kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Avoid messing with dummy functions in delocate.go.

Browse Source 
With some optimisation settings, Clang was loading
BORINGSSL_bcm_text_hash with AVX2 instructions, which weren't getting
translated correctly. This seems to work and is less fragile.

The compiler just emits an leaq here. This is because it knows the
symbol is hidden (in the shared library sense), so it needn't go through
GOTPCREL. The assembler would have added a relocation, were the symbol
left undefined, but since we define the symbol later on, it all works
out without a relocation.

Were the symbol not hidden, the compiler would have emitted a movq by
way of GOTPCREL, but we can now translate those away anyway.

Change-Id: I442a22f4f8afaadaacbab7044f946a963ebfc46c
Reviewed-on: https://boringssl-review.googlesource.com/15384
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2017-04-21 17:23:11 -04:00 committed by Adam Langley
parent 23ebe09eab
commit f3d3cee4fe
2 changed files with 8 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
crypto/fipsmodule/bcm.c
View File

@ -77,12 +77,11 @@ static int check_test(const void *expected, const void *actual,
#ifndef OPENSSL_ASAN #ifndef OPENSSL_ASAN
/* These functions are removed by delocate.go and references to them are /* These symbols are filled in by delocate.go. They point to the start and end
* rewritten to point to the start and end of the module, and the location of * of the module, and the location of the integrity hash, respectively. */
* the integrity hash. */ extern const uint8_t BORINGSSL_bcm_text_start[];
static void BORINGSSL_bcm_text_dummy_start(void) {} extern const uint8_t BORINGSSL_bcm_text_end[];
static void BORINGSSL_bcm_text_dummy_end(void) {} extern const uint8_t BORINGSSL_bcm_text_hash[];
static void BORINGSSL_bcm_text_dummy_hash(void) {}
#endif #endif
static void BORINGSSL_bcm_power_on_self_test(void) __attribute__((constructor)); static void BORINGSSL_bcm_power_on_self_test(void) __attribute__((constructor));
@ -91,8 +90,8 @@ static void BORINGSSL_bcm_power_on_self_test(void) {
CRYPTO_library_init(); CRYPTO_library_init();
#ifndef OPENSSL_ASAN #ifndef OPENSSL_ASAN
const uint8_t *const start = (const uint8_t *)BORINGSSL_bcm_text_dummy_start; const uint8_t *const start = BORINGSSL_bcm_text_start;
const uint8_t *const end = (const uint8_t *)BORINGSSL_bcm_text_dummy_end; const uint8_t *const end = BORINGSSL_bcm_text_end;
static const uint8_t kHMACKey[32] = {0}; static const uint8_t kHMACKey[32] = {0};
uint8_t result[SHA256_DIGEST_LENGTH]; uint8_t result[SHA256_DIGEST_LENGTH];
@ -104,8 +103,7 @@ static void BORINGSSL_bcm_power_on_self_test(void) {
goto err; goto err;
} }
const uint8_t *const expected = const uint8_t *expected = BORINGSSL_bcm_text_hash;
(const uint8_t *)BORINGSSL_bcm_text_dummy_hash;
if (!check_test(expected, result, sizeof(result), "FIPS integrity test")) { if (!check_test(expected, result, sizeof(result), "FIPS integrity test")) {
goto err; goto err;

4
crypto/fipsmodule/delocate.go
View File

@ -233,10 +233,6 @@ func transform(lines []string, symbols map[string]bool) (ret []string) {
continue continue
} }
if parts[0] == "leaq" {
line = strings.Replace(line, "BORINGSSL_bcm_text_dummy_", "BORINGSSL_bcm_text_", -1)
}
target := strings.SplitN(parts[1], ",", 2)[0] target := strings.SplitN(parts[1], ",", 2)[0]
if strings.HasSuffix(target, "(%rip)") { if strings.HasSuffix(target, "(%rip)") {
target = target[:len(target)-6] target = target[:len(target)-6]