Changes to build the kmod with 5.1 kernels [SMAGENT-1643] (#1413)

[SMAGENT-1643] Changes to build the kmod with 5.1 kernels * The syscall_get_arguments function changed its parameters. * The mmap symbols changed header locations * Wrapped the kernel version check in a function
draios · May 23, 2019 · a6ab1e6 · a6ab1e6
1 parent 15ed91a
commit a6ab1e6
Show file tree

Hide file tree

Showing 5 changed files with 227 additions and 191 deletions.
diff --git a/driver/main.c b/driver/main.c
@@ -216,6 +216,15 @@ do {								\
 		pr_info(fmt, ##__VA_ARGS__);			\
 } while (0)
 
+inline void ppm_syscall_get_arguments(struct task_struct *task, struct pt_regs *regs, unsigned long *args)
+{
+#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 1, 0))
+    syscall_get_arguments(task, regs, 0, 6, args);
+#else
+    syscall_get_arguments(task, regs, args);
+#endif
+}
+
 /* compat tracepoint functions */
 static int compat_register_trace(void *func, const char *probename, struct tracepoint *tp)
 {
@@ -1284,11 +1293,10 @@ static const unsigned char compat_nas[21] = {
 #ifdef _HAS_SOCKETCALL
 static enum ppm_event_type parse_socketcall(struct event_filler_arguments *filler_args, struct pt_regs *regs)
 {
-	unsigned long __user args[2];
+	unsigned long __user args[6] = {};
 	unsigned long __user *scargs;
 	int socketcall_id;
-
-	syscall_get_arguments(current, regs, 0, 2, args);
+	ppm_syscall_get_arguments(current, regs, args);
 	socketcall_id = args[0];
 	scargs = (unsigned long __user *)args[1];
 
@@ -1403,6 +1411,7 @@ static inline void record_drop_x(struct ppm_consumer_t *consumer, struct timespe
 static inline int drop_nostate_event(enum ppm_event_type event_type,
 				     struct pt_regs *regs)
 {
+	unsigned long args[6] = {};
 	unsigned long arg = 0;
 	int close_fd = -1;
 	struct files_struct *files;
@@ -1424,7 +1433,8 @@ static inline int drop_nostate_event(enum ppm_event_type event_type,
 		 * The invalid fd events don't matter to userspace in dropping mode,
 		 * so we do this before the UF_NEVER_DROP check
 		 */
-		syscall_get_arguments(current, regs, 0, 1, &arg);
+		ppm_syscall_get_arguments(current, regs, args);
+		arg = args[0];
 		close_fd = (int)arg;
 
 		files = current->files;
@@ -1444,7 +1454,8 @@ static inline int drop_nostate_event(enum ppm_event_type event_type,
 	case PPME_SYSCALL_FCNTL_E:
 	case PPME_SYSCALL_FCNTL_X:
 		// cmd arg
-		syscall_get_arguments(current, regs, 1, 1, &arg);
+		ppm_syscall_get_arguments(current, regs, args);
+		arg = args[1];
 		if (arg != F_DUPFD && arg != F_DUPFD_CLOEXEC)
 			drop = true;
 		break;

diff --git a/driver/ppm.h b/driver/ppm.h
@@ -113,4 +113,6 @@ extern const struct syscall_evt_pair g_syscall_ia32_table[];
 extern const enum ppm_syscall_code g_syscall_ia32_code_routing_table[];
 #endif
 
+extern void ppm_syscall_get_arguments(struct task_struct *task, struct pt_regs *regs, unsigned long *args);
+
 #endif /* PPM_H_ */
diff --git a/driver/ppm_events.c b/driver/ppm_events.c
@@ -249,14 +249,16 @@ inline u32 compute_snaplen(struct event_filler_arguments *args, char *buf, u32 l
 			if (err == 0) {
 				if(args->event_type == PPME_SOCKET_SENDTO_X)
 				{
+					unsigned long syscall_args[6] = {};
 					unsigned long val;
 					struct sockaddr __user * usrsockaddr;
 					/*
 					 * Get the address
 					 */
-					if (!args->is_socketcall)
-						syscall_get_arguments(current, args->regs, 4, 1, &val);
-					else
+					if (!args->is_socketcall) {
+						ppm_syscall_get_arguments(current, args->regs, syscall_args);
+						val = syscall_args[4];
+					} else
 						val = args->socketcall_args[4];
 
 					usrsockaddr = (struct sockaddr __user *)val;
@@ -270,9 +272,10 @@ inline u32 compute_snaplen(struct event_filler_arguments *args, char *buf, u32 l
 						/*
 						 * Get the address len
 						 */
-						if (!args->is_socketcall)
-							syscall_get_arguments(current, args->regs, 5, 1, &val);
-						else
+						if (!args->is_socketcall) {
+							ppm_syscall_get_arguments(current, args->regs, syscall_args);
+							val = syscall_args[5];
+						} else
 							val = args->socketcall_args[5];
 
 						if (val != 0) {
@@ -288,6 +291,7 @@ inline u32 compute_snaplen(struct event_filler_arguments *args, char *buf, u32 l
 						}
 					}
 				} else if (args->event_type == PPME_SOCKET_SENDMSG_X) {
+					unsigned long syscall_args[6] = {};
 					unsigned long val;
 					struct sockaddr __user * usrsockaddr;
 					int addrlen;
@@ -300,9 +304,10 @@ inline u32 compute_snaplen(struct event_filler_arguments *args, char *buf, u32 l
 					struct msghdr mh;
 #endif
 
-					if (!args->is_socketcall)
-						syscall_get_arguments(current, args->regs, 1, 1, &val);
-					else
+					if (!args->is_socketcall) {
+						ppm_syscall_get_arguments(current, args->regs, syscall_args);
+						val = syscall_args[1];
+					} else
 						val = args->socketcall_args[1];
 
 #ifdef CONFIG_COMPAT
@@ -1113,6 +1118,7 @@ int32_t parse_readv_writev_bufs(struct event_filler_arguments *args, const struc
 	unsigned long bufsize;
 	char *targetbuf = args->str_storage;
 	u32 targetbuflen = STR_STORAGE_SIZE;
+	unsigned long syscall_args[6] = {};
 	unsigned long val;
 	u32 notcopied_len;
 	size_t tocopy_len;
@@ -1158,9 +1164,10 @@ int32_t parse_readv_writev_bufs(struct event_filler_arguments *args, const struc
 			/*
 			 * Retrieve the FD. It will be used for dynamic snaplen calculation.
 			 */
-			if (!args->is_socketcall)
-				syscall_get_arguments(current, args->regs, 0, 1, &val);
-			else
+			if (!args->is_socketcall) {
+				ppm_syscall_get_arguments(current, args->regs, syscall_args);
+				val = syscall_args[0];
+			} else
 				val = args->socketcall_args[0];
 			args->fd = (int)val;
 
@@ -1244,6 +1251,7 @@ int32_t compat_parse_readv_writev_bufs(struct event_filler_arguments *args, cons
 	unsigned long bufsize;
 	char *targetbuf = args->str_storage;
 	u32 targetbuflen = STR_STORAGE_SIZE;
+	unsigned long syscall_args[6] = {};
 	unsigned long val;
 	u32 notcopied_len;
 	compat_size_t tocopy_len;
@@ -1289,9 +1297,10 @@ int32_t compat_parse_readv_writev_bufs(struct event_filler_arguments *args, cons
 			/*
 			 * Retrieve the FD. It will be used for dynamic snaplen calculation.
 			 */
-			if (!args->is_socketcall)
-				syscall_get_arguments(current, args->regs, 0, 1, &val);
-			else
+			if (!args->is_socketcall) {
+				ppm_syscall_get_arguments(current, args->regs, syscall_args);
+				val = syscall_args[0];
+			} else
 				val = args->socketcall_args[0];
 			args->fd = (int)val;
 
@@ -1375,6 +1384,7 @@ int32_t compat_parse_readv_writev_bufs(struct event_filler_arguments *args, cons
 int f_sys_autofill(struct event_filler_arguments *args)
 {
 	int res;
+	unsigned long syscall_args[6] = {};
 	unsigned long val;
 	u32 j;
 	int64_t retval;
@@ -1393,11 +1403,8 @@ int f_sys_autofill(struct event_filler_arguments *args)
 				/*
 				 * Regular argument
 				 */
-				syscall_get_arguments(current,
-						args->regs,
-						evinfo->autofill_args[j].id,
-						1,
-						&val);
+				ppm_syscall_get_arguments(current, args->regs, syscall_args);
+				val = syscall_args[evinfo->autofill_args[j].id];
 			}
 
 			res = val_to_ring(args, val, 0, true, 0);