kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Avoid messing with dummy functions in delocate.go. 

With some optimisation settings, Clang was loading
BORINGSSL_bcm_text_hash with AVX2 instructions, which weren't getting
translated correctly. This seems to work and is less fragile.

The compiler just emits an leaq here. This is because it knows the
symbol is hidden (in the shared library sense), so it needn't go through
GOTPCREL. The assembler would have added a relocation, were the symbol
left undefined, but since we define the symbol later on, it all works
out without a relocation.

Were the symbol not hidden, the compiler would have emitted a movq by
way of GOTPCREL, but we can now translate those away anyway.

Change-Id: I442a22f4f8afaadaacbab7044f946a963ebfc46c
Reviewed-on: https://boringssl-review.googlesource.com/15384
Reviewed-by: Adam Langley <agl@google.com>
kris/onging/CECPQ3_patch15
David Benjamin 7 years ago
committed by Adam Langley
parent
23ebe09eab
commit
f3d3cee4fe
2 changed files with 8 additions and 14 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +8
    -10
      crypto/fipsmodule/bcm.c
  2. +0
    -4
      crypto/fipsmodule/delocate.go

+ 8
- 10
crypto/fipsmodule/bcm.c View File

@@ -77,12 +77,11 @@ static int check_test(const void *expected, const void *actual,


#ifndef OPENSSL_ASAN
/* These functions are removed by delocate.go and references to them are
* rewritten to point to the start and end of the module, and the location of
* the integrity hash. */
static void BORINGSSL_bcm_text_dummy_start(void) {}
static void BORINGSSL_bcm_text_dummy_end(void) {}
static void BORINGSSL_bcm_text_dummy_hash(void) {}
/* These symbols are filled in by delocate.go. They point to the start and end
* of the module, and the location of the integrity hash, respectively. */
extern const uint8_t BORINGSSL_bcm_text_start[];
extern const uint8_t BORINGSSL_bcm_text_end[];
extern const uint8_t BORINGSSL_bcm_text_hash[];
#endif

static void BORINGSSL_bcm_power_on_self_test(void) __attribute__((constructor));
@@ -91,8 +90,8 @@ static void BORINGSSL_bcm_power_on_self_test(void) {
CRYPTO_library_init();

#ifndef OPENSSL_ASAN
const uint8_t *const start = (const uint8_t *)BORINGSSL_bcm_text_dummy_start;
const uint8_t *const end = (const uint8_t *)BORINGSSL_bcm_text_dummy_end;
const uint8_t *const start = BORINGSSL_bcm_text_start;
const uint8_t *const end = BORINGSSL_bcm_text_end;

static const uint8_t kHMACKey[32] = {0};
uint8_t result[SHA256_DIGEST_LENGTH];
@@ -104,8 +103,7 @@ static void BORINGSSL_bcm_power_on_self_test(void) {
goto err;
}

const uint8_t *const expected =
(const uint8_t *)BORINGSSL_bcm_text_dummy_hash;
const uint8_t *expected = BORINGSSL_bcm_text_hash;

if (!check_test(expected, result, sizeof(result), "FIPS integrity test")) {
goto err;


+ 0
- 4
crypto/fipsmodule/delocate.go View File

@@ -233,10 +233,6 @@ func transform(lines []string, symbols map[string]bool) (ret []string) {
continue
}

if parts[0] == "leaq" {
line = strings.Replace(line, "BORINGSSL_bcm_text_dummy_", "BORINGSSL_bcm_text_", -1)
}

target := strings.SplitN(parts[1], ",", 2)[0]
if strings.HasSuffix(target, "(%rip)") {
target = target[:len(target)-6]


Write Preview
Loading…
Cancel
Save