
 		--quiet --output $(abs_top_builddir)/rust/dist/rust-bindings.h
 else
 dist/rust-bindings.h:

echelon · October 7, 2023, 2:45am

After a while , the solution is pretty simple, it’s only need cbindgen inside a $PATH/PATH env variable :

diff -Naur a/rust/Makefile.am b/rust/Makefile.am
--- a/rust/Makefile.am
+++ b/rust/Makefile.am
@@ -81,6 +81,7 @@
 
 if HAVE_CBINDGEN
 gen/rust-bindings.h: $(RUST_SURICATA_LIB)
+	PATH=$(CARGO_HOME)/bin:$(PATH) \
 	cbindgen --config $(abs_top_srcdir)/rust/cbindgen.toml \
 		--quiet --verify --output $(abs_top_builddir)/rust/gen/rust-bindings.h || true
 else
@@ -92,6 +93,7 @@
 
 if HAVE_CBINDGEN
 dist/rust-bindings.h:
+	PATH=$(CARGO_HOME)/bin:$(PATH) \
 	cbindgen --config $(abs_top_srcdir)/rust/cbindgen.toml \
 		--quiet --output $(abs_top_builddir)/rust/dist/rust-bindings.h
 else

vjulien · October 7, 2023, 8:26am

Is this needed in the Makefile.am, or would setting the PATH correctly before building Suricata also do it?

echelon · October 7, 2023, 6:16pm

The strange thing about cbindgen (especially in OpenWrt Build System?), if we use the “$(CBINDGEN)” env variable that is gotten from configure , somehow end up with

ERROR: Couldn't execute `cargo metadata` with manifest "/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust/Cargo.toml": Io(Os { code: 2, kind: NotFound, message: "No such file or directory" })
ERROR: Couldn't generate bindings for /home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust.

So need to call “cbindgen” directly without pre-pending path before it, like “/home/username/.cargo/bin/cbindgen options”.

If you see more clearly from the log above, the Configure before entering path ./rust is already known about $CARGO_HOME/bin which contain cargo, rustc, cbindgen, but somehow got lost about cbindgen path inside .rust

   Compiling der-parser v8.2.0
   Compiling snmp-parser v0.9.0
   Compiling x509-parser v0.15.0
   Compiling suricata v7.0.2-dev (/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust)
    Finished dev [unoptimized + debuginfo] target(s) in 30.36s
if test -e ../rust/target/debug/suricata.lib; then \
        cp -a ../rust/target/debug/suricata.lib \
                ../rust/target/debug/libsuricata_rust.a; \
fi
if test -e ../rust/target/debug/libsuricata.a; then \
        cp -a ../rust/target/debug/libsuricata.a \
                ../rust/target/debug/libsuricata_rust.a; \
fi
make gen/rust-bindings.h
make[5]: Entering directory '/home/username/works/openwrt/build_dir/target-x86_64_glibc_custom/suricata-7.0.2/rust'

[EDIT]
This is also working :

root@username:/home/username/works/openwrt# echo $PATH
/home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/host/cargo/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

because it will set HOST’s $PATH which normally will be picked up by cross-compilation process, but I think that’s not ‘proper’, a user need to export and unexport the $PATH or re-open new shell in order getting ‘clean’ env shell.

I don’t know much about cross compilation in OpenWrt, only a OpenWrt user trying to contribute. I think all of these only happened if rust’s toolchain is outside normal usual $PATH clause PATH=“/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin” or cross-compilation process.

echelon · October 11, 2023, 5:28pm

@vjulien

The issue regarding above that cbindgen need to be set in the custom $PATH in the Makefile.am is fixed upstream (OpenWrt), now Makefile.am patch is not needed anymore .