| Summary: | net-fs/openafs-1.6.1 doesn't built with sys-kernel/hardened-sources with grsecurity/PaX enabled | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Benjamin Gaillard <gentoo> |
| Component: | Hardened | Assignee: | The Gentoo Linux Hardened Kernel Team (OBSOLETE) <hardened-kernel+disabled> |
| Status: | RESOLVED OBSOLETE | ||
| Severity: | normal | CC: | aparicio99, pageexec, proxy-maint |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: |
net-fs/openafs grsecurity fix
Updated net-fs/openafs-kernel ebuild Updated net-fs/openafs ebuild |
||
Created attachment 323686 [details]
Updated net-fs/openafs-kernel ebuild
Created attachment 323688 [details]
Updated net-fs/openafs ebuild
May not be affected by the bug, but just to be consistent with net-fs/openafs-kernel...
Sorry for the delay on this one, it got burried :( Is constify still an issue on the latest hardened-sources? This is not really an issue any more: since hardened-sources version 3.8 it's possible to disable the 'constify' plugin altogether (CONFIG_PAX_CONSTIFY_PLUGIN). There is another compilation issue related to the section mismatch verification phase which is enforced by OpenAFS (it refuses to continue if there are warnings although they aren't really relevant), but this is unrelated to this bug and much easier to circumvent. |
Created attachment 323684 [details] net-fs/openafs grsecurity fix When grsecurity/PaX is enabled in sys-kernel/hardened-sources, the 'constify' plugin is enabled, causing a net-fs/openafs-1.6.1 (and probably earlier versions too) build failure. Some ./configure tests wrongfully fail because of this as well as code modifying the 'func' field of 'struct rxevent'. Here is a patch that corrects the issue without breaking compatibility with non-hardened kernels.