Failing to build manjaro kernel

isXander · 1 September 2021 10:58

~/Code/Linux514 master*
$ makepkg -s
==> Making package: linux514 5.14.0-0 (Wed 01 Sep 2021 11:49:57 BST)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found linux-5.14.tar.xz
  -> Found config
  -> Found config.anbox
  -> Found 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-CLONE_NEWUSER.patch
  -> Found 0002-HID-quirks-Add-Apple-Magic-Trackpad-2-to-hid_have_special_driver-list.patch
  -> Found 0101-i2c-nuvoton-nc677x-hwmon-driver.patch
  -> Found 0102-iomap-iomap_bmap-should-accept-unwritten-maps.patch
  -> Found 0104-revert-xhci-Add-support-for-Renesas-controller-with-memory.patch
  -> Found 0107-quirk-kernel-org-bug-210681-firmware_rome_error.patch
  -> Found 0302-lenovo-wmi2.patch
  -> Found 0401-revert-fbcon-remove-now-unusued-softback_lines-cursor-argument.patch
  -> Found 0402-revert-fbcon-remove-no-op-fbcon_set_origin.patch
  -> Found 0403-revert-fbcon-remove-soft-scrollback-code.patch
  -> Found 0501-bootsplash.patch
  -> Found 0502-bootsplash.patch
  -> Found 0503-bootsplash.patch
  -> Found 0504-bootsplash.patch
  -> Found 0505-bootsplash.patch
  -> Found 0506-bootsplash.patch
  -> Found 0507-bootsplash.patch
  -> Found 0508-bootsplash.patch
  -> Found 0509-bootsplash.patch
  -> Found 0510-bootsplash.patch
  -> Found 0511-bootsplash.patch
  -> Found 0512-bootsplash.patch
  -> Found 0513-bootsplash.gitpatch
  -> Found 0600-iwlwifi-xander.patch
==> Validating source files with sha256sums...
    linux-5.14.tar.xz ... Passed
    config ... Passed
    config.anbox ... Passed
    0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-CLONE_NEWUSER.patch ... Passed
    0002-HID-quirks-Add-Apple-Magic-Trackpad-2-to-hid_have_special_driver-list.patch ... Passed
    0101-i2c-nuvoton-nc677x-hwmon-driver.patch ... Passed
    0102-iomap-iomap_bmap-should-accept-unwritten-maps.patch ... Passed
    0104-revert-xhci-Add-support-for-Renesas-controller-with-memory.patch ... Passed
    0107-quirk-kernel-org-bug-210681-firmware_rome_error.patch ... Passed
    0302-lenovo-wmi2.patch ... Passed
    0401-revert-fbcon-remove-now-unusued-softback_lines-cursor-argument.patch ... Passed
    0402-revert-fbcon-remove-no-op-fbcon_set_origin.patch ... Passed
    0403-revert-fbcon-remove-soft-scrollback-code.patch ... Passed
    0501-bootsplash.patch ... Passed
    0502-bootsplash.patch ... Passed
    0503-bootsplash.patch ... Passed
    0504-bootsplash.patch ... Passed
    0505-bootsplash.patch ... Passed
    0506-bootsplash.patch ... Passed
    0507-bootsplash.patch ... Passed
    0508-bootsplash.patch ... Passed
    0509-bootsplash.patch ... Passed
    0510-bootsplash.patch ... Passed
    0511-bootsplash.patch ... Passed
    0512-bootsplash.patch ... Passed
    0513-bootsplash.gitpatch ... Passed
    0600-iwlwifi-xander.patch ... Passed
==> Extracting sources...
  -> Extracting linux-5.14.tar.xz with bsdtar
==> Starting prepare()...
  -> Applying patch: 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-CLONE_NEWUSER.patch...
patching file include/linux/sysctl.h
patching file init/Kconfig
Hunk #1 succeeded at 1198 (offset 107 lines).
patching file kernel/fork.c
Hunk #1 succeeded at 108 (offset 2 lines).
Hunk #2 succeeded at 1881 (offset 88 lines).
Hunk #3 succeeded at 2989 (offset 161 lines).
patching file kernel/sysctl.c
Hunk #1 succeeded at 1908 (offset 1363 lines).
patching file kernel/user_namespace.c
  -> Applying patch: 0002-HID-quirks-Add-Apple-Magic-Trackpad-2-to-hid_have_special_driver-list.patch...
patching file drivers/hid/hid-quirks.c
Hunk #1 succeeded at 481 (offset 3 lines).
  -> Applying patch: 0101-i2c-nuvoton-nc677x-hwmon-driver.patch...
patching file drivers/i2c/busses/Kconfig
Hunk #1 succeeded at 219 (offset 2 lines).
patching file drivers/i2c/busses/Makefile
The next patch would create the file drivers/i2c/busses/i2c-nct6775.c,
which already exists!  Skipping patch.
1 out of 1 hunk ignored
patching file drivers/i2c/busses/i2c-piix4.c
==> ERROR: A failure occurred in prepare().
    Aborting...

Strit · 1 September 2021 11:20

Either you didn’t clean the build folders pkg/ and src/ in the PKGBUILD’s folder, or one of the patches no longer works.

isXander · 1 September 2021 11:20

What do you mean clean the build folders? Is that a command?

Strit · 1 September 2021 11:22

I mean, after a failed build, the build folders (src/ and pkg/) will still be present, containing the already patched files. So applying patches again can fail because it sees it as already existing.

To clean those out, run this command from the folder containing the PKGBUILD.

sudo rm -rf src/ pkg/

After that, you should be able to build it, if all the patches work.

DAC324 · 3 September 2021 14:58

makepkg -Cf will also do the job as it cleans the src dir before starting to build the package.

But in case of the 5.14 kernel package, the fun begins afterwards
For good reasons, in kernel 5.14, CONFIG_FORTIFY_SOURCE has been enabled.
This performs a few basic checks for possible buffer overflows for memset(), memmove() or memcpy() calls.

Unfortunately, these checks are indeed very basic:

__FORTIFY_INLINE void *memset(void *p, int c, __kernel_size_t size)
{
	size_t p_size = __builtin_object_size(p, 0);
	if (__builtin_constant_p(size) && p_size < size)
		__write_overflow();
	if (p_size < size)
		fortify_panic(__func__);
	return __builtin_memset(p, c, size);
}

__FORTIFY_INLINE void *memcpy(void *p, const void *q, __kernel_size_t size)
{
	size_t p_size = __builtin_object_size(p, 0);
	size_t q_size = __builtin_object_size(q, 0);
	if (__builtin_constant_p(size)) {
		if (p_size < size)
			__write_overflow();
		if (q_size < size)
			__read_overflow2();
	}
	if (p_size < size || q_size < size)
		fortify_panic(__func__);
	return __builtin_memcpy(p, q, size);
}

__FORTIFY_INLINE void *memmove(void *p, const void *q, __kernel_size_t size)
{
	size_t p_size = __builtin_object_size(p, 0);
	size_t q_size = __builtin_object_size(q, 0);
	if (__builtin_constant_p(size)) {
		if (p_size < size)
			__write_overflow();
		if (q_size < size)
			__read_overflow2();
	}
	if (p_size < size || q_size < size)
		fortify_panic(__func__);
	return __builtin_memmove(p, q, size);

If I understand correctly, this checks the object sizes for the first parameter passed to memset(), memmove() or memcpy(), against the amount of bytes to be handled by the commands.

Unfortunately, if you have a call like

MyObject op;
memset(&op, 0, sizeof(MyObject));

the buffer overflow protection will be triggered (i.e., compiling stops) because here, sizeof(&op) is compared to sizeof(MyObject).
In other words, the check compares the size of the pointer to MyObject with MyObject's real size, which, of course, fails.

Unfortunately, I am currently not aware on how to handle this situation, hence, the only option will be

CONFIG_FORTIFY_SOURCE=n

which is, of course, not optimal from a security perspective.

system · 6 September 2021 04:59

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.