107101e75a
blake2s_compress_generic is weakly aliased by blake2s_compress. The current harness for function selection uses a function pointer, which is ordinarily inlined and resolved at compile time. But when Clang's CFI is enabled, CFI still triggers when making an indirect call via a weak symbol. This seems like a bug in Clang's CFI, as though it's bucketing weak symbols and strong symbols differently. It also only seems to trigger when "full LTO" mode is used, rather than "thin LTO". [ 0.000000][ T0] Kernel panic - not syncing: CFI failure (target: blake2s_compress_generic+0x0/0x1444) [ 0.000000][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.16.0-mainline-06981-g076c855b846e #1 [ 0.000000][ T0] Hardware name: MT6873 (DT) [ 0.000000][ T0] Call trace: [ 0.000000][ T0] dump_backtrace+0xfc/0x1dc [ 0.000000][ T0] dump_stack_lvl+0xa8/0x11c [ 0.000000][ T0] panic+0x194/0x464 [ 0.000000][ T0] __cfi_check_fail+0x54/0x58 [ 0.000000][ T0] __cfi_slowpath_diag+0x354/0x4b0 [ 0.000000][ T0] blake2s_update+0x14c/0x178 [ 0.000000][ T0] _extract_entropy+0xf4/0x29c [ 0.000000][ T0] crng_initialize_primary+0x24/0x94 [ 0.000000][ T0] rand_initialize+0x2c/0x6c [ 0.000000][ T0] start_kernel+0x2f8/0x65c [ 0.000000][ T0] __primary_switched+0xc4/0x7be4 [ 0.000000][ T0] Rebooting in 5 seconds.. Nonetheless, the function pointer method isn't so terrific anyway, so this patch replaces it with a simple boolean, which also gets inlined away. This successfully works around the Clang bug. In general, I'm not too keen on all of the indirection involved here; it clearly does more harm than good. Hopefully the whole thing can get cleaned up down the road when lib/crypto is overhauled more comprehensively. But for now, we go with a simple bandaid. Fixes: 6048fdcc5f26 ("lib/crypto: blake2s: include as built-in") Link: https://github.com/ClangBuiltLinux/linux/issues/1567 Reported-by: Miles Chen <miles.chen@mediatek.com> Tested-by: Miles Chen <miles.chen@mediatek.com> Tested-by: Nathan Chancellor <nathan@kernel.org> Tested-by: John Stultz <john.stultz@linaro.org> Acked-by: Nick Desaulniers <ndesaulniers@google.com> Reviewed-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> (cherry picked from commit d2a02e3c8bb6b347818518edff5a4b40ff52d6d8) Change-Id: I3a6461e3f05f57cd898f8a4f46e73fb0214037ef Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
---|---|---|
.. | ||
boot | ||
common | ||
configs | ||
crypto | ||
firmware | ||
include | ||
kernel | ||
kvm | ||
lib | ||
mach-actions | ||
mach-alpine | ||
mach-artpec | ||
mach-asm9260 | ||
mach-aspeed | ||
mach-at91 | ||
mach-axxia | ||
mach-bcm | ||
mach-berlin | ||
mach-clps711x | ||
mach-cns3xxx | ||
mach-davinci | ||
mach-digicolor | ||
mach-dove | ||
mach-ebsa110 | ||
mach-efm32 | ||
mach-ep93xx | ||
mach-exynos | ||
mach-footbridge | ||
mach-gemini | ||
mach-highbank | ||
mach-hisi | ||
mach-imx | ||
mach-integrator | ||
mach-iop13xx | ||
mach-iop32x | ||
mach-iop33x | ||
mach-ixp4xx | ||
mach-keystone | ||
mach-ks8695 | ||
mach-lpc18xx | ||
mach-lpc32xx | ||
mach-mediatek | ||
mach-meson | ||
mach-mmp | ||
mach-moxart | ||
mach-mv78xx0 | ||
mach-mvebu | ||
mach-mxs | ||
mach-netx | ||
mach-nomadik | ||
mach-npcm | ||
mach-nspire | ||
mach-omap1 | ||
mach-omap2 | ||
mach-orion5x | ||
mach-oxnas | ||
mach-picoxcell | ||
mach-prima2 | ||
mach-pxa | ||
mach-qcom | ||
mach-realview | ||
mach-rockchip | ||
mach-rpc | ||
mach-s3c24xx | ||
mach-s3c64xx | ||
mach-s5pv210 | ||
mach-sa1100 | ||
mach-shmobile | ||
mach-socfpga | ||
mach-spear | ||
mach-sti | ||
mach-stm32 | ||
mach-sunxi | ||
mach-tango | ||
mach-tegra | ||
mach-u300 | ||
mach-uniphier | ||
mach-ux500 | ||
mach-versatile | ||
mach-vexpress | ||
mach-vt8500 | ||
mach-w90x900 | ||
mach-zx | ||
mach-zynq | ||
mm | ||
net | ||
nwfpe | ||
oprofile | ||
plat-iop | ||
plat-omap | ||
plat-orion | ||
plat-pxa | ||
plat-samsung | ||
plat-versatile | ||
probes | ||
tools | ||
vdso | ||
vfp | ||
xen | ||
Kconfig | ||
Kconfig-nommu | ||
Kconfig.debug | ||
Makefile | ||
OWNERS |