Ok, but this does not solve the gcc switch bug... ;) Either I will have to wait for next hardened-gentoo kernel release and aufs3 ebuild mantainer to turn off constification, a no_const patch for fsnotify_backend.c or a wise (how?) use of fsnotify struct by Okajima.
In any case developer work when if this switch would work it woud not be needed. PS: for the no_const patch found this for aufs3 on PLD Linux: http://cvs.pld-linux.org/cgi-bin/viewvc.cgi/cvs/packages/kernel/kernel-aufs2-no-const-grsec.patch?revision=1.6&view=markup 2012/1/3 <pagee...@freemail.hu>: > On 3 Jan 2012 at 18:34, Andrea Zuccherelli wrote: > >> hfsnotify.c:208:2: error: assignment of read-only member 'br_hfsn_ops' >> >> I found this to be caused by grsecurity constify_plugin. >> So i tried to disable it using >> '-fplugin-arg-constify_plugin-no-constify' switch. > > newer kernels have CONFIG_PAX_CONSTIFY_PLUGIN that let you control > constification ;). > > also gentoo already carries a (now seemingly incomplete) fix but it > was written for the old (manual) ways of doing ops constification, > with the gcc plugin approach i think it'd be enough to use the special > noconst types (say, file_operations_no_const) in aufs. > ------------------------------------------------------------------------------ Write once. Port to many. Get the SDK and tools to simplify cross-platform app development. Create new or port existing apps to sell to consumers worldwide. Explore the Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev
