From: Arnd Bergmann <arnd@arndb.de>
To: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Cc: Arnd Bergmann <arnd@arndb.de>,
"Jason A . Donenfeld" <Jason@zx2c4.com>,
Ard Biesheuvel <ardb@kernel.org>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
clang-built-linux@googlegroups.com
Subject: [PATCH] crypto: curve25519-hacl64 - Disable fortify-source for clang-10
Date: Tue, 5 May 2020 15:59:34 +0200 [thread overview]
Message-ID: <20200505135947.216022-1-arnd@arndb.de> (raw)
clang-10 produces a warning about excessive stack usage, as well
as rather unoptimized object code when CONFIG_FORTIFY_SOURCE is
set:
lib/crypto/curve25519-hacl64.c:759:6: error: stack frame size of 2400 bytes in function 'curve25519_generic' [-Werror,-Wframe-larger-than=]
Jason Donenfeld managed to track this down to the usage of
CONFIG_FORTIFY_SOURCE, and I found a minimal test case that illustrates
this happening on clang-10 but not clang-9 or clang-11.
To work around this, turn off fortification in this file.
Link: https://bugs.llvm.org/show_bug.cgi?id=45802
Cc: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
lib/crypto/curve25519-hacl64.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/crypto/curve25519-hacl64.c b/lib/crypto/curve25519-hacl64.c
index c7de61829a66..87adeb4f9276 100644
--- a/lib/crypto/curve25519-hacl64.c
+++ b/lib/crypto/curve25519-hacl64.c
@@ -10,6 +10,10 @@
* integer types.
*/
+#if (CONFIG_CLANG_VERSION >= 100000) && (CONFIG_CLANG_VERSION < 110000)
+#define __NO_FORTIFY /* https://bugs.llvm.org/show_bug.cgi?id=45802 */
+#endif
+
#include <asm/unaligned.h>
#include <crypto/curve25519.h>
#include <linux/string.h>
--
2.26.0
next reply other threads:[~2020-05-05 14:00 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-05 13:59 Arnd Bergmann [this message]
2020-05-05 21:39 ` [PATCH] crypto: curve25519-hacl64 - Disable fortify-source for clang-10 Jason A. Donenfeld
2020-05-05 21:48 ` Nick Desaulniers
2020-05-05 21:49 ` Jason A. Donenfeld
2020-05-05 21:55 ` [PATCH] Kbuild: disable FORTIFY_SOURCE on clang-10 Jason A. Donenfeld
2020-05-05 22:02 ` Nick Desaulniers
2020-05-05 22:25 ` Nathan Chancellor
2020-05-05 22:37 ` George Burgess IV
2020-05-05 22:37 ` Jason A. Donenfeld
2020-05-05 23:19 ` Kees Cook
2020-05-05 23:22 ` Jason A. Donenfeld
2020-05-05 23:22 ` Jason A. Donenfeld
2020-05-05 23:36 ` Nick Desaulniers
2020-05-06 2:53 ` Kees Cook
2020-05-06 0:14 ` [PATCH v2] security: disable FORTIFY_SOURCE on clang Jason A. Donenfeld
2020-05-06 0:57 ` Nick Desaulniers
2020-05-06 2:54 ` Kees Cook
2020-05-06 3:34 ` Jason A. Donenfeld
2020-05-06 3:53 ` Nathan Chancellor
2020-05-06 16:48 ` George Burgess
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200505135947.216022-1-arnd@arndb.de \
--to=arnd@arndb.de \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=clang-built-linux@googlegroups.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.