Set module arguments via falco-driver-loader

docker/falco/docker-entrypoint.sh

@@ -32,7 +32,7 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]] && [[ -z "${SKIP_MODULE_LOAD}" ]]; then
         ln -s "$i" "/usr/src/$base"
     done
 
-    /usr/bin/falco-driver-loader
+    /usr/bin/falco-driver-loader ${FALCO_DRIVER_LOADER_ARGS}
 fi
 
 exec "$@"

docker/local/docker-entrypoint.sh

@@ -28,7 +28,7 @@ if [[ -z "${SKIP_DRIVER_LOADER}" ]]; then
         ln -s "$i" "/usr/src/$base"
     done
 
-    /usr/bin/falco-driver-loader
+    /usr/bin/falco-driver-loader ${FALCO_DRIVER_LOADER_ARGS}
 fi
 
 exec "$@"

scripts/falco-driver-loader

@@ -158,15 +158,18 @@ load_kernel_module_compile() {
 		echo "make CC=${CURRENT_GCC} \$@" >> /tmp/falco-dkms-make
 		chmod +x /tmp/falco-dkms-make
 		if dkms install --directive="MAKE='/tmp/falco-dkms-make'" -m "${DRIVER_NAME}" -v "${DRIVER_VERSION}" -k "${KERNEL_RELEASE}" 2>/dev/null; then
-			echo "* ${DRIVER_NAME} module installed in dkms, trying to insmod"				
-			if insmod "/var/lib/dkms/${DRIVER_NAME}/${DRIVER_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${DRIVER_NAME}.ko" > /dev/null 2>&1; then
-				echo "* Success: ${DRIVER_NAME} module found and loaded in dkms"
+			echo "* ${DRIVER_NAME} module installed in dkms, trying to insmod"
+			if OUTPUT="$(insmod "/var/lib/dkms/${DRIVER_NAME}/${DRIVER_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${DRIVER_NAME}.ko" "${MODULE_ARGS[@]}" 2>&1)"; then
+				echo "* Success: ${DRIVER_NAME} module found and loaded in dkms with arguments '${MODULE_ARGS[@]}'"
 				exit 0
-			elif insmod "/var/lib/dkms/${DRIVER_NAME}/${DRIVER_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${DRIVER_NAME}.ko.xz" > /dev/null 2>&1; then
-				echo "* Success: ${DRIVER_NAME} module found and loaded in dkms (xz)"
+			else
+				echo "* Unable to insmod ${DRIVER_NAME} module with arguments '${MODULE_ARGS[@]}': ${OUTPUT}"
+			fi
+			if OUTPUT="$(insmod "/var/lib/dkms/${DRIVER_NAME}/${DRIVER_VERSION}/${KERNEL_RELEASE}/${ARCH}/module/${DRIVER_NAME}.ko.xz" "${MODULE_ARGS[@]}" 2>&1)"; then
+				echo "* Success: ${DRIVER_NAME} module found and loaded in dkms with arguments '${MODULE_ARGS[@]}' (xz)"
 				exit 0
 			else
-				echo "* Unable to insmod ${DRIVER_NAME} module"
+				echo "* Unable to insmod ${DRIVER_NAME} module with arguments '${MODULE_ARGS[@]}' (xz): ${OUTPUT}"
 			fi
 		else
 			DKMS_LOG="/var/lib/dkms/${DRIVER_NAME}/${DRIVER_VERSION}/build/make.log"
@@ -192,8 +195,14 @@ load_kernel_module_download() {
 	echo "* Trying to download prebuilt module from ${URL}"
 	if curl -L --create-dirs "${FALCO_DRIVER_CURL_OPTIONS}" -o "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}" "${URL}"; then
 		echo "* Download succeeded"
-		insmod "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}" && echo "* Success: ${DRIVER_NAME} module loaded"
-		exit $?
+		if OUTPUT="$(insmod "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}" "${MODULE_ARGS[@]}")"; then
+		  echo "* Success: ${DRIVER_NAME} module loaded with arguments '${MODULE_ARGS[@]}'"
+		  exit 0
+		else
+		  EXIT=$?
+		  echo "* Unable to insmod ${DRIVER_NAME} module with arguments '${MODULE_ARGS[@]}': ${OUTPUT}"
+		  exit $EXIT
+		fi
 	else
 		>&2 echo "Download failed, consider compiling your own ${DRIVER_NAME} module and loading it or getting in touch with the Falco community"
 		exit 1
@@ -243,10 +252,12 @@ load_kernel_module() {
 
 
 	echo "* Trying to load a system ${DRIVER_NAME} driver, if present"
-	if modprobe "${DRIVER_NAME}" > /dev/null 2>&1; then
-		echo "* Success: ${DRIVER_NAME} module found and loaded with modprobe"
+	if OUTPUT="$(modprobe "${DRIVER_NAME}" "${MODULE_ARGS[@]}" 2>&1)"; then
+		echo "* Success: ${DRIVER_NAME} module found and loaded with modprobe and arguments '${MODULE_ARGS[@]}'"
 		exit 0
-	fi		
+	else
+	  echo "* Unable to modprobe ${DRIVER_NAME} module with arguments '${MODULE_ARGS[@]}': ${OUTPUT}"
+	fi
 
 
 	echo "* Trying to find locally a prebuilt ${DRIVER_NAME} module for kernel ${KERNEL_RELEASE}, if present"
@@ -257,8 +268,15 @@ load_kernel_module() {
 
 	if [ -f "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}" ]; then
 		echo "* Found a prebuilt module at ${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}, loading it"
-		insmod "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}" && echo "* Success: ${DRIVER_NAME} module loaded"
-		exit $?
+
+		if OUTPUT="$(insmod "${HOME}/.falco/${FALCO_KERNEL_MODULE_FILENAME}" "${MODULE_ARGS[@]}")"; then
+		  echo "* Success: ${DRIVER_NAME} module loaded with arguments '${MODULE_ARGS[@]}'"
+		  exit 0
+		else
+		  EXIT=$?
+		  echo "* Unable to insmod ${DRIVER_NAME} module with arguments '${MODULE_ARGS[@]}': ${OUTPUT}"
+		  exit $EXIT
+		fi
 	fi
 
 	if [ -n "$ENABLE_DOWNLOAD" ]; then
@@ -462,10 +480,11 @@ print_usage() {
 	echo "  bpf           eBPF probe"
 	echo ""
 	echo "Options:"
-	echo "  --help         show brief help"
-	echo "  --compile      try to compile the driver locally"
-	echo "  --download     try to download a prebuilt driver"
-	echo "  --source-only  skip execution and allow sourcing in another script"
+	echo "  --help                  show brief help"
+	echo "  --compile               try to compile the driver locally"
+	echo "  --download              try to download a prebuilt driver"
+	echo "  --source-only           skip execution and allow sourcing in another script"
+	echo "  --module-arg PARAM=VAL  set module argument (flag can be repeated)"
 	echo ""
 }
 
@@ -495,6 +514,7 @@ fi
 
 ENABLE_COMPILE=
 ENABLE_DOWNLOAD=
+MODULE_ARGS=( )
 
 has_args=
 has_opts=
@@ -530,6 +550,11 @@ while test $# -gt 0; do
 			source_only="true"
 			shift
 			;;
+		--module-arg)
+			shift
+			MODULE_ARGS+=( "$1" )
+			shift
+			;;
 		--*)
 			>&2 echo "Unknown option: $1"
 			print_usage
@@ -559,7 +584,7 @@ if [ -z "$source_only" ]; then
 		exit 1
 	fi
 
-	echo "* Running falco-driver-loader with: driver=$DRIVER, compile=${ENABLE_COMPILE:-"no"}, download=${ENABLE_DOWNLOAD:-"no"}"
+	echo "* Running falco-driver-loader with: driver=$DRIVER, compile=${ENABLE_COMPILE:-"no"}, download=${ENABLE_DOWNLOAD:-"no"}, module_args=(${MODULE_ARGS[@]})"
 	case $DRIVER in 
 		module)
 			load_kernel_module