Re: [PATCH net-next v5 02/20] zinc: introduce minimal cryptography library

From: Andy Lutomirski
Date: Thu Sep 20 2018 - 23:23:50 EST

Next message: Bibby Hsieh: "[PATCH v3 01/12] drm/mediatek: add refcount for DPI power on/off"
Previous message: Baoquan He: "[PATCH v2 3/3] x86/doc/kaslr.txt: Create a separate part of document abourt KASLR at the end of file"
In reply to: Jason A. Donenfeld: "Re: [PATCH net-next v5 02/20] zinc: introduce minimal cryptography library"
Next in thread: Jason A. Donenfeld: "Re: [PATCH net-next v5 02/20] zinc: introduce minimal cryptography library"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Sep 20, 2018, at 8:12 PM, Andrew Lunn <andrew@xxxxxxx> wrote:
>
>> On Fri, Sep 21, 2018 at 02:11:43AM +0200, Jason A. Donenfeld wrote:
>> Hey Arnd,
>>
>>> On Thu, Sep 20, 2018 at 6:02 PM Arnd Bergmann <arnd@xxxxxxxx> wrote:
>>> Right, if you hit a stack requirement like this, it's usually the compiler
>>> doing something bad, not just using too much stack but also generating
>>> rather slow object code in the process. It's better to fix the bug by
>>> optimizing the code to not spill registers to the stack.
>>>
>>> In the long run, I'd like to reduce the stack frame size further, so
>>> best assume that anything over 1024 bytes (on 32-bit) or 1280 bytes
>>> (on 64-bit) is a bug in the code, and stay below that.
>>>
>>> For prototyping, you can just mark the broken functions individually
>>> by setting the warning limit for a specific function that is known to
>>> be misoptimized by the compiler (with a comment about which compiler
>>> and architectures are affected), but not override the limit for the
>>> entire file.
>>
>> Thanks for the explanation. Fortunately in my case, the issues were
>> trivially fixable to get it under 1024/1280. (By the way, why does
>> 64-bit have a slightly larger stack frame? To account for 32 pointers
>> taking double the space or something?) That will be rectified in v6.
>
> Hi Jason
>
> Do you any stack usage information?
>
> A VPN can be at the bottom of some deep stack calls. Swap on NFS over
> the VPN? If you have one frame of 1K, you might be O.K. But if you
> have a few of these, i can see there might be issues of overflowing
> the stack.
>
>

At the risk on suggesting something awful: on x86_64, since we turn preemption off for simd, it wouldnât be *completely* insane to do the crypto on the irq stack. It would look like:

kernel_fpu_call(func, arg);

And this helper would disable preemption, enable FPU, switch to the irq stack, call func(arg), disable FPU, enable preemption, and return. And we can have large IRQ stacks.

I refuse to touch this with a ten-foot pole until the lazy FPU restore patches land.

All that being said, why are these frames so large? It sounds like something may be spilling that ought not to.

Next message: Bibby Hsieh: "[PATCH v3 01/12] drm/mediatek: add refcount for DPI power on/off"
Previous message: Baoquan He: "[PATCH v2 3/3] x86/doc/kaslr.txt: Create a separate part of document abourt KASLR at the end of file"
In reply to: Jason A. Donenfeld: "Re: [PATCH net-next v5 02/20] zinc: introduce minimal cryptography library"
Next in thread: Jason A. Donenfeld: "Re: [PATCH net-next v5 02/20] zinc: introduce minimal cryptography library"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]