PIC, alignment problems with libcrypt on armv7

Michael Plass mfpnb at plass-family.net
Wed Jun 29 19:44:34 CEST 2016 

I recently tracked down a couple of problems with libcrypt-1.7.1 in the
context of netbsd pkgsrc on raspberry pi 2 (armv7).

The details are covered in this thread:

http://mail-index.netbsd.org/tech-pkg/2016/06/29/msg017059.html

The first problem is a non-PIC reference in cipher/poly1305-armv7-neon.S
that prevents the library from being loaded when using ASLR:

==============================
commit 9bf37f803059304b1f46747953ef8e961c7e643b
Author: Michael Plass <mfpnb at plass-family.net>
Date:   Wed Jun 29 10:15:16 2016 -0700

    Remove a non-PIC reference in armv7 poly1305.

diff --git a/cipher/poly1305-armv7-neon.S b/cipher/poly1305-armv7-neon.S
index 1134e85..e2727bd 100644
--- a/cipher/poly1305-armv7-neon.S
+++ b/cipher/poly1305-armv7-neon.S
@@ -52,7 +52,7 @@ _gcry_poly1305_armv7_neon_init_ext:
        and r2, r2, r2
        moveq r14, #-1
        ldmia r1!, {r2-r5}
-       ldr r7, =.Lpoly1305_init_constants_neon
+       adr r7, .Lpoly1305_init_constants_neon
        mov r6, r2
        mov r8, r2, lsr #26
        mov r9, r3, lsr #20
==============================

The second problem showed up as a bus error running tests/basic.
The problem is that ldm/stm don't deal with unaligned accesses even
on armv7 (see http://www.heyrick.co.uk/armwiki/Unaligned_data_access).
My workaround is to undef the gcc-defined feature symbol, but a better
fix would be to strip out the conditional guards, since the alignment
adjustments are needed on all versions.
==============================
commit 68c3274900ea129099f04892d32ccbb061ff6a72
Author: Michael Plass <mfpnb at plass-family.net>
Date:   Wed Jun 29 10:27:55 2016 -0700

    Avoid doing unaligned ldm/stm even on armv7 - it does not work.

diff --git a/cipher/rijndael-arm.S b/cipher/rijndael-arm.S
index 694369d..34a9acc 100644
--- a/cipher/rijndael-arm.S
+++ b/cipher/rijndael-arm.S
@@ -19,6 +19,7 @@
  */
 
 #include <config.h>
+#undef __ARM_FEATURE_UNALIGNED
 
 #if defined(__ARMEL__)
 #ifdef HAVE_COMPATIBLE_GCC_ARM_PLATFORM_AS
==============================

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20160629/05f0e7c4/attachment-0001.html>

More information about the Gcrypt-devel mailing list