From: david laight <david.laight@runbox.com>
To: Thorsten Blum <thorsten.blum@linux.dev>
Cc: Eric Biggers <ebiggers@kernel.org>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Ard Biesheuvel <ardb@kernel.org>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] lib/crypto: blake2b: Limit frame size workaround to GCC < 12.2 on i386
Date: Sun, 23 Nov 2025 09:28:40 +0000 [thread overview]
Message-ID: <20251123092840.44c92841@pumpkin> (raw)
In-Reply-To: <20251122105530.441350-2-thorsten.blum@linux.dev>
On Sat, 22 Nov 2025 11:55:31 +0100
Thorsten Blum <thorsten.blum@linux.dev> wrote:
> The GCC bug only occurred on i386 and has been resolved since GCC 12.2.
> Limit the frame size workaround to GCC < 12.2 on i386.
>
> Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
> ---
> lib/crypto/Makefile | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
> index b5346cebbb55..5ee36a231484 100644
> --- a/lib/crypto/Makefile
> +++ b/lib/crypto/Makefile
> @@ -33,7 +33,11 @@ obj-$(CONFIG_CRYPTO_LIB_GF128MUL) += gf128mul.o
>
> obj-$(CONFIG_CRYPTO_LIB_BLAKE2B) += libblake2b.o
> libblake2b-y := blake2b.o
> +ifeq ($(CONFIG_X86_32),y)
> +ifeq ($(CONFIG_CC_IS_GCC)_$(call gcc-min-version, 120200),y_)
> CFLAGS_blake2b.o := -Wframe-larger-than=4096 # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105930
> +endif # CONFIG_CC_IS_GCC
> +endif # CONFIG_X86_32
Isn't that just going to cause a run-time stack overflow?
The compile-time check is a vague attempt to stop run-type overflow by limiting
the largest single stack frames.
I can't remember the kernel stack size for x86-32, might only be 8k.
The only real solution is to either fix the source so it doesn't blow
the stack (I suspect the code is 'unrolled' and the spills everything
to stack - making it slow), or just disable the code from the build.
David
> ifeq ($(CONFIG_CRYPTO_LIB_BLAKE2B_ARCH),y)
> CFLAGS_blake2b.o += -I$(src)/$(SRCARCH)
> libblake2b-$(CONFIG_ARM) += arm/blake2b-neon-core.o
next prev parent reply other threads:[~2025-11-23 9:29 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-22 10:55 [PATCH] lib/crypto: blake2b: Limit frame size workaround to GCC < 12.2 on i386 Thorsten Blum
2025-11-22 20:04 ` Eric Biggers
2025-11-22 23:23 ` Thorsten Blum
2025-11-23 1:55 ` kernel test robot
2025-11-23 9:28 ` david laight [this message]
2025-11-23 17:00 ` Thorsten Blum
2025-11-23 18:58 ` david laight
2025-11-23 20:26 ` Eric Biggers
2025-11-24 9:08 ` david laight
2025-11-24 17:14 ` Jason A. Donenfeld
2025-11-24 22:40 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251123092840.44c92841@pumpkin \
--to=david.laight@runbox.com \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=ebiggers@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=thorsten.blum@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox