Add ARM64 / AWS Graviton build support and portability fixes for rpcapd

[0xM47H3W]

Summary

This PR adds ARM64 / AArch64 platform support to the ExtraHop rpcapd agent by applying a series of portability, build, and compatibility fixes.
The resulting binary runs successfully on:

• AWS Graviton (Amazon Linux 2 / 2023)
• Ubuntu ARM64
• Debian ARM64
• Other modern AArch64 Linux distributions

This work enables customers and partners to deploy rpcapd on ARM-based cloud infrastructure, which is increasingly common (especially Graviton EC2 instances).

The patches preserve the existing x86 behavior while enabling the remote-capture functionality (HAVE_REMOTE) to work correctly on ARM64.

---

Why This Change Is Needed

ExtraHop sensors rely on rpcapd for remote packet capture, but the upstream rpcapd codebase is derived from an older WinPcap/libpcap tree that:

• does not compile on ARM64
• assumes x86-only inline assembly (sfence, lfence)
• depends on legacy Linux IOCTL behavior
• does not include modern Linux headers required by ARM64 kernels
• statically links against libraries not available on ARM64

Customers using AWS Graviton or other ARM64 compute platforms cannot currently deploy rpcapd successfully without these modifications.

This PR provides the necessary compatibility updates.

---

Key Changes

✔ libpcap compatibility fixes

• Added missing ARM64 Linux header: #include <linux/sockios.h> (required for SIOCGSTAMP)
• Ensured remote-capture support is enabled (HAVE_REMOTE)
• Added <stdint.h> for UINT16_MAX
• Removed -static to avoid missing libc/crypt static libs on ARM
• Updated Makefile include paths to use the bundled WinPcap libpcap

✔ rpcapd portability fixes

• Removed x86-specific inline ASM (sfence, lfence)
• Replaced memory fences with portable __sync_synchronize()
• Fixed multiple-definition error for sockmain between pcap-new.c and rpcapd.c
• Updated Makefile to avoid linking against system libpcap
• Added missing includes required by modern ARM64 toolchains

✔ Build system updates

• Ensured configure accepts AArch64 via --build=aarch64-unknown-linux-gnu
• Added ARM64-friendly compiler flags: -Wno-error -DHAVE_REMOTE -I../
• Improved compatibility with Amazon Linux 2/2023 and Ubuntu

---

Testing

The ARM64 rpcapd binary was successfully validated against:

✔ Amazon Linux 2023 (Graviton)

• Builds cleanly using yum/dnf toolchains
• Runs in foreground and daemon mode
• Accepts TCP connections from RPCAP clients
• Enumerates interfaces reliably through the libpcap backend

✔ Local RPCAP protocol testing

• Active mode (-a <sensor-ip>,2003) establishes TCP connections correctly
• Passive mode (-p 2002) binds and listens on ARM64
• rpcapd handles connection termination gracefully

✔ ExtraHop sensor (production test)

• Agent connects successfully to ExtraHop sensor in active mode
• Remote interface list is received by the sensor
• Packet capture is initiated and streamed correctly

---

Backward Compatibility

This PR introduces no breaking changes for x86/x86_64 platforms:

• Memory barriers fall back to __sync_synchronize() safely
• Existing Makefiles still behave correctly on x86
• Remote-capture functionality remains unchanged

---

Additional Notes

• This PR does not introduce any binary artifacts into the repo.
• All modifications are isolated to portability and toolchain fixes.
• ARM64 support is increasingly requested by customers adopting Graviton.
• I am happy to provide a precompiled binary for validation or incorporate maintainer feedback.

Thank you for maintaining this repository — and please let me know if you'd like the ARM64 patches split into multiple commits for easier review.