github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-30 16:42:14 +00:00
Code Issues Projects Releases Wiki Activity

fix(test/driver-loader): source script to get env vars populated

Browse Source 
Signed-off-by: Leonardo Grasso <me@leonardograsso.com>
This commit is contained in:
Leonardo Grasso 2020-05-14 18:43:51 +02:00 committed by poiana
parent 95e7242d13
commit 622a6c1e44
2 changed files with 42 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
scripts/falco-driver-loader
View File

@ -420,6 +420,10 @@ fi
DRIVER_VERSION="@PROBE_VERSION@" DRIVER_VERSION="@PROBE_VERSION@"
DRIVER_NAME="@PROBE_NAME@" DRIVER_NAME="@PROBE_NAME@"
if [ "${1}" = "--source-only" ]; then
return
fi
if [ "$(id -u)" != 0 ]; then if [ "$(id -u)" != 0 ]; then
echo "Installer must be run as root (or with sudo)." echo "Installer must be run as root (or with sudo)."
exit 1 exit 1

92
test/driver-loader/runner/test.sh
View File

@ -19,48 +19,44 @@ set -euo pipefail
FALCO="falco -M 1" FALCO="falco -M 1"
FALCO_DRIVER_LOADER=falco-driver-loader FALCO_DRIVER_LOADER=falco-driver-loader
DRIVER_NAME=falco
KERNEL_RELEASE=$(uname -r)
KERNEL_VERSION=$(uname -v | sed 's/#\([[:digit:]]\+\).*/\1/')
function get_target_id() { function init() {
if [ -f "${HOST_ROOT}/etc/os-release" ]; then
# freedesktop.org and systemd # We need this here since is not part of the falco-driver-loader script
# shellcheck source=/dev/null #
source "${HOST_ROOT}/etc/os-release" # todo(leogr): maybe this can be moved into falco-driver-loader directly
OS_ID=$ID # since it depends on HOST_ROOT
elif [ -f "${HOST_ROOT}/etc/debian_version" ]; then if [ -n "${HOST_ROOT}" ]; then
# Older Debian echo "INIT: Setting up /usr/src links from host"
# fixme > can this happen on older Ubuntu? for i in "$HOST_ROOT/usr/src"/*
OS_ID=debian do
elif [ -f "${HOST_ROOT}/etc/centos-release" ]; then base=$(basename "$i")
# Older CentOS ln -s "$i" "/usr/src/$base"
OS_ID=centos done
else fi
>&2 echo "Detected an unsupported target system, please get in touch with the Falco community"
local EXPECTED_DRIVER_VERSION=${DRIVER_VERSION}
# We need some env vars to be populated
# Just source falco-driver-loader, and call get_target_id
# Loaded driver will be cleaned up later, if any.
echo "INIT: Sourcing ${FALCO_DRIVER_LOADER} to get env vars populated"
set +eu
source $FALCO_DRIVER_LOADER --source-only
get_target_id
set -eu
if [ ! "${EXPECTED_DRIVER_VERSION}" = "${DRIVER_VERSION}" ]; then
echo "INIT: Unexpected DRIVER_VERSION in falco-driver-loader"
echo "Expected: ${EXPECTED_DRIVER_VERSION}"
echo "Found: ${DRIVER_VERSION}"
exit 1 exit 1
fi fi
case "${OS_ID}" in FALCO_KERNEL_MODULE_PATH="${HOME}/.falco/${DRIVER_NAME}_${TARGET_ID}_${KERNEL_RELEASE}_${KERNEL_VERSION}.ko"
("amzn") FALCO_BPF_PROBE_PATH="${HOME}/.falco/${DRIVER_NAME}_${TARGET_ID}_${KERNEL_RELEASE}_${KERNEL_VERSION}.o"
if [[ $VERSION_ID == "2" ]]; then cleanup_drivers
TARGET_ID="amazonlinux2"
else
TARGET_ID="amazonlinux"
fi
;;
("ubuntu")
if [[ $KERNEL_RELEASE == *"aws"* ]]; then
TARGET_ID="ubuntu-aws"
else
TARGET_ID="ubuntu"
fi
;;
(*)
TARGET_ID=$(echo "${OS_ID}" | tr '[:upper:]' '[:lower:]')
;;
esac
} }
function cleanup_drivers() { function cleanup_drivers() {
@ -72,6 +68,7 @@ function cleanup_drivers() {
rm -f "$FALCO_KERNEL_MODULE_PATH" rm -f "$FALCO_KERNEL_MODULE_PATH"
# bpf probe # bpf probe
local PROBE_INSTALL_PATH="${HOME}/.falco/${DRIVER_NAME}-bpf.o"
rm -f "$FALCO_BPF_PROBE_PATH" rm -f "$FALCO_BPF_PROBE_PATH"
rm -f "$PROBE_INSTALL_PATH" rm -f "$PROBE_INSTALL_PATH"
} }
@ -79,12 +76,12 @@ function cleanup_drivers() {
function run_test() { function run_test() {
echo "" echo ""
echo "TEST: $1" echo "TEST: $1"
cleanup_drivers
echo "" echo ""
$1 $1
echo "" echo ""
echo "PASS: $1" echo "PASS: $1"
echo "" echo ""
cleanup_drivers
} }
function assert_kernel_module() { function assert_kernel_module() {
@ -102,6 +99,7 @@ function assert_kernel_module() {
} }
function assert_bpf_probe() { function assert_bpf_probe() {
local PROBE_INSTALL_PATH="${HOME}/.falco/${DRIVER_NAME}-bpf.o"
echo "ASSERT: eBPF probe at $PROBE_INSTALL_PATH" echo "ASSERT: eBPF probe at $PROBE_INSTALL_PATH"
if ! test -f "$PROBE_INSTALL_PATH"; then if ! test -f "$PROBE_INSTALL_PATH"; then
echo "FAIL: eBPF probe not found" echo "FAIL: eBPF probe not found"
@ -132,21 +130,7 @@ echo "Driver version: $DRIVER_VERSION"
echo "HOST_ROOT: ${HOST_ROOT}" echo "HOST_ROOT: ${HOST_ROOT}"
echo "" echo ""
if [ -n "${HOST_ROOT}" ]; then init
echo "Setting up /usr/src links from host"
for i in "$HOST_ROOT/usr/src"/*
do
base=$(basename "$i")
ln -s "$i" "/usr/src/$base"
done
fi
get_target_id
FALCO_KERNEL_MODULE_PATH="${HOME}/.falco/${DRIVER_NAME}_${TARGET_ID}_${KERNEL_RELEASE}_${KERNEL_VERSION}.ko"
FALCO_BPF_PROBE_PATH="${HOME}/.falco/${DRIVER_NAME}_${TARGET_ID}_${KERNEL_RELEASE}_${KERNEL_VERSION}.o"
PROBE_INSTALL_PATH="${HOME}/.falco/${DRIVER_NAME}-bpf.o"
run_test "test_kernel_module" run_test "test_kernel_module"
run_test "test_bpf_probe" run_test "test_bpf_probe"
cleanup_drivers