lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251123185818.23ad5d3f@pumpkin>
Date: Sun, 23 Nov 2025 18:58:18 +0000
From: david laight <david.laight@...box.com>
To: Thorsten Blum <thorsten.blum@...ux.dev>
Cc: Eric Biggers <ebiggers@...nel.org>, "Jason A. Donenfeld"
 <Jason@...c4.com>, Ard Biesheuvel <ardb@...nel.org>,
 linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] lib/crypto: blake2b: Limit frame size workaround to GCC
 < 12.2 on i386

On Sun, 23 Nov 2025 18:00:01 +0100
Thorsten Blum <thorsten.blum@...ux.dev> wrote:

> On 23. Nov 2025, at 10:28, david laight wrote:
> > On Sat, 22 Nov 2025 11:55:31 +0100
> > Thorsten Blum <thorsten.blum@...ux.dev> wrote:
> >   
> >> The GCC bug only occurred on i386 and has been resolved since GCC 12.2.
> >> Limit the frame size workaround to GCC < 12.2 on i386.
> >> 
> >> Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev>
> >> ---
> >> lib/crypto/Makefile | 4 ++++
> >> 1 file changed, 4 insertions(+)
> >> 
> >> diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
> >> index b5346cebbb55..5ee36a231484 100644
> >> --- a/lib/crypto/Makefile
> >> +++ b/lib/crypto/Makefile
> >> @@ -33,7 +33,11 @@ obj-$(CONFIG_CRYPTO_LIB_GF128MUL) += gf128mul.o
> >> 
> >> obj-$(CONFIG_CRYPTO_LIB_BLAKE2B) += libblake2b.o
> >> libblake2b-y := blake2b.o
> >> +ifeq ($(CONFIG_X86_32),y)
> >> +ifeq ($(CONFIG_CC_IS_GCC)_$(call gcc-min-version, 120200),y_)
> >> CFLAGS_blake2b.o := -Wframe-larger-than=4096 #  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105930
> >> +endif # CONFIG_CC_IS_GCC
> >> +endif # CONFIG_X86_32  
> > 
> > Isn't that just going to cause a run-time stack overflow?  
> 
> My change doesn't cause a runtime stack overflow, it's just a compiler
> warning. There's more information in commit 1d3551ced64e ("crypto:
> blake2b: effectively disable frame size warning").
> 
> Given the kernel test robot results with GCC 15.1.0 on m68k, we should
> probably make this conditional on GCC (any version). Clang produces much
> smaller stack frames and should be fine with the default warning
> threshold.

But if anyone tries to run the kernel they'll need space for the '3k monster stack'.
So changing the limit is 'fine' for a test build, but not for a proper build.
(Yes this has been wrong since Linus did the original patch in 2022.)

Does allmodconfig set COMPILE_TEST ?
If so that could be included in the conditional.

A more interesting question is whether the change can just be removed.
I'd guess no one is actively using gcc 12.1 any more.

	David

> 
> I'll send a v2.
> 
> Thanks,
> Thorsten
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ