Re: lib/crypto/chacha.c:65:1: warning: the frame size of 1604 bytes is larger than 1024 bytes

From: Kees Cook
Date: Thu Aug 27 2020 - 15:32:43 EST


On Thu, Aug 27, 2020 at 12:02:12PM -0700, Linus Torvalds wrote:
> On Thu, Aug 27, 2020 at 11:42 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> >
> > Do you mean you checked both gcc and clang and it was only a problem with gcc?
>
> I didn't check with clang, but Arnd claimed it was fine.
>
> > (If so, I can tweak the "depends" below...)
>
> Ugh.
>
> Instead of making the Makefile even uglier, why don't you just make
> this all be done in the Kconfig.
>
> Also, I'm not seeing the point of your patch. You didn't actually
> change anything, you just made a new config variable with the same
> semantics as the old one.

Hmm? Yeah it did: it disallowed CONFIG_COMPILE_TEST, which you said was
the missing piece, I thought? (It's hardly the first time COMPILE_TEST
has collided unhappily with *SAN-ish things.)

> All of this should be thrown out, and this code should use the proper
> patterns for configuration entries in the Makefile, ie just
>
> ubsan-cflags-$(CONFIG_UBSAN_OBJECT_SIZE) += -fsanitize=object-size

Yeah, that would be a better pattern for sure.

> and the Kconfig file is the thing that should check if that CC option
> exists with
>
> config UBSAN_OBJECT_SIZE
> bool "Check for accesses beyond known object sizes"
> default UBSAN
> depends on CLANG # gcc makes a mess of it
> depends on $(cc-option,-fsanitize-coverage=trace-pc)

Yup, for sure. I've only recently started poking at the ubsan stuff. I
can clean it up better.

> Doesn't that all look much cleaner?

Yup!

--
Kees Cook