[gnutls-devel] GnuTLS | wrong text relocations on i386 due to non-PIC assembly (#818)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Aug 10 14:28:02 CEST 2019




Andreas Metzler commented on a discussion: https://gitlab.com/gnutls/gnutls/issues/818#note_202264295

When openssl is built, aesni-x86.s is not generated by a simple

> CC="gcc" /usr/bin/perl ../crypto/aes/asm/aesni-x86.pl elf crypto/aes/aesni-x86.s

the respective build.info file reads
```
 GENERATE[aesni-x86.s]=asm/aesni-x86.pl \
        $(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(PROCESSOR)
```
which expands to e.g.
> CC="gcc" /usr/bin/perl ../crypto/aes/asm/aesni-x86.pl elf -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/dev/shm/GNUTLS/openssl-1.1.1c=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/lib/ssl\"" -DENGINESDIR="\"/usr/lib/i386-linux-gnu/engines-1.1\"" -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2  crypto/aes/aesni-x86.s

Playing around a little bit we find that the `-fPIC` is significant, adding/removing it triggers exactly the one-line change mentioned above. And indeed we find this in perlasm/x86asm.pl:
```perl
$pic=0;
for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); }
```

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/818#note_202264295
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190810/2d46eea2/attachment.html>


More information about the Gnutls-devel mailing list