kmod compilation failed on rhel9 #3196
Comments
|
Hi! Luckily enough, next driver version (to be released within 2-3 weeks with next Falco release) will be smarter thanks to falcosecurity/libs#1452 and falcosecurity/libs#1729, allowing us to probe for these backports in a flexible way. The exact change that is causing your issue is already solved in libs master: https://github.com/falcosecurity/libs/blob/master/driver/configure/CLASS_CREATE_1/test.c |
|
/milestone 0.38.0 |
|
Hi team, will 0.38.0 be released in this week? Is it postponed? |
|
yes, it should! We are in line with the plan. I've seen that you have a compilation issue with the kmod, have you ever tried the |
Yes we tried with modern_ebpf but also current-syscall-supprt, is this still a problem in the 0.37.1? |
|
And may I know what is the recommended way from falco? modern_ebpf? |
It is not :) modern bpf supports all syscalls since a couple of Falco releases! That blog post is a bit outdated now.
You only need to pass |
Yes Falco 0.38.0 will ship the modern_ebpf as the default driver |
|
This should be fixed in Falco 0.38.0 , released today. If not, feel free to open another issue! |
Describe the bug
I was trying to build the kernel module on rhel9 but the build process failed. However when I was building the module on another kernel, the process succeeded.
the error from dkms is
How to reproduce it
docker run -it --privileged -v /root/.falco:/root/.falco -v /etc:/host/etc:ro -v /usr:/host/usr:ro -v /lib/modules:/host/lib/modules:ro -v /proc:/host/proc:ro -v /etc:/host/etc:ro falcosecurity/falco-driver-loader --compile --download
Expected behaviour
the modules should be built and installed
Screenshots
Environment
the issued version rhel9.4
the successful version is rhel9.3
the issued version rhel9.4 5.14.0-427.16.1.el9_4.x86_64
the successful version is rhel9.3 5.14.0-362.24.1.el9_3.x86_64
Additional context
The text was updated successfully, but these errors were encountered: