diff options
author | Michał Górny <mgorny@gentoo.org> | 2024-01-18 17:04:48 +0100 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2024-01-19 15:44:15 +0100 |
commit | 77f7d9823da97af302ebf23358c17919f3d62bdd (patch) | |
tree | 7c4e238d180a6b5e996848b54cdf54127bee32e1 /dev-debug | |
parent | Move {dev-util → dev-debug}/systemtap (diff) | |
download | gentoo-77f7d9823da97af302ebf23358c17919f3d62bdd.tar.gz gentoo-77f7d9823da97af302ebf23358c17919f3d62bdd.tar.bz2 gentoo-77f7d9823da97af302ebf23358c17919f3d62bdd.zip |
Move {dev-util → dev-debug}/scap-driver
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Closes: https://github.com/gentoo/gentoo/pull/34882
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'dev-debug')
11 files changed, 302 insertions, 2 deletions
diff --git a/dev-debug/scap-driver/Manifest b/dev-debug/scap-driver/Manifest new file mode 100644 index 000000000000..ea647a605682 --- /dev/null +++ b/dev-debug/scap-driver/Manifest @@ -0,0 +1 @@ +DIST falcosecurity-libs-e5c53d648f3c4694385bbe488e7d47eaa36c229a.tar.gz 816972 BLAKE2B b47ae6a7677935500ebdab8aea7f4c49ef50b7175ec097e7213a1f041ac2b5aa642379924927ec12c84271016e9ab9d191c0c1d4ffacd6ade58b7a03c37f9221 SHA512 65e5916e5f9507fd867a5e9ba3b2670a1b73b7672a22479d3019e948a52ad74441d7e2ce1c74ebd0fdbd1ce66808efa49f285bd5180bceae9d4e6730a60787ce diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-5.18+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-5.18+.patch new file mode 100644 index 000000000000..974b561df47f --- /dev/null +++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-5.18+.patch @@ -0,0 +1,63 @@ + +Bug: https://bugs.gentoo.org/866113 +Source: https://github.com/falcosecurity/libs/pull/411/commits/36e945af4feb31c8b875f7d4624592b0c1ff929d + +From 36e945af4feb31c8b875f7d4624592b0c1ff929d Mon Sep 17 00:00:00 2001 +From: Federico Di Pierro <nierro92@gmail.com> +Date: Mon, 20 Jun 2022 14:26:39 +0200 +Subject: [PATCH] fix(driver): fixed kmod build on linux kernels >= 5.18. + +Signed-off-by: Federico Di Pierro <nierro92@gmail.com> +--- + driver/main.c | 14 +++++++++----- + 1 file changed, 9 insertions(+), 5 deletions(-) + +diff --git a/driver/main.c b/driver/main.c +index 6b5ae461a..e606cc2f8 100644 +--- a/driver/main.c ++++ b/driver/main.c +@@ -70,8 +70,9 @@ MODULE_AUTHOR("the Falco authors"); + #define TRACEPOINT_PROBE(probe, args...) static void probe(void *__data, args) + #endif + +-#ifndef pgprot_encrypted +-#define pgprot_encrypted(x) (x) ++// Allow build even on arch where PAGE_ENC is not implemented ++#ifndef _PAGE_ENC ++#define _PAGE_ENC 0 + #endif + + struct ppm_device { +@@ -1217,8 +1218,9 @@ static int ppm_mmap(struct file *filp, struct vm_area_struct *vma) + + pfn = vmalloc_to_pfn(vmalloc_area_ptr); + ++ pgprot_val(vma->vm_page_prot) = pgprot_val(PAGE_SHARED) | _PAGE_ENC; + ret = remap_pfn_range(vma, useraddr, pfn, +- PAGE_SIZE, pgprot_encrypted(PAGE_SHARED)); ++ PAGE_SIZE, vma->vm_page_prot); + if (ret < 0) { + pr_err("remap_pfn_range failed (1)\n"); + goto cleanup_mmap; +@@ -1255,8 +1257,9 @@ static int ppm_mmap(struct file *filp, struct vm_area_struct *vma) + while (mlength > 0) { + pfn = vmalloc_to_pfn(vmalloc_area_ptr); + ++ pgprot_val(vma->vm_page_prot) = pgprot_val(PAGE_SHARED) | _PAGE_ENC; + ret = remap_pfn_range(vma, useraddr, pfn, +- PAGE_SIZE, pgprot_encrypted(PAGE_SHARED)); ++ PAGE_SIZE, vma->vm_page_prot); + if (ret < 0) { + pr_err("remap_pfn_range failed (1)\n"); + goto cleanup_mmap; +@@ -1277,8 +1280,9 @@ static int ppm_mmap(struct file *filp, struct vm_area_struct *vma) + while (mlength > 0) { + pfn = vmalloc_to_pfn(vmalloc_area_ptr); + ++ pgprot_val(vma->vm_page_prot) = pgprot_val(PAGE_SHARED) | _PAGE_ENC; + ret = remap_pfn_range(vma, useraddr, pfn, +- PAGE_SIZE, pgprot_encrypted(PAGE_SHARED)); ++ PAGE_SIZE, vma->vm_page_prot); + if (ret < 0) { + pr_err("remap_pfn_range failed (1)\n"); + goto cleanup_mmap; diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.2+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.2+.patch new file mode 100644 index 000000000000..39476feef051 --- /dev/null +++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.2+.patch @@ -0,0 +1,44 @@ + + +Bug: https://bugs.gentoo.org/895868 +Source: https://github.com/falcosecurity/libs/commit/b8ec3e8637c850066d01543616fe413e8deb9e1f + +From b8ec3e8637c850066d01543616fe413e8deb9e1f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Holger=20Hoffst=C3=A4tte?= <holger@applied-asynchrony.com> +Date: Tue, 21 Feb 2023 22:08:23 +0100 +Subject: [PATCH] fix(driver): fix build on linux-6.2 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Attributes in "struct device*" are now const, so add a matching prototype +for ppm_devnode(). + +Fixes #918 + +Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com> +--- + driver/main.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/driver/main.c b/driver/main.c +index 197933b9ce..6dc3374fc1 100644 +--- a/driver/main.c ++++ b/driver/main.c +@@ -2662,11 +2662,15 @@ static int get_tracepoint_handles(void) + #endif + + #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 20) ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 2, 0) ++static char *ppm_devnode(const struct device *dev, umode_t *mode) ++#else + #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 3, 0) + static char *ppm_devnode(struct device *dev, umode_t *mode) + #else + static char *ppm_devnode(struct device *dev, mode_t *mode) +-#endif ++#endif /* LINUX_VERSION_CODE > KERNEL_VERSION(3, 3, 0) */ ++#endif /* LINUX_VERSION_CODE > KERNEL_VERSION(6, 2, 0) */ + { + if (mode) { + *mode = 0400; diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.3+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.3+.patch new file mode 100644 index 000000000000..6926df857179 --- /dev/null +++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.3+.patch @@ -0,0 +1,20 @@ + +Bug: https://github.com/falcosecurity/libs/issues/1063 +Subset of patch taken from: https://github.com/falcosecurity/libs/pull/1071 + +diff --git a/driver/ppm_fillers.c b/driver/ppm_fillers.c +index 0441923c6d..cfa967f134 100644 +--- a/driver/ppm_fillers.c ++++ b/driver/ppm_fillers.c +@@ -1329,7 +1329,10 @@ int f_proc_startupdate(struct event_filler_arguments *args) + + if (exe_file != NULL) { + if (file_inode(exe_file) != NULL) { +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 3, 0) ++ exe_writable |= (file_permission(exe_file, MAY_WRITE) == 0); ++ exe_writable |= inode_owner_or_capable(file_mnt_idmap(exe_file), file_inode(exe_file)); ++#elif LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0) + exe_writable |= (inode_permission(current_user_ns(), file_inode(exe_file), MAY_WRITE) == 0); + exe_writable |= inode_owner_or_capable(current_user_ns(), file_inode(exe_file)); + #else diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.4+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.4+.patch new file mode 100644 index 000000000000..ac0a4aeca285 --- /dev/null +++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.4+.patch @@ -0,0 +1,33 @@ + +From: https://github.com/falcosecurity/libs/pull/1110 +Bug: https://github.com/falcosecurity/libs/issues/1109 + +From 394c9d84e64ad9828cdce6cdad5a76c352e252d2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Holger=20Hoffst=C3=A4tte?= <holger@applied-asynchrony.com> +Date: Fri, 19 May 2023 03:54:40 +0200 +Subject: [PATCH] fix(driver): fixed 6.4 kernel build +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com> +--- + driver/main.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/driver/main.c b/driver/main.c +index 380f85c27c..668e45429a 100644 +--- a/driver/main.c ++++ b/driver/main.c +@@ -2912,7 +2912,11 @@ int scap_init(void) + goto init_module_err; + } + ++#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0) + g_ppm_class = class_create(THIS_MODULE, DRIVER_DEVICE_NAME); ++#else ++ g_ppm_class = class_create(DRIVER_DEVICE_NAME); ++#endif + if (IS_ERR(g_ppm_class)) { + pr_err("can't allocate device class\n"); + ret = -EFAULT; diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.7+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.7+.patch new file mode 100644 index 000000000000..a6db9e2d751c --- /dev/null +++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.7+.patch @@ -0,0 +1,21 @@ + +Bug: https://bugs.gentoo.org/921163 +Subset of patch taken from: https://github.com/falcosecurity/libs/commit/bf0afa0cacb775582fde134500fe66af38f1eb59 + +--- a/driver/ppm_fillers.c 2024-01-01 15:05:13.000000000 +0100 ++++ b/driver/ppm_fillers.c 2024-01-01 15:15:59.893048651 +0100 +@@ -430,7 +430,13 @@ struct file *ppm_get_mm_exe_file(struct + { + struct file *exe_file; + +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0) ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 7, 0) ++ // Since linux 6.7.0, `get_file_rcu` is no more a define and takes a double pointer parameter. ++ // See https://github.com/torvalds/linux/commit/0ede61d8589cc2d93aa78230d74ac58b5b8d0244. ++ rcu_read_lock(); ++ exe_file = get_file_rcu(&mm->exe_file); ++ rcu_read_unlock(); ++#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0) + rcu_read_lock(); + exe_file = rcu_dereference(mm->exe_file); + if (exe_file && !get_file_rcu(exe_file)) diff --git a/dev-debug/scap-driver/metadata.xml b/dev-debug/scap-driver/metadata.xml new file mode 100644 index 000000000000..66a8465c5f91 --- /dev/null +++ b/dev-debug/scap-driver/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person" proxied="yes"> + <email>holger@applied-asynchrony.com</email> + <name>Holger Hoffstätte</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <upstream> + <remote-id type="github">falcosecurity/libs</remote-id> + </upstream> +</pkgmetadata> diff --git a/dev-debug/scap-driver/scap-driver-0.29.3-r4.ebuild b/dev-debug/scap-driver/scap-driver-0.29.3-r4.ebuild new file mode 100644 index 000000000000..186e01a6e6b2 --- /dev/null +++ b/dev-debug/scap-driver/scap-driver-0.29.3-r4.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake linux-mod-r1 + +DESCRIPTION="Kernel module for dev-debug/sysdig" +HOMEPAGE="https://sysdig.com/" + +# The driver is part of falcosecurity/libs, but for versioning reasons we cannot (yet) +# use semver-released packages; instead we pull in a commit that is used and known +# to work with sysdig, see sysdig/cmake/modules/falcosecurity-libs.cmake for details. +# For now the commit here and the one referenced in sysdig should be in sync. +LIBS_COMMIT="e5c53d648f3c4694385bbe488e7d47eaa36c229a" +SRC_URI="https://github.com/falcosecurity/libs/archive/${LIBS_COMMIT}.tar.gz -> falcosecurity-libs-${LIBS_COMMIT}.tar.gz" +S="${WORKDIR}/libs-${LIBS_COMMIT}" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 ~arm64 x86" + +RDEPEND="!<dev-debug/sysdig-${PV}[modules]" + +CONFIG_CHECK="HAVE_SYSCALL_TRACEPOINTS ~TRACEPOINTS" + +PATCHES=( + "${FILESDIR}"/${PV}-fix-kmod-build-on-5.18+.patch + "${FILESDIR}"/${PV}-fix-kmod-build-on-6.2+.patch + "${FILESDIR}"/${PV}-fix-kmod-build-on-6.3+.patch + "${FILESDIR}"/${PV}-fix-kmod-build-on-6.4+.patch +) + +src_configure() { + local mycmakeargs=( + # we will use linux-mod, so just pretend to use bundled deps + # in order to make it through the cmake setup. + -DUSE_BUNDLED_DEPS=ON + -DCREATE_TEST_TARGETS=OFF + -DDRIVER_VERSION=${LIBS_COMMIT} + ) + + cmake_src_configure +} + +src_compile() { + local modlist=( scap=:"${BUILD_DIR}"/driver/src ) + local modargs=( KERNELDIR="${KV_OUT_DIR}" ) + + linux-mod-r1_src_compile +} diff --git a/dev-debug/scap-driver/scap-driver-0.29.3-r5.ebuild b/dev-debug/scap-driver/scap-driver-0.29.3-r5.ebuild new file mode 100644 index 000000000000..329ea0109b6f --- /dev/null +++ b/dev-debug/scap-driver/scap-driver-0.29.3-r5.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake linux-mod-r1 + +DESCRIPTION="Kernel module for dev-debug/sysdig" +HOMEPAGE="https://sysdig.com/" + +# The driver is part of falcosecurity/libs, but for versioning reasons we cannot (yet) +# use semver-released packages; instead we pull in a commit that is used and known +# to work with sysdig, see sysdig/cmake/modules/falcosecurity-libs.cmake for details. +# For now the commit here and the one referenced in sysdig should be in sync. +LIBS_COMMIT="e5c53d648f3c4694385bbe488e7d47eaa36c229a" +SRC_URI="https://github.com/falcosecurity/libs/archive/${LIBS_COMMIT}.tar.gz -> falcosecurity-libs-${LIBS_COMMIT}.tar.gz" +S="${WORKDIR}/libs-${LIBS_COMMIT}" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64 ~x86" + +RDEPEND="!<dev-debug/sysdig-${PV}[modules]" + +CONFIG_CHECK="HAVE_SYSCALL_TRACEPOINTS ~TRACEPOINTS" + +PATCHES=( + "${FILESDIR}"/${PV}-fix-kmod-build-on-5.18+.patch + "${FILESDIR}"/${PV}-fix-kmod-build-on-6.2+.patch + "${FILESDIR}"/${PV}-fix-kmod-build-on-6.3+.patch + "${FILESDIR}"/${PV}-fix-kmod-build-on-6.4+.patch + "${FILESDIR}"/${PV}-fix-kmod-build-on-6.7+.patch +) + +src_configure() { + local mycmakeargs=( + # we will use linux-mod, so just pretend to use bundled deps + # in order to make it through the cmake setup. + -DUSE_BUNDLED_DEPS=ON + -DCREATE_TEST_TARGETS=OFF + -DDRIVER_VERSION=${LIBS_COMMIT} + ) + + cmake_src_configure +} + +src_compile() { + local modlist=( scap=:"${BUILD_DIR}"/driver/src ) + local modargs=( KERNELDIR="${KV_OUT_DIR}" ) + + linux-mod-r1_src_compile +} diff --git a/dev-debug/sysdig/sysdig-0.29.3-r1.ebuild b/dev-debug/sysdig/sysdig-0.29.3-r1.ebuild index c84381acb78b..619c30f3a3a3 100644 --- a/dev-debug/sysdig/sysdig-0.29.3-r1.ebuild +++ b/dev-debug/sysdig/sysdig-0.29.3-r1.ebuild @@ -42,7 +42,7 @@ DEPEND="${RDEPEND} virtual/os-headers" # for now pin the driver to the same ebuild version -PDEPEND="modules? ( =dev-util/scap-driver-${PV}* )" +PDEPEND="modules? ( =dev-debug/scap-driver-${PV}* )" src_prepare() { # manually apply patch to falcosecurity-libs dependency diff --git a/dev-debug/sysdig/sysdig-0.29.3-r2.ebuild b/dev-debug/sysdig/sysdig-0.29.3-r2.ebuild index 08c008f0da6e..c4d7a6199eb2 100644 --- a/dev-debug/sysdig/sysdig-0.29.3-r2.ebuild +++ b/dev-debug/sysdig/sysdig-0.29.3-r2.ebuild @@ -42,7 +42,7 @@ DEPEND="${RDEPEND} virtual/os-headers" # for now pin the driver to the same ebuild version -PDEPEND="modules? ( =dev-util/scap-driver-${PV}* )" +PDEPEND="modules? ( =dev-debug/scap-driver-${PV}* )" src_prepare() { # manually apply patch to falcosecurity-libs dependency |