| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABCJKuf=eHuFfNjD-7FBTeft3XNTkEc4G9cDvYpMJgH_se12eg@mail.gmail.com>
Date: Fri, 21 Jan 2022 12:51:40 -0800
From: Sami Tolvanen <samitolvanen@...gle.com>
To: "Jason A. Donenfeld" <Jason@...c4.com>
Cc: Eric Biggers <ebiggers@...nel.org>,
Miles Chen <miles.chen@...iatek.com>,
Ard Biesheuvel <ardb@...nel.org>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
"moderated list:ARM/Mediatek SoC..."
<linux-mediatek@...ts.infradead.org>,
Nick Desaulniers <ndesaulniers@...gle.com>
Subject: Re: [PATCH] lib/crypto: blake2s: avoid indirect calls to compression
function for Clang CFI
Hi Jason,
On Fri, Jan 21, 2022 at 12:23 PM Jason A. Donenfeld <Jason@...c4.com> wrote:
>
> On Fri, Jan 21, 2022 at 8:54 PM Eric Biggers <ebiggers@...nel.org> wrote:
> > There are some lines over 80 columns in this patch.
>
> I'll fix that up.
>
> > Otherwise this looks fine. It would be really nice to fix this in clang,
> > though.
>
> I agree. I'm wondering whether it makes sense to roll with this patch,
> or to just not change anything and lean on Clang upstream to fix their
> bug. Full LTO is marked as "experimental" still. On the other hand,
> Android ships with it turned on, so how "experimental" can it really
> be? I don't have a strong read on the Clang ecosystem to know what
> makes most sense, to apply this or not. Do you have an opinion?
We'll work on fixing the compiler, but please note that it's most
likely going to take a while, so I would prefer to work around the
issue in the kernel for now.
Sami
Powered by blists - more mailing lists