lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251030-meerjungfrau-getrocknet-7b46eacc215d@brauner>
Date: Thu, 30 Oct 2025 14:23:01 +0100
From: Christian Brauner <brauner@...nel.org>
To: Nathan Chancellor <nathan@...nel.org>, 
	Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Ard Biesheuvel <ardb@...nel.org>, linux-efi@...r.kernel.org, 
	Rasmus Villemoes <linux@...musvillemoes.dk>, Alexander Viro <viro@...iv.linux.org.uk>, 
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, linux-kbuild@...r.kernel.org, 
	David Sterba <dsterba@...e.com>
Subject: fms extension (Was: [PATCH] fs/pipe: stop duplicating union
 pipe_index declaration)

On Wed, Oct 29, 2025 at 04:30:57PM -0700, Nathan Chancellor wrote:
> On Thu, Oct 30, 2025 at 12:13:11AM +0100, Christian Brauner wrote:
> > I'm fine either way. @Nathan, if you just want to give Linus the patch
> > if it's small enough or just want to give me a stable branch I can pull
> > I'll be content. Thanks!
> 
> I do not care either way but I created a shared branch/tag since it was
> easy enough to do. If Linus wants to take these directly for -rc4, I am
> fine with that as well.
> 
> Cheers,
> Nathan
> 
> The following changes since commit 3a8660878839faadb4f1a6dd72c3179c1df56787:
> 
>   Linux 6.18-rc1 (2025-10-12 13:42:36 -0700)
> 
> are available in the Git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/kbuild/linux.git tags/kbuild-ms-extensions-6.19

Thanks, I pulled this and placed it into a branch that I can base other
branches on.

_But_, I'm already running into problems. :)

I'm changing a struct ns_common in ns_common.h (struct ns_common) and
wanted to make use of the fms extensions. ns_common.h is heavily
included by virtue of the namespace stuff. So we get an include chain
like the following:

In file included from ./include/linux/cgroup.h:23,
                 from ./include/linux/memcontrol.h:13,
                 from ./include/linux/swap.h:9,
                 from ./include/asm-generic/tlb.h:15,
                 from ./arch/x86/include/asm/tlb.h:8,
                 from ./arch/x86/include/asm/efi.h:7,
                 from drivers/firmware/efi/libstub/x86-stub.c:13:
./include/linux/ns_common.h:132:31: error: declaration does not declare anything [-Werror]
  132 |                 struct ns_tree;
      |                               ^
./include/linux/ns_common.h: In function '__ns_ref_active_read':
./include/linux/ns_common.h:228:31: error: 'const struct ns_common' has no member named '__ns_ref_active'
  228 |         return atomic_read(&ns->__ns_ref_active);
      |                               ^~
In file included from ./arch/x86/include/asm/bug.h:108,
                 from ./arch/x86/include/asm/alternative.h:9,
                 from ./arch/x86/include/asm/segment.h:6,
                 from ./arch/x86/include/asm/ptrace.h:5,
                 from ./arch/x86/include/asm/math_emu.h:5,
                 from ./arch/x86/include/asm/processor.h:13,
                 from ./arch/x86/include/asm/timex.h:5,
                 from ./include/linux/timex.h:67,
                 from ./include/linux/time32.h:13,
                 from ./include/linux/time.h:60,
                 from ./include/linux/efi.h:17,
                 from drivers/firmware/efi/libstub/x86-stub.c:9:

Because struct cgroup_namespace embeddds struct ns_common and it
proliferates via mm stuff into the efi code.

So the EFI cod has it's own KBUILD_CFLAGS. It does:

# non-x86 reuses KBUILD_CFLAGS, x86 does not
cflags-y			:= $(KBUILD_CFLAGS)

<snip>

KBUILD_CFLAGS			:= $(subst $(CC_FLAGS_FTRACE),,$(cflags-y)) \
				   -Os -DDISABLE_BRANCH_PROFILING \
				   -include $(srctree)/include/linux/hidden.h \
				   -D__NO_FORTIFY \
				   -ffreestanding \
				   -fno-stack-protector \
				   $(call cc-option,-fno-addrsig) \
				   -D__DISABLE_EXPORTS

which means x86 doesn't get -fms-extension breaking the build. If I
manually insert:

diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile
index 94b05e4451dd..4ad2f8f42134 100644
--- a/drivers/firmware/efi/libstub/Makefile
+++ b/drivers/firmware/efi/libstub/Makefile
@@ -42,6 +42,8 @@ KBUILD_CFLAGS                 := $(subst $(CC_FLAGS_FTRACE),,$(cflags-y)) \
                                   -ffreestanding \
                                   -fno-stack-protector \
                                   $(call cc-option,-fno-addrsig) \
+                                  -fms-extensions \
+                                  -Wno-microsoft-anon-tag \
                                   -D__DISABLE_EXPORTS

The build works...

I think we need to decide how to fix this now because as soon as someone
makes use of the extension that is indirectly included by that libstub
thing we're fscked.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ