From 0583e13c466bf0be32ccbfbb854e4aff41fb32ff Mon Sep 17 00:00:00 2001
From: hurricane618 <hurricane618@hotmail.com>
Date: Mon, 19 Feb 2024 23:31:59 +0800
Subject: [PATCH] fix 6.x kernel compile error

---
 kerneldriver/cases/Makefile                   |  2 +
 .../secDetector_mc_kmodule_baseline.c         |  5 ++
 .../secDetector_program_action.c              | 41 +++++++++++++
 .../response_unit/secDetector_ringbuffer.c    | 12 +++-
 observer_agent/CMakeLists.txt                 |  4 +-
 observer_agent/grpc_comm/Makefile             | 59 +------------------
 6 files changed, 63 insertions(+), 60 deletions(-)

diff --git a/kerneldriver/cases/Makefile b/kerneldriver/cases/Makefile
index 5a94e50..146fbee 100644
--- a/kerneldriver/cases/Makefile
+++ b/kerneldriver/cases/Makefile
@@ -26,8 +26,10 @@ ifndef KDIR
 KDIR=$(KERNEL_SRC)
 endif
 
+ifneq ($(VERSION), 6)
 KBUILD_EXTRA_SYMBOLS += $(PWD)/../core/Module.symvers
 export KBUILD_EXTRA_SYMBOLS
+endif
 
 all:
 	$(MAKE) -C $(KERNEL_SRC) M=$(PWD) modules KCPPFLAGS="${cflags-y}"
diff --git a/kerneldriver/cases/kmodule_baseline/secDetector_mc_kmodule_baseline.c b/kerneldriver/cases/kmodule_baseline/secDetector_mc_kmodule_baseline.c
index 9a051ca..b799f9f 100644
--- a/kerneldriver/cases/kmodule_baseline/secDetector_mc_kmodule_baseline.c
+++ b/kerneldriver/cases/kmodule_baseline/secDetector_mc_kmodule_baseline.c
@@ -10,6 +10,7 @@
 #include <linux/list.h>
 #include <linux/spinlock.h>
 #include <linux/slab.h>
+#include <linux/version.h>
 #include <time.h>
 #include "secDetector_mc_kmodule_baseline.h"
 #include "secDetector_response.h"
@@ -123,7 +124,9 @@ void check_kmodule_baseline(void)
 	if (module_kset == NULL)
 		return;
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 0, 0)
 	mutex_lock(&module_mutex);
+#endif
 	spin_lock(&module_kset->list_lock);
 	list_for_each_entry(k, &module_kset->list, entry) {
 		if (k->name == NULL)
@@ -137,7 +140,9 @@ void check_kmodule_baseline(void)
 			break;
 	}
 	spin_unlock(&module_kset->list_lock);
+#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 0, 0)
 	mutex_unlock(&module_mutex);
+#endif
 
 	report_kmodule_baseline();
 	free_kmodule_baseline();
diff --git a/kerneldriver/cases/program_action/secDetector_program_action.c b/kerneldriver/cases/program_action/secDetector_program_action.c
index f571c08..facd3b2 100644
--- a/kerneldriver/cases/program_action/secDetector_program_action.c
+++ b/kerneldriver/cases/program_action/secDetector_program_action.c
@@ -38,6 +38,7 @@
 #include <linux/ctype.h>
 #include <linux/cred.h>
 #include <linux/kthread.h>
+#include <linux/version.h>
 #include <string.h>
 
 #include "secDetector_manager.h"
@@ -84,6 +85,46 @@ struct process_info {
 	int umask;
 };
 
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 0, 0)
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 7, 0)
+struct file *get_mm_exe_file(struct mm_struct *mm)
+{
+	struct file *exe_file;
+
+	rcu_read_lock();
+	exe_file = get_file_rcu(&mm->exe_file);
+	rcu_read_unlock();
+	return exe_file;
+}
+#else
+struct file *get_mm_exe_file(struct mm_struct *mm)
+{
+	struct file *exe_file;
+
+	rcu_read_lock();
+	exe_file = rcu_dereference(mm->exe_file);
+	if (exe_file && !get_file_rcu(exe_file))
+		exe_file = NULL;
+	rcu_read_unlock();
+	return exe_file;
+}
+#endif
+struct file *get_task_exe_file(struct task_struct *task)
+{
+	struct file *exe_file = NULL;
+	struct mm_struct *mm;
+
+	spin_lock(&task->alloc_lock);
+	mm = task->mm;
+	if (mm) {
+		if (!(task->flags & PF_KTHREAD))
+			exe_file = get_mm_exe_file(mm);
+	}
+	spin_unlock(&task->alloc_lock);
+	return exe_file;
+}
+#endif
+
 char *get_process_path(struct task_struct *p, char *pathname, int len)
 {
 	char *process_path = NULL;
diff --git a/kerneldriver/core/response_unit/secDetector_ringbuffer.c b/kerneldriver/core/response_unit/secDetector_ringbuffer.c
index b367d74..27e8640 100644
--- a/kerneldriver/core/response_unit/secDetector_ringbuffer.c
+++ b/kerneldriver/core/response_unit/secDetector_ringbuffer.c
@@ -17,6 +17,7 @@
 #include <linux/module.h>
 #include <linux/kmemleak.h>
 #include <linux/fs.h>
+#include <linux/version.h>
 
 static unsigned long rb_datasz;
 static unsigned long rb_mask;
@@ -287,7 +288,11 @@ static int ringbuffer_mmap(struct file *flip, struct vm_area_struct *vma)
 		    vma->vm_end - vma->vm_start != PAGE_SIZE)
 			return -EPERM;
 	} else {
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 0, 0)
+		vm_flags_clear(vma, VM_MAYWRITE);
+#else
 		vma->vm_flags &= ~VM_MAYWRITE;
+#endif
 	}
 	/* remap_vmalloc_range() checks size and offset */
 	return remap_vmalloc_range(vma, g_rb, vma->vm_pgoff + RINGBUF_PGOFF);
@@ -366,8 +371,11 @@ int __init secDetector_ringbuf_dev_init(unsigned int rb_sz)
 		ret = major;
 		goto error_free;
 	}
-
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 0, 0)
+	class = class_create(MODULE_DEVICE);
+#else
 	class = class_create(THIS_MODULE, MODULE_DEVICE);
+#endif
 	if (IS_ERR(class)) {
 		ret = PTR_ERR(class);
 		goto error_class_create;
@@ -398,4 +406,4 @@ void __exit secDetector_ringbuf_dev_exit(void)
 	class_destroy(class);
 	unregister_chrdev(major, MODULE_DEVICE);
 	ringbuf_free(g_rb);
-}
\ No newline at end of file
+}
diff --git a/observer_agent/CMakeLists.txt b/observer_agent/CMakeLists.txt
index f110b49..297fcc0 100644
--- a/observer_agent/CMakeLists.txt
+++ b/observer_agent/CMakeLists.txt
@@ -1,7 +1,7 @@
 cmake_minimum_required(VERSION 3.22)
 
 add_subdirectory(ebpf)
-set(CMAKE_CXX_STANDARD 11)
+set(CMAKE_CXX_STANDARD 17)
 project(observer_agent VERSION 1.0 LANGUAGES CXX)
 set(GRPC_PATH ${CMAKE_CURRENT_SOURCE_DIR}/grpc_comm)
 add_custom_target(grpc_demo ALL
@@ -16,5 +16,5 @@ target_include_directories(secDetectord PUBLIC service grpc_comm ${CMAKE_SOURCE_
 target_link_libraries(secDetectord ${CMAKE_CURRENT_BINARY_DIR}/ebpf/.output/fentry.o)
 target_link_libraries(secDetectord ${CMAKE_CURRENT_BINARY_DIR}/ebpf/file_ebpf/.output/file_fentry.o)
 target_link_libraries(secDetectord ${GRPC_PATH}/comm_api.pb.o ${GRPC_PATH}/comm_api.grpc.pb.o)
-target_link_libraries(secDetectord protobuf grpc++ grpc absl_synchronization uuid)
+target_link_libraries(secDetectord protobuf grpc++ grpc absl_synchronization absl_log_internal_message absl_log_internal_check_op absl_cord absl_cordz_info absl_cordz_functions absl_cordz_handle gpr uuid)
 target_link_libraries(secDetectord z elf bpf)
diff --git a/observer_agent/grpc_comm/Makefile b/observer_agent/grpc_comm/Makefile
index 3c87ad8..0556a16 100644
--- a/observer_agent/grpc_comm/Makefile
+++ b/observer_agent/grpc_comm/Makefile
@@ -17,8 +17,8 @@
 HOST_SYSTEM = $(shell uname | cut -f 1 -d_)
 SYSTEM ?= $(HOST_SYSTEM)
 CXX = g++
-CPPFLAGS += `pkg-config --cflags protobuf grpc`
-CXXFLAGS += -std=c++11 -fPIC
+CPPFLAGS += `pkg-config --cflags protobuf grpc` -std=c++17
+CXXFLAGS += -fPIC
 ifeq ($(SYSTEM),Darwin)
 LDFLAGS += -L/usr/local/lib `pkg-config --libs protobuf grpc++`\
 					 -pthread\
@@ -38,7 +38,7 @@ PROTOS_PATH = ./protos
 
 vpath %.proto $(PROTOS_PATH)
 
-all: system-check client_pub_demo client_sub_demo server_demo
+all: client_pub_demo client_sub_demo server_demo
 
 client_pub_demo: comm_api.pb.o comm_api.grpc.pb.o client.o client_pub_demo.o
 	$(CXX) $^ $(LDFLAGS) -o $@
@@ -58,56 +58,3 @@ server_demo: comm_api.pb.o comm_api.grpc.pb.o server.o server_demo.o
 clean:
 	rm -f *.o *.pb.cc *.pb.h server_demo client_sub_demo client_pub_demo
 
-
-# The following is to test your system and ensure a smoother experience.
-# They are by no means necessary to actually compile a grpc-enabled software.
-
-PROTOC_CMD = which $(PROTOC)
-PROTOC_CHECK_CMD = $(PROTOC) --version | grep -q libprotoc.3
-PLUGIN_CHECK_CMD = which $(GRPC_CPP_PLUGIN)
-HAS_PROTOC = $(shell $(PROTOC_CMD) > /dev/null && echo true || echo false)
-ifeq ($(HAS_PROTOC),true)
-HAS_VALID_PROTOC = $(shell $(PROTOC_CHECK_CMD) 2> /dev/null && echo true || echo false)
-endif
-HAS_PLUGIN = $(shell $(PLUGIN_CHECK_CMD) > /dev/null && echo true || echo false)
-
-SYSTEM_OK = false
-ifeq ($(HAS_VALID_PROTOC),true)
-ifeq ($(HAS_PLUGIN),true)
-SYSTEM_OK = true
-endif
-endif
-
-system-check:
-ifneq ($(HAS_VALID_PROTOC),true)
-	@echo " DEPENDENCY ERROR"
-	@echo
-	@echo "You don't have protoc 3.0.0 installed in your path."
-	@echo "Please install Google protocol buffers 3.0.0 and its compiler."
-	@echo "You can find it here:"
-	@echo
-	@echo "   https://github.com/protocolbuffers/protobuf/releases/tag/v3.0.0"
-	@echo
-	@echo "Here is what I get when trying to evaluate your version of protoc:"
-	@echo
-	-$(PROTOC) --version
-	@echo
-	@echo
-endif
-ifneq ($(HAS_PLUGIN),true)
-	@echo " DEPENDENCY ERROR"
-	@echo
-	@echo "You don't have the grpc c++ protobuf plugin installed in your path."
-	@echo "Please install grpc. You can find it here:"
-	@echo
-	@echo "   https://github.com/grpc/grpc"
-	@echo
-	@echo "Here is what I get when trying to detect if you have the plugin:"
-	@echo
-	-which $(GRPC_CPP_PLUGIN)
-	@echo
-	@echo
-endif
-ifneq ($(SYSTEM_OK),true)
-	@false
-endif
-- 
Gitee