Kernel compilation with CONFIG_GRKERNSEC_CHROOT_NICE set results in error when compiling the grsecurity part of the kernel (missing part in a structure for gr_handle_chroot_setpriority function). Reproducible: Always Steps to Reproduce: 1. emerge 2. Have a config with CONFIG_GRKERNSEC_CHROOT_NICE=y 3. make dep and then make bzImage Actual Results: Failed kernel build Expected Results: Compiled kernel make[1]: Entering directory `/usr/src/linux-2.4.20-gentoo-r3/grsecurity' make all_targets make[2]: Entering directory `/usr/src/linux-2.4.20-gentoo-r3/grsecurity' gcc -D__KERNEL__ -I/usr/src/linux-2.4.20-gentoo-r3/include -Wall -Wstrict-prototypes -Wno-trigraphs -O3 -fno-strict-aliasing -fno-common -fomit-frame-pointer -pipe -mpreferred-stack-boundary=2 -march=pentium4 -mmmx -msse -msse2 -falign-functions=4 -fprefetch-loop-arrays -maccumulate-outgoing-args -nostdinc -iwithprefix include -DKBUILD_BASENAME=grsec_chroot -c -o grsec_chroot.o grsec_chroot.c In file included from /usr/src/linux-2.4.20-gentoo-r3/include/linux/prefetch.h:13, from /usr/src/linux-2.4.20-gentoo-r3/include/linux/list.h:6, from /usr/src/linux-2.4.20-gentoo-r3/include/linux/wait.h:14, from /usr/src/linux-2.4.20-gentoo-r3/include/linux/fs.h:12, from /usr/src/linux-2.4.20-gentoo-r3/include/linux/capability.h:17, from /usr/src/linux-2.4.20-gentoo-r3/include/linux/binfmts.h:6, from /usr/src/linux-2.4.20-gentoo-r3/include/linux/sched.h:9, from grsec_chroot.c:2: /usr/src/linux-2.4.20-gentoo-r3/include/asm/processor.h:288:1: warning: "TASK_UNMAPPED_BASE" redefined /usr/src/linux-2.4.20-gentoo-r3/include/asm/processor.h:283:1: warning: this is the location of the previous definition grsec_chroot.c: In function `gr_handle_chroot_setpriority': grsec_chroot.c:56: structure has no member named `nice' make[2]: *** [grsec_chroot.o] Error 1 make[2]: Leaving directory `/usr/src/linux-2.4.20-gentoo-r3/grsecurity' make[1]: *** [first_rule] Error 2 make[1]: Leaving directory `/usr/src/linux-2.4.20-gentoo-r3/grsecurity' make: *** [_dir_grsecurity] Error 2
this is fixed in pfeifer-sources-2.4.20_pre11 (actually it was fixed in pre8 but pre11 is better) - use it for now until i package it for the next gentoo-sources. Jay
To sum up, gentoo-sources-2.4.20-r3 will never compile with some grsecurity options and we should wait for gentoo-sources-2.4.20-r4 ?
gentoo-sources-2.4.20-r4 is now in portage. Enjoy and give some feedback. Thanks, Jay