* [gentoo-commits] repo/gentoo:master commit in: dev-util/scap-driver/files/, dev-util/scap-driver/
@ 2023-05-10 19:42 Sam James
0 siblings, 0 replies; 2+ messages in thread
From: Sam James @ 2023-05-10 19:42 UTC (permalink / raw
To: gentoo-commits
commit: 5e405511a6b6aec607753dd574ceaab82f4b428a
Author: Holger Hoffstätte <holger <AT> applied-asynchrony <DOT> com>
AuthorDate: Tue May 2 13:45:18 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed May 10 19:42:20 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e405511
dev-util/scap-driver: fix build on kernel 6.3
Closes: https://bugs.gentoo.org/905328
Signed-off-by: Holger Hoffstätte <holger <AT> applied-asynchrony.com>
Closes: https://github.com/gentoo/gentoo/pull/30836
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../files/0.29.3-fix-kmod-build-on-6.3+.patch | 20 ++++++++
dev-util/scap-driver/scap-driver-0.29.3-r2.ebuild | 60 ++++++++++++++++++++++
2 files changed, 80 insertions(+)
diff --git a/dev-util/scap-driver/files/0.29.3-fix-kmod-build-on-6.3+.patch b/dev-util/scap-driver/files/0.29.3-fix-kmod-build-on-6.3+.patch
new file mode 100644
index 000000000000..6926df857179
--- /dev/null
+++ b/dev-util/scap-driver/files/0.29.3-fix-kmod-build-on-6.3+.patch
@@ -0,0 +1,20 @@
+
+Bug: https://github.com/falcosecurity/libs/issues/1063
+Subset of patch taken from: https://github.com/falcosecurity/libs/pull/1071
+
+diff --git a/driver/ppm_fillers.c b/driver/ppm_fillers.c
+index 0441923c6d..cfa967f134 100644
+--- a/driver/ppm_fillers.c
++++ b/driver/ppm_fillers.c
+@@ -1329,7 +1329,10 @@ int f_proc_startupdate(struct event_filler_arguments *args)
+
+ if (exe_file != NULL) {
+ if (file_inode(exe_file) != NULL) {
+-#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0)
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 3, 0)
++ exe_writable |= (file_permission(exe_file, MAY_WRITE) == 0);
++ exe_writable |= inode_owner_or_capable(file_mnt_idmap(exe_file), file_inode(exe_file));
++#elif LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0)
+ exe_writable |= (inode_permission(current_user_ns(), file_inode(exe_file), MAY_WRITE) == 0);
+ exe_writable |= inode_owner_or_capable(current_user_ns(), file_inode(exe_file));
+ #else
diff --git a/dev-util/scap-driver/scap-driver-0.29.3-r2.ebuild b/dev-util/scap-driver/scap-driver-0.29.3-r2.ebuild
new file mode 100644
index 000000000000..129db40bcb86
--- /dev/null
+++ b/dev-util/scap-driver/scap-driver-0.29.3-r2.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake linux-mod
+
+DESCRIPTION="Kernel module for dev-util/sysdig"
+HOMEPAGE="https://sysdig.com/"
+
+# The driver is part of falcosecurity/libs, but for versioning reasons we cannot (yet)
+# use semver-released packages; instead we pull in a commit that is used and known
+# to work with sysdig, see sysdig/cmake/modules/falcosecurity-libs.cmake for details.
+# For now the commit here and the one referenced in sysdig should be in sync.
+LIBS_COMMIT="e5c53d648f3c4694385bbe488e7d47eaa36c229a"
+SRC_URI="https://github.com/falcosecurity/libs/archive/${LIBS_COMMIT}.tar.gz -> falcosecurity-libs-${LIBS_COMMIT}.tar.gz"
+S="${WORKDIR}/libs-${LIBS_COMMIT}"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~x86"
+
+RDEPEND="!<dev-util/sysdig-${PV}[modules]"
+
+CONFIG_CHECK="HAVE_SYSCALL_TRACEPOINTS ~TRACEPOINTS"
+
+PATCHES=(
+ "${FILESDIR}"/${PV}-fix-kmod-build-on-5.18+.patch
+ "${FILESDIR}"/${PV}-fix-kmod-build-on-6.2+.patch
+ "${FILESDIR}"/${PV}-fix-kmod-build-on-6.3+.patch
+)
+
+src_configure() {
+ local mycmakeargs=(
+ # we will use linux-mod, so just pretend to use bundled deps
+ # in order to make it through the cmake setup.
+ -DUSE_BUNDLED_DEPS=ON
+ -DCREATE_TEST_TARGETS=OFF
+ -DDRIVER_VERSION=${LIBS_COMMIT}
+ )
+
+ cmake_src_configure
+
+ # setup linux-mod ugliness
+ MODULE_NAMES="scap(extra:${BUILD_DIR}/driver/src:)"
+ BUILD_PARAMS='KERNELDIR="${KERNEL_DIR}"'
+ # work with clang-built kernels (#816024)
+ if linux_chkconfig_present CC_IS_CLANG; then
+ BUILD_PARAMS+=' CC=${CHOST}-clang'
+ if linux_chkconfig_present LD_IS_LLD; then
+ BUILD_PARAMS+=' LD=ld.lld'
+ if linux_chkconfig_present LTO_CLANG_THIN; then
+ # kernel enables cache by default leading to sandbox violations
+ BUILD_PARAMS+=' ldflags-y=--thinlto-cache-dir= LDFLAGS_MODULE=--thinlto-cache-dir='
+ fi
+ fi
+ fi
+
+ BUILD_TARGETS="all"
+}
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-util/scap-driver/files/, dev-util/scap-driver/
@ 2023-05-23 3:42 Sam James
0 siblings, 0 replies; 2+ messages in thread
From: Sam James @ 2023-05-23 3:42 UTC (permalink / raw
To: gentoo-commits
commit: 06fe6b722da5da5cae5993654f07e65f2cdbe04c
Author: Holger Hoffstätte <holger <AT> applied-asynchrony <DOT> com>
AuthorDate: Fri May 19 02:11:52 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue May 23 03:41:50 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=06fe6b72
dev-util/scap-driver: fix build on kernel 6.4
Closes: https://bugs.gentoo.org/906709
Signed-off-by: Holger Hoffstätte <holger <AT> applied-asynchrony.com>
Closes: https://github.com/gentoo/gentoo/pull/31096
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../files/0.29.3-fix-kmod-build-on-6.4+.patch | 33 ++++++++++++
dev-util/scap-driver/scap-driver-0.29.3-r3.ebuild | 61 ++++++++++++++++++++++
2 files changed, 94 insertions(+)
diff --git a/dev-util/scap-driver/files/0.29.3-fix-kmod-build-on-6.4+.patch b/dev-util/scap-driver/files/0.29.3-fix-kmod-build-on-6.4+.patch
new file mode 100644
index 000000000000..ac0a4aeca285
--- /dev/null
+++ b/dev-util/scap-driver/files/0.29.3-fix-kmod-build-on-6.4+.patch
@@ -0,0 +1,33 @@
+
+From: https://github.com/falcosecurity/libs/pull/1110
+Bug: https://github.com/falcosecurity/libs/issues/1109
+
+From 394c9d84e64ad9828cdce6cdad5a76c352e252d2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Holger=20Hoffst=C3=A4tte?= <holger@applied-asynchrony.com>
+Date: Fri, 19 May 2023 03:54:40 +0200
+Subject: [PATCH] fix(driver): fixed 6.4 kernel build
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com>
+---
+ driver/main.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/driver/main.c b/driver/main.c
+index 380f85c27c..668e45429a 100644
+--- a/driver/main.c
++++ b/driver/main.c
+@@ -2912,7 +2912,11 @@ int scap_init(void)
+ goto init_module_err;
+ }
+
++#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0)
+ g_ppm_class = class_create(THIS_MODULE, DRIVER_DEVICE_NAME);
++#else
++ g_ppm_class = class_create(DRIVER_DEVICE_NAME);
++#endif
+ if (IS_ERR(g_ppm_class)) {
+ pr_err("can't allocate device class\n");
+ ret = -EFAULT;
diff --git a/dev-util/scap-driver/scap-driver-0.29.3-r3.ebuild b/dev-util/scap-driver/scap-driver-0.29.3-r3.ebuild
new file mode 100644
index 000000000000..deb27234ee35
--- /dev/null
+++ b/dev-util/scap-driver/scap-driver-0.29.3-r3.ebuild
@@ -0,0 +1,61 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake linux-mod
+
+DESCRIPTION="Kernel module for dev-util/sysdig"
+HOMEPAGE="https://sysdig.com/"
+
+# The driver is part of falcosecurity/libs, but for versioning reasons we cannot (yet)
+# use semver-released packages; instead we pull in a commit that is used and known
+# to work with sysdig, see sysdig/cmake/modules/falcosecurity-libs.cmake for details.
+# For now the commit here and the one referenced in sysdig should be in sync.
+LIBS_COMMIT="e5c53d648f3c4694385bbe488e7d47eaa36c229a"
+SRC_URI="https://github.com/falcosecurity/libs/archive/${LIBS_COMMIT}.tar.gz -> falcosecurity-libs-${LIBS_COMMIT}.tar.gz"
+S="${WORKDIR}/libs-${LIBS_COMMIT}"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~x86"
+
+RDEPEND="!<dev-util/sysdig-${PV}[modules]"
+
+CONFIG_CHECK="HAVE_SYSCALL_TRACEPOINTS ~TRACEPOINTS"
+
+PATCHES=(
+ "${FILESDIR}"/${PV}-fix-kmod-build-on-5.18+.patch
+ "${FILESDIR}"/${PV}-fix-kmod-build-on-6.2+.patch
+ "${FILESDIR}"/${PV}-fix-kmod-build-on-6.3+.patch
+ "${FILESDIR}"/${PV}-fix-kmod-build-on-6.4+.patch
+)
+
+src_configure() {
+ local mycmakeargs=(
+ # we will use linux-mod, so just pretend to use bundled deps
+ # in order to make it through the cmake setup.
+ -DUSE_BUNDLED_DEPS=ON
+ -DCREATE_TEST_TARGETS=OFF
+ -DDRIVER_VERSION=${LIBS_COMMIT}
+ )
+
+ cmake_src_configure
+
+ # setup linux-mod ugliness
+ MODULE_NAMES="scap(extra:${BUILD_DIR}/driver/src:)"
+ BUILD_PARAMS='KERNELDIR="${KERNEL_DIR}"'
+ # work with clang-built kernels (#816024)
+ if linux_chkconfig_present CC_IS_CLANG; then
+ BUILD_PARAMS+=' CC=${CHOST}-clang'
+ if linux_chkconfig_present LD_IS_LLD; then
+ BUILD_PARAMS+=' LD=ld.lld'
+ if linux_chkconfig_present LTO_CLANG_THIN; then
+ # kernel enables cache by default leading to sandbox violations
+ BUILD_PARAMS+=' ldflags-y=--thinlto-cache-dir= LDFLAGS_MODULE=--thinlto-cache-dir='
+ fi
+ fi
+ fi
+
+ BUILD_TARGETS="all"
+}
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-05-23 3:42 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-05-23 3:42 [gentoo-commits] repo/gentoo:master commit in: dev-util/scap-driver/files/, dev-util/scap-driver/ Sam James
-- strict thread matches above, loose matches on Subject: below --
2023-05-10 19:42 Sam James
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox