107101e75a
blake2s_compress_generic is weakly aliased by blake2s_compress. The current harness for function selection uses a function pointer, which is ordinarily inlined and resolved at compile time. But when Clang's CFI is enabled, CFI still triggers when making an indirect call via a weak symbol. This seems like a bug in Clang's CFI, as though it's bucketing weak symbols and strong symbols differently. It also only seems to trigger when "full LTO" mode is used, rather than "thin LTO". [ 0.000000][ T0] Kernel panic - not syncing: CFI failure (target: blake2s_compress_generic+0x0/0x1444) [ 0.000000][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.16.0-mainline-06981-g076c855b846e #1 [ 0.000000][ T0] Hardware name: MT6873 (DT) [ 0.000000][ T0] Call trace: [ 0.000000][ T0] dump_backtrace+0xfc/0x1dc [ 0.000000][ T0] dump_stack_lvl+0xa8/0x11c [ 0.000000][ T0] panic+0x194/0x464 [ 0.000000][ T0] __cfi_check_fail+0x54/0x58 [ 0.000000][ T0] __cfi_slowpath_diag+0x354/0x4b0 [ 0.000000][ T0] blake2s_update+0x14c/0x178 [ 0.000000][ T0] _extract_entropy+0xf4/0x29c [ 0.000000][ T0] crng_initialize_primary+0x24/0x94 [ 0.000000][ T0] rand_initialize+0x2c/0x6c [ 0.000000][ T0] start_kernel+0x2f8/0x65c [ 0.000000][ T0] __primary_switched+0xc4/0x7be4 [ 0.000000][ T0] Rebooting in 5 seconds.. Nonetheless, the function pointer method isn't so terrific anyway, so this patch replaces it with a simple boolean, which also gets inlined away. This successfully works around the Clang bug. In general, I'm not too keen on all of the indirection involved here; it clearly does more harm than good. Hopefully the whole thing can get cleaned up down the road when lib/crypto is overhauled more comprehensively. But for now, we go with a simple bandaid. Fixes: 6048fdcc5f26 ("lib/crypto: blake2s: include as built-in") Link: https://github.com/ClangBuiltLinux/linux/issues/1567 Reported-by: Miles Chen <miles.chen@mediatek.com> Tested-by: Miles Chen <miles.chen@mediatek.com> Tested-by: Nathan Chancellor <nathan@kernel.org> Tested-by: John Stultz <john.stultz@linaro.org> Acked-by: Nick Desaulniers <ndesaulniers@google.com> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> (cherry picked from commit d2a02e3c8bb6b347818518edff5a4b40ff52d6d8) Change-Id: I3a6461e3f05f57cd898f8a4f46e73fb0214037ef Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
---|---|---|
.. | ||
sha1-mb | ||
sha256-mb | ||
sha512-mb | ||
.gitignore | ||
aegis128-aesni-asm.S | ||
aegis128-aesni-glue.c | ||
aegis128l-aesni-asm.S | ||
aegis128l-aesni-glue.c | ||
aegis256-aesni-asm.S | ||
aegis256-aesni-glue.c | ||
aes-i586-asm_32.S | ||
aes-x86_64-asm_64.S | ||
aes_ctrby8_avx-x86_64.S | ||
aes_glue.c | ||
aesni-intel_asm.S | ||
aesni-intel_avx-x86_64.S | ||
aesni-intel_glue.c | ||
blake2s-core.S | ||
blake2s-glue.c | ||
blake2s-shash.c | ||
blowfish-x86_64-asm_64.S | ||
blowfish_glue.c | ||
camellia-aesni-avx-asm_64.S | ||
camellia-aesni-avx2-asm_64.S | ||
camellia-x86_64-asm_64.S | ||
camellia_aesni_avx2_glue.c | ||
camellia_aesni_avx_glue.c | ||
camellia_glue.c | ||
cast5-avx-x86_64-asm_64.S | ||
cast5_avx_glue.c | ||
cast6-avx-x86_64-asm_64.S | ||
cast6_avx_glue.c | ||
chacha-avx2-x86_64.S | ||
chacha-avx512vl-x86_64.S | ||
chacha-ssse3-x86_64.S | ||
chacha_glue.c | ||
crc32-pclmul_asm.S | ||
crc32-pclmul_glue.c | ||
crc32c-intel_glue.c | ||
crc32c-pcl-intel-asm_64.S | ||
crct10dif-pcl-asm_64.S | ||
crct10dif-pclmul_glue.c | ||
curve25519-x86_64.c | ||
des3_ede-asm_64.S | ||
des3_ede_glue.c | ||
fpu.c | ||
ghash-clmulni-intel_asm.S | ||
ghash-clmulni-intel_glue.c | ||
glue_helper-asm-avx.S | ||
glue_helper-asm-avx2.S | ||
glue_helper.c | ||
Makefile | ||
morus640-sse2-asm.S | ||
morus640-sse2-glue.c | ||
morus640_glue.c | ||
morus1280-avx2-asm.S | ||
morus1280-avx2-glue.c | ||
morus1280-sse2-asm.S | ||
morus1280-sse2-glue.c | ||
morus1280_glue.c | ||
poly1305-x86_64-cryptogams.pl | ||
poly1305_glue.c | ||
serpent-avx-x86_64-asm_64.S | ||
serpent-avx2-asm_64.S | ||
serpent-sse2-i586-asm_32.S | ||
serpent-sse2-x86_64-asm_64.S | ||
serpent_avx2_glue.c | ||
serpent_avx_glue.c | ||
serpent_sse2_glue.c | ||
sha1_avx2_x86_64_asm.S | ||
sha1_ni_asm.S | ||
sha1_ssse3_asm.S | ||
sha1_ssse3_glue.c | ||
sha256-avx-asm.S | ||
sha256-avx2-asm.S | ||
sha256-ssse3-asm.S | ||
sha256_ni_asm.S | ||
sha256_ssse3_glue.c | ||
sha512-avx-asm.S | ||
sha512-avx2-asm.S | ||
sha512-ssse3-asm.S | ||
sha512_ssse3_glue.c | ||
twofish-avx-x86_64-asm_64.S | ||
twofish-i586-asm_32.S | ||
twofish-x86_64-asm_64-3way.S | ||
twofish-x86_64-asm_64.S | ||
twofish_avx_glue.c | ||
twofish_glue.c | ||
twofish_glue_3way.c |