On Tue, Jan 12, 2021 at 09:29:15PM +0100, Arnd Bergmann wrote: > From: Arnd Bergmann <[email protected]> > > Building ubsan kernels even for compile-testing introduced these > warnings in my randconfig environment: > > crypto/blake2b_generic.c:98:13: error: stack frame size of 9636 bytes in > function 'blake2b_compress' [-Werror,-Wframe-larger-than=] > static void blake2b_compress(struct blake2b_state *S, > crypto/sha512_generic.c:151:13: error: stack frame size of 1292 bytes in > function 'sha512_generic_block_fn' [-Werror,-Wframe-larger-than=] > static void sha512_generic_block_fn(struct sha512_state *sst, u8 const *src, > lib/crypto/curve25519-fiat32.c:312:22: error: stack frame size of 2180 bytes > in function 'fe_mul_impl' [-Werror,-Wframe-larger-than=] > static noinline void fe_mul_impl(u32 out[10], const u32 in1[10], const u32 > in2[10]) > lib/crypto/curve25519-fiat32.c:444:22: error: stack frame size of 1588 bytes > in function 'fe_sqr_impl' [-Werror,-Wframe-larger-than=] > static noinline void fe_sqr_impl(u32 out[10], const u32 in1[10]) > > Further testing showed that this is caused by > -fsanitize=unsigned-integer-overflow, but is isolated to the 32-bit > x86 architecture. > > The one in blake2b immediately overflows the 8KB stack area architectures, > so better ensure this never happens by disabling the option for 32-bit > x86. > > Fixes: d0a3ac549f38 ("ubsan: enable for all*config builds") > Link: https://lore.kernel.org/lkml/[email protected]/ > Signed-off-by: Arnd Bergmann <[email protected]>
Acked-by: Kees Cook <[email protected]> -- Kees Cook
