falco-driver-loader improvements (custom driver name + clean previous drivers functionality)

scripts/falco-driver-loader

@@ -158,7 +158,7 @@ load_kernel_module_compile() {
 		echo "make CC=${CURRENT_GCC} \$@" >> /tmp/falco-dkms-make
 		chmod +x /tmp/falco-dkms-make
 		if dkms install --directive="MAKE='/tmp/falco-dkms-make'" -m "${DRIVER_NAME}" -v "${DRIVER_VERSION}" -k "${KERNEL_RELEASE}" 2>/dev/null; then
-			echo "* ${DRIVER_NAME} module installed in dkms, trying to insmod"				
+			echo "* ${DRIVER_NAME} module installed in dkms, trying to insmod"
 			if insmod "/var/lib/dkms/${DRIVER_NAME}/${DRIVER_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${DRIVER_NAME}.ko" > /dev/null 2>&1; then
 				echo "* Success: ${DRIVER_NAME} module found and loaded in dkms"
 				exit 0
@@ -220,7 +220,7 @@ load_kernel_module() {
 	rmmod "${DRIVER_NAME}" 2>/dev/null
 	WAIT_TIME=0
 	KMOD_NAME=$(echo "${DRIVER_NAME}" | tr "-" "_")
-	while lsmod | cut -d' ' -f1 | grep -qx "${KMOD_NAME}" && [ $WAIT_TIME -lt "${MAX_RMMOD_WAIT}" ]; do 
+	while lsmod | cut -d' ' -f1 | grep -qx "${KMOD_NAME}" && [ $WAIT_TIME -lt "${MAX_RMMOD_WAIT}" ]; do
 		if rmmod "${DRIVER_NAME}" 2>/dev/null; then
 			echo "* Unloading ${DRIVER_NAME} module succeeded after ${WAIT_TIME}s"
 			break
@@ -246,7 +246,7 @@ load_kernel_module() {
 	if modprobe "${DRIVER_NAME}" > /dev/null 2>&1; then
 		echo "* Success: ${DRIVER_NAME} module found and loaded with modprobe"
 		exit 0
-	fi		
+	fi
 
 
 	echo "* Trying to find locally a prebuilt ${DRIVER_NAME} module for kernel ${KERNEL_RELEASE}, if present"
@@ -266,6 +266,48 @@ load_kernel_module() {
 	fi
 }
 
+clean_kernel_module() {
+	if ! hash lsmod > /dev/null 2>&1; then
+		>&2 echo "This program requires lsmod"
+		exit 1
+	fi
+
+	if ! hash rmmod > /dev/null 2>&1; then
+		>&2 echo "This program requires rmmod"
+		exit 1
+	fi
+
+	KMOD_NAME=$(echo "${DRIVER_NAME}" | tr "-" "_")
+	if lsmod | cut -d' ' -f1 | grep -qx "${KMOD_NAME}"; then 
+		if rmmod "${DRIVER_NAME}" 2>/dev/null; then
+			echo "* Unloading ${DRIVER_NAME} module succeeded"
+		else 
+			echo "* Unloading ${DRIVER_NAME} module failed"
+		fi
+	else
+		echo "* No ${DRIVER_NAME} module loaded"
+	fi
+
+	if ! hash dkms &>/dev/null; then
+		echo "* Skipping dkms remove (dkms not found)"
+		return
+	fi
+
+	DRIVER_VERSIONS=$(dkms status -m "${DRIVER_NAME}" | cut -d',' -f2 | sed -e 's/^[[:space:]]*//')
+	if [ -z "${DRIVER_VERSIONS}" ]; then
+		echo "* No ${DRIVER_NAME} module found in dkms"
+		return
+	fi
+	for CURRENT_VER in ${DRIVER_VERSIONS}; do
+		if dkms remove -m "${DRIVER_NAME}" -v "${CURRENT_VER}" --all 2>/dev/null; then
+			echo "* Removing ${DRIVER_NAME}/${CURRENT_VER} succeeded"
+		else 
+			echo "* Removing ${DRIVER_NAME}/${CURRENT_VER} failed"
+			exit 1
+		fi
+	done
+}
+
 load_bpf_probe_compile() {
 	local BPF_KERNEL_SOURCES_URL=""
 	local STRIP_COMPONENTS=1
@@ -463,10 +505,19 @@ print_usage() {
 	echo ""
 	echo "Options:"
 	echo "  --help         show brief help"
+	echo "  --clean        try to remove an already present driver installation"
 	echo "  --compile      try to compile the driver locally"
 	echo "  --download     try to download a prebuilt driver"
 	echo "  --source-only  skip execution and allow sourcing in another script"
 	echo ""
+	echo "Environment variables:"
+	echo "  DRIVER_REPO    specify a different URL where to look for prebuilt Falco drivers"
+	echo "  DRIVER_NAME    specify a different name for the driver"
+	echo ""
+	echo "Versions:"
+	echo "  Falco version  ${FALCO_VERSION}"
+	echo "  Driver version ${DRIVER_VERSION}"
+	echo ""
 }
 
 ARCH=$(uname -m)
@@ -486,7 +537,8 @@ if [[ -z "$MAX_RMMOD_WAIT" ]]; then
 fi
 
 DRIVER_VERSION="@PROBE_VERSION@"
-DRIVER_NAME="@PROBE_NAME@"
+DRIVER_NAME=${DRIVER_NAME:-"@PROBE_NAME@"}
+FALCO_VERSION="@FALCO_VERSION@"
 
 DRIVER="module"
 if [ -v FALCO_BPF_PROBE ]; then
@@ -496,6 +548,7 @@ fi
 ENABLE_COMPILE=
 ENABLE_DOWNLOAD=
 
+clean=
 has_args=
 has_opts=
 source_only=
@@ -516,6 +569,10 @@ while test $# -gt 0; do
 			print_usage
 			exit 0
 			;;
+		--clean)
+			clean="true"
+			shift
+			;;
 		--compile)
 			ENABLE_COMPILE="yes"
 			has_opts="true"
@@ -549,23 +606,42 @@ if [ -z "$has_opts" ]; then
 fi
 
 if [ -z "$source_only" ]; then
+	echo "* Running falco-driver-loader for: falco version=${FALCO_VERSION}, driver version=${DRIVER_VERSION}"
+
 	if [ "$(id -u)" != 0 ]; then
 		>&2 echo "This program must be run as root (or with sudo)"
 		exit 1
 	fi
 
-	if ! hash curl > /dev/null 2>&1; then
-		>&2 echo "This program requires curl"
-		exit 1
-	fi
+	if [ -n "$clean" ]; then
+		if ! [ -z "$has_opt"]; then
+			>&2 echo "Cannot use --clean with other options"
+			exit 1
+		fi
 
-	echo "* Running falco-driver-loader with: driver=$DRIVER, compile=${ENABLE_COMPILE:-"no"}, download=${ENABLE_DOWNLOAD:-"no"}"
-	case $DRIVER in 
+		echo "* Running falco-driver-loader with: driver=$DRIVER, clean=yes"
+		case $DRIVER in
 		module)
-			load_kernel_module
+			clean_kernel_module
 			;;
 		bpf)
-			load_bpf_probe
-			;;
-	esac
-fi
+			>&2 echo "--clean not supported for driver=$DRIVER"
+			exit 1
+		esac
+	else
+		if ! hash curl > /dev/null 2>&1; then
+			>&2 echo "This program requires curl"
+			exit 1
+		fi
+
+		echo "* Running falco-driver-loader with: driver=$DRIVER, compile=${ENABLE_COMPILE:-"no"}, download=${ENABLE_DOWNLOAD:-"no"}"
+		case $DRIVER in
+			module)
+				load_kernel_module
+				;;
+			bpf)
+				load_bpf_probe
+				;;
+		esac
+	fi
+fi