From: Mathias Krause <minipli@grsecurity.net>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: [PATCH 0/2] wireguard-linux-compat: grsecurity compat patches
Date: Mon, 6 Dec 2021 19:18:34 +0100 [thread overview]
Message-ID: <1ef9bbf4-b8f8-18df-3c80-3181c2b5b9c5@grsecurity.net> (raw)
In-Reply-To: <CAHmME9opYoaoSTHud9sF4BOFBPS=NVYPJSGQr37bxNai26MGFg@mail.gmail.com>
Hi Jason,
Am 06.12.21 um 17:27 schrieb Jason A. Donenfeld:
> Oh, you're right about recent gcc. That actually _is_ intended, yet
> they still fail. It would seem, then, that the problem is not so much
> gcc version as it is some kernel patch that never made it to these
> ancient kernels.
actually, it's the i/o constraints, they're wrong. 'out' is an input
operand but we specify it as an output one. Now this works when gcc
respects the "+" constraint, as in marking this operand as being read
and written, thereby implicitly requiring it to be initialized. But
looks like older gcc ignore that (at least when using alternatives) and
make the asm work on a stale 'out' operand, resulting in the selftest
failures and crashes you've seen.
The following change fixes it by putting 'out' to the input operand
list, where it really belongs to:
diff --git a/src/crypto/zinc/curve25519/curve25519-x86_64.c
b/src/crypto/zinc/curve25519/curve25519-x86_64.c
index 67f55affcf88..f26ed5d897ac 100644
--- a/src/crypto/zinc/curve25519/curve25519-x86_64.c
+++ b/src/crypto/zinc/curve25519/curve25519-x86_64.c
@@ -581,8 +581,8 @@ static inline void fsqr(u64 *out, const u64 *f, u64
*tmp)
" cmovc %%rdx, %%rax;"
" add %%rax, %%r8;"
" movq %%r8, 0(%0);"
- : "+&r,&r" (tmp), "+&r,&r" (f), "+&r,m" (out)
- :
+ : "+&r,&r" (tmp), "+&r,&r" (f)
+ : "r,m" (out)
: "%rax", "%rcx", "%rdx", "%r8", "%r9", "%r10", "%r11", "%rbx",
"%r13", "%r14", "%r15", "memory", "cc"
);
}
@@ -743,8 +743,8 @@ static inline void fsqr2(u64 *out, const u64 *f, u64
*tmp)
" cmovc %%rdx, %%rax;"
" add %%rax, %%r8;"
" movq %%r8, 32(%0);"
- : "+&r,&r" (tmp), "+&r,&r" (f), "+&r,m" (out)
- :
+ : "+&r,&r" (tmp), "+&r,&r" (f)
+ : "r,m" (out)
: "%rax", "%rcx", "%rdx", "%r8", "%r9", "%r10", "%r11", "%rbx",
"%r13", "%r14", "%r15", "memory", "cc"
);
}
We still need the early clobber constraint ("&") for 'tmp' and 'f' as
they are, in fact, written to early. But 'out' is only ever read, so can
be a normal input operand.
I'll create a proper patch and send it out tomorrow, if you don't beat
me to.
Thanks,
Mathias
next prev parent reply other threads:[~2021-12-06 18:19 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-06 13:27 Mathias Krause
2021-07-06 13:27 ` [PATCH 1/2] compat: better grsecurity compatibility Mathias Krause
2021-07-06 13:27 ` [PATCH 2/2] curve25519-x86_64: solve register constraints with reserved registers Mathias Krause
2021-08-08 20:53 ` [PATCH 0/2] wireguard-linux-compat: grsecurity compat patches Jason A. Donenfeld
2021-08-09 10:13 ` Mathias Krause
2021-12-03 22:20 ` Jason A. Donenfeld
2021-12-03 22:25 ` Jason A. Donenfeld
2021-12-06 14:04 ` Mathias Krause
2021-12-06 14:48 ` Jason A. Donenfeld
2021-12-06 16:24 ` Mathias Krause
2021-12-06 16:27 ` Jason A. Donenfeld
2021-12-06 18:18 ` Mathias Krause [this message]
2021-12-06 18:55 ` Jason A. Donenfeld
2021-12-06 19:28 ` Jason A. Donenfeld
2021-12-06 20:54 ` Mathias Krause
2021-12-08 14:56 ` Jason A. Donenfeld
2021-12-06 21:00 ` Mathias Krause
2021-12-08 14:56 ` Jason A. Donenfeld
2021-12-09 7:59 ` Mathias Krause
2021-12-10 22:36 ` Jason A. Donenfeld
2021-12-10 22:58 ` Jason A. Donenfeld
2021-12-11 16:35 ` Aymeric Fromherz
2021-12-12 21:43 ` Jason A. Donenfeld
2021-12-13 7:54 ` Mathias Krause
2021-12-13 11:36 ` Jason A. Donenfeld
2021-12-13 16:29 ` Jason A. Donenfeld
2021-12-13 16:46 ` Mathias Krause
2021-12-13 7:44 ` Mathias Krause
2021-12-13 14:20 ` Aymeric Fromherz
2021-12-13 14:33 ` Mathias Krause
2021-12-13 14:37 ` Jason A. Donenfeld
2021-12-13 16:32 ` Mathias Krause
2021-12-13 16:33 ` Jason A. Donenfeld
2021-12-13 16:39 ` Mathias Krause
2021-12-13 16:53 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1ef9bbf4-b8f8-18df-3c80-3181c2b5b9c5@grsecurity.net \
--to=minipli@grsecurity.net \
--cc=Jason@zx2c4.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).