new(driver): kmod configure system

[deepskyblue86]

What type of PR is this?
/kind feature

Any specific area of the project related to this PR?
/area driver-kmod

Does this PR require a change in the driver versions?

What this PR does / why we need it:
Introduce a new mechanism for conditional build in the kernel module, documented in driver/README.configure.md

Apply such mechanism to ppm_access_ok, easily detecting if access_ok is the old version with 3 parameters or the new one with just two.

Which issue(s) this PR fixes:
Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

NONE

[gnosek]

SHIP IT!

[poiana]

LGTM label has been added.

Git tree hash: 18648c12b53dcbaa17bcea074e904de7011b4ab1

[FedeDP]

/hold
We must first figure how to support something like this in driverkit.

[FedeDP]

I opened a wip falcosecurity/driverkit#302 to allow Driverkit to use cmake to configure and build kmod and bpf drivers.
It would allow us to support the changes in this PR.

[FedeDP]

It would be great if you could add a configuration for the only driver testing issues we are seeing: https://falcosecurity.github.io/libs/matrix_X64/#centos-418-kmod_build
This way, once this gets merged, we will finally have a fully green kernel testing matrix!

EDIT: uh i missed it, there was already the config to fix it! (indeed, as we can see below, centos 4.18 is already fixed!)
What's weird, is why fedora is still not fixed considering it spots the same issue

[FedeDP]

Also, i am running kernel-tests against this branch: https://github.com/falcosecurity/libs/actions/runs/7526616526, just to make sure everything is ok ;)

[FedeDP]

x86_64 matrix:

KERNEL	CMAKE-CONFIGURE	KMOD BUILD	KMOD SCAP-OPEN	BPF-PROBE BUILD	BPF-PROBE SCAP-OPEN	MODERN-BPF SCAP-OPEN
amazonlinux2-4.19	🟢	🟢	🟢	🟢	🟢	🟡
amazonlinux2-5.10	🟢	🟢	🟢	🟢	🟢	🟢
amazonlinux2-5.15	🟢	🟢	🟢	🟢	🟢	🟢
amazonlinux2-5.4	🟢	🟢	🟢	🟢	🟢	🟡
amazonlinux2022-5.15	🟢	🟢	🟢	🟢	🟢	🟢
amazonlinux2023-6.1	🟢	🟢	🟢	🟢	🟢	🟢
archlinux-6.0	🟢	🟢	🟢	🟢	🟢	🟢
centos-3.10	🟢	🟢	🟢	🟡	🟡	🟡
centos-4.18	🟢	🟢	🟢	🟢	🟢	🟢
centos-5.14	🟢	🟢	🟢	🟢	🟢	🟢
fedora-5.17	🟢	❌	❌	🟢	🟢	🟢
fedora-5.8	🟢	🟢	🟢	🟢	🟢	🟢
fedora-6.2	🟢	🟢	🟢	🟢	🟢	🟢
oraclelinux-3.10	🟢	🟢	🟢	🟡	🟡	🟡
oraclelinux-4.14	🟢	🟢	🟢	🟢	🟢	🟡
oraclelinux-5.15	🟢	🟢	🟢	🟢	🟢	🟢
oraclelinux-5.4	🟢	🟢	🟢	🟢	🟢	🟡
ubuntu-4.15	🟢	🟢	🟢	🟢	🟢	🟡
ubuntu-6.3	🟢	🟢	🟢	🟢	🟢	🟢

[FedeDP]

Shouldn't this be already fixed given it is the same error as centos-4.18 (on master), and the latter is solved by this PR?

fedora-5.17 kmod_build

Msg:

non-zero return code

Err:

warning: the compiler differs from the one used to build the kernel
  The kernel was built by: gcc (GCC) 12.0.1 20220413 (Red Hat 12.0.1-0)
  You are using:           gcc (GCC) 12.2.1 20221121 (Red Hat 12.2.1-4)
/root/repos/falcosecurity-libs/build/driver/src/main.c: In function ‘scap_init’:
/root/repos/falcosecurity-libs/build/driver/src/main.c:2892:30: error: assignment to ‘char * (*)(struct device *, umode_t *)’ {aka ‘char * (*)(struct device *, short unsigned int *)’} from incompatible pointer type ‘char * (*)(const struct device *, umode_t *)’ {aka ‘char * (*)(const struct device *, short unsigned int *)’} [-Werror=incompatible-pointer-types]
 2892 |         g_ppm_class->devnode = ppm_devnode;
      |                              ^
cc1: some warnings being treated as errors
make[6]: *** [scripts/Makefile.build:288: /root/repos/falcosecurity-libs/build/driver/src/main.o] Error 1
make[6]: *** Waiting for unfinished jobs....
make[5]: *** [Makefile:1841: /root/repos/falcosecurity-libs/build/driver/src] Error 2
make[4]: *** [Makefile:22: all] Error 2
make[3]: *** [driver/CMakeFiles/driver.dir/build.make:70: driver/CMakeFiles/driver] Error 2
make[2]: *** [CMakeFiles/Makefile2:669: driver/CMakeFiles/driver.dir/all] Error 2
make[1]: *** [CMakeFiles/Makefile2:676: driver/CMakeFiles/driver.dir/rule] Error 2
make: *** [Makefile:299: driver] Error 2

[deepskyblue86]

@FedeDP now it should work. Thanks for pointing me to https://falcosecurity.github.io/kernel-crawler/?arch=x86_64&target=fedora&search=5.17.5-300.fc36.x86_64 🙂

[FedeDP]

Update! Driverkit PR was just merged; we are running some tests and then a new driverkit release will be tagged. At that time, we will be free to proceed with this one and i'll ask you @deepskyblue86 for a rebase ;)

[FedeDP]

@deepskyblue86 care to rebase? https://github.com/falcosecurity/driverkit/releases/tag/v0.17.0 😃

[FedeDP]

/milestone 0.15.0

[FedeDP]

/approve

[poiana]

LGTM label has been added.

Git tree hash: def53456f4e4ae4e82212318b5fb75b13fead664

[FedeDP]

/unhold

[deepskyblue86]

@gnosek /approve 😁?

[gnosek]

🤩

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: deepskyblue86, FedeDP, gnosek

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• driver/OWNERS [FedeDP,gnosek]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment