Add warning about use of LTO in verify.c

Signed-off-by: Hanno Becker <[email protected]>
pq-code-package · Nov 21, 2024 · 2c97077 · 2c97077
1 parent 27e932e
commit 2c97077
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/mlkem/verify.c b/mlkem/verify.c
@@ -3,6 +3,17 @@
 #include <stddef.h>
 #include <stdint.h>
 
+//
+// WARNING:
+//
+// The functions in this compilation unit may be susceptible to
+// compiler-induced variable-time code when inlined into their call-sites.
+// The purpose of having a separate compilation here is to prevent
+// such potentially insecure inlining.
+//
+// You MUST NOT compile this file using link time optimization.
+//
+
 int verify(const uint8_t *a, const uint8_t *b, const size_t len) {
   uint8_t r = 0;
   uint64_t u;