HardenedBSD-13 - kernel doesn't compile

13 views
Skip to first unread message

Paul Arakelyan

unread,
Jun 1, 2022, 1:47:42 PMJun 1
to HardenedBSD Users
The error was:
/usr/src/sys/net/if.c:2417:9: error: use of undeclared identifier 'ifindex_table'
(git pull the next day had it fixed)

git status
On branch hardened/13-stable/master
Your branch is up to date with 'origin/hardened/13-stable/master'.
 
HARDENEDBSD-MINIMAL fails to 'make depend' (obsolete option?)
GENERIC doesn't compile - maybe, it's supposed to but I didn't see notes on that (maybe, patch GENERIC with a line "don't try on -hardened")

I wonder - does anybody ensure the master branch is in a compilable state? With all of modern CI/CD - should be easy to implement some checks and have an "at least it compiles" branch

Another "funny" case is when certain kernel options depend on presense of the other kernel options - like dependency on iflib/scbus&da, yet nothing changed since 1997 when I've configured and compiled my first kernel.

Also, is there a way to register at git.hardenedbsd.org? Or who is eligible for that?

Shawn Webb

unread,
Jun 1, 2022, 1:53:49 PMJun 1
to Paul Arakelyan, HardenedBSD Users
On Wed, Jun 01, 2022 at 10:47:42AM -0700, Paul Arakelyan wrote:
> The error was:
> /usr/src/sys/net/if.c:2417:9: error: use of undeclared identifier
> 'ifindex_table'
> (git pull the next day had it fixed)

I have a set of changes to unify the core bits of HardenedBSD's kernel
configuration options and have all the other kernel configs depend on
that. I plan to push those changes within the next week. It's possible
that the HARDENEDBSD-MINIMAL kernel config is just stale.

>
> git status
> On branch hardened/13-stable/master
> Your branch is up to date with 'origin/hardened/13-stable/master'.
>
> HARDENEDBSD-MINIMAL fails to 'make depend' (obsolete option?)
> GENERIC doesn't compile - maybe, it's supposed to but I didn't see notes on
> that (maybe, patch GENERIC with a line "don't try on -hardened")
>
> I wonder - does anybody ensure the master branch is in a compilable state?
> With all of modern CI/CD - should be easy to implement some checks and have
> an "at least it compiles" branch

We have an automated nightly build server, but that only builds for
the HARDENEDBSD kernel on supported architectures. Providing automated
builds for other kernels on supported architectures would require
additional hardware (which would require additional funding.)

>
> Another "funny" case is when certain kernel options depend on presense of
> the other kernel options - like dependency on iflib/scbus&da, yet nothing
> changed since 1997 when I've configured and compiled my first kernel.
>
> Also, is there a way to register at git.hardenedbsd.org? Or who is eligible
> for that?

If you visit https://git.hardenedbsd.org/ you will see a "Sign in /
Register" button on the top-right side. You can click that to register
a new account. After registering, the site will display a message to
email netops@ to have your newly-registered account activated.

Thanks,

--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD

https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
signature.asc
Reply all
Reply to author
Forward
0 new messages