gentoo auto-resync : 19:01:2024 - 20:08:27

9 files changed, 308 insertions, 0 deletions

diff --git a/dev-debug/scap-driver/Manifest b/dev-debug/scap-driver/Manifest
new file mode 100644
index 000000000000..a84d27bdc9c1
--- /dev/null
+++ b/dev-debug/scap-driver/Manifest
@@ -0,0 +1,9 @@
+AUX 0.29.3-fix-kmod-build-on-5.18+.patch 2363 BLAKE2B 8e5a89b68fb67076d01a7dc295157d2f2542a2db84460a35ed3162b77ff860097f1761317b93dec6aa0d6294b4414e445fd2c94df700bb5d738210982174f595 SHA512 f7c1e57cb05de1a97a3332055f6d6f74a637f38281a4e98b202cf84c9dd02b90e0b4fee3dbc44653760231ce55ad396aec3018b3b239249b6a37b018f672fba4
+AUX 0.29.3-fix-kmod-build-on-6.2+.patch 1420 BLAKE2B 45f312bce9ce3dbaa0ddd300ccfd7dfcc3fb6d537cd0b716642d25b4c5a3747798ca23d237d67c92d32da500edb5e0458bfdff4a940d2f6fdb84144c5687028d SHA512 4b84a2559cb6a72d294b5cac6ec2d6f2de8ae90e298e27afcdff6bc046366afca6468ac923c4197623f14bbe0a4d0bd3757f34740a367e6b7c4e76472b102379
+AUX 0.29.3-fix-kmod-build-on-6.3+.patch 939 BLAKE2B c626a6c9e41510d9720a8d161f4b6fa2efc729437cffdeea97ab346b0dca9a18af82339e403b63c7ac297304893f686a20f5c612df417229b82701367530098d SHA512 c2b020de87c92724f93a0937e2ece2f1e88f8b0dbb5b1d85bffccd51fddc1fc2024fe0ae222f2f01adeb5dc34964b1e86f27f0bdfee347bf1bb927388c1b6c5c
+AUX 0.29.3-fix-kmod-build-on-6.4+.patch 1029 BLAKE2B 6025b3f598cb96c01085ef0ca807aa54894217c1929a1c1377c2f1399ff5bcbd56ce8c31c50d310f4f63df55587593e133ce00914c49edeb6a73d1d088d69083 SHA512 f2dfab8dd67d9694da592bcd10231b5132c459b71f6751d1baaa09e29a704f3185706618ab8d28b17d4c7a7e4b9c5e14fb4f53680bd502cfc98aa9693d2a5537
+AUX 0.29.3-fix-kmod-build-on-6.7+.patch 901 BLAKE2B c8ffe70d8b7872f7f56b69e6472357259cb435b39444a18fca60a42b22c85a158d482e5a629581e572d74cebdfb9f1521205bad810f2daea1ca4e3083f1bb775 SHA512 5d098bd1612e0d5f2c70f845a8f2832688e37420960eca450eb9bbfee229921d512beb614ee7fcfed36571b72ae3a124e925ff419165b4703dc3f119d42c0bb1
+DIST falcosecurity-libs-e5c53d648f3c4694385bbe488e7d47eaa36c229a.tar.gz 816972 BLAKE2B b47ae6a7677935500ebdab8aea7f4c49ef50b7175ec097e7213a1f041ac2b5aa642379924927ec12c84271016e9ab9d191c0c1d4ffacd6ade58b7a03c37f9221 SHA512 65e5916e5f9507fd867a5e9ba3b2670a1b73b7672a22479d3019e948a52ad74441d7e2ce1c74ebd0fdbd1ce66808efa49f285bd5180bceae9d4e6730a60787ce
+EBUILD scap-driver-0.29.3-r4.ebuild 1547 BLAKE2B e94241e736a205f8a6185c27b7e253c410ca4c59d7c0cccb007c22ad44db961fac8b3a29464f6f7c4da23b5da38c1c6b8accb12edf7284f92d7b09c51d4a099e SHA512 237bf49a30264c3d57e3a1c06a6b1ee398e55a13f0c86ce476f8cbe8f266c5ca68f3b688fd8f46960611de21bed18556c1edaa05fdc6fd6471fb92a91c6ea827
+EBUILD scap-driver-0.29.3-r5.ebuild 1599 BLAKE2B 90ba3830d1b3d34bde6e37661408cd9d88d820878bd29b8d6d4ebf3ed872e7d88986b098c6350eae94300b3eedfb3eb5e20ef49d50abc45a7e25e7d154485c93 SHA512 b0de25c15d77ff42710226345310980d883c6972a35a48bba2d2d9b85de22e310bc557b5646ac2f371240580ca44cf2909f7ac7572a82f106b505922f9b057da
+MISC metadata.xml 494 BLAKE2B d0bc754d3af2488b9dc7672fc63e962f4c885d88a819e4332bd1c25f84c967e2e1cd8489122490a864cbfd930225b3dc28c8bfad4426750c030dce6ef5a08b4e SHA512 b77b7c103cfb606333814af210a0fae1f7956ddd9d3c3a044b0bebf42553f5ffe99d04549fb9c5e40fce33e9d23761830b4944b2cd83bd8ca2193f9b7da60fc0
diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-5.18+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-5.18+.patch
new file mode 100644
index 000000000000..974b561df47f
--- /dev/null
+++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-5.18+.patch
@@ -0,0 +1,63 @@
+
+Bug: https://bugs.gentoo.org/866113
+Source: https://github.com/falcosecurity/libs/pull/411/commits/36e945af4feb31c8b875f7d4624592b0c1ff929d
+
+From 36e945af4feb31c8b875f7d4624592b0c1ff929d Mon Sep 17 00:00:00 2001
+From: Federico Di Pierro <nierro92@gmail.com>
+Date: Mon, 20 Jun 2022 14:26:39 +0200
+Subject: [PATCH] fix(driver): fixed kmod build on linux kernels >= 5.18.
+
+Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
+---
+ driver/main.c | 14 +++++++++-----
+ 1 file changed, 9 insertions(+), 5 deletions(-)
+
+diff --git a/driver/main.c b/driver/main.c
+index 6b5ae461a..e606cc2f8 100644
+--- a/driver/main.c
++++ b/driver/main.c
+@@ -70,8 +70,9 @@ MODULE_AUTHOR("the Falco authors");
+     #define TRACEPOINT_PROBE(probe, args...) static void probe(void *__data, args)
+ #endif
+ 
+-#ifndef pgprot_encrypted
+-#define pgprot_encrypted(x) (x)
++// Allow build even on arch where PAGE_ENC is not implemented
++#ifndef _PAGE_ENC
++#define _PAGE_ENC 0
+ #endif
+ 
+ struct ppm_device {
+@@ -1217,8 +1218,9 @@ static int ppm_mmap(struct file *filp, struct vm_area_struct *vma)
+ 
+ 			pfn = vmalloc_to_pfn(vmalloc_area_ptr);
+ 
++			pgprot_val(vma->vm_page_prot) = pgprot_val(PAGE_SHARED) | _PAGE_ENC;
+ 			ret = remap_pfn_range(vma, useraddr, pfn,
+-					      PAGE_SIZE, pgprot_encrypted(PAGE_SHARED));
++					      PAGE_SIZE, vma->vm_page_prot);
+ 			if (ret < 0) {
+ 				pr_err("remap_pfn_range failed (1)\n");
+ 				goto cleanup_mmap;
+@@ -1255,8 +1257,9 @@ static int ppm_mmap(struct file *filp, struct vm_area_struct *vma)
+ 			while (mlength > 0) {
+ 				pfn = vmalloc_to_pfn(vmalloc_area_ptr);
+ 
++				pgprot_val(vma->vm_page_prot) = pgprot_val(PAGE_SHARED) | _PAGE_ENC;
+ 				ret = remap_pfn_range(vma, useraddr, pfn,
+-						      PAGE_SIZE, pgprot_encrypted(PAGE_SHARED));
++						      PAGE_SIZE, vma->vm_page_prot);
+ 				if (ret < 0) {
+ 					pr_err("remap_pfn_range failed (1)\n");
+ 					goto cleanup_mmap;
+@@ -1277,8 +1280,9 @@ static int ppm_mmap(struct file *filp, struct vm_area_struct *vma)
+ 			while (mlength > 0) {
+ 				pfn = vmalloc_to_pfn(vmalloc_area_ptr);
+ 
++				pgprot_val(vma->vm_page_prot) = pgprot_val(PAGE_SHARED) | _PAGE_ENC;
+ 				ret = remap_pfn_range(vma, useraddr, pfn,
+-						      PAGE_SIZE, pgprot_encrypted(PAGE_SHARED));
++						      PAGE_SIZE, vma->vm_page_prot);
+ 				if (ret < 0) {
+ 					pr_err("remap_pfn_range failed (1)\n");
+ 					goto cleanup_mmap;
diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.2+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.2+.patch
new file mode 100644
index 000000000000..39476feef051
--- /dev/null
+++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.2+.patch
@@ -0,0 +1,44 @@
+
+
+Bug: https://bugs.gentoo.org/895868
+Source: https://github.com/falcosecurity/libs/commit/b8ec3e8637c850066d01543616fe413e8deb9e1f
+
+From b8ec3e8637c850066d01543616fe413e8deb9e1f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Holger=20Hoffst=C3=A4tte?= <holger@applied-asynchrony.com>
+Date: Tue, 21 Feb 2023 22:08:23 +0100
+Subject: [PATCH] fix(driver): fix build on linux-6.2
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Attributes in "struct device*" are now const, so add a matching prototype
+for ppm_devnode().
+
+Fixes #918
+
+Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com>
+---
+ driver/main.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/driver/main.c b/driver/main.c
+index 197933b9ce..6dc3374fc1 100644
+--- a/driver/main.c
++++ b/driver/main.c
+@@ -2662,11 +2662,15 @@ static int get_tracepoint_handles(void)
+ #endif
+ 
+ #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 20)
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 2, 0)
++static char *ppm_devnode(const struct device *dev, umode_t *mode)
++#else
+ #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 3, 0)
+ static char *ppm_devnode(struct device *dev, umode_t *mode)
+ #else
+ static char *ppm_devnode(struct device *dev, mode_t *mode)
+-#endif
++#endif /* LINUX_VERSION_CODE > KERNEL_VERSION(3, 3, 0) */
++#endif /* LINUX_VERSION_CODE > KERNEL_VERSION(6, 2, 0) */
+ {
+ 	if (mode) {
+ 		*mode = 0400;
diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.3+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.3+.patch
new file mode 100644
index 000000000000..6926df857179
--- /dev/null
+++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.3+.patch
@@ -0,0 +1,20 @@
+
+Bug: https://github.com/falcosecurity/libs/issues/1063
+Subset of patch taken from: https://github.com/falcosecurity/libs/pull/1071
+
+diff --git a/driver/ppm_fillers.c b/driver/ppm_fillers.c
+index 0441923c6d..cfa967f134 100644
+--- a/driver/ppm_fillers.c
++++ b/driver/ppm_fillers.c
+@@ -1329,7 +1329,10 @@ int f_proc_startupdate(struct event_filler_arguments *args)
+ 
+ 		if (exe_file != NULL) {
+ 			if (file_inode(exe_file) != NULL) {
+-#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0)
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 3, 0)
++				exe_writable |= (file_permission(exe_file, MAY_WRITE) == 0);
++				exe_writable |= inode_owner_or_capable(file_mnt_idmap(exe_file), file_inode(exe_file));
++#elif LINUX_VERSION_CODE >= KERNEL_VERSION(5, 12, 0)
+ 				exe_writable |= (inode_permission(current_user_ns(), file_inode(exe_file), MAY_WRITE) == 0);
+ 				exe_writable |= inode_owner_or_capable(current_user_ns(), file_inode(exe_file));
+ #else
diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.4+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.4+.patch
new file mode 100644
index 000000000000..ac0a4aeca285
--- /dev/null
+++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.4+.patch
@@ -0,0 +1,33 @@
+
+From: https://github.com/falcosecurity/libs/pull/1110
+Bug: https://github.com/falcosecurity/libs/issues/1109
+
+From 394c9d84e64ad9828cdce6cdad5a76c352e252d2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Holger=20Hoffst=C3=A4tte?= <holger@applied-asynchrony.com>
+Date: Fri, 19 May 2023 03:54:40 +0200
+Subject: [PATCH] fix(driver): fixed 6.4 kernel build
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com>
+---
+ driver/main.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/driver/main.c b/driver/main.c
+index 380f85c27c..668e45429a 100644
+--- a/driver/main.c
++++ b/driver/main.c
+@@ -2912,7 +2912,11 @@ int scap_init(void)
+ 		goto init_module_err;
+ 	}
+ 
++#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0)
+ 	g_ppm_class = class_create(THIS_MODULE, DRIVER_DEVICE_NAME);
++#else
++	g_ppm_class = class_create(DRIVER_DEVICE_NAME);
++#endif
+ 	if (IS_ERR(g_ppm_class)) {
+ 		pr_err("can't allocate device class\n");
+ 		ret = -EFAULT;
diff --git a/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.7+.patch b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.7+.patch
new file mode 100644
index 000000000000..a6db9e2d751c
--- /dev/null
+++ b/dev-debug/scap-driver/files/0.29.3-fix-kmod-build-on-6.7+.patch
@@ -0,0 +1,21 @@
+
+Bug: https://bugs.gentoo.org/921163
+Subset of patch taken from: https://github.com/falcosecurity/libs/commit/bf0afa0cacb775582fde134500fe66af38f1eb59
+
+--- a/driver/ppm_fillers.c	2024-01-01 15:05:13.000000000 +0100
++++ b/driver/ppm_fillers.c	2024-01-01 15:15:59.893048651 +0100
+@@ -430,7 +430,13 @@ struct file *ppm_get_mm_exe_file(struct
+ {
+ 	struct file *exe_file;
+ 
+-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0)
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 7, 0)
++	// Since linux 6.7.0, `get_file_rcu` is no more a define and takes a double pointer parameter.
++	// See https://github.com/torvalds/linux/commit/0ede61d8589cc2d93aa78230d74ac58b5b8d0244.
++	rcu_read_lock();
++	exe_file = get_file_rcu(&mm->exe_file);
++	rcu_read_unlock();
++#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0)
+ 	rcu_read_lock();
+ 	exe_file = rcu_dereference(mm->exe_file);
+ 	if (exe_file && !get_file_rcu(exe_file))
diff --git a/dev-debug/scap-driver/metadata.xml b/dev-debug/scap-driver/metadata.xml
new file mode 100644
index 000000000000..66a8465c5f91
--- /dev/null
+++ b/dev-debug/scap-driver/metadata.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person" proxied="yes">
+		<email>holger@applied-asynchrony.com</email>
+		<name>Holger Hoffstätte</name>
+	</maintainer>
+	<maintainer type="project" proxied="proxy">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<upstream>
+		<remote-id type="github">falcosecurity/libs</remote-id>
+	</upstream>
+</pkgmetadata>
diff --git a/dev-debug/scap-driver/scap-driver-0.29.3-r4.ebuild b/dev-debug/scap-driver/scap-driver-0.29.3-r4.ebuild
new file mode 100644
index 000000000000..186e01a6e6b2
--- /dev/null
+++ b/dev-debug/scap-driver/scap-driver-0.29.3-r4.ebuild
@@ -0,0 +1,51 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake linux-mod-r1
+
+DESCRIPTION="Kernel module for dev-debug/sysdig"
+HOMEPAGE="https://sysdig.com/"
+
+# The driver is part of falcosecurity/libs, but for versioning reasons we cannot (yet)
+# use semver-released packages; instead we pull in a commit that is used and known
+# to work with sysdig, see sysdig/cmake/modules/falcosecurity-libs.cmake for details.
+# For now the commit here and the one referenced in sysdig should be in sync.
+LIBS_COMMIT="e5c53d648f3c4694385bbe488e7d47eaa36c229a"
+SRC_URI="https://github.com/falcosecurity/libs/archive/${LIBS_COMMIT}.tar.gz -> falcosecurity-libs-${LIBS_COMMIT}.tar.gz"
+S="${WORKDIR}/libs-${LIBS_COMMIT}"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="amd64 ~arm64 x86"
+
+RDEPEND="!<dev-debug/sysdig-${PV}[modules]"
+
+CONFIG_CHECK="HAVE_SYSCALL_TRACEPOINTS ~TRACEPOINTS"
+
+PATCHES=(
+	"${FILESDIR}"/${PV}-fix-kmod-build-on-5.18+.patch
+	"${FILESDIR}"/${PV}-fix-kmod-build-on-6.2+.patch
+	"${FILESDIR}"/${PV}-fix-kmod-build-on-6.3+.patch
+	"${FILESDIR}"/${PV}-fix-kmod-build-on-6.4+.patch
+)
+
+src_configure() {
+	local mycmakeargs=(
+		# we will use linux-mod, so just pretend to use bundled deps
+		# in order to make it through the cmake setup.
+		-DUSE_BUNDLED_DEPS=ON
+		-DCREATE_TEST_TARGETS=OFF
+		-DDRIVER_VERSION=${LIBS_COMMIT}
+	)
+
+	cmake_src_configure
+}
+
+src_compile() {
+	local modlist=( scap=:"${BUILD_DIR}"/driver/src )
+	local modargs=( KERNELDIR="${KV_OUT_DIR}" )
+
+	linux-mod-r1_src_compile
+}
diff --git a/dev-debug/scap-driver/scap-driver-0.29.3-r5.ebuild b/dev-debug/scap-driver/scap-driver-0.29.3-r5.ebuild
new file mode 100644
index 000000000000..329ea0109b6f
--- /dev/null
+++ b/dev-debug/scap-driver/scap-driver-0.29.3-r5.ebuild
@@ -0,0 +1,52 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake linux-mod-r1
+
+DESCRIPTION="Kernel module for dev-debug/sysdig"
+HOMEPAGE="https://sysdig.com/"
+
+# The driver is part of falcosecurity/libs, but for versioning reasons we cannot (yet)
+# use semver-released packages; instead we pull in a commit that is used and known
+# to work with sysdig, see sysdig/cmake/modules/falcosecurity-libs.cmake for details.
+# For now the commit here and the one referenced in sysdig should be in sync.
+LIBS_COMMIT="e5c53d648f3c4694385bbe488e7d47eaa36c229a"
+SRC_URI="https://github.com/falcosecurity/libs/archive/${LIBS_COMMIT}.tar.gz -> falcosecurity-libs-${LIBS_COMMIT}.tar.gz"
+S="${WORKDIR}/libs-${LIBS_COMMIT}"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~x86"
+
+RDEPEND="!<dev-debug/sysdig-${PV}[modules]"
+
+CONFIG_CHECK="HAVE_SYSCALL_TRACEPOINTS ~TRACEPOINTS"
+
+PATCHES=(
+	"${FILESDIR}"/${PV}-fix-kmod-build-on-5.18+.patch
+	"${FILESDIR}"/${PV}-fix-kmod-build-on-6.2+.patch
+	"${FILESDIR}"/${PV}-fix-kmod-build-on-6.3+.patch
+	"${FILESDIR}"/${PV}-fix-kmod-build-on-6.4+.patch
+	"${FILESDIR}"/${PV}-fix-kmod-build-on-6.7+.patch
+)
+
+src_configure() {
+	local mycmakeargs=(
+		# we will use linux-mod, so just pretend to use bundled deps
+		# in order to make it through the cmake setup.
+		-DUSE_BUNDLED_DEPS=ON
+		-DCREATE_TEST_TARGETS=OFF
+		-DDRIVER_VERSION=${LIBS_COMMIT}
+	)
+
+	cmake_src_configure
+}
+
+src_compile() {
+	local modlist=( scap=:"${BUILD_DIR}"/driver/src )
+	local modargs=( KERNELDIR="${KV_OUT_DIR}" )
+
+	linux-mod-r1_src_compile
+}