Build: Never use -flto for verify.c

verify.c contains various functions which must not be inlined because compilers are tempted to compile them into code that's not constant time and thereby leaks something about the secret data being processed. If `-flto` is used as a compile-time flag, verify.c is likely to be inlined. This commit modifies the Makefile to force `-fno-lto` for verify.c, overwriting `-flto` if present. This in particular affects our CI benchmarks, which do compile with `-flto`. Signed-off-by: Hanno Becker <[email protected]>
pq-code-package · Nov 21, 2024 · 4b9919e · 4b9919e
1 parent d72c48b
commit 4b9919e
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/mk/schemes.mk b/mk/schemes.mk
@@ -13,6 +13,12 @@ MLKEM512_DIR = $(BUILD_DIR)/mlkem512
 MLKEM768_DIR = $(BUILD_DIR)/mlkem768
 MLKEM1024_DIR = $(BUILD_DIR)/mlkem1024
 
+# Even when link-time optimization is used for the rest of the code,
+# make sure not to use it for verify.c: Those are functions which, when
+# inlined, can be subject to variable-time compilation.
+$(MLKEM768_DIR)/mlkem/verify.c.o:  CPPFLAGS += "-fno-lto"
+$(MLKEM1024_DIR)/mlkem/verify.c.o: CPPFLAGS += "-fno-lto"
+
 $(MLKEM512_DIR)/bin/%: CPPFLAGS += -DMLKEM_K=2
 $(ALL_TESTS:%=$(MLKEM512_DIR)/bin/%512):$(MLKEM512_DIR)/bin/%512: $(MLKEM512_DIR)/test/%.c.o $(call MAKE_OBJS,$(MLKEM512_DIR), $(SOURCES))