On Tue, Jan 09, 2018 at 01:58:38PM +0000, David Woodhouse wrote: > Clever GCC, have biscuit.
Well, we requested this feature exactly because of this. It had better work. > However, you are suggesting that we turn the static_cpu_has() trick > from a "nice to have" optimisation which is all very well when it pans > out, to something we *rely* on for secure operation of the system. It must work, we 'rely' on it already. GCC doing something stupid there is a GCC bug. Any GCC bug is a royal pain, they happen, life goes on. > It never ends well when we rely on all versions of GCC optimising > things precisely how we want. > > If you can build in a sanity check to ensure that the build will *fail* > when GCC doesn't do what we want, I suppose we could live with that. > But we don't have such a sanity check at the moment, do we? We have STATIC_KEYS_SELFTEST, which might or might not qualify.
