chore(cmd/driver): modern bpf does not require any prepre stage.

Signed-off-by: Federico Di Pierro <[email protected]>
falcosecurity · Nov 3, 2023 · 435b4ea · 435b4ea
1 parent b114814
commit 435b4ea
Show file tree

Hide file tree

Showing 13 changed files with 185 additions and 80 deletions.
diff --git a/cmd/driver/prepare/prepare.go b/cmd/driver/prepare/prepare.go
@@ -19,6 +19,7 @@ type driverPrepareOptions struct {
 	Download      bool
 	Build         bool
 	DriverVersion string
+	DriverRepos   []string
 }
 
 // NewDriverPrepareCmd returns the driver prepare command.
@@ -45,6 +46,7 @@ func NewDriverPrepareCmd(ctx context.Context, opt *options.Common) *cobra.Comman
 	cmd.Flags().BoolVar(&o.Download, "download", true, "Whether to enable download of drivers")
 	cmd.Flags().BoolVar(&o.Build, "build", true, "Whether to enable build of drivers")
 	cmd.Flags().StringVar(&o.DriverVersion, "driver-version", "", "Driver version to be built")
+	cmd.Flags().StringSliceVar(&o.DriverRepos, "driver-repo", []string{"https://download.falco.org/driver"}, "Specify different URL(s) where to look for prebuilt drivers")
 
 	if err := cmd.MarkFlagRequired("driver-version"); err != nil {
 		output.ExitOnErr(o.Printer, fmt.Errorf("unable to mark flag \"driver-version\" as required"))
@@ -53,7 +55,7 @@ func NewDriverPrepareCmd(ctx context.Context, opt *options.Common) *cobra.Comman
 }
 
 // RunDriverPrepare implements the driver prepare command.
-func (o *driverPrepareOptions) RunDriverPrepare(ctx context.Context, args []string) error {
+func (o *driverPrepareOptions) RunDriverPrepare(_ context.Context, _ []string) error {
 	driver, err := config.Driverer()
 	if err != nil {
 		return err
@@ -71,7 +73,12 @@ func (o *driverPrepareOptions) RunDriverPrepare(ctx context.Context, args []stri
 		"kernel release", info.KernelRelease,
 		"kernel version", info.KernelVersion))
 
-	d, err := distro.DiscoverDistro(o.HostRoot)
+	if !driver.Type.HasArtifacts() {
+		o.Printer.Logger.Info("no artifacts needed")
+		return nil
+	}
+
+	d, err := distro.DiscoverDistro(o.Printer, o.HostRoot)
 	if err != nil {
 		if errors.Is(err, distro.UnsupportedErr) && o.Build {
 			o.Download = false
@@ -83,11 +90,12 @@ func (o *driverPrepareOptions) RunDriverPrepare(ctx context.Context, args []stri
 	o.Printer.Logger.Info("found distro", o.Printer.Logger.Args("target", d.GetTargetID(info)))
 
 	if o.Download {
-		err = d.Download()
+		err = d.Download(info, o.Driver, driver.Type, o.DriverVersion, o.DriverRepos)
 		if err == nil {
 			return nil
 		}
-		// Print the error
+		// Print the error but go on
+		// attempting a build if requested
 		o.Printer.Logger.Error(err.Error())
 	}
 

diff --git a/cmd/driver/select/select.go b/cmd/driver/select/select.go
@@ -50,31 +50,31 @@ func (o *driverSelectOptions) RunDriverSelect(_ context.Context, args []string)
 		// Ok driver type was enforced by the user
 		dType, err := _type.Parse(args[0])
 		if err != nil {
-			return _type.TypeWrong, err
+			return nil, err
 		}
 		return dType, config.SelectDriver(dType.String(), o.ConfigFile)
 	}
 
 	// automatic logic
 	info, err := kernel.FetchKernelInfo()
 	if err != nil {
-		return _type.TypeWrong, err
+		return nil, err
 	}
 
 	o.Printer.Logger.Info("Running falcoctl driver select", o.Printer.Logger.Args(
 		"arch", info.Architecture,
 		"kernel release", info.KernelRelease,
 		"kernel version", info.KernelVersion))
 
-	d, err := distro.DiscoverDistro(o.HostRoot)
+	d, err := distro.DiscoverDistro(o.Printer, o.HostRoot)
 	if err != nil {
-		return _type.TypeWrong, err
+		return nil, err
 	}
 	o.Printer.Logger.Info("found distro", o.Printer.Logger.Args("target", d.GetTargetID(info)))
 
 	preferredDriver := d.PreferredDriver(info)
-	if preferredDriver == _type.TypeWrong {
-		return _type.TypeWrong, fmt.Errorf("automatic driver selection failed")
+	if preferredDriver == nil {
+		return nil, fmt.Errorf("automatic driver selection failed")
 	}
 	return preferredDriver, config.SelectDriver(preferredDriver.String(), o.ConfigFile)
 }
diff --git a/pkg/driver/distro/amzn.go b/pkg/driver/distro/amzn.go
@@ -2,6 +2,7 @@ package distro
 
 import (
 	"fmt"
+	"github.com/falcosecurity/falcoctl/pkg/output"
 	"gopkg.in/ini.v1"
 )
 
@@ -13,7 +14,7 @@ type amzn struct {
 	*generic
 }
 
-func (a *amzn) init(id string, cfg *ini.File) error {
+func (a *amzn) init(printer *output.Printer, id string, cfg *ini.File) error {
 	idKey := cfg.Section("").Key("VERSION_ID")
 	if idKey == nil {
 		// OS-release without `VERSION_ID` (can it happen?)
@@ -30,5 +31,5 @@ func (a *amzn) init(id string, cfg *ini.File) error {
 	default:
 		id = "amazonlinux"
 	}
-	return a.generic.init(id, cfg)
+	return a.generic.init(printer, id, cfg)
 }
diff --git a/pkg/driver/distro/bottlerocket.go b/pkg/driver/distro/bottlerocket.go
@@ -3,6 +3,7 @@ package distro
 import (
 	"fmt"
 	"github.com/falcosecurity/falcoctl/pkg/driver/kernel"
+	"github.com/falcosecurity/falcoctl/pkg/output"
 	"gopkg.in/ini.v1"
 	"strings"
 )
@@ -17,7 +18,7 @@ type bottlerocket struct {
 	versionID string
 }
 
-func (b *bottlerocket) init(id string, cfg *ini.File) error {
+func (b *bottlerocket) init(printer *output.Printer, id string, cfg *ini.File) error {
 	idKey := cfg.Section("").Key("VERSION_ID")
 	if idKey == nil {
 		// OS-release without `VERSION_ID` (can it happen?)
@@ -31,7 +32,7 @@ func (b *bottlerocket) init(id string, cfg *ini.File) error {
 	}
 	b.variantID = strings.Split(idKey.String(), "-")[0]
 
-	return b.generic.init(id, cfg)
+	return b.generic.init(printer, id, cfg)
 }
 
 func (b *bottlerocket) FixupKernel(i kernel.Info) kernel.Info {

diff --git a/pkg/driver/distro/distro.go b/pkg/driver/distro/distro.go
@@ -4,6 +4,8 @@ import (
 	"fmt"
 	"github.com/falcosecurity/falcoctl/pkg/driver/kernel"
 	_type "github.com/falcosecurity/falcoctl/pkg/driver/type"
+	"github.com/falcosecurity/falcoctl/pkg/options"
+	"github.com/falcosecurity/falcoctl/pkg/output"
 	"gopkg.in/ini.v1"
 	"strings"
 )
@@ -13,10 +15,10 @@ var distros = map[string]Distro{}
 var UnsupportedErr = fmt.Errorf("failed to determine distro")
 
 type Distro interface {
-	init(id string, cfg *ini.File) error // private
+	init(printer *output.Printer, id string, cfg *ini.File) error // private
 	GetTargetID(i kernel.Info) string
 	FixupKernel(i kernel.Info) kernel.Info
-	Download() error
+	Download(i kernel.Info, opts *options.Driver, driverType _type.DriverType, driverVer string, repos []string) error
 	Build() error
 	PreferredDriver(i kernel.Info) _type.DriverType
 }
@@ -25,8 +27,8 @@ type checker interface {
 	check(hostRoot string) bool // private
 }
 
-func DiscoverDistro(hostRoot string) (Distro, error) {
-	distro, err := getOSReleaseDistro(hostRoot)
+func DiscoverDistro(printer *output.Printer, hostRoot string) (Distro, error) {
+	distro, err := getOSReleaseDistro(printer, hostRoot)
 	if err == nil {
 		return distro, nil
 	}
@@ -35,20 +37,20 @@ func DiscoverDistro(hostRoot string) (Distro, error) {
 	for id, d := range distros {
 		dd, ok := d.(checker)
 		if ok && dd.check(hostRoot) {
-			err = d.init(id, nil)
+			err = d.init(printer, id, nil)
 			return d, err
 		}
 	}
 
 	// Return a generic distro to try the build
 	distro = &generic{}
-	if err = distro.init("undetermined", nil); err != nil {
+	if err = distro.init(printer, "undetermined", nil); err != nil {
 		return nil, err
 	}
 	return distro, UnsupportedErr
 }
 
-func getOSReleaseDistro(hostRoot string) (Distro, error) {
+func getOSReleaseDistro(printer *output.Printer, hostRoot string) (Distro, error) {
 	cfg, err := ini.Load(hostRoot + "/etc/os-release")
 	if err != nil {
 		return nil, err
@@ -71,7 +73,7 @@ func getOSReleaseDistro(hostRoot string) (Distro, error) {
 	if !exist {
 		distro = &generic{}
 	}
-	if err = distro.init(id, cfg); err != nil {
+	if err = distro.init(printer, id, cfg); err != nil {
 		return nil, err
 	}
 	return distro, nil

diff --git a/pkg/driver/distro/flatcar.go b/pkg/driver/distro/flatcar.go
@@ -3,6 +3,7 @@ package distro
 import (
 	"fmt"
 	"github.com/falcosecurity/falcoctl/pkg/driver/kernel"
+	"github.com/falcosecurity/falcoctl/pkg/output"
 	"gopkg.in/ini.v1"
 )
 
@@ -15,18 +16,14 @@ type flatcar struct {
 	versionID string
 }
 
-func (f *flatcar) init(id string, cfg *ini.File) error {
+func (f *flatcar) init(printer *output.Printer, id string, cfg *ini.File) error {
 	idKey := cfg.Section("").Key("VERSION_ID")
 	if idKey == nil {
 		// OS-release without `VERSION_ID` (can it happen?)
 		return fmt.Errorf("no VERSION_ID present for flatcar")
 	}
 	f.versionID = idKey.String()
-	return f.generic.init(id, cfg)
-}
-
-func (f *flatcar) GetTargetID(i kernel.Info) string {
-	return f.TargetID
+	return f.generic.init(printer, id, cfg)
 }
 
 func (f *flatcar) FixupKernel(i kernel.Info) kernel.Info {

diff --git a/pkg/driver/distro/generic.go b/pkg/driver/distro/generic.go
@@ -2,22 +2,30 @@ package distro
 
 import (
 	"fmt"
+	"github.com/docker/docker/pkg/homedir"
 	"github.com/falcosecurity/falcoctl/pkg/driver/kernel"
 	_type "github.com/falcosecurity/falcoctl/pkg/driver/type"
+	"github.com/falcosecurity/falcoctl/pkg/options"
+	"github.com/falcosecurity/falcoctl/pkg/output"
 	"gopkg.in/ini.v1"
+	"io"
+	"net/http"
+	"os"
 )
 
 type generic struct {
-	TargetID string
+	targetID string
+	printer  *output.Printer
 }
 
-func (g *generic) init(id string, _ *ini.File) error {
-	g.TargetID = id
+func (g *generic) init(printer *output.Printer, id string, _ *ini.File) error {
+	g.targetID = id
+	g.printer = printer
 	return nil
 }
 
 func (g *generic) GetTargetID(_ kernel.Info) string {
-	return g.TargetID
+	return g.targetID
 }
 
 func (g *generic) FixupKernel(i kernel.Info) kernel.Info {
@@ -37,20 +45,51 @@ func (g *generic) Build() error {
 	return fmt.Errorf("build unimplemented")
 }
 
-func (g *generic) Download() error {
-	// TODO: BPF_PROBE_FILENAME="${DRIVER_NAME}_${TARGET_ID}_${KERNEL_RELEASE}_${KERNEL_VERSION}.o"
-	// if [ -f "${HOME}/.falco/${DRIVER_VERSION}/${ARCH}/${BPF_PROBE_FILENAME}" ]; then
-	//			echo "* Skipping download, eBPF probe is already present in ${HOME}/.falco/${DRIVER_VERSION}/${ARCH}/${BPF_PROBE_FILENAME}"
-	//		else
-	// IFS=", " read -r -a urls <<< "${DRIVERS_REPO}"
-	//			for url in "${urls[@]}"; do
-	//				load_bpf_probe_download $url
-	//				if [ $? -eq 0 ]; then
-	//                	break
-	return fmt.Errorf("download unimplemented")
+func (g *generic) Download(i kernel.Info, opts *options.Driver, driverType _type.DriverType, driverVer string, repos []string) error {
+	// Skip if existent
+	driverFileName := g.toFilename(i, opts, driverType)
+	destination := fmt.Sprintf("%s/.falco/%s/%s/%s", homedir.Get(), driverVer, i.Architecture, driverFileName)
+	f, err := os.Open(destination)
+	if err == nil {
+		_ = f.Close()
+		g.printer.Logger.Info("Skipping download, driver already present.", g.printer.Logger.Args("path", destination))
+		return nil
+	}
+
+	// Try to download from any specified repository,
+	// stopping at first successful http GET.
+	for _, repo := range repos {
+		url := g.toURL(i.Architecture, repo, driverVer, driverFileName)
+		g.printer.Logger.Info("Trying to download a driver", g.printer.Logger.Args("url", url))
+
+		resp, err := http.Get(url)
+		if err != nil || resp.StatusCode != 200 {
+			continue
+		}
+
+		out, err := os.Create(destination)
+		if err != nil {
+			return err
+		}
+		_, err = io.Copy(out, resp.Body)
+		if err != nil {
+			return err
+		}
+		_ = resp.Body.Close()
+		return nil
+	}
+	return fmt.Errorf("unable to find a prebuilt %s driver", opts.Name)
 }
 
 func (g *generic) PreferredDriver(_ kernel.Info) _type.DriverType {
 	// We don't support automagic driver selection logic at this stage
-	return _type.TypeWrong
+	return nil
+}
+
+func (g *generic) toFilename(i kernel.Info, opts *options.Driver, driverType _type.DriverType) string {
+	return fmt.Sprintf("%s_%s_%s_%s%s", opts.Name, g.GetTargetID(i), i.KernelRelease, i.KernelVersion, driverType.Extension())
+}
+
+func (g *generic) toURL(arch string, repo, driverVer, fileName string) string {
+	return fmt.Sprintf("%s/%s/%s/%s", repo, driverVer, arch, fileName)
 }
diff --git a/pkg/driver/distro/talos.go b/pkg/driver/distro/talos.go
@@ -3,6 +3,7 @@ package distro
 import (
 	"fmt"
 	"github.com/falcosecurity/falcoctl/pkg/driver/kernel"
+	"github.com/falcosecurity/falcoctl/pkg/output"
 	"gopkg.in/ini.v1"
 )
 
@@ -15,15 +16,15 @@ type talos struct {
 	versionID string
 }
 
-func (t *talos) init(id string, cfg *ini.File) error {
+func (t *talos) init(printer *output.Printer, id string, cfg *ini.File) error {
 	idKey := cfg.Section("").Key("VERSION_ID")
 	if idKey == nil {
 		// OS-release without `VERSION_ID` (can it happen?)
 		return fmt.Errorf("no VERSION_ID present for talos")
 	}
 	t.versionID = idKey.String()
 
-	return t.generic.init(id, cfg)
+	return t.generic.init(printer, id, cfg)
 }
 
 func (t *talos) FixupKernel(i kernel.Info) kernel.Info {

diff --git a/pkg/driver/distro/ubuntu.go b/pkg/driver/distro/ubuntu.go
@@ -2,7 +2,6 @@ package distro
 
 import (
 	"github.com/falcosecurity/falcoctl/pkg/driver/kernel"
-	"gopkg.in/ini.v1"
 	"regexp"
 	"strings"
 )
@@ -18,10 +17,6 @@ type ubuntu struct {
 var ubuntuTargetIdRegex = regexp.MustCompile("-([a-zA-Z]+)(-.*)?$")
 var ubuntuKernelVersionRegex = regexp.MustCompile("^\\#[0-9]+\\~[^-]*-Ubuntu .*$")
 
-func (u *ubuntu) init(id string, cfg *ini.File) error {
-	return u.generic.init(id, cfg)
-}
-
 func (u *ubuntu) GetTargetID(i kernel.Info) string {
 	// # Extract the flavor from the kernelrelease
 	//		# Examples: