[OpenAFS] Compilation problems

Benjamin Kaduk kaduk@MIT.EDU
Sun, 22 Feb 2015 16:32:50 -0500 (EST) 

On Sun, 22 Feb 2015, Kenan Avdic wrote:

> Hi Ben, thanks for looking into this.
>
> Here's the full invocation for the error:
>   gcc -Wp,-MD,/home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/.rand-fortuna-kernel.o.d
>  -nostdinc -isystem /usr/lib/gcc/x86_64-pc-linux-gnu/4.8.3/include
> -I/usr/src/linux-3.2.65-hardened-r2/arch/x86/include
> -Iarch/x86/include/generated -Iinclude  -include
> /usr/src/linux-3.2.65-hardened-r2/include/linux/kconfig.h -D__KERNEL__
> -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing
> -fno-common -Werror-implicit-function-declaration -Wno-format-security
> -fno-delete-null-pointer-checks -O2 --param=allow-store-data-races=0
> -m64 -mtune=generic -mno-red-zone -mcmodel=kernel -funit-at-a-time
> -maccumulate-outgoing-args -ffreestanding -DCONFIG_AS_CFI=1
> -DCONFIG_AS_CFI_SIGNAL_FRAME=1 -DCONFIG_AS_CFI_SECTIONS=1
> -DCONFIG_AS_FXSAVEQ=1 -pipe -Wno-sign-compare
> -fno-asynchronous-unwind-tables -mno-sse -mno-mmx -mno-sse2 -mno-3dnow
> -Wframe-larger-than=2048 -fno-stack-protector
> -Wno-unused-but-set-variable -fomit-frame-pointer
> -fno-var-tracking-assignments -Wdeclaration-after-statement
> -Wno-pointer-sign -fno-strict-overflow -fconserve-stack
> -DCC_HAVE_ASM_GOTO
> -fplugin=/usr/src/linux-3.2.65-hardened-r2/tools/gcc/stackleak_plugin.so
> -DSTACKLEAK_PLUGIN -fplugin-arg-stackleak_plugin-track-lowest-sp=100
> -fplugin=/usr/src/linux-3.2.65-hardened-r2/tools/gcc/kernexec_plugin.so
> -fplugin-arg-kernexec_plugin-method="or" -DKERNEXEC_PLUGIN
> -fplugin=/usr/src/linux-3.2.65-hardened-r2/tools/gcc/colorize_plugin.so
> -fplugin=/usr/src/linux-3.2.65-hardened-r2/tools/gcc/size_overflow_plugin/size_overflow_plugin.so
> -DSIZE_OVERFLOW_PLUGIN
> -fplugin=/usr/src/linux-3.2.65-hardened-r2/tools/gcc/latent_entropy_plugin.so
> -DLATENT_ENTROPY_PLUGIN
> -fplugin=/usr/src/linux-3.2.65-hardened-r2/tools/gcc/randomize_layout_plugin.so

Quoting from
http://www.grsecurity.net/~spender/randomize_layout_plugin.patch:

+config GRKERNSEC_RANDSTRUCT
+	bool "Randomize layout of sensitive kernel structures"
+	help
+	  If you say Y here, the layouts of a number of sensitive kernel
+	  structures (task, fs, cred, etc) and all structures composed entirely
+	  of function pointers (aka "ops" structs) will be randomized at compile-time.
+	  This can introduce the requirement of an additional infoleak
+	  vulnerability for exploits targeting these structure types.
+
+	  Enabling this feature will introduce some performance impact, slightly
+	  increase memory usage, and prevent the use of forensic tools like
+	  Volatility against the system (unless the kernel source tree isn't
+	  cleaned after kernel installation).
+
+	  The seed used for compilation is located at tools/gcc/randstruct.seed.
+	  It remains after a make clean to allow for external modules to be compiled
+	  with the existing seed and will be removed by a make mrproper or
+	  make distclean.


I suspect that the struct layout randomization code is triggering on the
RAND_METHOD structure (see, e.g., is_pure_ops_struct() on the linked
patch), and the use of an ordered initializer is incompatible with the
layout randomization.  The bulk of the linked patch is converting struct
initializers to the C99 .member syntax, which is compatible with the
random layout.  OpenAFS cannot switch to that C99 syntax because it is not
fully supported on all the platforms OpenAFS attempts to support.  (This
code is actually code imported from Heimdal, anyway, so Heimdal would need
to make the change first.)

I guess the obvious thing for you to do is configure the kernel without
GRKERNSEC_RANDSTRUCT.

-Ben



> -DRANDSTRUCT_PLUGIN
> -fplugin-arg-randomize_layout_plugin-performance-mode -D__KERNEL__
> -DKERNEL -D_KERNEL -DMODULE
> -I/home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/.
> -I/home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/../
> -I/home/xyko/openafs/openafs-git/src/config
> -I/home/xyko/openafs/openafs-git/src/rx
> -I/home/xyko/openafs/openafs-git/src/rxstat
> -I/home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/.
> -I/home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/..
> -I/home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/../nfs
> -I/home/xyko/openafs/openafs-git/src/crypto/hcrypto/kernel
> -I/home/xyko/openafs/openafs-git/src
> -I/home/xyko/openafs/openafs-git/src/afs
> -I/home/xyko/openafs/openafs-git/src/afs/LINUX
> -I/home/xyko/openafs/openafs-git/src/config
> -I/home/xyko/openafs/openafs-git/src/rx/LINUX
> -I/home/xyko/openafs/openafs-git/src/external/heimdal
> -I/home/xyko/openafs/openafs-git/src
> -I/home/xyko/openafs/openafs-git/src/afs
> -I/home/xyko/openafs/openafs-git/src/afs/LINUX
> -I/home/xyko/openafs/openafs-git/src/config
> -I/home/xyko/openafs/openafs-git/src/fsint
> -I/home/xyko/openafs/openafs-git/src/vlserver
> -I/home/xyko/openafs/openafs-git/src/auth
> -I/home/xyko/openafs/openafs-git/include
> -I/home/xyko/openafs/openafs-git/include/afs
> -I/home/xyko/openafs/openafs-git/src/external/heimdal/hcrypto
> -DMODULE  -D"KBUILD_STR(s)=#s"
> -D"KBUILD_BASENAME=KBUILD_STR(rand_fortuna_kernel)"  -c -o
> /home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/.tmp_rand-fortuna-kernel.o
> /home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/rand-fortuna-kernel.c
> /home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/rand-fortuna-kernel.c:643:5:
> error: invalid initializer
>      fortuna_seed,
>
> /Kenan
>
> On 20 February 2015 at 22:27, Benjamin Kaduk <kaduk@mit.edu> wrote:
> > On Thu, 19 Feb 2015, Kenan Avdic wrote:
> >
> >> Hi,
> >>
> >> I'm having some strange problems compiling openafs from git master. I
> >> am on gentoo hardened, kernel 3.2.65 and gcc 4.8.3 hardened.
> >>
> >> Compilation of the kernel module fails with:
> >> Building in directory: MODLOAD-3.2.65-hardened-r2-MP
> >> make[4]: Entering directory
> >> '/home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP'
> >> env EXTRA_CFLAGS=""
> >> /home/xyko/openafs/openafs-git/src/libafs/make_kbuild_makefile.pl
> >> MODLOAD-3.2.65-hardened-r2-MP libafs.ko
> >> /home/xyko/openafs/openafs-git/src/config/Makefile.config Makefile.afs
> >> Makefile.common
> >> ( env EXTRA_CFLAGS="" \
> >>         make -C /lib/modules/3.2.65-hardened-r2/build
> >> M=/home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP
> >> modules 2>&1 \
> >>         || echo "FAILURE: make exit code $?" ) | tee .makelog
> >> make[5]: Entering directory '/usr/src/linux-3.2.65-hardened-r2'
> >>   CC [M]  /home/xyko/openafs/openafs-git/src/libafs/MODLOAD-3.2.65-hardened-r2-MP/rand-fortuna-kernel.o
> >
> > Can you get the full compiler invocation (i.e., V=0 or similar)?
> >
> > I do not see anything obviously out of place, either.
> > (I do note that clang's error messages tend to be a bit more helpful than
> > gcc's, but maybe clang would not error out here, either.)
> >
> > -Ben Kaduk
>
>
>
> --
> Kenan Avdic, M.Sc          Most people would sooner die than think;
> kavdic@gmail.com             in fact, they do so. /Russell
>