FAILED: CMakeFiles/s2n.dir/pq-crypto/kyber_r3/kyber512r3_cbd.c.o /usr/bin/cc -D_FORTIFY_SOURCE=2 -D_POSIX_C_SOURCE=200809L -Ds2n_EXPORTS -I/usr/ports/security/s2n-tls/work/s2n-tls-1.3.25 -I/usr/ports/security/s2n-tls/work/s2n-tls-1.3.25/api -O2 -pipe -march=tigerlake -fstack-protector-strong -fno-strict-aliasing -O2 -pipe -march=tigerlake -fstack-protector-strong -fno-strict-aliasing -fPIC -pedantic -std=gnu99 -Wall -Wimplicit -Wunused -Wcomment -Wchar-subscripts -Wuninitialized -Wshadow -Wcast-align -Wwrite-strings -Wno-deprecated-declarations -Wno-unknown-pragmas -Wformat-security -Wno-missing-braces -Wa,--noexecstack -Werror -fvisibility=hidden -DS2N_EXPORTS -flto -DS2N_STACKTRACE -DS2N_CPUID_AVAILABLE -fPIC -DS2N_FALL_THROUGH_SUPPORTED -DS2N___RESTRICT__SUPPORTED -DS2N_MADVISE_SUPPORTED -DS2N_MINHERIT_SUPPORTED -DS2N_LIBCRYPTO_SUPPORTS_EVP_MD5_SHA1_HASH -DS2N_LIBCRYPTO_SUPPORTS_EVP_RC4 -DS2N_LIBCRYPTO_SUPPORTS_EVP_MD_CTX_SET_PKEY_CTX -MD -MT CMakeFiles/s2n.dir/pq-crypto/kyber_r3/kyber512r3_cbd.c.o -MF CMakeFiles/s2n.dir/pq-crypto/kyber_r3/kyber512r3_cbd.c.o.d -o CMakeFiles/s2n.dir/pq-crypto/kyber_r3/kyber512r3_cbd.c.o -c /usr/ports/security/s2n-tls/work/s2n-tls-1.3.25/pq-crypto/kyber_r3/kyber512r3_cbd.c /usr/ports/security/s2n-tls/work/s2n-tls-1.3.25/pq-crypto/kyber_r3/kyber512r3_cbd.c:5:1: error: expected identifier or '(' S2N_ENSURE_PORTABLE_OPTIMIZATIONS ^ /usr/ports/security/s2n-tls/work/s2n-tls-1.3.25/pq-crypto/s2n_pq_asm.h:26:5: note: expanded from macro 'S2N_ENSURE_PORTABLE_OPTIMIZATIONS' #error "Compiling portable code with non-portable assembly optimizations. This can result in runtime crashes if artifacts are deployed to older CPU's without these CPU instructions" ^ /usr/ports/security/s2n-tls/work/s2n-tls-1.3.25/pq-crypto/kyber_r3/kyber512r3_cbd.c:60:23: error: implicit declaration of function 'load32_littleendian' is invalid in C99 [-Werror,-Wimplicit-function-declaration] uint32_t t = load32_littleendian(buf + 4 * i); ^ /usr/ports/security/s2n-tls/work/s2n-tls-1.3.25/pq-crypto/kyber_r3/kyber512r3_cbd.c:60:23: note: did you mean 'load24_littleendian'? /usr/ports/security/s2n-tls/work/s2n-tls-1.3.25/pq-crypto/kyber_r3/kyber512r3_cbd.c:37:17: note: 'load24_littleendian' declared here static uint32_t load24_littleendian(const uint8_t x[3]) { ^ 2 errors generated. Ugly hack is to define _CPUCFLAGS= in s2n's Makefile https://github.com/aws/s2n-tls/blob/main/CMakeLists.txt#L298 Having a quick look it seems (I may be reading it wrong) that anything that defines __AVX__ || __AVX2__ || __BMI2__ will fail. Reference: https://cgit.freebsd.org/src/tree/share/examples/etc/make.conf?h=stable/13 Tested on FreeBSD 13.1-STABLE ( CPUTYPE?=tigerlake in /etc/make.conf)
(In reply to Daniel Engberg from comment #0) Isn't better to open an upstream issue about this to know for sure what compile options are valid? Don't know about seting CPUTYPE?=tigerlake is a good idea since it may broken things. What is your opinion? Thanks
(In reply to Nuno Teixeira from comment #1) (...) man make.conf: --- CPUTYPE (str) Controls which processor should be targeted for generated code. This controls processor-specific optimizations in certain code (currently only OpenSSL) (...) --- I remember asking about CPUTYPE on mailings and it must be used with caution.
This seems to be incorrectly triggered in at least 1.3.24 and .25. Having a very quick glance I couldn't find any way to disable the check as the CMake file suggest should be doable. We should submit an issue report to upstream about it.
(In reply to Daniel Engberg from comment #3) 1.3.26 seems to fix it: Fix check for non-portable optimizations: https://github.com/aws/s2n-tls/pull/3573/commits/763b9e0f3b40ed8f14f22e7ba11ee2d195c63272
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=8555f9dd7d0eed995d615e017cc270dff7c73f14 commit 8555f9dd7d0eed995d615e017cc270dff7c73f14 Author: Nuno Teixeira <eduardo@FreeBSD.org> AuthorDate: 2022-10-26 17:04:19 +0000 Commit: Nuno Teixeira <eduardo@FreeBSD.org> CommitDate: 2022-10-26 17:05:19 +0000 security/s2n-tls: Update to 1.3.26 ChangeLog: https://github.com/aws/s2n-tls/releases/tag/v1.3.26 PR: 267333 security/s2n-tls/Makefile | 2 +- security/s2n-tls/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
Confirmed Thanks for the followup!