ttact 1 Posted May 10 Share Posted May 10 (edited) Environment: ESET Server security for Linux version 10.2.41.0 RHEL version 9.4 SecureBoot: enabled Problems: A compilation error occurs in the execution of script /opt/eset/efs/lib/install_scripts/sign_modules.sh. After upgrading RHEL from 9.3 to 9.4 in an environment with ESET installed, the OS froze while booting. (Update: This phenomenon was not reproduced.) Is there any way to address these issues? Details of the problem 1 (Compile Error): The steps to reproduce the problem are as follows: Install RHEL 9.4 from DVD .iso image (In “base environment”, select “Minumal install). '$ subscription-manager register ....' '$ dnf -y upgrade' Install Server security for Linux ('$ ./efs.x86_64.bin') reboot '$ /opt/eset/efs/lib/install_scripts/sign_modules.sh' The error message output is as follows: Private & public key has not been given via arguments. Do you want to provide them? (recommended to provide already enrolled keys) [y/n] n Do you want to generate new keys? [y/n] y ....+.........+......+....+...+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.+...+...+...+..+.........+...+.............+...+.................+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.................+.......+........+.......+......+...+..+...+.........................+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .+.......+......+...+..+...+....+........+...............+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.....+....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+......+.........+..........+......+...........+....+..................+...+.................+...+............+......+.+.....+.+.....+.......+.....+...+.........+...+.....................+.......+..+......+................+...+..+.+..+.......+.....+....+..+.............+..+....+..............+.+......+.....+..................+.........+.+......+.....+.+.....+....+..............+.........+...+.......+...........+..........+......+.....+..........+.....+...+.......+.....+.........+....+...+.....+.........+......+.......+............+......+..+.+..+....+.....................+...+..+...+......+...+.......+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ----- New keys have been generated. Compiling kernel module in /lib/modules/5.14.0-427.16.1.el9_4.x86_64 In file included from ./include/linux/linkage.h:7, from ./include/linux/kernel.h:8, from ./include/linux/list.h:9, from ./include/linux/key.h:14, from ./include/linux/cred.h:13, from /var/opt/eset/efs/eventd/eset_rtp/ertp.h:24, from /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:21: /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c: In function ‘ertp_dev_init’: ./include/linux/export.h:17:22: error: passing argument 1 of ‘class_create’ from incompatible pointer type [-Werror=incompatible-pointer-types] 17 | #define THIS_MODULE (&__this_module) | ~^~~~~~~~~~~~~~~ | | | struct module * /var/opt/eset/efs/eventd/eset_rtp/ertp.h:90:46: note: in expansion of macro ‘THIS_MODULE’ 90 | #define ertp_class_create(name) class_create(THIS_MODULE, name) | ^~~~~~~~~~~ /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:459:16: note: in expansion of macro ‘ertp_class_create’ 459 | ertp_class = ertp_class_create(ESET_RTP); | ^~~~~~~~~~~~~~~~~ In file included from ./include/linux/device.h:31, from /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:30: ./include/linux/device/class.h:230:54: note: expected ‘const char *’ but argument is of type ‘struct module *’ 230 | struct class * __must_check class_create(const char *name); | ~~~~~~~~~~~~^~~~ In file included from /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:21: /var/opt/eset/efs/eventd/eset_rtp/ertp.h:90:33: error: too many arguments to function ‘class_create’ 90 | #define ertp_class_create(name) class_create(THIS_MODULE, name) | ^~~~~~~~~~~~ /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:459:16: note: in expansion of macro ‘ertp_class_create’ 459 | ertp_class = ertp_class_create(ESET_RTP); | ^~~~~~~~~~~~~~~~~ In file included from ./include/linux/device.h:31, from /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:30: ./include/linux/device/class.h:230:29: note: declared here 230 | struct class * __must_check class_create(const char *name); | ^~~~~~~~~~~~ cc1: some warnings being treated as errors make[3]: *** [scripts/Makefile.build:299: /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.o] Error 1 make[2]: *** [scripts/Makefile.build:585: /var/opt/eset/efs/eventd/eset_rtp] Error 2 make[1]: *** [Makefile:1934: /var/opt/eset/efs/eventd] Error 2 make: *** [Makefile:35: modules] Error 2 At main.c:298: - SSL error:FFFFFFFF80000002:system library::No such file or directory: crypto/bio/bss_file.c:67 - SSL error:10000080:BIO routines::no such file: crypto/bio/bss_file.c:75 sign-file: /lib/modules/5.14.0-427.16.1.el9_4.x86_64/eset/efs/eset_rtp.ko: No such file or directory Kernel module /lib/modules/5.14.0-427.16.1.el9_4.x86_64/eset/efs/eset_rtp.ko cannot be signed. Please check if /tmp/tmp.O3fugJ7lHP/efs_mok.priv and /tmp/tmp.O3fugJ7lHP/efs_mok.der are valid keys. Details of the problem 2 (froze while booting): The steps to reproduce the problem are as follows: Install RHEL 9.3 from DVD .iso image (In “base environment”, select “Minumal install). '$ subscription-manager register ....' Install Server security for Linux ('$ ./efs.x86_64.bin') reboot '$ /opt/eset/efs/lib/install_scripts/sign_modules.sh' reboot Enroll MOK reboot '$ dnf -y upgrade' reboot The last message displayed at OS startup was as follows: Edited May 10 by ttact Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted May 10 Administrators Share Posted May 10 Please raise a support ticket as further logs will be needed for investigation. Link to comment Share on other sites More sharing options...
Joseph Guay 0 Posted May 14 Share Posted May 14 We have the same problem. The workaround is to stay on kernel version 9.3 to be able to sign modules. RHEL and RockyLinux impacted. Quote ESET Server Security Error: Cannot open file /lib/modules/5.14.0-427.16.1.el9_4.x86_64/eset/efs/eset_rtp.ko: No such file or directory ESET Server Security Error: Cannot open file /lib/modules/5.14.0-427.16.1.el9_4.x86_64/eset/efs/eset_wap.ko: No such file or directory /opt/eset/efs/lib/install_scripts/check_start.sh In file included from ./include/linux/linkage.h:7, from ./include/linux/kernel.h:8, from ./include/linux/list.h:9, from ./include/linux/key.h:14, from ./include/linux/cred.h:13, from /var/opt/eset/efs/eventd/eset_rtp/ertp.h:24, from /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:21: /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c: In function ‘ertp_dev_init’: ./include/linux/export.h:17:22: error: passing argument 1 of ‘class_create’ from incompatible pointer type [-Werror=incompatible-pointer-types] 17 | #define THIS_MODULE (&__this_module) | ~^~~~~~~~~~~~~~~ | | | struct module * /var/opt/eset/efs/eventd/eset_rtp/ertp.h:90:46: note: in expansion of macro ‘THIS_MODULE’ 90 | #define ertp_class_create(name) class_create(THIS_MODULE, name) | ^~~~~~~~~~~ /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:459:16: note: in expansion of macro ‘ertp_class_create’ 459 | ertp_class = ertp_class_create(ESET_RTP); | ^~~~~~~~~~~~~~~~~ In file included from ./include/linux/device.h:31, from /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:30: ./include/linux/device/class.h:230:54: note: expected ‘const char *’ but argument is of type ‘struct module *’ 230 | struct class * __must_check class_create(const char *name); | ~~~~~~~~~~~~^~~~ In file included from /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:21: /var/opt/eset/efs/eventd/eset_rtp/ertp.h:90:33: error: too many arguments to function ‘class_create’ 90 | #define ertp_class_create(name) class_create(THIS_MODULE, name) | ^~~~~~~~~~~~ /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:459:16: note: in expansion of macro ‘ertp_class_create’ 459 | ertp_class = ertp_class_create(ESET_RTP); | ^~~~~~~~~~~~~~~~~ In file included from ./include/linux/device.h:31, from /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.c:30: ./include/linux/device/class.h:230:29: note: declared here 230 | struct class * __must_check class_create(const char *name); | ^~~~~~~~~~~~ cc1: some warnings being treated as errors make[3]: *** [scripts/Makefile.build:299: /var/opt/eset/efs/eventd/eset_rtp/ertp_dev.o] Error 1 make[2]: *** [scripts/Makefile.build:585: /var/opt/eset/efs/eventd/eset_rtp] Error 2 make[1]: *** [Makefile:1934: /var/opt/eset/efs/eventd] Error 2 make: *** [Makefile:35: modules] Error 2 In file included from ./include/linux/linkage.h:7, from ./include/linux/fs.h:5, from /var/opt/eset/efs/ewap/eset_wap/ewap_path.h:24, from /var/opt/eset/efs/ewap/eset_wap/ewap_connect_data.h:25, from /var/opt/eset/efs/ewap/eset_wap/ewap_dev.c:23: /var/opt/eset/efs/ewap/eset_wap/ewap_dev.c: In function ‘ewap_dev_init’: ./include/linux/export.h:17:22: error: passing argument 1 of ‘class_create’ from incompatible pointer type [-Werror=incompatible-pointer-types] 17 | #define THIS_MODULE (&__this_module) | ~^~~~~~~~~~~~~~~ | | | struct module * /var/opt/eset/efs/ewap/eset_wap/ewap_dev.c:63:46: note: in expansion of macro ‘THIS_MODULE’ 63 | #define ewap_class_create(name) class_create(THIS_MODULE, name) | ^~~~~~~~~~~ /var/opt/eset/efs/ewap/eset_wap/ewap_dev.c:181:23: note: in expansion of macro ‘ewap_class_create’ 181 | ewap_device_class = ewap_class_create(EWAP_DEVICE_NAME); | ^~~~~~~~~~~~~~~~~ In file included from ./include/linux/device.h:31, from ./include/linux/dma-mapping.h:8, from ./include/linux/skbuff.h:31, from ./include/net/net_namespace.h:43, from ./include/linux/netdevice.h:38, from ./include/net/sock.h:46, from /var/opt/eset/efs/ewap/eset_wap/ewap_connect_data.h:28, from /var/opt/eset/efs/ewap/eset_wap/ewap_dev.c:23: ./include/linux/device/class.h:230:54: note: expected ‘const char *’ but argument is of type ‘struct module *’ 230 | struct class * __must_check class_create(const char *name); | ~~~~~~~~~~~~^~~~ /var/opt/eset/efs/ewap/eset_wap/ewap_dev.c:63:33: error: too many arguments to function ‘class_create’ 63 | #define ewap_class_create(name) class_create(THIS_MODULE, name) | ^~~~~~~~~~~~ /var/opt/eset/efs/ewap/eset_wap/ewap_dev.c:181:23: note: in expansion of macro ‘ewap_class_create’ 181 | ewap_device_class = ewap_class_create(EWAP_DEVICE_NAME); | ^~~~~~~~~~~~~~~~~ In file included from ./include/linux/device.h:31, from ./include/linux/dma-mapping.h:8, from ./include/linux/skbuff.h:31, from ./include/net/net_namespace.h:43, from ./include/linux/netdevice.h:38, from ./include/net/sock.h:46, from /var/opt/eset/efs/ewap/eset_wap/ewap_connect_data.h:28, from /var/opt/eset/efs/ewap/eset_wap/ewap_dev.c:23: ./include/linux/device/class.h:230:29: note: declared here 230 | struct class * __must_check class_create(const char *name); | ^~~~~~~~~~~~ cc1: some warnings being treated as errors make[3]: *** [scripts/Makefile.build:299: /var/opt/eset/efs/ewap/eset_wap/ewap_dev.o] Error 1 make[2]: *** [scripts/Makefile.build:585: /var/opt/eset/efs/ewap/eset_wap] Error 2 make[1]: *** [Makefile:1934: /var/opt/eset/efs/ewap] Error 2 make: *** [Makefile:31: modules] Error 2 Link to comment Share on other sites More sharing options...
ttact 1 Posted May 14 Author Share Posted May 14 @Joseph Guay I have also tried building with 9.3 and then upgrading to 9.4. If I do so, the real-time scan function will not work. Link to comment Share on other sites More sharing options...
Solution ttact 1 Posted May 24 Author Solution Share Posted May 24 This issue has been resolved in the recently released ver. 10.3.3.0. Peter Randziak 1 Link to comment Share on other sites More sharing options...
Recommended Posts