From bdcfbba90b67a0c245767e24029805e92a167574 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Thu, 18 Apr 2024 10:49:56 +0200 Subject: [PATCH] chore(docker,scripts): set old eBPF probe as lowest priority driver. Signed-off-by: Federico Di Pierro --- docker/driver-loader-legacy/docker-entrypoint.sh | 4 ++-- docker/driver-loader/docker-entrypoint.sh | 4 ++-- docker/falco/docker-entrypoint.sh | 4 ++-- scripts/CMakeLists.txt | 6 +++--- scripts/debian/postinst.in | 2 +- scripts/rpm/postinstall.in | 2 +- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/docker/driver-loader-legacy/docker-entrypoint.sh b/docker/driver-loader-legacy/docker-entrypoint.sh index 40c47bcefbd..3b47f75cc86 100755 --- a/docker/driver-loader-legacy/docker-entrypoint.sh +++ b/docker/driver-loader-legacy/docker-entrypoint.sh @@ -26,8 +26,8 @@ print_usage() { echo "Available drivers:" echo " auto leverage automatic driver selection logic (default)" echo " modern_ebpf modern eBPF CORE probe" - echo " ebpf eBPF probe" echo " kmod kernel module" + echo " ebpf eBPF probe" echo "" echo "Options:" echo " --help show this help message" @@ -120,7 +120,7 @@ if [ "$driver" != "auto" ]; then /usr/bin/falcoctl driver config --type $driver else # Needed because we need to configure Falco to start with correct driver - /usr/bin/falcoctl driver config --type modern_ebpf --type ebpf --type kmod + /usr/bin/falcoctl driver config --type modern_ebpf --type kmod --type ebpf fi /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE --http-headers="$FALCOCTL_DRIVER_HTTP_HEADERS" diff --git a/docker/driver-loader/docker-entrypoint.sh b/docker/driver-loader/docker-entrypoint.sh index d3862893d0a..52df15f3111 100755 --- a/docker/driver-loader/docker-entrypoint.sh +++ b/docker/driver-loader/docker-entrypoint.sh @@ -26,8 +26,8 @@ print_usage() { echo "Available drivers:" echo " auto leverage automatic driver selection logic (default)" echo " modern_ebpf modern eBPF CORE probe" - echo " ebpf eBPF probe" echo " kmod kernel module" + echo " ebpf eBPF probe" echo "" echo "Options:" echo " --help show this help message" @@ -132,7 +132,7 @@ if [ "$driver" != "auto" ]; then /usr/bin/falcoctl driver config --type $driver else # Needed because we need to configure Falco to start with correct driver - /usr/bin/falcoctl driver config --type modern_ebpf --type ebpf --type kmod + /usr/bin/falcoctl driver config --type modern_ebpf --type kmod --type ebpf fi /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE --http-headers="$FALCOCTL_DRIVER_HTTP_HEADERS" $extra_args diff --git a/docker/falco/docker-entrypoint.sh b/docker/falco/docker-entrypoint.sh index 3437ec7ea40..809069a9cf9 100755 --- a/docker/falco/docker-entrypoint.sh +++ b/docker/falco/docker-entrypoint.sh @@ -26,8 +26,8 @@ print_usage() { echo "Available FALCO_DRIVER_LOADER_OPTIONS drivers:" echo " auto leverage automatic driver selection logic (default)" echo " modern_ebpf modern eBPF CORE probe" - echo " ebpf eBPF probe" echo " kmod kernel module" + echo " ebpf eBPF probe" echo "" echo "FALCO_DRIVER_LOADER_OPTIONS options:" echo " --help show this help message" @@ -127,7 +127,7 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then /usr/bin/falcoctl driver config --type $driver else # Needed because we need to configure Falco to start with correct driver - /usr/bin/falcoctl driver config --type modern_ebpf --type ebpf --type kmod + /usr/bin/falcoctl driver config --type modern_ebpf --type kmod --type ebpf fi /usr/bin/falcoctl driver install --compile=$ENABLE_COMPILE --download=$ENABLE_DOWNLOAD --http-insecure=$HTTP_INSECURE --http-headers="$FALCOCTL_DRIVER_HTTP_HEADERS" diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt index 6fddd418c42..004f7148e3f 100644 --- a/scripts/CMakeLists.txt +++ b/scripts/CMakeLists.txt @@ -52,12 +52,12 @@ if (NOT WIN32 AND NOT APPLE AND NOT EMSCRIPTEN AND NOT MUSL_OPTIMIZED_BUILD) if (BUILD_FALCO_MODERN_BPF) list(APPEND FALCOCTL_DRIVER_TYPES_LIST "modern_ebpf") endif() - if (BUILD_BPF) - list(APPEND FALCOCTL_DRIVER_TYPES_LIST "ebpf") - endif() if (BUILD_DRIVER) list(APPEND FALCOCTL_DRIVER_TYPES_LIST "kmod") endif() + if (BUILD_BPF) + list(APPEND FALCOCTL_DRIVER_TYPES_LIST "ebpf") + endif() string(REPLACE ";" ", " FALCOCTL_DRIVER_TYPES "${FALCOCTL_DRIVER_TYPES_LIST}") configure_file(${CMAKE_CURRENT_SOURCE_DIR}/falcoctl/falcoctl.yaml.in ${PROJECT_BINARY_DIR}/scripts/falcoctl/falcoctl.yaml) install(FILES ${PROJECT_BINARY_DIR}/scripts/falcoctl/falcoctl.yaml DESTINATION "${FALCOCTL_ETC_DIR}" COMPONENT "${FALCO_COMPONENT_NAME}") diff --git a/scripts/debian/postinst.in b/scripts/debian/postinst.in index 55d9525a428..86c093b676a 100755 --- a/scripts/debian/postinst.in +++ b/scripts/debian/postinst.in @@ -83,7 +83,7 @@ if [ "$1" = "configure" ]; then echo "[POST-INSTALL] Configure falcoctl '$chosen_driver' driver type:" if [ "$chosen_driver" = "auto" ]; then # Configure falcoctl to enable all drivers - falcoctl driver config --type "modern_ebpf" --type "ebpf" --type "kmod" + falcoctl driver config --type "modern_ebpf" --type "kmod" --type "ebpf" # Load the actually automatic chosen driver chosen_driver=$(falcoctl driver printenv | grep DRIVER= | cut -d'"' -f2) else diff --git a/scripts/rpm/postinstall.in b/scripts/rpm/postinstall.in index 5f37fd6138e..e88400f928c 100755 --- a/scripts/rpm/postinstall.in +++ b/scripts/rpm/postinstall.in @@ -82,7 +82,7 @@ if [ $1 -ge 1 ]; then echo "[POST-INSTALL] Configure falcoctl '$chosen_driver' driver type:" if [ "$chosen_driver" = "auto" ]; then # Configure falcoctl to enable all drivers - falcoctl driver config --type "modern_ebpf" --type "ebpf" --type "kmod" + falcoctl driver config --type "modern_ebpf" --type "kmod" --type "ebpf" # Load the actually automatic chosen driver chosen_driver=$(falcoctl driver printenv | grep DRIVER= | cut -d'"' -f2) else