forked from falcosecurity/libs
-
Notifications
You must be signed in to change notification settings - Fork 21
/
compile-probe.sh
80 lines (72 loc) · 2.22 KB
/
compile-probe.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
#!/bin/bash
# file structure:
# - driver
# - Makefile (kernel modules)
# - *.h, *.c
# - bpf
# - *.h, *.c
# - Makefile (bpf probe)
# - compile-probe.sh: script for compiling
# - probe: contains all probes after compiling
PROBE_NAME=kindling-falcolib-probe
DST=kindling-falcolib-probe
DIR=$(pwd)
if [ ! -d $DST ]; then
mkdir $DST
fi
compilerBpfFun() {
cd bpf
make KERNELDIR=$src
mv probe.o $DIR/$DST/$version.o
make KERNELDIR=$src clean
}
compilerKernelModulesFun() {
make KERNELDIR=$src
mv $PROBE_NAME.ko $DIR/$DST/$version.ko
make KERNELDIR=$src clean
}
for version in $(ls /lib/modules); do
array=(${version//./ })
version3=${array[2]}
if [[ ${array[2]} =~ "-" ]]; then
versionSmall=(${version3//-/ })
if [ ${array[0]} -eq 3 ] && [ ${array[1]} -eq 10 ] && [ ${versionSmall[0]} == "0" ] && [ ${versionSmall[1]} -lt 327 ]; then
rm -rf /usr/bin/gcc && ln -s /usr/bin/gcc-4.9 /usr/bin/gcc
elif [ ${array[0]} -ge 5 ]; then
rm -rf /usr/bin/gcc && ln -s /usr/bin/gcc-8 /usr/bin/gcc
else
rm -rf /usr/bin/gcc && ln -s /usr/bin/gcc-5 /usr/bin/gcc
fi
fi
cd $DIR/driver
echo Compile probe for $version
src=/lib/modules/$version/build
compilerKernelModulesFun
echo "$version"
fileDir="./bpf/probe.c"
if [ ${array[0]} -eq 5 ] && [ ${array[1]} -ge 14 ]; then
sed -i 's/_READ(p->state) == TASK_RUNNING/_READ(p->__state) == TASK_RUNNING/g' $fileDir
elif [ ${array[0]} -eq 6 ]; then
sed -i 's/_READ(p->state) == TASK_RUNNING/_READ(p->__state) == TASK_RUNNING/g' $fileDir
else
sed -i 's/_READ(p->__state) == TASK_RUNNING/_READ(p->state) == TASK_RUNNING/g' $fileDir
fi
if [ ${array[0]} -ge 5 ]; then
compilerBpfFun
fi
if [ ${array[0]} -ge 4 ] && [ ${array[1]} -ge 14 ]; then
compilerBpfFun
fi
if [ ${array[0]} -eq 3 ] && [ ${array[1]} -eq 10 ] && [ ${array[2]} == "0-957" ]; then
compilerBpfFun
fi
if [ ${array[0]} -eq 3 ] && [ ${array[1]} -eq 10 ] && [ ${array[2]} == "0-1062" ]; then
compilerBpfFun
fi
if [ ${array[0]} -eq 3 ] && [ ${array[1]} -eq 10 ] && [ ${array[2]} == "0-1127" ]; then
compilerBpfFun
fi
if [ ${array[0]} -eq 3 ] && [ ${array[1]} -eq 10 ] && [ ${array[2]} == "0-1160" ]; then
compilerBpfFun
fi
done