From 86361303e12f726b8397474f0990cd12ebd712be Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Tue, 14 Jun 2022 11:03:18 +0200 Subject: [PATCH 01/10] chore(driverkit): port driverkit scripts to be multiarch ready. Work is still in progress. Namely, backward compatibility must still be addressed, as new config files expect "/$arch/configs" paths, while the old had only x86_64 in the root. Signed-off-by: Federico Di Pierro --- driverkit/Makefile | 33 +++++++++++++++++++++---- driverkit/README.md | 5 ++-- driverkit/utils/build | 12 ++++++++-- driverkit/utils/generate | 37 ++++++++++++++++++++++++----- driverkit/utils/scrape_and_generate | 3 ++- 5 files changed, 74 insertions(+), 16 deletions(-) diff --git a/driverkit/Makefile b/driverkit/Makefile index 2011ae47d56..2cb2244f953 100644 --- a/driverkit/Makefile +++ b/driverkit/Makefile @@ -5,21 +5,25 @@ ifeq ($(DRIVERKIT),) DRIVERKIT := "/bin/driverkit" endif -CONFIGS := $(wildcard config/*/*.yaml) +# Recursive wildcard +rwildcard=$(foreach d,$(wildcard $(1:=/*)),$(call rwildcard,$d,$2) $(filter $(subst *,%,$2),$d)) + +CONFIGS := $(call rwildcard,config/*,*.yaml) VERSIONS := $(patsubst config/%,%,$(sort $(dir $(wildcard config/*/)))) VERSIONS := $(VERSIONS:/=) TARGET_VERSION ?= * TARGET_DISTRO ?= * TARGET_KERNEL ?= * +TARGET_ARCH ?= * S3_DRIVERS_BUCKET ?= "falco-distribution" S3_DRIVERS_KEY_PREFIX ?= "driver" SKIP_EXISTING ?= true -validate: $(patsubst config_%,validate/%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) +validate: $(patsubst config_%,validate/%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) all: $(patsubst config_%,%,$(subst /,_,$(CONFIGS))) -specific_target: $(patsubst config_%,%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) +specific_target: $(patsubst config_%,%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) prepare: $(addprefix prepare_,$(VERSIONS)) publish: $(addprefix publish_,$(VERSIONS)) @@ -27,11 +31,12 @@ publish_s3: $(addprefix publish_s3_,$(VERSIONS)) generate: $(foreach VERSION,$(VERSIONS),\ - utils/generate -k ${TARGET_KERNEL} -d ${TARGET_DISTRO} -v ${VERSION}; \ + utils/generate -a $(TARGET_ARCH) -k ${TARGET_KERNEL} -d ${TARGET_DISTRO} -v ${VERSION}; \ ) generate/auto: - utils/scrape_and_generate + utils/scrape_and_generate "x86_64" + utils/scrape_and_generate "aarch64" cleanup: utils/cleanup -p ${BINTRAY_SECRET} $(addprefix -v ,$(VERSIONS)) @@ -60,16 +65,34 @@ $(foreach CONFIG,$(CONFIGS),\ # $(1): driver version define gen_publish_targets split_$(1)_kernelmodules: +# root is old x86_64 ifneq ("$(wildcard output/$(1)/*.ko)","") @mkdir -p output/$(1)/kernel-module @mv -f output/$(1)/*.ko output/$(1)/kernel-module endif +ifneq ("$(wildcard output/$(1)/x86_64/*.ko)","") + @mkdir -p output/$(1)/kernel-module/x86_64 + @mv -f output/$(1)/x86_64/*.ko output/$(1)/kernel-module/x86_64 +endif +ifneq ("$(wildcard output/$(1)/aarch64/*.ko)","") + @mkdir -p output/$(1)/kernel-module/aarch64 + @mv -f output/$(1)/aarch64/*.ko output/$(1)/kernel-module/aarch64 +endif split_$(1)_ebpfprobes: +# root is old x86_64 ifneq ("$(wildcard output/$(1)/*.o)","") @mkdir -p output/$(1)/ebpf-probe @mv -f output/$(1)/*.o output/$(1)/ebpf-probe endif +ifneq ("$(wildcard output/$(1)/x86_64/*.o)","") + @mkdir -p output/$(1)/ebpf-probe/x86_64 + @mv -f output/$(1)/x86_64/*.o output/$(1)/ebpf-probe/x86_64 +endif +ifneq ("$(wildcard output/$(1)/aarch64/*.o)","") + @mkdir -p output/$(1)/ebpf-probe/aarch64 + @mv -f output/$(1)/aarch64/*.o output/$(1)/ebpf-probe/aarch64 +endif prepare_$(1): split_$(1)_kernelmodules split_$(1)_ebpfprobes @echo "upserting falcosecurity/driver/kernel-module/$(1) version..." diff --git a/driverkit/README.md b/driverkit/README.md index 3f36dc7336b..a90704d769b 100644 --- a/driverkit/README.md +++ b/driverkit/README.md @@ -13,8 +13,8 @@ make ### Available make targets - `all`: build all the Falco drivers (all the versions), for every supported distro, and every supported kernel release -- `generate`: generate Driverkit config files for building drivers for specific kernel and target for all Falco lib versions -- `validate`: validate Driverkit config files for building drivers for specific kernel and target for all Falco lib versions +- `generate`: generate Driverkit config files for building drivers for specific arch, kernel and target for all Falco lib versions +- `validate`: validate Driverkit config files for building drivers for specific arch, kernel and target for all Falco lib versions - `specific_target`: build the filtered driver versions - `clean`: remove everything in the `output/` directory (except it, and its `.gitignore` file) - `publish`: publish all the built Falco drivers (those existing in the `output/` directory) to bintray @@ -37,6 +37,7 @@ make -e TARGET_DISTRO=amazonlinux2 specific_target These are the available filters as environment variables: +- `TARGET_ARCH`: a specific arch between { "x86_64", "aarch64" } - `TARGET_VERSION`: a specific Falco driver version - `TARGET_DISTRO`: a spefific Linux distribution - `TARGET_KERNEL`: a specific Linux version diff --git a/driverkit/utils/build b/driverkit/utils/build index c8dba437d3e..cce01ea6c78 100755 --- a/driverkit/utils/build +++ b/driverkit/utils/build @@ -9,6 +9,14 @@ input="$1" IFS=/ read -a input_parts <<< ${input} driver_version="${input_parts[1]}" +# If there is an arch subdir -> use it! +if [[ ${#input_parts[@]} -eq 4 ]]; then + arch="${input_parts[2]}/" +else + # fallback at no arch (ie: x86_64, root folder on s3 bucket) + arch="" +fi + output_module= output_probe= create_variables "$input" @@ -26,7 +34,7 @@ check_s3_existence() { # Check whether the kernel module already exists on S3 if [[ -n "${output_module}" ]]; then - output_module_filename="${output_module##*/}" + output_module_filename="${arch}${output_module##*/}" if [[ ${SKIP_EXISTING} == "true" ]] && check_s3_existence "${output_module_filename}"; then >&2 echo "output module already esists inside S3 bucket - skipping (${S3_DRIVERS_KEY_PREFIX}/${driver_version}/${output_module_filename})" else @@ -36,7 +44,7 @@ fi # Check whether the eBPF probe already exists on S3 if [[ -n "${output_probe}" ]]; then - output_probe_filename="${output_probe##*/}" + output_probe_filename="${arch}${output_probe##*/}" if [[ ${SKIP_EXISTING} == "true" ]] && check_s3_existence "${output_probe_filename}"; then >&2 echo "output probe already esists inside S3 bucket - skipping (${S3_DRIVERS_KEY_PREFIX}/${driver_version}/${output_probe_filename})" else diff --git a/driverkit/utils/generate b/driverkit/utils/generate index 97ad95d26b6..2f82bccf7ac 100755 --- a/driverkit/utils/generate +++ b/driverkit/utils/generate @@ -8,8 +8,11 @@ CURRENT_DIR="$(pwd)" DEFAULT_KERNEL_VERSION="1" -while getopts ":k:d:v:" arg; do +while getopts ":a:k:d:v:" arg; do case $arg in + a) + TARGET_ARCH=${OPTARG} + ;; k) TARGET_KERNEL=${OPTARG} ;; @@ -22,6 +25,11 @@ while getopts ":k:d:v:" arg; do esac done + +if [ -z ${TARGET_ARCH} ]; then + echo "TARGET_ARCH can't be empty" + exit 1 +fi if [ -z ${TARGET_DISTRO} ]; then echo "TARGET_DISTRO can't be empty" exit 1 @@ -48,8 +56,23 @@ ensure_kernelrelease() { TARGET_KERNEL_RELEASE="${TARGET_KERNEL%_${TARGET_KERNEL_VERSION}}" } +function arch_to_driverkit_arch() { + case "$1" in + "x86_64") + echo -n "amd64" + ;; + "aarch64") + echo -n "arm64" + ;; + *) + echo "unknown architecture" + exit 1 + ;; + esac +} + generate_yamls() { - FOLDER="${CURRENT_DIR}/../driverkit/config/${TARGET_VERSION}" + FOLDER="${CURRENT_DIR}/../driverkit/config/${TARGET_VERSION}/${TARGET_ARCH}" mkdir -p ${FOLDER} FILE="${FOLDER}/${TARGET_DISTRO}_${TARGET_KERNEL}.yaml" echo "---" @@ -58,16 +81,18 @@ generate_yamls() { echo "kernelversion: ${TARGET_KERNEL_VERSION}" echo "kernelrelease: ${TARGET_KERNEL_RELEASE}" echo "target: ${TARGET_DISTRO}" + echo "architecture: $(arch_to_driverkit_arch ${TARGET_ARCH})" echo "output:" - echo " module: output/${TARGET_VERSION}/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" - echo " probe: output/${TARGET_VERSION}/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" + echo " module: output/${TARGET_VERSION}/${TARGET_ARCH}/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" + echo " probe: output/${TARGET_VERSION}/${TARGET_ARCH}/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" echo "kernelversion: ${TARGET_KERNEL_VERSION}" > ${FILE} echo "kernelrelease: ${TARGET_KERNEL_RELEASE}" >> ${FILE} echo "target: ${TARGET_DISTRO}" >> ${FILE} + echo "architecture: $(arch_to_driverkit_arch ${TARGET_ARCH})" >> ${FILE} echo "output:" >> ${FILE} - echo " module: output/${TARGET_VERSION}/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" >> ${FILE} - echo " probe: output/${TARGET_VERSION}/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" >> ${FILE} + echo " module: output/${TARGET_VERSION}/${TARGET_ARCH}/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" >> ${FILE} + echo " probe: output/${TARGET_VERSION}/${TARGET_ARCH}/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" >> ${FILE} } ensure_kernelversion diff --git a/driverkit/utils/scrape_and_generate b/driverkit/utils/scrape_and_generate index 8f5046af09b..c435c830bfa 100755 --- a/driverkit/utils/scrape_and_generate +++ b/driverkit/utils/scrape_and_generate @@ -4,7 +4,7 @@ set -euo pipefail DRY_RUN="${DRY_RUN:-false}" TMPDIR="$(mktemp -d)" -ARCH="x86_64" +ARCH="$1" LIST_URL="https://raw.githubusercontent.com/falcosecurity/kernel-crawler/main/kernels/${ARCH}/list.json" function pretty_echo() { @@ -29,6 +29,7 @@ function generate_from_kernel_releases() { echo "release: $release version: $version target: $target" test $DRY_RUN == "true" || \ make -C "$(dirname $0)/.." \ + -e TARGET_ARCH="${ARCH}" -e TARGET_KERNEL="${release}" \ -e TARGET_DISTRO="${target/${target_match}/${target_replace}}" \ generate >/dev/null From ae7c20a81e2c93756a8164489c5cf1d5e1214e55 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Wed, 15 Jun 2022 09:31:07 +0200 Subject: [PATCH 02/10] update(config): updated driverkit to 0.9.0 and added kernelurls support to driverkit scrape_and_generate/generate utilities. Signed-off-by: Federico Di Pierro --- driverkit/utils/generate | 11 ++++++++++- driverkit/utils/scrape_and_generate | 4 +++- images/build-drivers/Dockerfile | 4 ++-- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/driverkit/utils/generate b/driverkit/utils/generate index 2f82bccf7ac..d9172a24d26 100755 --- a/driverkit/utils/generate +++ b/driverkit/utils/generate @@ -8,7 +8,7 @@ CURRENT_DIR="$(pwd)" DEFAULT_KERNEL_VERSION="1" -while getopts ":a:k:d:v:" arg; do +while getopts ":a:k:d:v:h:" arg; do case $arg in a) TARGET_ARCH=${OPTARG} @@ -22,6 +22,9 @@ while getopts ":a:k:d:v:" arg; do v) TARGET_VERSION=${OPTARG} ;; + h) + TARGET_HEADERS=${OPTARG} + ;; esac done @@ -85,6 +88,9 @@ generate_yamls() { echo "output:" echo " module: output/${TARGET_VERSION}/${TARGET_ARCH}/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" echo " probe: output/${TARGET_VERSION}/${TARGET_ARCH}/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" + if [[ ! -z "${TARGET_HEADERS}" ]]; then + echo "kernelurls: ${TARGET_HEADERS}" + fi echo "kernelversion: ${TARGET_KERNEL_VERSION}" > ${FILE} echo "kernelrelease: ${TARGET_KERNEL_RELEASE}" >> ${FILE} @@ -93,6 +99,9 @@ generate_yamls() { echo "output:" >> ${FILE} echo " module: output/${TARGET_VERSION}/${TARGET_ARCH}/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" >> ${FILE} echo " probe: output/${TARGET_VERSION}/${TARGET_ARCH}/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" >> ${FILE} + if [[ ! -z "${TARGET_HEADERS}" ]]; then + echo "kernelurls: ${TARGET_HEADERS}" >> ${FILE} + fi } ensure_kernelversion diff --git a/driverkit/utils/scrape_and_generate b/driverkit/utils/scrape_and_generate index c435c830bfa..6915722ab77 100755 --- a/driverkit/utils/scrape_and_generate +++ b/driverkit/utils/scrape_and_generate @@ -25,6 +25,7 @@ function generate_from_kernel_releases() { do read -r version read -r target + read -r kernelurls pretty_echo "Generating configs for:" echo "release: $release version: $version target: $target" test $DRY_RUN == "true" || \ @@ -32,8 +33,9 @@ function generate_from_kernel_releases() { -e TARGET_ARCH="${ARCH}" -e TARGET_KERNEL="${release}" \ -e TARGET_DISTRO="${target/${target_match}/${target_replace}}" \ + -e TARGET_HEADERS="${kernelurls}" \ generate >/dev/null - done < <(jq -cr ".${distro_family}[] | (.kernelrelease, .kernelversion, .target)" $TMPDIR/sample.json) + done < <(jq -cr ".${distro_family}[] | (.kernelrelease, .kernelversion, .target, .headers)" $TMPDIR/sample.json) done } diff --git a/images/build-drivers/Dockerfile b/images/build-drivers/Dockerfile index 1c4c16659c7..8f5288dd687 100644 --- a/images/build-drivers/Dockerfile +++ b/images/build-drivers/Dockerfile @@ -2,8 +2,8 @@ FROM 292999226676.dkr.ecr.eu-west-1.amazonaws.com/test-infra/docker-dind ENV PUBLISH_S3="false" -RUN wget -q https://github.com/falcosecurity/driverkit/releases/download/v0.8.0/driverkit_0.8.0_linux_amd64.tar.gz \ - && tar -xvf driverkit_0.8.0_linux_amd64.tar.gz \ +RUN wget -q https://github.com/falcosecurity/driverkit/releases/download/v0.8.0/driverkit_0.9.0_linux_amd64.tar.gz \ + && tar -xvf driverkit_0.9.0_linux_amd64.tar.gz \ && chmod +x driverkit \ && mv driverkit /bin/driverkit From ac6663ab7fa507e77c54d0c50732afdc3385e7f8 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Wed, 15 Jun 2022 12:03:20 +0200 Subject: [PATCH 03/10] update(driverkit): port utils/build, utils/checkfiles, utils/generate, utils/scrape_and_generate to be backward compatible. Moreover, fixed a couple of stupid bugs. Signed-off-by: Federico Di Pierro --- driverkit/Makefile | 3 ++- driverkit/utils/build | 2 +- driverkit/utils/checkfiles | 30 ++++++++++++++++++++++++++++- driverkit/utils/generate | 25 +++++++++++++++++++----- driverkit/utils/scrape_and_generate | 2 +- 5 files changed, 53 insertions(+), 9 deletions(-) diff --git a/driverkit/Makefile b/driverkit/Makefile index 2cb2244f953..9b1bb877f19 100644 --- a/driverkit/Makefile +++ b/driverkit/Makefile @@ -15,6 +15,7 @@ TARGET_VERSION ?= * TARGET_DISTRO ?= * TARGET_KERNEL ?= * TARGET_ARCH ?= * +TARGET_HEADERS ?= S3_DRIVERS_BUCKET ?= "falco-distribution" S3_DRIVERS_KEY_PREFIX ?= "driver" SKIP_EXISTING ?= true @@ -31,7 +32,7 @@ publish_s3: $(addprefix publish_s3_,$(VERSIONS)) generate: $(foreach VERSION,$(VERSIONS),\ - utils/generate -a $(TARGET_ARCH) -k ${TARGET_KERNEL} -d ${TARGET_DISTRO} -v ${VERSION}; \ + utils/generate -a $(TARGET_ARCH) -k ${TARGET_KERNEL} -d ${TARGET_DISTRO} -h ${TARGET_HEADERS} -v ${VERSION}; \ ) generate/auto: diff --git a/driverkit/utils/build b/driverkit/utils/build index cce01ea6c78..49ed7dc95d1 100755 --- a/driverkit/utils/build +++ b/driverkit/utils/build @@ -54,6 +54,6 @@ fi # Build if [[ ${should_build} == "true" ]]; then - mkdir -p output/${driver_version} + mkdir -p output/${driver_version}/${arch} ${DRIVERKIT} docker -c ${input} --driverversion ${driver_version} --timeout 1000 || echo ${input} >> output/failing.log fi diff --git a/driverkit/utils/checkfiles b/driverkit/utils/checkfiles index d9cde8c0e27..712aefb1ae3 100755 --- a/driverkit/utils/checkfiles +++ b/driverkit/utils/checkfiles @@ -7,6 +7,20 @@ source "${currentdir}/parseyaml" input="$1" filename="${input##*/}" +input="$1" + +function get_arch_from_path() { + # Check if arch subdir exists + IFS=/ read -a input_parts <<< ${1} + if [[ ${#input_parts[@]} -eq 4 ]]; then + arch="${input_parts[2]}/" + else + arch="" + fi + echo -n "${arch}" +} + +arch="$(get_arch_from_path ${input})" target= kernelrelease= @@ -34,6 +48,13 @@ if [ -n "${output_probe}" ]; then >&2 echo "output probe filename is wrong (${1})" exit 1 fi + + if [[ -n "${arch}" ]]; then + if [ "$arch" != "$(get_arch_from_path ${output_probe})" ]; then + >&2 echo "output probe filename has not architecture in its config path (${1})" + exit 1 + fi + fi fi # Check whether the kernel module filename follows the convention otherwise exit @@ -43,4 +64,11 @@ if [ -n "${output_module}" ]; then >&2 echo "output module filename is wrong (${1})" exit 1 fi -fi + + if [[ -n "${arch}" ]]; then + if [ "$arch" != "$(get_arch_from_path ${output_module})" ]; then + >&2 echo "output module filename has not architecture in its config path (${1})" + exit 1 + fi + fi +fi \ No newline at end of file diff --git a/driverkit/utils/generate b/driverkit/utils/generate index d9172a24d26..03c52b701d9 100755 --- a/driverkit/utils/generate +++ b/driverkit/utils/generate @@ -74,8 +74,23 @@ function arch_to_driverkit_arch() { esac } +# If driver version is a semver, we are in the newest case +# thus we must support %arch/ subfolder for configs. +# Else, we are in the old case, and we only support x86_64 configs +# in the TARGET_VERSION folder. +function path_from_version() { + rx='^([0-9]+\.){0,2}(\*|[0-9]+)$' + if [[ $TARGET_VERSION =~ $rx ]]; then + # valid semver + echo -n "${TARGET_VERSION}/${TARGET_ARCH}" + else + # not valid (old versions) + echo -n "${TARGET_VERSION}" + fi +} + generate_yamls() { - FOLDER="${CURRENT_DIR}/../driverkit/config/${TARGET_VERSION}/${TARGET_ARCH}" + FOLDER="${CURRENT_DIR}/../driverkit/config/$(path_from_version)" mkdir -p ${FOLDER} FILE="${FOLDER}/${TARGET_DISTRO}_${TARGET_KERNEL}.yaml" echo "---" @@ -86,8 +101,8 @@ generate_yamls() { echo "target: ${TARGET_DISTRO}" echo "architecture: $(arch_to_driverkit_arch ${TARGET_ARCH})" echo "output:" - echo " module: output/${TARGET_VERSION}/${TARGET_ARCH}/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" - echo " probe: output/${TARGET_VERSION}/${TARGET_ARCH}/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" + echo " module: output/$(path_from_version)/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" + echo " probe: output/$(path_from_version)/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" if [[ ! -z "${TARGET_HEADERS}" ]]; then echo "kernelurls: ${TARGET_HEADERS}" fi @@ -97,8 +112,8 @@ generate_yamls() { echo "target: ${TARGET_DISTRO}" >> ${FILE} echo "architecture: $(arch_to_driverkit_arch ${TARGET_ARCH})" >> ${FILE} echo "output:" >> ${FILE} - echo " module: output/${TARGET_VERSION}/${TARGET_ARCH}/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" >> ${FILE} - echo " probe: output/${TARGET_VERSION}/${TARGET_ARCH}/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" >> ${FILE} + echo " module: output/$(path_from_version)/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" >> ${FILE} + echo " probe: output/$(path_from_version)/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" >> ${FILE} if [[ ! -z "${TARGET_HEADERS}" ]]; then echo "kernelurls: ${TARGET_HEADERS}" >> ${FILE} fi diff --git a/driverkit/utils/scrape_and_generate b/driverkit/utils/scrape_and_generate index 6915722ab77..46395ea6dee 100755 --- a/driverkit/utils/scrape_and_generate +++ b/driverkit/utils/scrape_and_generate @@ -30,7 +30,7 @@ function generate_from_kernel_releases() { echo "release: $release version: $version target: $target" test $DRY_RUN == "true" || \ make -C "$(dirname $0)/.." \ - -e TARGET_ARCH="${ARCH}" + -e TARGET_ARCH="${ARCH}" \ -e TARGET_KERNEL="${release}" \ -e TARGET_DISTRO="${target/${target_match}/${target_replace}}" \ -e TARGET_HEADERS="${kernelurls}" \ From ddc7424773bd63148197147b7a6e015450df062c Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Wed, 15 Jun 2022 12:18:20 +0200 Subject: [PATCH 04/10] update(driverkit): port utils/validate to be backward compatible. Signed-off-by: Federico Di Pierro --- driverkit/Makefile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/driverkit/Makefile b/driverkit/Makefile index 9b1bb877f19..9118988e96b 100644 --- a/driverkit/Makefile +++ b/driverkit/Makefile @@ -20,7 +20,11 @@ S3_DRIVERS_BUCKET ?= "falco-distribution" S3_DRIVERS_KEY_PREFIX ?= "driver" SKIP_EXISTING ?= true -validate: $(patsubst config_%,validate/%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) +validate: validate_old validate_new +# old fmt had x86_64 only in root folder +validate_old: $(patsubst config_%,validate/%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) +# new fmt has %arch subfolders +validate_new: $(patsubst config_%,validate/%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) all: $(patsubst config_%,%,$(subst /,_,$(CONFIGS))) From f11b7e47f3ffc7cdd257e470205f64d64c714dc8 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Wed, 15 Jun 2022 12:39:55 +0200 Subject: [PATCH 05/10] update(driverkit): port utils/driverstats to be backward compatible. Signed-off-by: Federico Di Pierro --- driverkit/utils/checkfiles | 1 - driverkit/utils/driverstats | 54 ++++++++++++++++++++++--------------- 2 files changed, 33 insertions(+), 22 deletions(-) diff --git a/driverkit/utils/checkfiles b/driverkit/utils/checkfiles index 712aefb1ae3..91342a2d907 100755 --- a/driverkit/utils/checkfiles +++ b/driverkit/utils/checkfiles @@ -7,7 +7,6 @@ source "${currentdir}/parseyaml" input="$1" filename="${input##*/}" -input="$1" function get_arch_from_path() { # Check if arch subdir exists diff --git a/driverkit/utils/driverstats b/driverkit/utils/driverstats index b26794dac06..bd0e7741c87 100755 --- a/driverkit/utils/driverstats +++ b/driverkit/utils/driverstats @@ -10,8 +10,13 @@ source "${currentdir}/parseyaml" TARGET_VERSION=${TARGET_VERSION:-"*"} TARGET_DISTRO=${TARGET_DISTRO:-"*"} TARGET_KERNEL=${TARGET_KERNEL:-"*"} +TARGET_ARCH=${TARGET_ARCH:-"*"} -configs=(config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*.yaml) +# Only load old configs if x86_64 or * arch is requested +if [ "${TARGET_ARCH}" = "*" ] || [ "${TARGET_ARCH}" = "x86_64" ]; then + configs_old=(config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*.yaml) +fi +configs_new=(config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*.yaml) total_ebpf_drivers=0 total_kmod_drivers=0 @@ -47,26 +52,33 @@ cleanup() { hdestroy kmod_drivers_by_version } -for file in "${configs[@]}" -do - driver_version=${file%/*} - driver_version=${driver_version##config/} - output_module= - output_probe= - create_variables "$file" - if [ -n "${output_probe}" ]; then - ((total_ebpf_drivers=total_ebpf_drivers+1)) - current_num_ebpf_drivers=$(hget ebpf_drivers_by_version "${driver_version}") || current_num_ebpf_drivers=0 - ((current_num_ebpf_drivers=current_num_ebpf_drivers+1)) - hput ebpf_drivers_by_version "${driver_version}" "${current_num_ebpf_drivers}" - fi - if [ -n "${output_module}" ]; then - ((total_kmod_drivers=total_kmod_drivers+1)) - current_num_kmod_drivers=$(hget kmod_drivers_by_version "${driver_version}") || current_num_kmod_drivers=0 - ((current_num_kmod_drivers=current_num_kmod_drivers+1)) - hput kmod_drivers_by_version "${driver_version}" "${current_num_kmod_drivers}" - fi -done +loop() { + configs=("$@") + for file in "${configs[@]}" + do + driver_version=${file%/*} + driver_version=${driver_version##config/} + driver_version=$(echo "$driver_version" | tr '/' '_') + output_module= + output_probe= + create_variables "$file" + if [ -n "${output_probe}" ]; then + ((total_ebpf_drivers=total_ebpf_drivers+1)) + current_num_ebpf_drivers=$(hget ebpf_drivers_by_version "${driver_version}") || current_num_ebpf_drivers=0 + ((current_num_ebpf_drivers=current_num_ebpf_drivers+1)) + hput ebpf_drivers_by_version "${driver_version}" "${current_num_ebpf_drivers}" + fi + if [ -n "${output_module}" ]; then + ((total_kmod_drivers=total_kmod_drivers+1)) + current_num_kmod_drivers=$(hget kmod_drivers_by_version "${driver_version}") || current_num_kmod_drivers=0 + ((current_num_kmod_drivers=current_num_kmod_drivers+1)) + hput kmod_drivers_by_version "${driver_version}" "${current_num_kmod_drivers}" + fi + done +} + +loop "${configs_old[@]}" +loop "${configs_new[@]}" for driver_version in $(hkeys kmod_drivers_by_version) do From 2163011a66be5191ec7a4ef8ed1269b13ecc2b22 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Wed, 15 Jun 2022 15:23:49 +0200 Subject: [PATCH 06/10] update(driverkit): fixed specific_target support for multiarch. Note: even when filtering for TARGET_ARCH, `validate_old` and `specific_target_old` will always run. This is a small issue while we support both the old and the new format, and will eventually go away once we drop support for old format. It is not impactful since we do never filter for TARGET_ARCH (given that it is a newly introduced filter). Signed-off-by: Federico Di Pierro --- driverkit/Makefile | 29 ++++++++++++++++----------- driverkit/README.md | 2 +- driverkit/utils/generate | 4 ++-- images/build-drivers/build-drivers.sh | 1 + 4 files changed, 21 insertions(+), 15 deletions(-) diff --git a/driverkit/Makefile b/driverkit/Makefile index 9118988e96b..c1f643226c9 100644 --- a/driverkit/Makefile +++ b/driverkit/Makefile @@ -21,14 +21,22 @@ S3_DRIVERS_KEY_PREFIX ?= "driver" SKIP_EXISTING ?= true validate: validate_old validate_new -# old fmt had x86_64 only in root folder +# old fmt had x86_64 only in root folder. Note: this breaks filtering for TARGET_ARCH +# because validate_old will always validate any old config. +# Not a big deal because we were not going to filter for TARGET_ARCH in any case. validate_old: $(patsubst config_%,validate/%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) -# new fmt has %arch subfolders +# new fmt has $arch subfolders validate_new: $(patsubst config_%,validate/%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) all: $(patsubst config_%,%,$(subst /,_,$(CONFIGS))) -specific_target: $(patsubst config_%,%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) +specific_target: specific_target_old specific_target_new +# old fmt had x86_64 only in root folder. Note: this breaks filtering for TARGET_ARCH +# because specific_target_old will always build any old config. +# Not a big deal because we were not going to filter for TARGET_ARCH in any case. +specific_target_old: $(patsubst config_%,%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) +# new fmt has $arch subfolders +specific_target_new: $(patsubst config_%,%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) prepare: $(addprefix prepare_,$(VERSIONS)) publish: $(addprefix publish_,$(VERSIONS)) @@ -50,21 +58,18 @@ cleanup_s3: S3_DRIVERS_BUCKET=${S3_DRIVERS_BUCKET} S3_DRIVERS_KEY_PREFIX=${S3_DRIVERS_KEY_PREFIX} utils/cleanup_s3 $(addprefix -v ,$(VERSIONS)) # $(1): pseudo-target name -# $(2): driver version -# $(3): config file path +# $(2): config file path define gen_build_targets -validate/$(1): $(3) - utils/checkfiles $(3) +validate/$(1): $(2) + utils/checkfiles $(2) -$(1): validate/$(1) $(3) - DRIVERKIT=${DRIVERKIT} S3_DRIVERS_BUCKET=${S3_DRIVERS_BUCKET} S3_DRIVERS_KEY_PREFIX=${S3_DRIVERS_KEY_PREFIX} SKIP_EXISTING=${SKIP_EXISTING} utils/build $(3) +$(1): validate/$(1) $(2) + DRIVERKIT=${DRIVERKIT} S3_DRIVERS_BUCKET=${S3_DRIVERS_BUCKET} S3_DRIVERS_KEY_PREFIX=${S3_DRIVERS_KEY_PREFIX} SKIP_EXISTING=${SKIP_EXISTING} utils/build $(2) endef $(foreach CONFIG,$(CONFIGS),\ - $(eval INNER := $(patsubst config/%,%,$(CONFIG)))\ - $(eval VERSION := $(patsubst %/,%,$(dir $(INNER))))\ $(eval TARGET := $(patsubst config_%,%,$(subst /,_,$(CONFIG))))\ - $(eval $(call gen_build_targets,$(TARGET),$(VERSION),$(CONFIG)))\ + $(eval $(call gen_build_targets,$(TARGET),$(CONFIG)))\ ) # $(1): driver version diff --git a/driverkit/README.md b/driverkit/README.md index a90704d769b..84984dff3ea 100644 --- a/driverkit/README.md +++ b/driverkit/README.md @@ -45,7 +45,7 @@ These are the available filters as environment variables: - in ..* format - in .* format -Notice all the filters are optional (except `TARGET_DISTRO` and `TARGET_KERNEL` for `generate`). +Notice all the filters are optional (except for `generate` where they are mandatory). You can also filter a specific distro with a specific kernel version: diff --git a/driverkit/utils/generate b/driverkit/utils/generate index 03c52b701d9..e199c614772 100755 --- a/driverkit/utils/generate +++ b/driverkit/utils/generate @@ -103,7 +103,7 @@ generate_yamls() { echo "output:" echo " module: output/$(path_from_version)/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" echo " probe: output/$(path_from_version)/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" - if [[ ! -z "${TARGET_HEADERS}" ]]; then + if [[ -n "${TARGET_HEADERS}" ]]; then echo "kernelurls: ${TARGET_HEADERS}" fi @@ -114,7 +114,7 @@ generate_yamls() { echo "output:" >> ${FILE} echo " module: output/$(path_from_version)/${DRIVER_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.ko" >> ${FILE} echo " probe: output/$(path_from_version)/${PROBE_NAME}_${TARGET_DISTRO}_${TARGET_KERNEL}.o" >> ${FILE} - if [[ ! -z "${TARGET_HEADERS}" ]]; then + if [[ -n "${TARGET_HEADERS}" ]]; then echo "kernelurls: ${TARGET_HEADERS}" >> ${FILE} fi } diff --git a/images/build-drivers/build-drivers.sh b/images/build-drivers/build-drivers.sh index 34aa73dac64..a77c99a9e4e 100755 --- a/images/build-drivers/build-drivers.sh +++ b/images/build-drivers/build-drivers.sh @@ -17,6 +17,7 @@ declare -A DBG_FILTERS DBG_FILTERS['TARGET_DISTRO']="${1}" DBG_FILTERS['TARGET_KERNEL']="${2}" DBG_FILTERS['TARGET_VERSION']="${3}" +DBG_FILTERS['TARGET_ARCH']="${4}" DBG_MAKE_BUILD_OPTIONS="" DBG_MAKE_BUILD_TARGET="specific_target" DBG_MAKE_PUBLISH_TARGET="publish_s3" From 3090270cae20afbd328288f11453c3b29334637b Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Wed, 15 Jun 2022 15:42:48 +0200 Subject: [PATCH 07/10] chore(driverkit): added TODOs to remove useless checks once we only support the new $driverversion/$arch/ format. Signed-off-by: Federico Di Pierro --- driverkit/Makefile | 4 ++++ driverkit/utils/build | 1 + driverkit/utils/checkfiles | 7 +++++-- driverkit/utils/driverstats | 2 ++ driverkit/utils/generate | 1 + 5 files changed, 13 insertions(+), 2 deletions(-) diff --git a/driverkit/Makefile b/driverkit/Makefile index c1f643226c9..fbf35347101 100644 --- a/driverkit/Makefile +++ b/driverkit/Makefile @@ -24,6 +24,7 @@ validate: validate_old validate_new # old fmt had x86_64 only in root folder. Note: this breaks filtering for TARGET_ARCH # because validate_old will always validate any old config. # Not a big deal because we were not going to filter for TARGET_ARCH in any case. +# TODO: rm once old format support is dropped validate_old: $(patsubst config_%,validate/%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) # new fmt has $arch subfolders validate_new: $(patsubst config_%,validate/%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) @@ -34,6 +35,7 @@ specific_target: specific_target_old specific_target_new # old fmt had x86_64 only in root folder. Note: this breaks filtering for TARGET_ARCH # because specific_target_old will always build any old config. # Not a big deal because we were not going to filter for TARGET_ARCH in any case. +# TODO: rm once old format support is dropped specific_target_old: $(patsubst config_%,%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) # new fmt has $arch subfolders specific_target_new: $(patsubst config_%,%,$(subst /,_,$(wildcard config/${TARGET_VERSION}*/${TARGET_ARCH}/${TARGET_DISTRO}_${TARGET_KERNEL}-*))) @@ -76,6 +78,7 @@ $(foreach CONFIG,$(CONFIGS),\ define gen_publish_targets split_$(1)_kernelmodules: # root is old x86_64 +# TODO: rm once old format support is dropped ifneq ("$(wildcard output/$(1)/*.ko)","") @mkdir -p output/$(1)/kernel-module @mv -f output/$(1)/*.ko output/$(1)/kernel-module @@ -91,6 +94,7 @@ endif split_$(1)_ebpfprobes: # root is old x86_64 +# TODO: rm once old format support is dropped ifneq ("$(wildcard output/$(1)/*.o)","") @mkdir -p output/$(1)/ebpf-probe @mv -f output/$(1)/*.o output/$(1)/ebpf-probe diff --git a/driverkit/utils/build b/driverkit/utils/build index 49ed7dc95d1..f2b6d40da54 100755 --- a/driverkit/utils/build +++ b/driverkit/utils/build @@ -10,6 +10,7 @@ IFS=/ read -a input_parts <<< ${input} driver_version="${input_parts[1]}" # If there is an arch subdir -> use it! +# TODO: rm once old format support is dropped; just use arch="${input_parts[2]}" if [[ ${#input_parts[@]} -eq 4 ]]; then arch="${input_parts[2]}/" else diff --git a/driverkit/utils/checkfiles b/driverkit/utils/checkfiles index 91342a2d907..ae19bf44cf4 100755 --- a/driverkit/utils/checkfiles +++ b/driverkit/utils/checkfiles @@ -8,6 +8,7 @@ source "${currentdir}/parseyaml" input="$1" filename="${input##*/}" +# TODO: rm once old format support is dropped; just use arch="${input_parts[2]}" function get_arch_from_path() { # Check if arch subdir exists IFS=/ read -a input_parts <<< ${1} @@ -48,9 +49,10 @@ if [ -n "${output_probe}" ]; then exit 1 fi + # TODO: rm this external check once old format support is dropped (and we always have an arch) if [[ -n "${arch}" ]]; then if [ "$arch" != "$(get_arch_from_path ${output_probe})" ]; then - >&2 echo "output probe filename has not architecture in its config path (${1})" + >&2 echo "output probe filename has wrong architecture in its config path (${1})" exit 1 fi fi @@ -64,9 +66,10 @@ if [ -n "${output_module}" ]; then exit 1 fi + # TODO: rm this external check once old format support is dropped (and we always have an arch) if [[ -n "${arch}" ]]; then if [ "$arch" != "$(get_arch_from_path ${output_module})" ]; then - >&2 echo "output module filename has not architecture in its config path (${1})" + >&2 echo "output module filename has wrong architecture in its config path (${1})" exit 1 fi fi diff --git a/driverkit/utils/driverstats b/driverkit/utils/driverstats index bd0e7741c87..f0c206fbe3b 100755 --- a/driverkit/utils/driverstats +++ b/driverkit/utils/driverstats @@ -13,6 +13,7 @@ TARGET_KERNEL=${TARGET_KERNEL:-"*"} TARGET_ARCH=${TARGET_ARCH:-"*"} # Only load old configs if x86_64 or * arch is requested +# TODO: rm this once old format support is dropped if [ "${TARGET_ARCH}" = "*" ] || [ "${TARGET_ARCH}" = "x86_64" ]; then configs_old=(config/${TARGET_VERSION}*/${TARGET_DISTRO}_${TARGET_KERNEL}-*.yaml) fi @@ -77,6 +78,7 @@ loop() { done } +# TODO: rm this once old format support is dropped loop "${configs_old[@]}" loop "${configs_new[@]}" diff --git a/driverkit/utils/generate b/driverkit/utils/generate index e199c614772..e2d3beb526c 100755 --- a/driverkit/utils/generate +++ b/driverkit/utils/generate @@ -78,6 +78,7 @@ function arch_to_driverkit_arch() { # thus we must support %arch/ subfolder for configs. # Else, we are in the old case, and we only support x86_64 configs # in the TARGET_VERSION folder. +# TODO: rm this once old format support is dropped, and always use ${TARGET_VERSION}/${TARGET_ARCH} function path_from_version() { rx='^([0-9]+\.){0,2}(\*|[0-9]+)$' if [[ $TARGET_VERSION =~ $rx ]]; then From 023f335dd1a48a4b2c4b2ea526b6dc5bf7ae3b4d Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Thu, 16 Jun 2022 12:04:47 +0200 Subject: [PATCH 08/10] update(images): updated driverkit to 0.9.1. Signed-off-by: Federico Di Pierro --- images/build-drivers/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/images/build-drivers/Dockerfile b/images/build-drivers/Dockerfile index 8f5288dd687..8db77e030e3 100644 --- a/images/build-drivers/Dockerfile +++ b/images/build-drivers/Dockerfile @@ -2,8 +2,8 @@ FROM 292999226676.dkr.ecr.eu-west-1.amazonaws.com/test-infra/docker-dind ENV PUBLISH_S3="false" -RUN wget -q https://github.com/falcosecurity/driverkit/releases/download/v0.8.0/driverkit_0.9.0_linux_amd64.tar.gz \ - && tar -xvf driverkit_0.9.0_linux_amd64.tar.gz \ +RUN wget -q https://github.com/falcosecurity/driverkit/releases/download/v0.9.1/driverkit_0.9.1_linux_amd64.tar.gz \ + && tar -xvf driverkit_0.9.1_linux_amd64.tar.gz \ && chmod +x driverkit \ && mv driverkit /bin/driverkit From 72bb7ced88d7e6652a6efa9de6b68d37eb1c9133 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Thu, 16 Jun 2022 14:04:48 +0200 Subject: [PATCH 09/10] fix(driverkit): fixed semver check regex. Signed-off-by: Federico Di Pierro --- driverkit/utils/generate | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/driverkit/utils/generate b/driverkit/utils/generate index e2d3beb526c..a2267605994 100755 --- a/driverkit/utils/generate +++ b/driverkit/utils/generate @@ -80,8 +80,8 @@ function arch_to_driverkit_arch() { # in the TARGET_VERSION folder. # TODO: rm this once old format support is dropped, and always use ${TARGET_VERSION}/${TARGET_ARCH} function path_from_version() { - rx='^([0-9]+\.){0,2}(\*|[0-9]+)$' - if [[ $TARGET_VERSION =~ $rx ]]; then + SEMVER_REGEX="^(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)\\.(0|[1-9][0-9]*)(\\-[0-9A-Za-z-]+(\\.[0-9A-Za-z-]+)*)?(\\+[0-9A-Za-z-]+(\\.[0-9A-Za-z-]+)*)?$" + if [[ $TARGET_VERSION =~ $SEMVER_REGEX ]]; then # valid semver echo -n "${TARGET_VERSION}/${TARGET_ARCH}" else From e87df7545189ecc8c1eed8a59cbc96219830ad08 Mon Sep 17 00:00:00 2001 From: Massimiliano Giovagnoli Date: Tue, 21 Jun 2022 14:40:05 +0200 Subject: [PATCH 10/10] fix(driverkit/makefile): pass right archs to generate targets Signed-off-by: Massimiliano Giovagnoli --- driverkit/Makefile | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/driverkit/Makefile b/driverkit/Makefile index fbf35347101..5aed794fd90 100644 --- a/driverkit/Makefile +++ b/driverkit/Makefile @@ -5,9 +5,14 @@ ifeq ($(DRIVERKIT),) DRIVERKIT := "/bin/driverkit" endif +ALL_ARCHS := x86_64 aarch64 + # Recursive wildcard rwildcard=$(foreach d,$(wildcard $(1:=/*)),$(call rwildcard,$d,$2) $(filter $(subst *,%,$2),$d)) +# Equals function +eq = $(and $(findstring $(1),$(2)),$(findstring $(2),$(1))) + CONFIGS := $(call rwildcard,config/*,*.yaml) VERSIONS := $(patsubst config/%,%,$(sort $(dir $(wildcard config/*/)))) VERSIONS := $(VERSIONS:/=) @@ -15,6 +20,7 @@ TARGET_VERSION ?= * TARGET_DISTRO ?= * TARGET_KERNEL ?= * TARGET_ARCH ?= * +TARGET_ARCHS := $(if $(call eq,$(TARGET_ARCH),*),$(ALL_ARCHS),$(TARGET_ARCH)) TARGET_HEADERS ?= S3_DRIVERS_BUCKET ?= "falco-distribution" S3_DRIVERS_KEY_PREFIX ?= "driver" @@ -45,13 +51,16 @@ publish: $(addprefix publish_,$(VERSIONS)) publish_s3: $(addprefix publish_s3_,$(VERSIONS)) generate: - $(foreach VERSION,$(VERSIONS),\ - utils/generate -a $(TARGET_ARCH) -k ${TARGET_KERNEL} -d ${TARGET_DISTRO} -h ${TARGET_HEADERS} -v ${VERSION}; \ + $(foreach ARCH,$(TARGET_ARCHS),\ + $(foreach VERSION,$(VERSIONS),\ + utils/generate -a '$(ARCH)' -k '${TARGET_KERNEL}' -d '${TARGET_DISTRO}' -h '${TARGET_HEADERS}' -v '${VERSION}'; \ + )\ ) generate/auto: - utils/scrape_and_generate "x86_64" - utils/scrape_and_generate "aarch64" + $(foreach ARCH,$(TARGET_ARCHS),\ + utils/scrape_and_generate $(ARCH); \ + ) cleanup: utils/cleanup -p ${BINTRAY_SECRET} $(addprefix -v ,$(VERSIONS))