[PATCH 1/2] fips: Use ELF header to find .rodata1 section

Clemens Lang cllang at redhat.com
Mon Feb 14 13:46:19 CET 2022

Hi Florian,

> On 11. Feb 2022, at 17:09, Florian Weimer <fweimer at redhat.com> wrote:
> __WORDSIZE is an internal glibc macro, not to be used outside of glibc.
> glibc's <link.h> defines ElfW as an official macro, and you could use
> ElfW(Ehdr) and ElfW(Shdr) here.

Thanks, I’ll fix that.

> The code looks at section headers.  These can be stripped.  Furthermore,
> the .rodata1 section is not really reserved for application use.
> I haven't reviewed Dmitry's OpenSSL changes (which I probably should
> do), but I'd suggest to use the same approach. 8-)

>From what I can see, it currently uses the same approach, and probably
has the same issue where the compiler could assume that the HMAC is 0
and constant-propagate that. Again, this currently works just fine with
GCC, but I don’t think it’s a good idea to rely on GCC’s unwillingness
to replace a memcmp(3) with a few assembly instructions.

Adding volatile was the simplest method I could think of to prevent that,
but you make good points that it might not be the best approach here.
I’ll try your suggestion from [1], which I guess would work because the
variable isn’t const.

The currently merged state assumes the offset in the file matches the
address at runtime. This is probably not a good assumption to make. How
would you determine the offset of a symbol in a file given its runtime
address? Find the matching program header entry that must have loaded it
and subtracting the difference between p_vaddr and p_offset?

As for stripping the section headers, GNU strip 2.37 does not seem to do
that in the default configuration, so we could just expect users that
want the FIPS selftest to not manually strip them.

 [1] https://bugzilla.redhat.com/show_bug.cgi?id=2034320

Clemens Lang
RHEL Crypto Team
Red Hat

More information about the Gcrypt-devel mailing list