compilation error with grsecurity patch to Debian kernel
Posted: Tue Jul 02, 2013 8:02 pm
If this post should be elsewhere, please advise. Best I could tell, it appeared to belong here.
I am trying to make use of grsecurity in my Debian kernel on a server. I am not a programmer, but I managed to understand the instructions for patching the kernel by following the well-written procedure given here: http://en.wikibooks.org/wiki/Grsecurity#Installation. I believe all proceeded nicely until the very end, when I encountered two errors (at least it appeared to me to be only two). I had just entered the following command, "fakeroot make deb-pkg", and quite a bit of activity was passing by, apparently successfully, until the end when it stopped finally back at the prompt. These are the last several lines of the output before stopping:
xpressions [-Wsign-compare]
scripts/selinux/genheaders/genheaders.c:129:18: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
HOSTCC scripts/selinux/mdp/mdp
HOSTCC scripts/kallsyms
HOSTCC scripts/conmakehash
CC init/main.o
In file included from init/main.c:40:0:
include/linux/cpuset.h: In function âput_mems_allowedâ:
include/linux/cpuset.h:121:2: error: decrement of read-only location â*(const volatile int *)&get_current()->mems_allowed_change_disableâ
init/main.c: In function âdo_initcallsâ:
init/main.c:779:3: error: implicit declaration of function âadd_device_randomnessâ [-Werror=implicit-fun ction-declaration]
cc1: some warnings being treated as errors
make[3]: *** [init/main.o] Error 1
make[2]: *** [init] Error 2
make[1]: *** [deb-pkg] Error 2
make: *** [deb-pkg] Error 2
----------------------------------------
Not being a programmer, and not having much experience in kernel building, unfortunately, I have no clue as to what can be done about this now. I am not sure whether what I have done so far has affected my system already in any kind of adverse way, but I suppose the next reboot will answer some of that one way or another. Nor am I sure whether I ought to "clean up" what I now have before proceeding. If my system appears to function as it is, then I will just "wait it out" till I hear something back from someone here. The server is not in production mode as yet because I wanted to get these conditions in order first. Otherwise, I will need to completely restore the backup image I had made and loose whatever state it has currently, and possibly regroup with plan B. Please advise. Thanks.
I am trying to make use of grsecurity in my Debian kernel on a server. I am not a programmer, but I managed to understand the instructions for patching the kernel by following the well-written procedure given here: http://en.wikibooks.org/wiki/Grsecurity#Installation. I believe all proceeded nicely until the very end, when I encountered two errors (at least it appeared to me to be only two). I had just entered the following command, "fakeroot make deb-pkg", and quite a bit of activity was passing by, apparently successfully, until the end when it stopped finally back at the prompt. These are the last several lines of the output before stopping:
xpressions [-Wsign-compare]
scripts/selinux/genheaders/genheaders.c:129:18: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
HOSTCC scripts/selinux/mdp/mdp
HOSTCC scripts/kallsyms
HOSTCC scripts/conmakehash
CC init/main.o
In file included from init/main.c:40:0:
include/linux/cpuset.h: In function âput_mems_allowedâ:
include/linux/cpuset.h:121:2: error: decrement of read-only location â*(const volatile int *)&get_current()->mems_allowed_change_disableâ
init/main.c: In function âdo_initcallsâ:
init/main.c:779:3: error: implicit declaration of function âadd_device_randomnessâ [-Werror=implicit-fun ction-declaration]
cc1: some warnings being treated as errors
make[3]: *** [init/main.o] Error 1
make[2]: *** [init] Error 2
make[1]: *** [deb-pkg] Error 2
make: *** [deb-pkg] Error 2
----------------------------------------
Not being a programmer, and not having much experience in kernel building, unfortunately, I have no clue as to what can be done about this now. I am not sure whether what I have done so far has affected my system already in any kind of adverse way, but I suppose the next reboot will answer some of that one way or another. Nor am I sure whether I ought to "clean up" what I now have before proceeding. If my system appears to function as it is, then I will just "wait it out" till I hear something back from someone here. The server is not in production mode as yet because I wanted to get these conditions in order first. Otherwise, I will need to completely restore the backup image I had made and loose whatever state it has currently, and possibly regroup with plan B. Please advise. Thanks.