|Summary:||net-fs/openafs-1.6.1 doesn't built with sys-kernel/hardened-sources with grsecurity/PaX enabled|
|Product:||Gentoo Linux||Reporter:||Benjamin Gaillard <gentoo>|
|Component:||Hardened||Assignee:||The Gentoo Linux Hardened Kernel Team (OBSOLETE) <hardened-kernel+disabled>|
|Severity:||normal||CC:||aparicio99, pageexec, proxy-maint|
|Package list:||Runtime testing required:||---|
net-fs/openafs grsecurity fix
Updated net-fs/openafs-kernel ebuild
Updated net-fs/openafs ebuild
Description Benjamin Gaillard 2012-09-13 16:34:13 UTC
Created attachment 323684 [details] net-fs/openafs grsecurity fix When grsecurity/PaX is enabled in sys-kernel/hardened-sources, the 'constify' plugin is enabled, causing a net-fs/openafs-1.6.1 (and probably earlier versions too) build failure. Some ./configure tests wrongfully fail because of this as well as code modifying the 'func' field of 'struct rxevent'. Here is a patch that corrects the issue without breaking compatibility with non-hardened kernels.
Comment 1 Benjamin Gaillard 2012-09-13 16:36:08 UTC
Created attachment 323686 [details] Updated net-fs/openafs-kernel ebuild
Comment 2 Benjamin Gaillard 2012-09-13 16:38:37 UTC
Created attachment 323688 [details] Updated net-fs/openafs ebuild May not be affected by the bug, but just to be consistent with net-fs/openafs-kernel...
Comment 3 Anthony Basile 2013-06-24 21:55:12 UTC
Sorry for the delay on this one, it got burried :( Is constify still an issue on the latest hardened-sources?
Comment 4 Benjamin Gaillard 2013-07-01 16:25:15 UTC
This is not really an issue any more: since hardened-sources version 3.8 it's possible to disable the 'constify' plugin altogether (CONFIG_PAX_CONSTIFY_PLUGIN). There is another compilation issue related to the section mismatch verification phase which is enforced by OpenAFS (it refuses to continue if there are warnings although they aren't really relevant), but this is unrelated to this bug and much easier to circumvent.