From 207f74b17cbfa05ae4588c36b8666c3c0ebbbb3c Mon Sep 17 00:00:00 2001
From: Leonardo Di Donato <leodidonato@gmail.com>
Date: Thu, 23 Apr 2020 11:56:56 +0000
Subject: [PATCH] update(scripts): changes to falco-driver-loader to support
 the Falco eBPF probes coming from the drivers build grid

Co-authored-by: Lorenzo Fontana <lo@linux.com>
Signed-off-by: Leonardo Di Donato <leodidonato@gmail.com>
---
 scripts/falco-driver-loader | 104 +++++++++++++++---------------------
 1 file changed, 44 insertions(+), 60 deletions(-)

diff --git a/scripts/falco-driver-loader b/scripts/falco-driver-loader
index 76c60d32..9566782f 100755
--- a/scripts/falco-driver-loader
+++ b/scripts/falco-driver-loader
@@ -102,16 +102,16 @@ get_kernel_config() {
 }
 
 get_target_id() {
-	if [ -f /etc/os-release ]; then
+	if [ -f "${HOST_ROOT}/etc/os-release" ]; then
 		# freedesktop.org and systemd
 		# shellcheck source=/dev/null
 		source "/etc/os-release"
 		OS_ID=$ID
-	elif [ -f /etc/debian_version ]; then
+	elif [ -f "${HOST_ROOT}/etc/debian_version" ]; then
 		# Older Debian
 		# fixme > can this happen on older Ubuntu?
 		OS_ID=debian
-	elif [ -f /etc/centos-release ]; then
+	elif [ -f "${HOST_ROOT}/etc/centos-release" ]; then
 		# Older CentOS
 		OS_ID=centos
 	else
@@ -156,24 +156,24 @@ load_kernel_module() {
 		exit 1
 	fi
 
-	echo "* Unloading ${PROBE_NAME}, if present"
-	rmmod "${PROBE_NAME}" 2>/dev/null
+	echo "* Unloading ${DRIVER_NAME}, if present"
+	rmmod "${DRIVER_NAME}" 2>/dev/null
 	WAIT_TIME=0
-	KMOD_NAME=$(echo "${PROBE_NAME}" | tr "-" "_")
+	KMOD_NAME=$(echo "${DRIVER_NAME}" | tr "-" "_")
 	while lsmod | grep "${KMOD_NAME}" > /dev/null 2>&1 && [ $WAIT_TIME -lt "${MAX_RMMOD_WAIT}" ]; do
-		if rmmod "${PROBE_NAME}" 2>/dev/null; then
-			echo "* Unloading ${PROBE_NAME} succeeded after ${WAIT_TIME}s"
+		if rmmod "${DRIVER_NAME}" 2>/dev/null; then
+			echo "* Unloading ${DRIVER_NAME} succeeded after ${WAIT_TIME}s"
 			break
 		fi
 		((++WAIT_TIME))
 		if (( WAIT_TIME % 5 == 0 )); then
-			echo "* ${PROBE_NAME} still loaded, waited ${WAIT_TIME}s (max wait ${MAX_RMMOD_WAIT}s)"
+			echo "* ${DRIVER_NAME} still loaded, waited ${WAIT_TIME}s (max wait ${MAX_RMMOD_WAIT}s)"
 		fi
 		sleep 1
 	done
 
 	if lsmod | grep "${KMOD_NAME}" > /dev/null 2>&1; then
-		echo "* ${PROBE_NAME} seems to still be loaded, hoping the best"
+		echo "* ${DRIVER_NAME} seems to still be loaded, hoping the best"
 		exit 0
 	fi
 
@@ -181,20 +181,20 @@ load_kernel_module() {
 	if [[ $(uname -r) == *uek* ]]; then
 		echo "* Skipping dkms install for UEK host"
 	else
-		if hash dkms &>/dev/null && dkms install -m "${PACKAGE_NAME}" -v "${DRIVER_VERSION}" -k "${KERNEL_RELEASE}" 2>/dev/null; then
-			echo "* Trying to load a dkms ${PROBE_NAME}, if present"
+		if hash dkms &>/dev/null && dkms install -m "${DRIVER_NAME}" -v "${DRIVER_VERSION}" -k "${KERNEL_RELEASE}" 2>/dev/null; then
+			echo "* Trying to load a dkms ${DRIVER_NAME}, if present"
 
-			if insmod "/var/lib/dkms/${PACKAGE_NAME}/${DRIVER_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${PROBE_NAME}.ko" > /dev/null 2>&1; then
-				echo "${PROBE_NAME} found and loaded in dkms"
+			if insmod "/var/lib/dkms/${DRIVER_NAME}/${DRIVER_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${DRIVER_NAME}.ko" > /dev/null 2>&1; then
+				echo "${DRIVER_NAME} found and loaded in dkms"
 				exit 0
-			elif insmod "/var/lib/dkms/${PACKAGE_NAME}/${DRIVER_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${PROBE_NAME}.ko.xz" > /dev/null 2>&1; then
-				echo "${PROBE_NAME} found and loaded in dkms (xz)"
+			elif insmod "/var/lib/dkms/${DRIVER_NAME}/${DRIVER_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${DRIVER_NAME}.ko.xz" > /dev/null 2>&1; then
+				echo "${DRIVER_NAME} found and loaded in dkms (xz)"
 				exit 0
 			else
 				echo "* Unable to insmod"
 			fi
 		else
-			DKMS_LOG="/var/lib/dkms/${PACKAGE_NAME}/${DRIVER_VERSION}/build/make.log"
+			DKMS_LOG="/var/lib/dkms/${DRIVER_NAME}/${DRIVER_VERSION}/build/make.log"
 			if [ -f "${DKMS_LOG}" ]; then
 				echo "* Running dkms build failed, dumping ${DKMS_LOG}"
 				cat "${DKMS_LOG}"
@@ -204,18 +204,18 @@ load_kernel_module() {
 		fi
 	fi
 
-	echo "* Trying to load a system ${PROBE_NAME}, if present"
+	echo "* Trying to load a system ${DRIVER_NAME}, if present"
 
-	if modprobe "${PROBE_NAME}" > /dev/null 2>&1; then
-		echo "${PROBE_NAME} found and loaded with modprobe"
+	if modprobe "${DRIVER_NAME}" > /dev/null 2>&1; then
+		echo "${DRIVER_NAME} found and loaded with modprobe"
 		exit 0
 	fi
 
-	echo "* Trying to find precompiled ${PROBE_NAME} for ${KERNEL_RELEASE}"
+	echo "* Trying to find precompiled ${DRIVER_NAME} for ${KERNEL_RELEASE}"
 
 	get_target_id
 
-	local FALCO_KERNEL_MODULE_FILENAME="${PROBE_NAME}_${TARGET_ID}_${KERNEL_RELEASE}_${KERNEL_VERSION}.ko"
+	local FALCO_KERNEL_MODULE_FILENAME="${DRIVER_NAME}_${TARGET_ID}_${KERNEL_RELEASE}_${KERNEL_VERSION}.ko"
 
 	if [ -f "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}" ]; then
 		echo "Found precompiled module at ~/.falco/${FALCO_KERNEL_MODULE_FILENAME}, loading module"
@@ -224,15 +224,15 @@ load_kernel_module() {
 	fi
 
 	local URL
-	URL=$(echo "${PROBE_URL}/kernel-module/${DRIVER_VERSION}/${FALCO_KERNEL_MODULE_FILENAME}" | sed s/+/%2B/g)
+	URL=$(echo "${DRIVERS_REPO}/kernel-module/${DRIVER_VERSION}/${FALCO_KERNEL_MODULE_FILENAME}" | sed s/+/%2B/g)
 
 	echo "* Trying to download precompiled module from ${URL}"
-	if curl --create-dirs "${FALCO_PROBE_CURL_OPTIONS}" -o "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}" "${URL}"; then
+	if curl --create-dirs "${FALCO_DRIVER_CURL_OPTIONS}" -o "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}" "${URL}"; then
 		echo "Download succeeded, loading module"
 		insmod "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}"
 		exit $?
 	else
-		>&2 echo "Download failed, consider compiling your own ${PROBE_NAME} and loading it or getting in touch with the Falco community"
+		>&2 echo "Download failed, consider compiling your own ${DRIVER_NAME} and loading it or getting in touch with the Falco community"
 		exit 1
 	fi
 }
@@ -260,7 +260,9 @@ load_bpf_probe() {
 		MINIKUBE_VERSION="$(cat "${HOST_ROOT}/etc/VERSION")"
 	fi
 
-	local BPF_PROBE_FILENAME="${BPF_PROBE_NAME}-${DRIVER_VERSION}-${ARCH}-${KERNEL_RELEASE}-${HASH}.o"
+	get_target_id
+
+	local BPF_PROBE_FILENAME="${DRIVER_NAME}_${TARGET_ID}_${KERNEL_RELEASE}_${KERNEL_VERSION}.o"
 
 	if [ ! -f "${HOME}/.falco/${BPF_PROBE_FILENAME}" ]; then
 
@@ -304,7 +306,7 @@ load_bpf_probe() {
 				if [[ greater_ret -eq 1 ]]; then
 				export KBUILD_EXTRA_CPPFLAGS=-DCOS_73_WORKAROUND
 				fi
-						}
+			}
 		fi
 
 		if [ -n "${MINIKUBE}" ]; then
@@ -338,7 +340,7 @@ load_bpf_probe() {
 			mkdir -p /tmp/kernel
 			cd /tmp/kernel || exit
 			cd "$(mktemp -d -p /tmp/kernel)" || exit
-			if ! curl -o kernel-sources.tgz --create-dirs "${FALCO_PROBE_CURL_OPTIONS}" "${BPF_KERNEL_SOURCES_URL}"; then
+			if ! curl -o kernel-sources.tgz --create-dirs "${FALCO_DRIVER_CURL_OPTIONS}" "${BPF_KERNEL_SOURCES_URL}"; then
 				exit 1;
 			fi
 
@@ -360,12 +362,12 @@ load_bpf_probe() {
 			customize_kernel_build
 		fi
 
-		echo "* Trying to compile BPF probe ${BPF_PROBE_NAME} (${BPF_PROBE_FILENAME})"
+		echo "* Trying to compile BPF probe (${BPF_PROBE_FILENAME})"
 
-		make -C "/usr/src/${PACKAGE_NAME}-${DRIVER_VERSION}/bpf" > /dev/null
+		make -C "/usr/src/${DRIVER_NAME}-${DRIVER_VERSION}/bpf" > /dev/null
 
-		mkdir -p ~/.falco
-		mv "/usr/src/${PACKAGE_NAME}-${DRIVER_VERSION}/bpf/probe.o" "${HOME}/.falco/${BPF_PROBE_FILENAME}"
+		mkdir -p "${HOME}/.falco"
+		mv "/usr/src/${DRIVER_NAME}-${DRIVER_VERSION}/bpf/probe.o" "${HOME}/.falco/${BPF_PROBE_FILENAME}"
 
 		if [ -n "${BPF_KERNEL_SOURCES_URL}" ]; then
 			rm -r /tmp/kernel
@@ -374,11 +376,11 @@ load_bpf_probe() {
 
 	if [ ! -f "${HOME}/.falco/${BPF_PROBE_FILENAME}" ]; then
 		local URL
-		URL=$(echo "${PROBE_URL}/ebpf-probe/${DRIVER_VERSION}/${BPF_PROBE_FILENAME}" | sed s/+/%2B/g)
+		URL=$(echo "${DRIVERS_REPO}/ebpf-probe/${DRIVER_VERSION}/${BPF_PROBE_FILENAME}" | sed s/+/%2B/g)
 
 		echo "* Trying to download precompiled BPF probe from ${URL}"
 
-		curl --create-dirs "${FALCO_PROBE_CURL_OPTIONS}" -o "${HOME}/.falco/${BPF_PROBE_FILENAME}" "${URL}"
+		curl --create-dirs "${FALCO_DRIVER_CURL_OPTIONS}" -o "${HOME}/.falco/${BPF_PROBE_FILENAME}" "${URL}"
 	fi
 
 	if [ -f "${HOME}/.falco/${BPF_PROBE_FILENAME}" ]; then
@@ -393,7 +395,7 @@ load_bpf_probe() {
 
 		echo "* BPF probe located, it's now possible to start falco"
 
-		ln -sf "${HOME}/.falco/${BPF_PROBE_FILENAME}" "${HOME}/.falco/${BPF_PROBE_NAME}.o"
+		ln -sf "${HOME}/.falco/${BPF_PROBE_FILENAME}" "${HOME}/.falco/${DRIVER_NAME}-bpf.o"
 		exit $?
 	else
 		echo "* Failure to find a BPF probe"
@@ -404,13 +406,12 @@ load_bpf_probe() {
 ARCH=$(uname -m)
 KERNEL_RELEASE=$(uname -r)
 KERNEL_VERSION=$(uname -v | sed 's/#\([[:digit:]]\+\).*/\1/')
-SCRIPT_NAME=$(basename "${0}")
-PROBE_URL=${PROBE_URL:-"@DRIVER_LOOKUP_URL@"}
-if [ -n "$PROBE_INSECURE_DOWNLOAD" ]
+DRIVERS_REPO=${DRIVERS_REPO:-"@DRIVERS_REPO@"}
+if [ -n "$DRIVER_INSECURE_DOWNLOAD" ]
 then
-	FALCO_PROBE_CURL_OPTIONS=-fsSk
+	FALCO_DRIVER_CURL_OPTIONS=-fsSk
 else
-	FALCO_PROBE_CURL_OPTIONS=-fsS
+	FALCO_DRIVER_CURL_OPTIONS=-fsS
 fi
 
 MAX_RMMOD_WAIT=60
@@ -418,15 +419,8 @@ if [[ $# -ge 1 ]]; then
 	MAX_RMMOD_WAIT=$1
 fi
 
-if [ "${SCRIPT_NAME}" = "falco-driver-loader" ]; then
-	DRIVER_VERSION="@PROBE_VERSION@"
-	PROBE_NAME="@PROBE_NAME@"
-	BPF_PROBE_NAME="@PROBE_NAME@-bpf"
-	PACKAGE_NAME="@PACKAGE_NAME@"
-else
-	echo "This script must be called as falco-driver-loader"
-	exit 1
-fi
+DRIVER_VERSION="@PROBE_VERSION@"
+DRIVER_NAME="@PROBE_NAME@"
 
 if [ "$(id -u)" != 0 ]; then
 	echo "Installer must be run as root (or with sudo)."
@@ -442,14 +436,4 @@ if [ -v FALCO_BPF_PROBE ] || [ "${1}" = "bpf" ]; then
 	load_bpf_probe
 else
 	load_kernel_module
-fi
-
-# sudo falco-driver-loader
-#
-# env variables:
-# PROBE_URL="..."
-# PROBE_INSECURE_DOWNLOAD=true
-
-# RENAMES
-# PROBE_URL
-# FALCO_PROBE_CURL_OPTIONS
\ No newline at end of file
+fi
\ No newline at end of file