| View previous topic :: View next topic |
| Author |
Message |
yannickm
n00b
Joined: 14 May 2005
Posts: 8
|
 Posted: Sat May 14, 2005 12:01 pm Post subject: hardened udev compilation failing :-( |
 |
|
I'm trying to build an hardened server using the hardened stages ( tried both 1 and 3 without success )
compiling without udev resulted in no /dev/hdaX
trying to compile the kernel ( hardened-sources and hardened-dev-sources ), using genkernel --udev all, fails when compiling udev with errors of undefined reference to __stack_smash_handler, __guard  |
|
| Back to top |
|
 |
xanthein
n00b
Joined: 11 Apr 2004
Posts: 13
Location: London, UK
|
| Posted: Sat May 14, 2005 2:03 pm Post subject: |
|
|
I've had exactly the same problem:
| Code: |
libgcc/__umoddi3.c:11: undefined reference to `__guard'
libgcc/__umoddi3.o(.text+0x45):libgcc/__umoddi3.c:16: undefined reference to `__stack_smash_handler'
libgcc/__udivmoddi4.o(.text+0x1a): In function `__udivmoddi4':
libgcc/__udivmoddi4.c:5: undefined reference to `__guard'
libgcc/__udivmoddi4.o(.text+0xcc):libgcc/__udivmoddi4.c:32: undefined reference to `__stack_smash_handler'
make[2]: *** [libc.so] Error 1
make[2]: Leaving directory `/var/tmp/genkernel/udev-054/klibc/klibc'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/var/tmp/genkernel/udev-054/klibc'
make: *** [/var/tmp/genkernel/udev-054/klibc/klibc/crt0.o] Error 2
* Gentoo Linux Genkernel; Version 3.1.5
* ERROR: Failed to compile the "KERNEL_DIR=/usr/src/linux USE_KLIBC=true USE_LOG=false DEBUG=false udevdir=/dev all etc/udev/udev.conf" target...
|
This is occuring with linux-2.6.11-hardened-r1, being compiled on a fresh stage1-x86-hardened-2.6-2005.0 system.
_________________
matrix# reload
Proceed with reload? [confirm]
Connection closed by foreign host. |
|
| Back to top |
|
|
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Sat May 14, 2005 2:30 pm Post subject: |
|
|
Read my .sig 
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
xanthein
n00b
Joined: 11 Apr 2004
Posts: 13
Location: London, UK
|
| Posted: Sat May 14, 2005 2:37 pm Post subject: |
|
|
Here's emerge info:
| Code: |
Portage 2.0.51.19 (hardened/x86/2.6, gcc-3.3.5-20050130, glibc-2.3.4.20041102-r1, 2.6.11-gentoo-r3 i686)
=================================================================
System uname: 2.6.11-gentoo-r3 i686 Intel(R) Pentium(R) 4 CPU 3.00GHz
Gentoo Base System version 1.4.16
Python: dev-lang/python-2.3.5 [2.3.5 (#1, May 14 2005, 01:32:52)]
dev-lang/python: 2.3.5
sys-apps/sandbox: [Not Present]
sys-devel/autoconf: 2.13, 2.59-r6
sys-devel/automake: 1.5, 1.8.5-r3, 1.7.9-r1, 1.6.3, 1.4_p6, 1.9.5
sys-devel/binutils: 2.15.92.0.2-r7
sys-devel/libtool: 1.5.16
virtual/os-headers: 2.6.8.1-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O2 -march=pentium4 -fforce-addr -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O2 -march=pentium4 -fforce-addr -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs autoconfig ccache distlocks sandbox strict"
GENTOO_MIRRORS="http://gentoo.blueyonder.co.uk/"
MAKEOPTS="-j2"
PKGDIR="/usr/portage//packages/x86/"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage/"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 berkdb crypt hardened mmx ncurses pam perl pic python readline snmp ssl tcpd xml userland_GNU kernel_linux elibc_glibc"
Unset: ASFLAGS, CBUILD, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY
|
Hope this helps.
Cheers,
Jon.
_________________
matrix# reload
Proceed with reload? [confirm]
Connection closed by foreign host. |
|
| Back to top |
|
|
xanthein
n00b
Joined: 11 Apr 2004
Posts: 13
Location: London, UK
|
| Posted: Sat May 14, 2005 4:25 pm Post subject: |
|
|
Just found this: https://bugs.gentoo.org/show_bug.cgi?id=76082
Looks like a similar problem with klibc. Will test and report back...
J.
_________________
matrix# reload
Proceed with reload? [confirm]
Connection closed by foreign host. |
|
| Back to top |
|
|
yannickm
n00b
Joined: 14 May 2005
Posts: 8
|
| Posted: Sat May 14, 2005 6:12 pm Post subject: |
|
|
Yes it indeed seems to be.
I compiled the kernel manually, and installed it, without using a initrd, and it seems to work |
|
| Back to top |
|
|
xanthein
n00b
Joined: 11 Apr 2004
Posts: 13
Location: London, UK
|
| Posted: Sat May 14, 2005 11:23 pm Post subject: |
|
|
Well I patched the file in the genkenel udev tar.bz2 and rezipped it, and sure enough it compiles. I've since ran into problems with trying to mount the root FS on booting, but due to time constraints I've switched back to a standard gentoo build and will have to re-examine using hardened later
J.
_________________
matrix# reload
Proceed with reload? [confirm]
Connection closed by foreign host. |
|
| Back to top |
|
|
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1497
Location: Oxfordshire, UK
|
| Posted: Sat Jun 04, 2005 6:09 pm Post subject: |
|
|
If you having the same problem as me, your unable to mount the root filesystem may be due to PAX killing udev.
Last edited by richard.scott on Thu Jul 07, 2005 8:04 pm; edited 1 time in total |
|
| Back to top |
|
|
Lightspeed
n00b
Joined: 21 Feb 2003
Posts: 57
Location: UK
|
| Posted: Thu Jul 07, 2005 4:26 pm Post subject: |
|
|
I am also experiencing the problem of udev being killed during the boot process (presumably by PaX).
Rather than resorting to devfs I have found that simply altering the grub entry so that the genkernel-created initrd is no longer used solves the issue.
Of course this now means I no longer have some of the hardware autodetection features that would have been provided by the initrd, but the system in question didn't actually need that in the first place, so I am not too concerned.
But basically, this does seem to be a conflict arising between using PaX with a udev enabled genkernel created kernel that uses an initrd. |
|
| Back to top |
|
|
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1497
Location: Oxfordshire, UK
|
| Posted: Thu Jul 07, 2005 8:05 pm Post subject: |
|
|
I will try again tomorrow at work and then submit a bug report if I can't get genkernel to work with the initrd and PAX/GRSecurity etc.
Any tips on what to try from anyone regarding this would be good  |
|
| Back to top |
|
|
|
Installing Gentoo
