Re: linux-next: build failure after merge of the security tree

Next message: Til Kaiser: "[PATCH net v2 2/4] net: mvpp2: limit XDP frame size to the RX buffer"
Previous message: Til Kaiser: "[PATCH net v2 4/4] net: mvpp2: build skb from XDP-adjusted data on XDP_PASS"
In reply to: Paul Moore: "Re: linux-next: build failure after merge of the security tree"
Next in thread: Paul Moore: "Re: linux-next: build failure after merge of the security tree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Daniel Borkmann

Date: Tue Jun 02 2026 - 12:59:44 EST

On 6/2/26 6:31 PM, Paul Moore wrote:

On Tue, Jun 2, 2026 at 12:16 PM Mark Brown <broonie@xxxxxxxxxx> wrote:

After merging the security tree, today's linux-next build (x86_64
allmodconfig) failed like this:

/tmp/next/build/security/hornet/hornet_lsm.c:212:36: error: too many arguments to function call, expected 1, have 3
212 | if (map->ops->map_get_hash(map, SHA256_DIGEST_SIZE, hash))
| ~~~~~~~~~~~~~~~~~~~~~~ ^~~~~~~~~~~~~~~~~~~~~~~~
/tmp/next/build/include/crypto/sha2.h:14:33: note: expanded from macro 'SHA256_DIGEST_SIZE'
14 | #define SHA256_DIGEST_SIZE 32
| ^

Caused by commit

c62310df81899 (lsm: introduce the Hornet LSM)

interacting with

c48c3a7e7d5be (bpf: Drop redundant hash_buf from map_get_hash operation)

from the bpf-next tree. I have reverted the latter commit, the new LSM
means that the assumption in the changelog that there is only one caller
isn't true and it seems like the most straightforward approach.

Thanks Mark, we're taking a look at it now and should have a
fix/answer later today.

Sigh, hornet should _not_ be merged to begin with for the many reasons stated.
Messing around with BPF internals is yet another one aside from a really bad
user experience of having multiple approaches to BPF signing !