From 03e5265ea6e9a73276f2dd3154783f23738f10e8 Mon Sep 17 00:00:00 2001
From: hurricane618 <hurricane618@hotmail.com>
Date: Mon, 5 Feb 2024 11:14:16 +0800
Subject: [PATCH] backport patch to fix compile error in v6.6 kernel

Signed-off-by: hurricane618 <hurricane618@hotmail.com>
---
 Backport-fix-6.x-kernel-compile-error.patch | 268 ++++++++++++++++++++
 secDetector.spec                            |   6 +-
 2 files changed, 273 insertions(+), 1 deletion(-)
 create mode 100644 Backport-fix-6.x-kernel-compile-error.patch

diff --git a/Backport-fix-6.x-kernel-compile-error.patch b/Backport-fix-6.x-kernel-compile-error.patch
new file mode 100644
index 0000000..ad58abf
--- /dev/null
+++ b/Backport-fix-6.x-kernel-compile-error.patch
@@ -0,0 +1,268 @@
+From 0583e13c466bf0be32ccbfbb854e4aff41fb32ff Mon Sep 17 00:00:00 2001
+From: hurricane618 <hurricane618@hotmail.com>
+Date: Mon, 19 Feb 2024 23:31:59 +0800
+Subject: [PATCH] fix 6.x kernel compile error
+
+---
+ kerneldriver/cases/Makefile                   |  2 +
+ .../secDetector_mc_kmodule_baseline.c         |  5 ++
+ .../secDetector_program_action.c              | 41 +++++++++++++
+ .../response_unit/secDetector_ringbuffer.c    | 12 +++-
+ observer_agent/CMakeLists.txt                 |  4 +-
+ observer_agent/grpc_comm/Makefile             | 59 +------------------
+ 6 files changed, 63 insertions(+), 60 deletions(-)
+
+diff --git a/kerneldriver/cases/Makefile b/kerneldriver/cases/Makefile
+index 5a94e50..146fbee 100644
+--- a/kerneldriver/cases/Makefile
++++ b/kerneldriver/cases/Makefile
+@@ -26,8 +26,10 @@ ifndef KDIR
+ KDIR=$(KERNEL_SRC)
+ endif
+ 
++ifneq ($(VERSION), 6)
+ KBUILD_EXTRA_SYMBOLS += $(PWD)/../core/Module.symvers
+ export KBUILD_EXTRA_SYMBOLS
++endif
+ 
+ all:
+ 	$(MAKE) -C $(KERNEL_SRC) M=$(PWD) modules KCPPFLAGS="${cflags-y}"
+diff --git a/kerneldriver/cases/kmodule_baseline/secDetector_mc_kmodule_baseline.c b/kerneldriver/cases/kmodule_baseline/secDetector_mc_kmodule_baseline.c
+index 9a051ca..b799f9f 100644
+--- a/kerneldriver/cases/kmodule_baseline/secDetector_mc_kmodule_baseline.c
++++ b/kerneldriver/cases/kmodule_baseline/secDetector_mc_kmodule_baseline.c
+@@ -10,6 +10,7 @@
+ #include <linux/list.h>
+ #include <linux/spinlock.h>
+ #include <linux/slab.h>
++#include <linux/version.h>
+ #include <time.h>
+ #include "secDetector_mc_kmodule_baseline.h"
+ #include "secDetector_response.h"
+@@ -123,7 +124,9 @@ void check_kmodule_baseline(void)
+ 	if (module_kset == NULL)
+ 		return;
+ 
++#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 0, 0)
+ 	mutex_lock(&module_mutex);
++#endif
+ 	spin_lock(&module_kset->list_lock);
+ 	list_for_each_entry(k, &module_kset->list, entry) {
+ 		if (k->name == NULL)
+@@ -137,7 +140,9 @@ void check_kmodule_baseline(void)
+ 			break;
+ 	}
+ 	spin_unlock(&module_kset->list_lock);
++#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 0, 0)
+ 	mutex_unlock(&module_mutex);
++#endif
+ 
+ 	report_kmodule_baseline();
+ 	free_kmodule_baseline();
+diff --git a/kerneldriver/cases/program_action/secDetector_program_action.c b/kerneldriver/cases/program_action/secDetector_program_action.c
+index f571c08..facd3b2 100644
+--- a/kerneldriver/cases/program_action/secDetector_program_action.c
++++ b/kerneldriver/cases/program_action/secDetector_program_action.c
+@@ -38,6 +38,7 @@
+ #include <linux/ctype.h>
+ #include <linux/cred.h>
+ #include <linux/kthread.h>
++#include <linux/version.h>
+ #include <string.h>
+ 
+ #include "secDetector_manager.h"
+@@ -84,6 +85,46 @@ struct process_info {
+ 	int umask;
+ };
+ 
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 0, 0)
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 7, 0)
++struct file *get_mm_exe_file(struct mm_struct *mm)
++{
++	struct file *exe_file;
++
++	rcu_read_lock();
++	exe_file = get_file_rcu(&mm->exe_file);
++	rcu_read_unlock();
++	return exe_file;
++}
++#else
++struct file *get_mm_exe_file(struct mm_struct *mm)
++{
++	struct file *exe_file;
++
++	rcu_read_lock();
++	exe_file = rcu_dereference(mm->exe_file);
++	if (exe_file && !get_file_rcu(exe_file))
++		exe_file = NULL;
++	rcu_read_unlock();
++	return exe_file;
++}
++#endif
++struct file *get_task_exe_file(struct task_struct *task)
++{
++	struct file *exe_file = NULL;
++	struct mm_struct *mm;
++
++	spin_lock(&task->alloc_lock);
++	mm = task->mm;
++	if (mm) {
++		if (!(task->flags & PF_KTHREAD))
++			exe_file = get_mm_exe_file(mm);
++	}
++	spin_unlock(&task->alloc_lock);
++	return exe_file;
++}
++#endif
++
+ char *get_process_path(struct task_struct *p, char *pathname, int len)
+ {
+ 	char *process_path = NULL;
+diff --git a/kerneldriver/core/response_unit/secDetector_ringbuffer.c b/kerneldriver/core/response_unit/secDetector_ringbuffer.c
+index b367d74..27e8640 100644
+--- a/kerneldriver/core/response_unit/secDetector_ringbuffer.c
++++ b/kerneldriver/core/response_unit/secDetector_ringbuffer.c
+@@ -17,6 +17,7 @@
+ #include <linux/module.h>
+ #include <linux/kmemleak.h>
+ #include <linux/fs.h>
++#include <linux/version.h>
+ 
+ static unsigned long rb_datasz;
+ static unsigned long rb_mask;
+@@ -287,7 +288,11 @@ static int ringbuffer_mmap(struct file *flip, struct vm_area_struct *vma)
+ 		    vma->vm_end - vma->vm_start != PAGE_SIZE)
+ 			return -EPERM;
+ 	} else {
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 0, 0)
++		vm_flags_clear(vma, VM_MAYWRITE);
++#else
+ 		vma->vm_flags &= ~VM_MAYWRITE;
++#endif
+ 	}
+ 	/* remap_vmalloc_range() checks size and offset */
+ 	return remap_vmalloc_range(vma, g_rb, vma->vm_pgoff + RINGBUF_PGOFF);
+@@ -366,8 +371,11 @@ int __init secDetector_ringbuf_dev_init(unsigned int rb_sz)
+ 		ret = major;
+ 		goto error_free;
+ 	}
+-
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 0, 0)
++	class = class_create(MODULE_DEVICE);
++#else
+ 	class = class_create(THIS_MODULE, MODULE_DEVICE);
++#endif
+ 	if (IS_ERR(class)) {
+ 		ret = PTR_ERR(class);
+ 		goto error_class_create;
+@@ -398,4 +406,4 @@ void __exit secDetector_ringbuf_dev_exit(void)
+ 	class_destroy(class);
+ 	unregister_chrdev(major, MODULE_DEVICE);
+ 	ringbuf_free(g_rb);
+-}
+\ No newline at end of file
++}
+diff --git a/observer_agent/CMakeLists.txt b/observer_agent/CMakeLists.txt
+index f110b49..297fcc0 100644
+--- a/observer_agent/CMakeLists.txt
++++ b/observer_agent/CMakeLists.txt
+@@ -1,7 +1,7 @@
+ cmake_minimum_required(VERSION 3.22)
+ 
+ add_subdirectory(ebpf)
+-set(CMAKE_CXX_STANDARD 11)
++set(CMAKE_CXX_STANDARD 17)
+ project(observer_agent VERSION 1.0 LANGUAGES CXX)
+ set(GRPC_PATH ${CMAKE_CURRENT_SOURCE_DIR}/grpc_comm)
+ add_custom_target(grpc_demo ALL
+@@ -16,5 +16,5 @@ target_include_directories(secDetectord PUBLIC service grpc_comm ${CMAKE_SOURCE_
+ target_link_libraries(secDetectord ${CMAKE_CURRENT_BINARY_DIR}/ebpf/.output/fentry.o)
+ target_link_libraries(secDetectord ${CMAKE_CURRENT_BINARY_DIR}/ebpf/file_ebpf/.output/file_fentry.o)
+ target_link_libraries(secDetectord ${GRPC_PATH}/comm_api.pb.o ${GRPC_PATH}/comm_api.grpc.pb.o)
+-target_link_libraries(secDetectord protobuf grpc++ grpc absl_synchronization uuid)
++target_link_libraries(secDetectord protobuf grpc++ grpc absl_synchronization absl_log_internal_message absl_log_internal_check_op absl_cord absl_cordz_info absl_cordz_functions absl_cordz_handle gpr uuid)
+ target_link_libraries(secDetectord z elf bpf)
+diff --git a/observer_agent/grpc_comm/Makefile b/observer_agent/grpc_comm/Makefile
+index 3c87ad8..0556a16 100644
+--- a/observer_agent/grpc_comm/Makefile
++++ b/observer_agent/grpc_comm/Makefile
+@@ -17,8 +17,8 @@
+ HOST_SYSTEM = $(shell uname | cut -f 1 -d_)
+ SYSTEM ?= $(HOST_SYSTEM)
+ CXX = g++
+-CPPFLAGS += `pkg-config --cflags protobuf grpc`
+-CXXFLAGS += -std=c++11 -fPIC
++CPPFLAGS += `pkg-config --cflags protobuf grpc` -std=c++17
++CXXFLAGS += -fPIC
+ ifeq ($(SYSTEM),Darwin)
+ LDFLAGS += -L/usr/local/lib `pkg-config --libs protobuf grpc++`\
+ 					 -pthread\
+@@ -38,7 +38,7 @@ PROTOS_PATH = ./protos
+ 
+ vpath %.proto $(PROTOS_PATH)
+ 
+-all: system-check client_pub_demo client_sub_demo server_demo
++all: client_pub_demo client_sub_demo server_demo
+ 
+ client_pub_demo: comm_api.pb.o comm_api.grpc.pb.o client.o client_pub_demo.o
+ 	$(CXX) $^ $(LDFLAGS) -o $@
+@@ -58,56 +58,3 @@ server_demo: comm_api.pb.o comm_api.grpc.pb.o server.o server_demo.o
+ clean:
+ 	rm -f *.o *.pb.cc *.pb.h server_demo client_sub_demo client_pub_demo
+ 
+-
+-# The following is to test your system and ensure a smoother experience.
+-# They are by no means necessary to actually compile a grpc-enabled software.
+-
+-PROTOC_CMD = which $(PROTOC)
+-PROTOC_CHECK_CMD = $(PROTOC) --version | grep -q libprotoc.3
+-PLUGIN_CHECK_CMD = which $(GRPC_CPP_PLUGIN)
+-HAS_PROTOC = $(shell $(PROTOC_CMD) > /dev/null && echo true || echo false)
+-ifeq ($(HAS_PROTOC),true)
+-HAS_VALID_PROTOC = $(shell $(PROTOC_CHECK_CMD) 2> /dev/null && echo true || echo false)
+-endif
+-HAS_PLUGIN = $(shell $(PLUGIN_CHECK_CMD) > /dev/null && echo true || echo false)
+-
+-SYSTEM_OK = false
+-ifeq ($(HAS_VALID_PROTOC),true)
+-ifeq ($(HAS_PLUGIN),true)
+-SYSTEM_OK = true
+-endif
+-endif
+-
+-system-check:
+-ifneq ($(HAS_VALID_PROTOC),true)
+-	@echo " DEPENDENCY ERROR"
+-	@echo
+-	@echo "You don't have protoc 3.0.0 installed in your path."
+-	@echo "Please install Google protocol buffers 3.0.0 and its compiler."
+-	@echo "You can find it here:"
+-	@echo
+-	@echo "   https://github.com/protocolbuffers/protobuf/releases/tag/v3.0.0"
+-	@echo
+-	@echo "Here is what I get when trying to evaluate your version of protoc:"
+-	@echo
+-	-$(PROTOC) --version
+-	@echo
+-	@echo
+-endif
+-ifneq ($(HAS_PLUGIN),true)
+-	@echo " DEPENDENCY ERROR"
+-	@echo
+-	@echo "You don't have the grpc c++ protobuf plugin installed in your path."
+-	@echo "Please install grpc. You can find it here:"
+-	@echo
+-	@echo "   https://github.com/grpc/grpc"
+-	@echo
+-	@echo "Here is what I get when trying to detect if you have the plugin:"
+-	@echo
+-	-which $(GRPC_CPP_PLUGIN)
+-	@echo
+-	@echo
+-endif
+-ifneq ($(SYSTEM_OK),true)
+-	@false
+-endif
+-- 
+2.21.0
+
diff --git a/secDetector.spec b/secDetector.spec
index 4d0f722..f281df4 100644
--- a/secDetector.spec
+++ b/secDetector.spec
@@ -5,7 +5,7 @@
 Name         :  secDetector
 Summary      :  OS Security Intrusion Detection System
 Version      :  1.0
-Release      :  13
+Release      :  14
 License      :  GPL-2.0
 Source0      :  %{name}-v%{version}.tar.gz
 BuildRequires:  kernel-devel kernel-headers
@@ -46,6 +46,7 @@ Patch0029: Backport-grpc-fix-coredump-in-Publish.patch
 Patch0030: Backport-fix-the-memory-leak-in-collect-unit.patch
 Patch0031: Backport-fix-memory-leak-in-program_action.patch
 Patch0032: Backport-bug-fix-memory-leak-in-sc-analyze-unit.patch
+Patch0033: Backport-fix-6.x-kernel-compile-error.patch
 
 %description
 OS Security Intrusion Detection System
@@ -119,6 +120,9 @@ rm -rf %{buildroot}
 %attr(0644,root,root) /usr/include/secDetector/secDetector_topic.h
 
 %changelog
+* Tue Feb 20 2024 hurricane618 <hurricane618@hotmail.com> 1.0-14
+- backport patch to fix compile error in v6.6 kernel
+
 * Thu Dec 21 2023 hurricane618 <hurricane618@hotmail.com> 1.0-13
 - backport patchs to fix memory