[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: kernel 4.14.15 compilation using GCC 8 in unstable.......

On 26/01/2018 19:35, Michael Fothergill wrote:

On 25 January 2018 at 23:28, Michael Lange <klappnase@freenet.de> wrote:


Hi,

On Thu, 25 Jan 2018 22:23:38 +0000
Michael Fothergill <michael.fothergill@gmail.com> wrote:


Dear All,

I am continuing the discussion of the kernel 4.14.15 compilation in the
Question on CVE-2017-5754 on Debian 8.9 post in a new post.

The reason I am running with this kernel and not the 4.15.0 rc9 kernel
that is now available on kernel.org is that:

1. It is stable

2. I have never tried to compile a kernel in Debian before and want to
make it a bit easier for me the first time would try.

3.  kernel 4.14.15 does have the KPTI and retpoline patches in it, so
it is a fair candidate for the GCC8 compiler to produce a kernel that
the patch checker could confirm has these meltdown and spectre fixes
are properly set up and active.


Ok, my advice if you don't want to give up yet :-)

Don't try to force the use of gcc-8 until you know that everything runs
properly with the default compiler.

Maybe you should follow the advice from the previously posted error
message:

"make[2]: Entering directory '/usr/src/linux-4.14.15'
Makefile:942: *** "Cannot generate ORC metadata for CONFIG_UNWINDER_ORC=y,
please install libelf-dev, libelf-devel or elfutils-libelf-devel".  Stop."
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^



​Many thanks.  I can think of some things that might help a bit here.

1. I could try out the ​
  gcc-help@gcc.gnu.org
​mailing list for suggestions on how to proceed here.​ They might know
which elf packages was important here etc.

2.  I could check the dependencies on the experimental page for the
compiler and see if the elf libraries are listed in it and then pick the
right one and install it.

3.  I could be cheered by the fact that gentoo has just made a basic build
file for gcc 7.3: (https://packages.gentoo.org/packages/sys-devel/gcc) - an
advert for gentoo I would say.

Regards

MF





(Ignore the messages about the debian directory.)
If similar messages as the above appear again, try to figure out what
needs to be additionally installed (some *-dev packages might still be
missing).

Once you get past the first few minutes of the procedure when using the
default compiler and you see how one module after the other is compiled,
hit Ctrl-C, do "make mrproper" and start over again with gcc-8.

This is just my 2¢, but I believe "debugging" one thing at a time is the
more promising approach here.

Good luck (and for now good night :)

Michael


.-.. .. ...- .   .-.. --- -. --.   .- -. -..   .--. .-. --- ... .--. . .-.

Virtue is a relative term.
                 -- Spock, "Friday's Child", stardate 3499.1






Hi, sorry to jump into the thread this late, I didn't follow the beginning.
You can save yourself quite a bit of hassle by downloading the upstream up-to-date vanilla kernel 4.15-rc9 and compile that with Unstable gcc-7. All you need is there already and you will get as good a mitigation for Spectre as one can get right now. After configuration you can use the build target "make bindeb-pkg" or use the "make-kpkg" command from kernel-package (to be installed and configured, the doc will guide you). Also you need basic build environment, and "libelf-dev" if you choose the ORC unwinder. For the build environment look at kernel-package dependencies.
If you want to stay mainly in Testing but cherry pick Unstable packages (and benefit from apt/aptitude dependencies resolution) you can look into apt-pinning, giving Unstable package a priority of 101 should do the trick, something like: 

Package: *
Pin: release a=unstable
Pin-Priority: 101

in /etc/apt/preferences, coupled with:

APT::Default-Release "buster";

in /etc/apt/apt.conf
I would not pull critical packages from experimental unless it is absolutely necessary, dragons are lurking in there. 

Hope it helps.
Reply to: