compiling linux kernel 2.4.20 with grsec

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

compiling linux kernel 2.4.20 with grsec

Postby Incognito » Sat May 10, 2003 7:58 pm

Hi, I am trying to recompile 2.4.20 kernel with the grsec patch. I am having problems making the bzImage.

It gives me these errors, they aren't all the errors related to grsec because its too much for one message.

net/network.o: In function `inet_ioctl':
net/network.o(.text+0x4188a): undefined reference to `gr_is_capable'
net/network.o: In function `igmp_send_report':
net/network.o(.text+0x42b48): undefined reference to `grsec_enable_randid'
net/network.o(.text+0x42c54): undefined reference to `ip_randomid'
net/network.o: In function `ip_rt_ioctl':
net/network.o(.text+0x43638): undefined reference to `gr_is_capable'
net/network.o: In function `ipip_tunnel_xmit':
net/network.o(.text+0x48630): undefined reference to `grsec_enable_randid'
net/network.o(.text+0x486d8): undefined reference to `ip_randomid'
net/network.o: In function `ipip_tunnel_ioctl':
net/network.o(.text+0x48a88): undefined reference to `gr_is_capable'
net/network.o(.text+0x48b48): undefined reference to `gr_is_capable'
net/network.o: In function `do_ipt_set_ctl':
net/network.o(.text+0x4e518): undefined reference to `gr_is_capable'
net/network.o: In function `do_ipt_get_ctl':
net/network.o(.text+0x4e788): undefined reference to `gr_is_capable'
net/network.o: In function `unix_bind':
net/network.o(.text+0x51cd4): undefined reference to `gr_acl_handle_mknod'
net/network.o(.text+0x51d62): undefined reference to `gr_handle_create'
net/network.o: In function `unix_find_other':
net/network.o(.text+0x5413d): undefined reference to `gr_handle_chroot_unix'
net/network.o(.text+0x541f4): undefined reference to `gr_acl_handle_unix'
net/network.o: In function `packet_create':
net/network.o(.text+0x56938): undefined reference to `gr_is_capable'
net/network.o: In function `packet_ioctl':
net/network.o(.text+0x57186): undefined reference to `gr_is_capable'
init/main.o: In function `init':
init/main.o(.text+0x88): undefined reference to `grsecurity_init

Does anyone know why? I have compiled grsec before with 2.4.20 kernel many times and I have my suspicious on some of the compiler optimization options.

Does anyone know which compiler options it doesn't work with?
Incognito
 
Posts: 11
Joined: Sat May 10, 2003 7:53 pm

Re: compiling linux kernel 2.4.20 with grsec

Postby hightower » Mon May 12, 2003 7:28 am

Hi Incognito,

Incognito wrote:Hi, I am trying to recompile 2.4.20 kernel with the grsec patch. I am having problems making the bzImage.

What grsec version?

Incognito wrote:It gives me these errors, they aren't all the errors related to grsec because its too much for one message.

net/network.o: In function `inet_ioctl':
net/network.o(.text+0x4188a): undefined reference to `gr_is_capable'
net/network.o: In function `igmp_send_report':
net/network.o(.text+0x42b48): undefined reference to `grsec_enable_randid'
net/network.o(.text+0x42c54): undefined reference to `ip_randomid'
net/network.o: In function `ip_rt_ioctl':
net/network.o(.text+0x43638): undefined reference to `gr_is_capable'
net/network.o: In function `ipip_tunnel_xmit':
net/network.o(.text+0x48630): undefined reference to `grsec_enable_randid'
net/network.o(.text+0x486d8): undefined reference to `ip_randomid'
net/network.o: In function `ipip_tunnel_ioctl':
net/network.o(.text+0x48a88): undefined reference to `gr_is_capable'
net/network.o(.text+0x48b48): undefined reference to `gr_is_capable'
net/network.o: In function `do_ipt_set_ctl':
net/network.o(.text+0x4e518): undefined reference to `gr_is_capable'
net/network.o: In function `do_ipt_get_ctl':
net/network.o(.text+0x4e788): undefined reference to `gr_is_capable'
net/network.o: In function `unix_bind':
net/network.o(.text+0x51cd4): undefined reference to `gr_acl_handle_mknod'
net/network.o(.text+0x51d62): undefined reference to `gr_handle_create'
net/network.o: In function `unix_find_other':
net/network.o(.text+0x5413d): undefined reference to `gr_handle_chroot_unix'
net/network.o(.text+0x541f4): undefined reference to `gr_acl_handle_unix'
net/network.o: In function `packet_create':
net/network.o(.text+0x56938): undefined reference to `gr_is_capable'
net/network.o: In function `packet_ioctl':
net/network.o(.text+0x57186): undefined reference to `gr_is_capable'
init/main.o: In function `init':
init/main.o(.text+0x88): undefined reference to `grsecurity_init

looks very unusual.

Incognito wrote:Does anyone know why? I have compiled grsec before with 2.4.20 kernel many times and I have my suspicious on some of the compiler optimization options.

Well, I think no one knows why because you are missing some important informations about your environment.

1. What grsec version?
2. What compiler?
3. What grsec options?
4. where is your .config?

Incognito wrote:Does anyone know which compiler options it doesn't work with?

5. _what_ compiler optimizations? Tell us your optimizations you've choosen!

ciao, Marc
hightower
 
Posts: 49
Joined: Wed Mar 06, 2002 11:36 am

Postby Incognito » Mon May 12, 2003 6:42 pm

Thanks for the reply but apparently compiling the kernel with gcc optimizations doesn't work too well. I was using -O3 loop-unrolling, omit-frame-points and -mfpmath=sse -msse. I decided to use gcc 2.96 redhat release and just compile with the gcc flags in the original Makefile.
Incognito
 
Posts: 11
Joined: Sat May 10, 2003 7:53 pm


Return to grsecurity support

cron