[PATCH] gcc-plugins: Disable GCC plugins for compile test builds

public inbox for linux-security-module@vger.kernel.org
 help / color / mirror / Atom feed

From: Mark Brown <broonie@kernel.org>
To: "Linus Torvalds" <torvalds@linux-foundation.org>,
	"Kees Cook" <kees@kernel.org>, "Mickaël Salaün" <mic@digikod.net>,
	"Günther Noack" <gnoack@google.com>
Cc: Arnd Bergmann <arnd@arndb.de>,
	linux-hardening@vger.kernel.org,  linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	 Mark Brown <broonie@kernel.org>
Subject: [PATCH] gcc-plugins: Disable GCC plugins for compile test builds
Date: Mon, 07 Apr 2025 21:57:32 +0100	[thread overview]
Message-ID: <20250407-kbuild-disable-gcc-plugins-v1-1-5d46ae583f5e@kernel.org> (raw)

In current mainline x86_64 allmodconfig builds done with tuxmake GCC 13
and GCC 14 toolchains (which are Debian ones packaged up into containers)
generate ICEs in landlock:

Event                            | Plugins
PLUGIN_FINISH_TYPE               | randomize_layout_plugin
PLUGIN_FINISH_DECL               | randomize_layout_plugin
PLUGIN_ATTRIBUTES                | latent_entropy_plugin randomize_layout_plugin
PLUGIN_START_UNIT                | latent_entropy_plugin stackleak_plugin
PLUGIN_ALL_IPA_PASSES_START      | randomize_layout_plugin
/build/stage/linux/security/landlock/fs.c: In function ‘hook_file_ioctl_common’:
/build/stage/linux/security/landlock/fs.c:1745:61: internal compiler error: in c
ount_type_elements, at expr.cc:7075
 1745 |                         .u.op = &(struct lsm_ioctlop_audit) {
      |                                                             ^

Arnd bisected this to c56f649646ec ("landlock: Log mount-related
denials") but that commit is fairly obviously not really at fault here,
most likely this is an issue in the plugin.  Given how disruptive having
key configs like this failing let's disable the plugins for compile test
builds until a fix is found.

Suggested-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Mark Brown <broonie@kernel.org>
---
 scripts/gcc-plugins/Kconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig
index e383cda05367..29b03c136165 100644
--- a/scripts/gcc-plugins/Kconfig
+++ b/scripts/gcc-plugins/Kconfig
@@ -7,6 +7,7 @@ config HAVE_GCC_PLUGINS
 
 menuconfig GCC_PLUGINS
 	bool "GCC plugins"
+	depends on !COMPILE_TEST
 	depends on HAVE_GCC_PLUGINS
 	depends on CC_IS_GCC
 	depends on $(success,test -e $(shell,$(CC) -print-file-name=plugin)/include/plugin-version.h)

---
base-commit: 0af2f6be1b4281385b618cb86ad946eded089ac8
change-id: 20250407-kbuild-disable-gcc-plugins-8701aa609cb3

Best regards,
-- 
Mark Brown <broonie@kernel.org>

next             reply	other threads:[~2025-04-07 21:10 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-04-07 20:57 Mark Brown [this message]
2025-04-07 21:33 ` [PATCH] gcc-plugins: Disable GCC plugins for compile test builds Linus Torvalds
2025-04-07 22:02   ` Mark Brown
2025-04-08  9:22     ` Arnd Bergmann
2025-04-08 20:37       ` Kees Cook
2025-04-10  7:58         ` Arnd Bergmann
2025-04-08 23:32 ` Kees Cook
2025-04-09  5:43   ` Arnd Bergmann
2025-04-09 12:19   ` Mark Brown
2025-04-09 15:33     ` Linus Torvalds
2025-04-09 17:29       ` Mark Brown
2025-04-09 17:42         ` Linus Torvalds
2025-04-09 17:46           ` Kees Cook
2025-04-09 18:09           ` Mark Brown
2025-04-09 19:24             ` Arnd Bergmann
2025-04-15 20:26 ` Palmer Dabbelt
2025-04-15 20:41   ` Mark Brown
2025-04-15 20:43     ` Kees Cook
2025-04-15 20:41   ` Kees Cook

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:e383cda0536 dfblob:29b03c13616 )
 OR (
bs:"[PATCH] gcc-plugins: Disable GCC plugins for compile test builds" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250407-kbuild-disable-gcc-plugins-v1-1-5d46ae583f5e@kernel.org \
    --to=broonie@kernel.org \
    --cc=arnd@arndb.de \
    --cc=gnoack@google.com \
    --cc=kees@kernel.org \
    --cc=linux-hardening@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=mic@digikod.net \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox