wip

Signed-off-by: Roberto Scolaro <[email protected]>

CMakeLists.txt

@@ -40,6 +40,7 @@ project(sysdig)
 option(MINIMAL_BUILD "Produce a minimal sysdig binary with only the essential features (no eBPF probe driver, no kubernetes, no mesos, no marathon and no container metadata)" OFF)
 option(MUSL_OPTIMIZED_BUILD "Enable if you want a musl optimized build" OFF)
 option(USE_BUNDLED_DEPS "Enable bundled dependencies instead of using the system ones" ON)
+option(BUILD_NEW_SCAP_DRIVER_LOADER "Enable new go scap-driver-loader" OFF)
 
 # Add path for custom CMake modules.
 list(APPEND CMAKE_MODULE_PATH
@@ -191,6 +192,9 @@ if(CMAKE_SYSTEM_NAME MATCHES "Linux")
 endif()
 
 add_subdirectory(userspace/sysdig)
+if(BUILD_NEW_SCAP_DRIVER_LOADER)
+	add_subdirectory(userspace/driver-loader)
+endif()
 
 set(CPACK_PACKAGE_NAME "${PACKAGE_NAME}")
 set(CPACK_PACKAGE_VENDOR "Sysdig Inc.")

scripts/CMakeLists.txt

@@ -33,5 +33,10 @@ install(FILES completions/zsh/_sysdig
 install(FILES completions/zsh/_sysdig
 	DESTINATION share/zsh/site-functions COMPONENT "${SYSDIG_COMPONENT_NAME}")
 
-install(PROGRAMS "${CMAKE_BINARY_DIR}/scripts/scap-driver-loader"
-	DESTINATION bin COMPONENT "${SYSDIG_COMPONENT_NAME}")
+if(BUILD_NEW_SCAP_DRIVER_LOADER)
+	install(PROGRAMS "${CMAKE_BINARY_DIR}/userspace/driver-loader/scap-driver-loader"
+		DESTINATION bin COMPONENT "${SYSDIG_COMPONENT_NAME}")
+else()
+	install(PROGRAMS "${CMAKE_BINARY_DIR}/scripts/scap-driver-loader"
+		DESTINATION bin COMPONENT "${SYSDIG_COMPONENT_NAME}")
+endif()

userspace/driver-loader/CMakeLists.txt

@@ -0,0 +1,23 @@
+cmake_minimum_required(VERSION 3.12)
+project(go-scap-driver-loader)
+
+set(GO_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR})
+
+string(TIMESTAMP BUILD_DATE "%Y-%m-%dT%H:%M:%SZ")
+
+set(RELEASE ${SYSDIG_VERSION})
+set(COMMIT "")
+
+set(GO_LDFLAGS "")
+string(APPEND GO_LDFLAGS "-X 'github.com/falcosecurity/falcoctl/cmd/version.semVersion=${RELEASE}' ")
+string(APPEND GO_LDFLAGS "-X 'github.com/falcosecurity/falcoctl/cmd/version.gitCommit=${COMMIT}' ")
+string(APPEND GO_LDFLAGS "-X 'github.com/falcosecurity/falcoctl/cmd/version.buildDate=${BUILD_DATE}'")
+
+add_custom_target(scap_driver_loader_exe ALL DEPENDS ${CMAKE_CURRENT_BINARY_DIR}/scap-driver-loader)
+add_custom_command(
+    OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/scap-driver-loader
+    COMMAND ${GOENV} go build -ldflags ${GO_LDFLAGS}
+        -o ${CMAKE_CURRENT_BINARY_DIR}/scap-driver-loader ${GO_MODULE_PATH}
+    WORKING_DIRECTORY ${GO_MODULE_PATH}
+    #DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/${target}/go.mod ${ARGN}
+)

userspace/driver-loader/cmd/cmd_suite_test.go

@@ -0,0 +1,28 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright (C) 2023 The Falco Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cmd_test
+
+import (
+	"testing"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+func TestCmd(t *testing.T) {
+	RegisterFailHandler(Fail)
+	RunSpecs(t, "Cmd Suite")
+}

userspace/driver-loader/cmd/doc.go

@@ -0,0 +1,17 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright (C) 2023 The Falco Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package cmd implements all the falcoctl commands.
+package cmd

userspace/driver-loader/cmd/driver/cleanup/cleanup.go

@@ -0,0 +1,74 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright (C) 2023 The Falco Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package drivercleanup
+
+import (
+	"bytes"
+	"strings"
+
+	"github.com/pterm/pterm"
+	"github.com/spf13/cobra"
+	"golang.org/x/net/context"
+
+	"github.com/falcosecurity/falcoctl/pkg/options"
+)
+
+type driverCleanupOptions struct {
+	*options.Common
+	*options.Driver
+}
+
+// NewDriverCleanupCmd cleans a driver up.
+func NewDriverCleanupCmd(ctx context.Context, opt *options.Common, driver *options.Driver) *cobra.Command {
+	o := driverCleanupOptions{
+		Common: opt,
+		Driver: driver,
+	}
+
+	cmd := &cobra.Command{
+		Use:                   "cleanup [flags]",
+		DisableFlagsInUseLine: true,
+		Short:                 "Cleanup a driver",
+		Long:                  `Cleans a driver up, eg for kmod, by removing it from dkms.`,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return o.RunDriverCleanup(ctx)
+		},
+	}
+	return cmd
+}
+
+func (o *driverCleanupOptions) RunDriverCleanup(_ context.Context) error {
+	o.Printer.Logger.Info("Running falcoctl driver cleanup", o.Printer.Logger.Args(
+		"driver type", o.Driver.Type,
+		"driver name", o.Driver.Name))
+	var buf bytes.Buffer
+	if !o.Printer.DisableStyling {
+		o.Printer.Spinner, _ = o.Printer.Spinner.Start("Cleaning up existing drivers")
+	}
+	err := o.Driver.Type.Cleanup(o.Printer.WithWriter(&buf), o.Driver.Name)
+	if o.Printer.Spinner != nil {
+		_ = o.Printer.Spinner.Stop()
+	}
+	if o.Printer.Logger.Formatter == pterm.LogFormatterJSON {
+		// Only print formatted text if we are formatting to json
+		out := strings.ReplaceAll(buf.String(), "\n", ";")
+		o.Printer.Logger.Info("Driver cleanup", o.Printer.Logger.Args("output", out))
+	} else {
+		// Print much more readable output as-is
+		o.Printer.DefaultText.Print(buf.String())
+	}
+	return err
+}

userspace/driver-loader/cmd/driver/cleanup/cleanup_suite_test.go

@@ -0,0 +1,69 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright (C) 2023 The Falco Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package drivercleanup_test
+
+import (
+	"context"
+	"os"
+	"path/filepath"
+	"testing"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	"github.com/onsi/gomega/gbytes"
+	"github.com/spf13/cobra"
+
+	"github.com/falcosecurity/falcoctl/cmd"
+	commonoptions "github.com/falcosecurity/falcoctl/pkg/options"
+	testutils "github.com/falcosecurity/falcoctl/pkg/test"
+)
+
+var (
+	ctx        = context.Background()
+	output     = gbytes.NewBuffer()
+	rootCmd    *cobra.Command
+	opt        *commonoptions.Common
+	configFile string
+	err        error
+	args       []string
+)
+
+func TestCleanup(t *testing.T) {
+	RegisterFailHandler(Fail)
+	RunSpecs(t, "Cleanup Suite")
+}
+
+var _ = BeforeSuite(func() {
+
+	// Create and configure the common options.
+	opt = commonoptions.NewOptions()
+	opt.Initialize(commonoptions.WithWriter(output))
+
+	// Create temporary directory used to save the configuration file.
+	configFile, err = testutils.CreateEmptyFile("falcoctl.yaml")
+	Expect(err).Should(Succeed())
+})
+
+var _ = AfterSuite(func() {
+	configDir := filepath.Dir(configFile)
+	Expect(os.RemoveAll(configDir)).Should(Succeed())
+})
+
+func executeRoot(args []string) error {
+	rootCmd.SetArgs(args)
+	rootCmd.SetOut(output)
+	return cmd.Execute(rootCmd, opt)
+}

userspace/driver-loader/cmd/driver/cleanup/cleanup_test.go

@@ -0,0 +1,101 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright (C) 2024 The Falco Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package drivercleanup_test
+
+import (
+	"regexp"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	"github.com/onsi/gomega/gbytes"
+
+	"github.com/falcosecurity/falcoctl/cmd"
+)
+
+//nolint:lll // no need to check for line length.
+var driverCleanupHelp = `Cleans a driver up, eg for kmod, by removing it from dkms.
+
+Usage:
+  falcoctl driver cleanup [flags]
+
+Flags:
+  -h, --help   help for cleanup
+
+Global Flags:
+      --config string          config file to be used for falcoctl (default "/etc/falcoctl/falcoctl.yaml")
+      --host-root string       Driver host root to be used. (default "/")
+      --kernelrelease string   Specify the kernel release for which to download/build the driver in the same format used by 'uname -r' (e.g. '6.1.0-10-cloud-amd64')
+      --kernelversion string   Specify the kernel version for which to download/build the driver in the same format used by 'uname -v' (e.g. '#1 SMP PREEMPT_DYNAMIC Debian 6.1.38-2 (2023-07-27)')
+      --log-format string      Set formatting for logs (color, text, json) (default "color")
+      --log-level string       Set level for logs (info, warn, debug, trace) (default "info")
+      --name string            Driver name to be used. (default "falco")
+      --repo strings           Driver repo to be used. (default [https://download.falco.org/driver])
+      --type strings           Driver types allowed in descending priority order (ebpf, kmod, modern_ebpf) (default [modern_ebpf,ebpf,kmod])
+      --version string         Driver version to be used.
+`
+
+var addAssertFailedBehavior = func(specificError string) {
+	It("check that fails and the usage is not printed", func() {
+		Expect(err).To(HaveOccurred())
+		Expect(output).Should(gbytes.Say(regexp.QuoteMeta(specificError)))
+	})
+}
+
+var _ = Describe("cleanup", func() {
+
+	var (
+		driverCmd  = "driver"
+		cleanupCmd = "cleanup"
+	)
+
+	// Each test gets its own root command and runs it.
+	// The err variable is asserted by each test.
+	JustBeforeEach(func() {
+		rootCmd = cmd.New(ctx, opt)
+		err = executeRoot(args)
+	})
+
+	JustAfterEach(func() {
+		Expect(output.Clear()).ShouldNot(HaveOccurred())
+	})
+
+	Context("help message", func() {
+		BeforeEach(func() {
+			args = []string{driverCmd, cleanupCmd, "--help"}
+		})
+
+		It("should match the saved one", func() {
+			Expect(output).Should(gbytes.Say(regexp.QuoteMeta(driverCleanupHelp)))
+		})
+	})
+
+	// Here we are testing failure cases for cleaning a driver.
+	Context("failure", func() {
+		When("with non absolute host-root", func() {
+			BeforeEach(func() {
+				args = []string{driverCmd, cleanupCmd, "--config", configFile, "--host-root", "foo/"}
+			})
+			addAssertFailedBehavior("ERROR host-root must be an absolute path (foo/)")
+		})
+
+		When("with invalid driver type", func() {
+			BeforeEach(func() {
+				args = []string{driverCmd, cleanupCmd, "--config", configFile, "--type", "foo"}
+			})
+			addAssertFailedBehavior(`ERROR unsupported driver type specified: foo`)
+		})
+	})
+})

userspace/driver-loader/cmd/driver/cleanup/doc.go

@@ -0,0 +1,17 @@
+// SPDX-License-Identifier: Apache-2.0
+// Copyright (C) 2023 The Falco Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package drivercleanup defines the cleanup logic for the driver cmd.
+package drivercleanup