blob: a6db9e2d751cdf72878f37de7fb1dfb0f825f20d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Bug: https://bugs.gentoo.org/921163
Subset of patch taken from: https://github.com/falcosecurity/libs/commit/bf0afa0cacb775582fde134500fe66af38f1eb59
--- a/driver/ppm_fillers.c 2024-01-01 15:05:13.000000000 +0100
+++ b/driver/ppm_fillers.c 2024-01-01 15:15:59.893048651 +0100
@@ -430,7 +430,13 @@ struct file *ppm_get_mm_exe_file(struct
{
struct file *exe_file;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0)
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 7, 0)
+ // Since linux 6.7.0, `get_file_rcu` is no more a define and takes a double pointer parameter.
+ // See https://github.com/torvalds/linux/commit/0ede61d8589cc2d93aa78230d74ac58b5b8d0244.
+ rcu_read_lock();
+ exe_file = get_file_rcu(&mm->exe_file);
+ rcu_read_unlock();
+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0)
rcu_read_lock();
exe_file = rcu_dereference(mm->exe_file);
if (exe_file && !get_file_rcu(exe_file))
|