Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 565118 - gnustep-base/gnustep-base-1.24.8: configure fails with MPROTECT on
Summary: gnustep-base/gnustep-base-1.24.8: configure fails with MPROTECT on
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Library (show other bugs)
Hardware: AMD64 Linux
: Normal normal with 1 vote (vote)
Assignee: Gentoo Gnustep project
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-11-08 08:08 UTC by lorem.ipsum.989
Modified: 2016-03-14 01:04 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
My emerge --info (info.txt,6.99 KB, text/plain)
2015-11-08 08:09 UTC, lorem.ipsum.989 		Details
config.log (config.log,410.36 KB, text/plain)
2015-11-08 08:11 UTC, lorem.ipsum.989 		Details
build.log (build.log,19.58 KB, text/plain)
2015-11-08 08:15 UTC, lorem.ipsum.989 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description lorem.ipsum.989 2015-11-08 08:08:10 UTC 
After switching to Gentoo Hardened, I can no longer install gnustep-base: the configuration stage fails when checking for libffi because of a violation of MPROTECT policy in ${WORKDIR}/${P}/conftest.

Reproducible: Always

Steps to Reproduce:
1. Boot a hardened-4.2.5-r1 kernel with MPROTECT enabled
2. Try to `emerge -1 gnustep-base` with USE="icu libffi ssl -debug -doc -zeroconf"
Actual Results:  
Emerge bails out with an 'econf failed'. 
config.log says "configure: error: The ffi library (libffi) does not appear to be working."
The actual error record is "./configure: line 24382:  4245 Killed ./conftest$ac_exeext"

system logs say : "PAX: execution attempt in: <anonymous mapping> ...
PAX: terminating task: /var/tmp/portage/gnustep-base/gnustep-base-1.24.8/work/gnustep-base-1.24.8/conftest(conftest):4245"

Expected Results:  
Successful configuration, compilation and installation

I should probably mention that I'm using a custom hardened/desktop profile, but I didn't manage to find any related USE masks/etc. that could fail to be applied. My profile is basically a child of:

../../../../portage/profiles/default/linux/amd64/13.0/desktop/plasma/systemd
../../../../portage/profiles/hardened/linux/amd64
Comment 1 lorem.ipsum.989 2015-11-08 08:09:28 UTC 
Created attachment 416270 [details]
My emerge --info
Comment 2 lorem.ipsum.989 2015-11-08 08:11:10 UTC 
Created attachment 416272 [details]
config.log
Comment 3 lorem.ipsum.989 2015-11-08 08:15:09 UTC 
Created attachment 416274 [details]
build.log
Comment 4 Bernard Cafarelli gentoo-dev 2015-11-12 12:13:54 UTC 
Thanks for the report!

I know that all the libffi parts are very sensitive on PaX kernels, but nowadays it should work OK.
Can you double-check all depending packages have been built correctly with USE=pax_kernel (especially libffi itself)?
Comment 5 lorem.ipsum.989 2015-11-13 05:49:40 UTC 
(In reply to Bernard Cafarelli from comment #4)
> Thanks for the report!
> 
> I know that all the libffi parts are very sensitive on PaX kernels, but
> nowadays it should work OK.
> Can you double-check all depending packages have been built correctly with
> USE=pax_kernel (especially libffi itself)?

Yes, I recompiled @world right after switching to hardened, gnustep-base is the only package that failed to build; libffi installs perfectly fine. A dirty solution I used to make it merge is simply disabling MPROTECT on conftest in the configure script: once installed, the library seems to work just fine (I need it for app-arch/unar, which I'm not experiencing any issues with).
Comment 6 lorem.ipsum.989 2015-11-13 05:58:27 UTC 
Oops, my bad. After I recompiled libffi again, everything installs just OK. NOTABUG.
Comment 7 Stian Ellingsen 2016-03-14 01:04:49 UTC 
Same problem here, tried both version 1.24.6-r1 and version 1.24.8-r1 of gnustep-base. Recompiling libffi (3.0.13-r1 or 3.2.1) does not fix the problem, USE=pax_kernel is enabled.