Re: scripts/selinux build error in 4.14 after glibc update
From: Paul Moore
Date: Tue Apr 23 2019 - 09:43:25 EST
On Tue, Apr 23, 2019 at 9:29 AM Sasha Levin <sashal@xxxxxxxxxx> wrote:
> On Mon, Apr 22, 2019 at 09:59:47PM -0400, Paul Moore wrote:
> >On Mon, Apr 22, 2019 at 5:00 PM Nathan Chancellor
> ><natechancellor@xxxxxxxxx> wrote:
> >> Hi all,
> >>
> >> After a glibc update to 2.29, my 4.14 builds started failing like so:
> >
> >...
> >
> >> HOSTCC scripts/selinux/genheaders/genheaders
> >> In file included from scripts/selinux/genheaders/genheaders.c:19:
> >> ./security/selinux/include/classmap.h:245:2: error: #error New address family defined, please update secclass_map.
> >> #error New address family defined, please update secclass_map.
> >> ^~~~~
> >
> >This is a known problem that has a fix in the selinux/next branch and
> >will be going up to Linus during the next merge window. The fix is
> >quite small and should be relatively easy for you to backport to your
> >kernel build if you are interested; the patch can be found at the
> >archive link below:
> >
> >https://lore.kernel.org/selinux/20190225005528.28371-1-paulo@xxxxxxxx
>
> Why is it waiting for the next merge window? It fixes a build bug that
> people hit.
I place a reasonably high bar on patches that I send up to Linus
outside of the merge window and I didn't feel this patch met that
criteria. Nathan is only the second person I've seen who has
encountered this problem, the first being the original patch author.
As far as I've seen, the problem is only seen by users building older
kernels on very new userspaces (e.g. glibc v2.29 was released in
February 2019, Linux v4.14 was released in 2017); this doesn't appear
to be a large group of people and I didn't want to risk breaking the
main kernel tree during the -rcX phase for such a small group.
--
paul moore
www.paul-moore.com