Hello everyone,
Am 04.07.21 um 15:13 schrieb Adrian Bunk:
On Sat, Jun 26, 2021 at 08:43:22PM +0200, Christoph Biedl wrote:
...
can please somebody check the armel jitterentropy-rngd package in
testing and unstable (1.2.1-2) on various arm platforms? Things look
really weird and I have no idea how to proceed.
Initial observation: On an old Seagate Dockstar (Feroceon 88FR131, armv5tel
CPU) running Debian bullseye (buster is fine), jitterentropy-rngd ("je-r")
fails to start:
# jitterentropy-rngd
Floating point exception
Using gdb:
Program received signal SIGFPE, Arithmetic exception.
0xb6fb6810 in raise () from /lib/arm-linux-gnueabi/libpthread.so.0
(gdb) bt
#0 0xb6fb6810 in raise () from /lib/arm-linux-gnueabi/libpthread.so.0
#1 0x00404968 in __aeabi_ldiv0 ()
#2 0x00402664 in sha3_update (ctx=0xbefff55c, in=0x404b50 <msg_256> "^",
<incomplete sequence \326>,
inlen=3) at jitterentropy-base.c:567
#3 0x00402d48 in sha3_tester () at jitterentropy-base.c:658
#4 0x004038dc in jent_entropy_init () at jitterentropy-base.c:1387
#5 0x00400ffc in alloc () at jitterentropy-rngd.c:666
#6 main (argc=1, argv=0xbefff914) at jitterentropy-rngd.c:794
So this is most likely caused by
size_t partial = ctx->msg_len % ctx->r;
Surprise however: In an armel bullseye chroot on both a Cubietruck
(armhf) and Raspberry Pi 4 (arm64), je-r just runs fine.
And running a rebuilt je-r on the Dockstar yields a completely different
message:
jitterentropy-rngd - Error: The initialization of CPU Jitter RNG failed
with error code 11
Adding some debug print statements reveals this is caused from a fail in
sha3_tester, and indeed the computed hash is different. But the line
that initially caused trouble is passed.
Possibly unrelated, the gcc warnings (line number are a bit off)
jitterentropy-base.c: In function ‘sha3_tester’:
jitterentropy-base.c:311:25: warning: cast increases required alignment of
target type [-Wcast-align]
311 | struct sha_ctx *name = (struct sha_ctx *) name ## _ctx_buf
| ^
jitterentropy-base.c:649:2: note: in expansion of macro ‘HASH_CTX_ON_STACK’
649 | HASH_CTX_ON_STACK(ctx);
| ^~~~~~~~~~~~~~~~~
don't look good but I fail to understand the root cause behind this.
Applying some #pragma pack made the warnings go away, the issue
remained, though.
Any idea?
This sounds similar to other problems reported on armv5tel:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975977#44
https://bugs.debian.org/987566
I've added Bernhard to Cc, who has done most of the investigation
work on these bugs.
Christoph
cu
Adrian
I tried to do some side by side comparision.
Once with a Bullseye chroot on top of a Buster kernel (due to size limitations
of my qnap device).
And the other side one old android device with the same chroot,
but unfortunately running an android kernel, but I guess
the result might still be valid.
As far as I see the issue is with the "ldrd" instruction at sha3_update+4.
On the failing device afterwards register r5 contains 0.
On the good device the register contains the value of ctx->r.
Because of that the modulus receives a zero as divisor
and therefore raises the exception.
So if I interpret the situation right, the ldrd instruction
tries to load 8 bytes into register r4 and r5.
Is here the fault that the address to load from is not 8 byte aligned?
At least a package built with an alignment hint
like in the diff below (similar to the change from #975977),
the address to load from is now 8 byte aligned,
the register receives the expected value
and the crash did not happen.
When building the unmodified package inside the
bullseye chroot I don't get the warning you mention,
and it is also not visible in the armel build log.
Kind regards,
Bernhard
Bad: Architecture: armv5tel, Model name: Feroceon 88FR131 | Good:
Architecture: armv7l, Model name: Krait
|
(gdb) print &ctx->msg_len | (gdb) print
&ctx->msg_len
$3 = (size_t *) 0xbefffae4 | $3 =
(size_t *) 0xbefffb24
|
0x00402640 567 size_t partial = ctx->msg_len % ctx->r; | 0x7f557640
567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc | 1:
x/i $pc
=> 0x402640 <sha3_update+4>: ldrd r4, [r0, #200] ; 0xc8 | =>
0x7f557640 <sha3_update+4>: ldrd r4, [r0, #200] ; 0xc8
2: /x $r0 = 0xbefffa1c | 2:
/x $r0 = 0xbefffa5c
4: /x $r4 = 0xbefff9fc | 4:
/x $r4 = 0xbefffa3c
5: /x $r5 = 0x404a90 | 5:
/x $r5 = 0x7f559a90
(gdb) stepi |
(gdb) stepi
0x00402644 566 { |
0x7f557644 566 {
1: x/i $pc | 1:
x/i $pc
=> 0x402644 <sha3_update+8>: sub sp, sp, #20 | =>
0x7f557644 <sha3_update+8>: sub sp, sp, #20
2: /x $r0 = 0xbefffa1c | 2:
/x $r0 = 0xbefffa5c
4: /x $r4 = 0x0 | 4:
/x $r4 = 0x0
5: /x $r5 = 0x0 <<<<<<<<<<<<< | 5: /x $r5 = 0x88
<<<<<<<<<<<<<
--- jitterentropy-rngd-1.2.1.orig/jitterentropy-base.c
+++ jitterentropy-rngd-1.2.1/jitterentropy-base.c
@@ -306,7 +306,7 @@ struct sha_ctx {
/* CTX size allows any hash type up to SHA3-224 */
#define SHA_MAX_CTX_SIZE 368
#define HASH_CTX_ON_STACK(name)
\
- uint8_t name ## _ctx_buf[SHA_MAX_CTX_SIZE]; \
+ uint8_t __attribute__((aligned(8))) name ## _ctx_buf[SHA_MAX_CTX_SIZE];
\
struct sha_ctx *name = (struct sha_ctx *) name ## _ctx_buf
/*
# Buster container at Buster kernel
debootstrap --arch=armel buster
/home/bernhard/debian-mailing-list-jitterentropy-rngd/chroot-buster
http://192.168.178.25:9999/debian-10-buster-deb.debian.org
env -i TERM=xterm LANG=de_DE.UTF-8 /usr/sbin/chroot
/home/bernhard/debian-mailing-list-jitterentropy-rngd/chroot-buster /bin/su -
passwd
exit
systemd-nspawn --machine=debian-10-buster-armel
--directory=/home/bernhard/debian-mailing-list-jitterentropy-rngd/chroot-buster
--boot
/etc/inputrc
/etc/apt/sources.list.d/buster-approx.list
echo "set enable-bracketed-paste off" >> /etc/inputrc; bash
apt update
apt dist-upgrade
apt install mc gdb jitterentropy-rngd jitterentropy-rngd-dbgsym
apt build-dep jitterentropy-rngd
mkdir /root/source/jitterentropy-rngd/orig -p
cd /root/source/jitterentropy-rngd/orig
apt source jitterentropy-rngd
cd
.
# ps aux | grep jitterentropy-rngd
root 24 2.1 0.2 2064 1172 ? Rs 13:30 0:11
/usr/sbin/jitterentropy-rngd
systemctl stop jitterentropy-rngd
gdb -q --args /usr/sbin/jitterentropy-rngd
set width 0
set pagination off
directory /root/source/jitterentropy-rngd/orig/jitterentropy-rngd-1.0.8
display/i $pc
b jent_entropy_init
run
--> seems there is no sha3_tester in Buster
# Bullseye chroot at Buster kernel
debootstrap --arch=armel bullseye chroot-bullseye
http://192.168.178.25:9999/debian-11-bullseye-deb.debian.org
env -i TERM=xterm LANG=de_DE.UTF-8 /usr/sbin/chroot
/home/bernhard/debian-mailing-list-jitterentropy-rngd/chroot-bullseye /bin/su -
passwd
exit
systemd-nspawn --machine=debian-11-bullseye-armel
--directory=/home/bernhard/debian-mailing-list-jitterentropy-rngd/chroot-bullseye
--boot
Spawning container debian-11-bullseye-armel on
/home/bernhard/debian-mailing-list-jitterentropy-rngd/chroot-bullseye.
Press ^] three times within 1s to kill container.
Assertion 'clock_gettime(map_clock_id(clock_id), &ts) == 0' failed at
src/basic/time-util.c:54, function now(). Aborting.
Container debian-11-bullseye-armel terminated by signal ILL.
mount -t proc proc
/home/bernhard/debian-mailing-list-jitterentropy-rngd/chroot-bullseye/proc
env -i TERM=xterm LANG=de_DE.UTF-8 /usr/sbin/chroot
/home/bernhard/debian-mailing-list-jitterentropy-rngd/chroot-bullseye /bin/su -
/etc/inputrc
/etc/apt/sources.list.d/buster-approx.list
echo "set enable-bracketed-paste off" >> /etc/inputrc; bash
apt update
apt dist-upgrade
apt install gdb jitterentropy-rngd jitterentropy-rngd-dbgsym
apt build-dep jitterentropy-rngd
mkdir /root/source/jitterentropy-rngd/orig -p
cd /root/source/jitterentropy-rngd/orig
apt source jitterentropy-rngd
cd
.
# /usr/sbin/jitterentropy-rngd
Floating point exception
gdb -q --args /usr/sbin/jitterentropy-rngd
Reading symbols from /usr/sbin/jitterentropy-rngd...
(No debugging symbols found in /usr/sbin/jitterentropy-rngd)
(gdb) run
Starting program: /usr/sbin/jitterentropy-rngd
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabi/libthread_db.so.1".
Program received signal SIGFPE, Arithmetic exception.
raise (sig=8) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0 raise (sig=8) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00404968 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
root@qnap119:~# gdb -q --args /usr/sbin/jitterentropy-rngd
Reading symbols from /usr/sbin/jitterentropy-rngd...
Reading symbols from
/usr/lib/debug/.build-id/05/64a50270f13af65bc046578b16ac60f59205cc.debug...
(gdb) set width 0
(gdb) set pagination off
(gdb) directory /root/source/jitterentropy-rngd/orig/jitterentropy-rngd-1.2.1
Source directories searched:
/root/source/jitterentropy-rngd/orig/jitterentropy-rngd-1.2.1:$cdir:$cwd
(gdb) display/i $pc
1: x/i $pc
<error: No registers.>
(gdb) b sha3_update
Breakpoint 1 at 0x263c: file jitterentropy-base.c, line 567.
(gdb) run
Starting program: /usr/sbin/jitterentropy-rngd
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabi/libthread_db.so.1".
Breakpoint 1, sha3_update (ctx=0xbefffa1c, in=0x404b50 <msg_256> "^^\326",
inlen=3) at jitterentropy-base.c:567
567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x40263c <sha3_update>: push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
(gdb) ptype /o ctx
type = struct sha_ctx {
/* 0 | 200 */ uint64_t state[25];
/* 200 | 4 */ size_t msg_len;
/* 204 | 4 */ unsigned int r;
/* 208 | 4 */ unsigned int rword;
/* 212 | 4 */ unsigned int digestsize;
/* 216 | 136 */ uint8_t partial[136];
/* total size (bytes): 352 */
} *
(gdb) print ctx
$1 = (struct sha_ctx *) 0xbefffa1c
(gdb) print/x ctx->msg_len
$2 = 0x0
(gdb) print &ctx->msg_len
$3 = (size_t *) 0xbefffae4
(gdb) print ((unsigned int)&(ctx->msg_len)) % 2
$4 = 0
(gdb) print ((unsigned int)&(ctx->msg_len)) % 4
$5 = 0
(gdb) print ((unsigned int)&(ctx->msg_len)) % 8
$6 = 4
(gdb) print ((unsigned int)&(ctx->msg_len)) % 16
$7 = 4
(gdb) display/x $r0
2: /x $r0 = 0xbefffa1c
(gdb) display/x $r1
3: /x $r1 = 0x404b50
(gdb) display/x $r4
4: /x $r4 = 0xbefff9fc
(gdb) display/x $r5
5: /x $r5 = 0x404a90
(gdb) display/x $sp
6: /x $sp = 0xbefff9f8
(gdb) stepi
0x00402640 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x402640 <sha3_update+4>: ldrd r4, [r0, #200] ; 0xc8
2: /x $r0 = 0xbefffa1c
3: /x $r1 = 0x404b50
4: /x $r4 = 0xbefff9fc
5: /x $r5 = 0x404a90
6: /x $sp = 0xbefff9d4
(gdb) stepi
0x00402644 566 {
1: x/i $pc
=> 0x402644 <sha3_update+8>: sub sp, sp, #20
2: /x $r0 = 0xbefffa1c
3: /x $r1 = 0x404b50
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9d4
(gdb) stepi
0x00402648 566 {
1: x/i $pc
=> 0x402648 <sha3_update+12>: mov r10, r0
2: /x $r0 = 0xbefffa1c
3: /x $r1 = 0x404b50
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x0040264c 566 {
1: x/i $pc
=> 0x40264c <sha3_update+16>: mov r7, r1
2: /x $r0 = 0xbefffa1c
3: /x $r1 = 0x404b50
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x00402650 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x402650 <sha3_update+20>: mov r0, r4
2: /x $r0 = 0xbefffa1c
3: /x $r1 = 0x404b50
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x00402654 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x402654 <sha3_update+24>: mov r1, r5
2: /x $r0 = 0x0
3: /x $r1 = 0x404b50
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x00402658 566 {
1: x/i $pc
=> 0x402658 <sha3_update+28>: mov r6, r2
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x0040265c 566 {
1: x/i $pc
=> 0x40265c <sha3_update+32>: str r2, [sp, #8]
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x00402660 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x402660 <sha3_update+36>: bl 0x40493c <__aeabi_uidivmod>
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x0040493c in __aeabi_uidivmod ()
1: x/i $pc
=> 0x40493c <__aeabi_uidivmod>: cmp r1, #0
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x00404940 in __aeabi_uidivmod ()
1: x/i $pc
=> 0x404940 <__aeabi_uidivmod+4>: beq 0x404930 <__udivsi3+480>
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x00404930 in __udivsi3 ()
1: x/i $pc
=> 0x404930 <__udivsi3+480>: cmp r0, #0
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x00404934 in __udivsi3 ()
1: x/i $pc
=> 0x404934 <__udivsi3+484>: mvnne r0, #0
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x00404938 in __udivsi3 ()
1: x/i $pc
=> 0x404938 <__udivsi3+488>: b 0x40495c <__aeabi_ldiv0>
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x0040495c in __aeabi_ldiv0 ()
1: x/i $pc
=> 0x40495c <__aeabi_ldiv0>: push {r1, lr}
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9c0
(gdb) stepi
0x00404960 in __aeabi_ldiv0 ()
1: x/i $pc
=> 0x404960 <__aeabi_ldiv0+4>: mov r0, #8
2: /x $r0 = 0x0
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9b8
(gdb) stepi
0x00404964 in __aeabi_ldiv0 ()
1: x/i $pc
=> 0x404964 <__aeabi_ldiv0+8>: bl 0x400bf0 <raise@plt>
2: /x $r0 = 0x8
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9b8
(gdb) stepi
0x00400bf0 in raise@plt ()
1: x/i $pc
=> 0x400bf0 <raise@plt>: add r12, pc, #0, 12
2: /x $r0 = 0x8
3: /x $r1 = 0x0
4: /x $r4 = 0x0
5: /x $r5 = 0x0
6: /x $sp = 0xbefff9b8
(gdb)
gdb -q --args /usr/sbin/jitterentropy-rngd
set width 0
set pagination off
directory /root/source/jitterentropy-rngd/orig/jitterentropy-rngd-1.2.1
display/i $pc
b sha3_update
run
ptype /o ctx
print ctx
print/x ctx->msg_len
print &ctx->msg_len
print ((unsigned int)&(ctx->msg_len)) % 2
print ((unsigned int)&(ctx->msg_len)) % 4
print ((unsigned int)&(ctx->msg_len)) % 8
print ((unsigned int)&(ctx->msg_len)) % 16
display/x $r0
display/x $r1
display/x $r4
display/x $r5
display/x $sp
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
stepi
# The same Bullseye chroot moved to a armv7l android/lineageos device
# uname -a
Linux localhost 3.4.113-g2fff5b1955c0 #1 SMP PREEMPT Sun Mar 8 06:23:52 CST
2020 armv7l
find / -iname "debian-mailing-list-jitterentropy-rngd" 2>&1 | grep -v "Invalid
argument|No such file or directory"
# /mnt/runtime/full/emulated/0/debian-mailing-list-jitterentropy-rngd
# /mnt/runtime/write/emulated/0/debian-mailing-list-jitterentropy-rngd
# /mnt/runtime/read/emulated/0/debian-mailing-list-jitterentropy-rngd
# /mnt/runtime/default/emulated/0/debian-mailing-list-jitterentropy-rngd
# /storage/emulated/0/debian-mailing-list-jitterentropy-rngd
/data/media/0/debian-mailing-list-jitterentropy-rngd
/sbin/.magisk/mirror/data/media/0/debian-mailing-list-jitterentropy-rngd
cd /data/media/0/debian-mailing-list-jitterentropy-rngd
tar -zxf chroot-bullseye.tar.gz
mount -t proc proc
/data/media/0/debian-mailing-list-jitterentropy-rngd/chroot-bullseye/proc
mount -t sysfs sysfs
/data/media/0/debian-mailing-list-jitterentropy-rngd/chroot-bullseye/sys
env -i TERM=xterm LANG=de_DE.UTF-8 /system/bin/chroot
/data/media/0/debian-mailing-list-jitterentropy-rngd/chroot-bullseye /bin/su -
root
adduser benutzer
groupadd -g 3001 aid_net_bt_admin
groupadd -g 3002 aid_net_bt
groupadd -g 3003 aid_inet
groupadd -g 3004 aid_net_raw
groupadd -g 3005 aid_net_admin
groupadd -g 3006 aid_net_bw_stats
groupadd -g 3007 aid_net_bw_acct
groupadd -g 3008 aid_net_bt_stack
usermod -G 3003,3004 -a root
usermod -G 3003 -a benutzer
usermod -g 3003 -G 3003,3004 -a _apt
root@localhost:~# gdb -q --args /usr/sbin/jitterentropy-rngd
Reading symbols from /usr/sbin/jitterentropy-rngd...
Reading symbols from
/usr/lib/debug/.build-id/05/64a50270f13af65bc046578b16ac60f59205cc.debug...
(gdb) set width 0
(gdb) set pagination off
(gdb) directory /root/source/jitterentropy-rngd/orig/jitterentropy-rngd-1.2.1
Source directories searched:
/root/source/jitterentropy-rngd/orig/jitterentropy-rngd-1.2.1:$cdir:$cwd/i
(gdb) display/i $pc
1: x/i $pc
<error: No registers.>
(gdb) b sha3_update
Breakpoint 1 at 0x263c: file jitterentropy-base.c, line 567.
(gdb) run
Starting program: /usr/sbin/jitterentropy-rngd
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabi/libthread_db.so.1".
Breakpoint 1, sha3_update (ctx=0xbefffa5c, in=0x7f559b50 <msg_256> "^^\326",
inlen=3) at jitterentropy-base.c:567
567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x7f55763c <sha3_update>: push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
(gdb) ptype /o ctx
type = struct sha_ctx {
/* 0 | 200 */ uint64_t state[25];
/* 200 | 4 */ size_t msg_len;
/* 204 | 4 */ unsigned int r;
/* 208 | 4 */ unsigned int rword;
/* 212 | 4 */ unsigned int digestsize;
/* 216 | 136 */ uint8_t partial[136];
/* total size (bytes): 352 */
} *
(gdb) print ctx
$1 = (struct sha_ctx *) 0xbefffa5c
(gdb) print/x ctx->msg_len
$2 = 0x0
(gdb) print &ctx->msg_len
$3 = (size_t *) 0xbefffb24
(gdb) print ((unsigned int)&(ctx->msg_len)) % 2
$4 = 0
(gdb) print ((unsigned int)&(ctx->msg_len)) % 4
$5 = 0
(gdb) print ((unsigned int)&(ctx->msg_len)) % 8
$6 = 4
(gdb) print ((unsigned int)&(ctx->msg_len)) % 16
$7 = 4
(gdb) display/x $r0
2: /x $r0 = 0xbefffa5c
(gdb) display/x $r1
3: /x $r1 = 0x7f559b50
(gdb) display/x $r4
4: /x $r4 = 0xbefffa3c
(gdb) display/x $r5
5: /x $r5 = 0x7f559a90
(gdb) display/x $sp
6: /x $sp = 0xbefffa38
(gdb) stepi
0x7f557640 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x7f557640 <sha3_update+4>: ldrd r4, [r0, #200] ; 0xc8
2: /x $r0 = 0xbefffa5c
3: /x $r1 = 0x7f559b50
4: /x $r4 = 0xbefffa3c
5: /x $r5 = 0x7f559a90
6: /x $sp = 0xbefffa14
(gdb) stepi
0x7f557644 566 {
1: x/i $pc
=> 0x7f557644 <sha3_update+8>: sub sp, sp, #20
2: /x $r0 = 0xbefffa5c
3: /x $r1 = 0x7f559b50
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa14
(gdb) stepi
0x7f557648 566 {
1: x/i $pc
=> 0x7f557648 <sha3_update+12>: mov r10, r0
2: /x $r0 = 0xbefffa5c
3: /x $r1 = 0x7f559b50
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f55764c 566 {
1: x/i $pc
=> 0x7f55764c <sha3_update+16>: mov r7, r1
2: /x $r0 = 0xbefffa5c
3: /x $r1 = 0x7f559b50
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f557650 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x7f557650 <sha3_update+20>: mov r0, r4
2: /x $r0 = 0xbefffa5c
3: /x $r1 = 0x7f559b50
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f557654 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x7f557654 <sha3_update+24>: mov r1, r5
2: /x $r0 = 0x0
3: /x $r1 = 0x7f559b50
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f557658 566 {
1: x/i $pc
=> 0x7f557658 <sha3_update+28>: mov r6, r2
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f55765c 566 {
1: x/i $pc
=> 0x7f55765c <sha3_update+32>: str r2, [sp, #8]
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f557660 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
=> 0x7f557660 <sha3_update+36>: bl 0x7f55993c <__aeabi_uidivmod>
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f55993c in __aeabi_uidivmod ()
1: x/i $pc
=> 0x7f55993c <__aeabi_uidivmod>: cmp r1, #0
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f559940 in __aeabi_uidivmod ()
1: x/i $pc
=> 0x7f559940 <__aeabi_uidivmod+4>: beq 0x7f559930 <__udivsi3+480>
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f559944 in __aeabi_uidivmod ()
1: x/i $pc
=> 0x7f559944 <__aeabi_uidivmod+8>: push {r0, r1, lr}
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefffa00
(gdb) stepi
0x7f559948 in __aeabi_uidivmod ()
1: x/i $pc
=> 0x7f559948 <__aeabi_uidivmod+12>: bl 0x7f559750 <__udivsi3>
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefff9f4
(gdb) stepi
0x7f559750 in __udivsi3 ()
1: x/i $pc
=> 0x7f559750 <__udivsi3>: subs r2, r1, #1
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefff9f4
(gdb) stepi
0x7f559754 in __udivsi3 ()
1: x/i $pc
=> 0x7f559754 <__udivsi3+4>: bxeq lr
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefff9f4
(gdb) stepi
0x7f559758 in __udivsi3 ()
1: x/i $pc
=> 0x7f559758 <__udivsi3+8>: bcc 0x7f559930 <__udivsi3+480>
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefff9f4
(gdb) stepi
0x7f55975c in __udivsi3 ()
1: x/i $pc
=> 0x7f55975c <__udivsi3+12>: cmp r0, r1
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefff9f4
(gdb) stepi
0x7f559760 in __udivsi3 ()
1: x/i $pc
=> 0x7f559760 <__udivsi3+16>: bls 0x7f559914 <__udivsi3+452>
2: /x $r0 = 0x0
3: /x $r1 = 0x88
4: /x $r4 = 0x0
5: /x $r5 = 0x88
6: /x $sp = 0xbefff9f4
(gdb)
|
Bad: Architecture: armv5tel, Model name: Feroceon 88FR131
| Good: Architecture: armv7l, Model name: Krait
|
567 size_t partial = ctx->msg_len % ctx->r;
| 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
| 1: x/i $pc
=> 0x40263c <sha3_update>: push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
| => 0x7f55763c <sha3_update>: push {r4, r5, r6, r7, r8, r9, r10, r11, lr}
(gdb) print/x ctx->msg_len
| (gdb) print/x ctx->msg_len
$1 = 0x0
| $1 = 0x0
(gdb) print/x ctx->r
| (gdb) print/x ctx->r
$2 = 0x88
| $2 = 0x88
(gdb) display/x $r1
| (gdb) display/x $r1
2: /x $r1 = 0x404b50
| 2: /x $r1 = 0x7f559b50
(gdb) display/x $r5
| (gdb) display/x $r5
3: /x $r5 = 0x404a90
| 3: /x $r5 = 0x7f559a90
(gdb) display/x $sp
| (gdb) display/x $sp
4: /x $sp = 0xbefffa28
| 4: /x $sp = 0xbefffa38
(gdb) stepi
| (gdb) stepi
0x00402640 567 size_t partial = ctx->msg_len % ctx->r;
| 0x7f557640 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
| 1: x/i $pc
=> 0x402640 <sha3_update+4>: ldrd r4, [r0, #200] ; 0xc8
| => 0x7f557640 <sha3_update+4>: ldrd r4, [r0, #200] ; 0xc8
2: /x $r1 = 0x404b50
| 2: /x $r1 = 0x7f559b50
3: /x $r5 = 0x404a90
| 3: /x $r5 = 0x7f559a90
4: /x $sp = 0xbefffa04
| 4: /x $sp = 0xbefffa14
(gdb) stepi
| (gdb) stepi
0x00402644 566 {
| 0x7f557644 566 {
1: x/i $pc
| 1: x/i $pc
=> 0x402644 <sha3_update+8>: sub sp, sp, #20
| => 0x7f557644 <sha3_update+8>: sub sp, sp, #20
2: /x $r1 = 0x404b50
| 2: /x $r1 = 0x7f559b50
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefffa04
| 4: /x $sp = 0xbefffa14
(gdb) stepi
| (gdb) stepi
0x00402648 566 {
| 0x7f557648 566 {
1: x/i $pc
| 1: x/i $pc
=> 0x402648 <sha3_update+12>: mov r10, r0
| => 0x7f557648 <sha3_update+12>: mov r10, r0
2: /x $r1 = 0x404b50
| 2: /x $r1 = 0x7f559b50
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x0040264c 566 {
| 0x7f55764c 566 {
1: x/i $pc
| 1: x/i $pc
=> 0x40264c <sha3_update+16>: mov r7, r1
| => 0x7f55764c <sha3_update+16>: mov r7, r1
2: /x $r1 = 0x404b50
| 2: /x $r1 = 0x7f559b50
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x00402650 567 size_t partial = ctx->msg_len % ctx->r;
| 0x7f557650 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
| 1: x/i $pc
=> 0x402650 <sha3_update+20>: mov r0, r4
| => 0x7f557650 <sha3_update+20>: mov r0, r4
2: /x $r1 = 0x404b50
| 2: /x $r1 = 0x7f559b50
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x00402654 567 size_t partial = ctx->msg_len % ctx->r;
| 0x7f557654 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
| 1: x/i $pc
=> 0x402654 <sha3_update+24>: mov r1, r5
| => 0x7f557654 <sha3_update+24>: mov r1, r5
2: /x $r1 = 0x404b50
| 2: /x $r1 = 0x7f559b50
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x00402658 566 {
| 0x7f557658 566 {
1: x/i $pc
| 1: x/i $pc
=> 0x402658 <sha3_update+28>: mov r6, r2
| => 0x7f557658 <sha3_update+28>: mov r6, r2
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x0040265c 566 {
| 0x7f55765c 566 {
1: x/i $pc
| 1: x/i $pc
=> 0x40265c <sha3_update+32>: str r2, [sp, #8]
| => 0x7f55765c <sha3_update+32>: str r2, [sp, #8]
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x00402660 567 size_t partial = ctx->msg_len % ctx->r;
| 0x7f557660 567 size_t partial = ctx->msg_len % ctx->r;
1: x/i $pc
| 1: x/i $pc
=> 0x402660 <sha3_update+36>: bl 0x40493c <__aeabi_uidivmod>
| => 0x7f557660 <sha3_update+36>: bl 0x7f55993c <__aeabi_uidivmod>
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x0040493c in __aeabi_uidivmod ()
| 0x7f55993c in __aeabi_uidivmod ()
1: x/i $pc
| 1: x/i $pc
=> 0x40493c <__aeabi_uidivmod>: cmp r1, #0
| => 0x7f55993c <__aeabi_uidivmod>: cmp r1, #0
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x00404940 in __aeabi_uidivmod ()
| 0x7f559940 in __aeabi_uidivmod ()
1: x/i $pc
| 1: x/i $pc
=> 0x404940 <__aeabi_uidivmod+4>: beq 0x404930 <__udivsi3+480>
| => 0x7f559940 <__aeabi_uidivmod+4>: beq 0x7f559930 <__udivsi3+480>
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x00404930 in __udivsi3 ()
| 0x7f559944 in __aeabi_uidivmod ()
1: x/i $pc
| 1: x/i $pc
=> 0x404930 <__udivsi3+480>: cmp r0, #0
| => 0x7f559944 <__aeabi_uidivmod+8>: push {r0, r1, lr}
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefffa00
(gdb) stepi
| (gdb) stepi
0x00404934 in __udivsi3 ()
| 0x7f559948 in __aeabi_uidivmod ()
1: x/i $pc
| 1: x/i $pc
=> 0x404934 <__udivsi3+484>: mvnne r0, #0
| => 0x7f559948 <__aeabi_uidivmod+12>: bl 0x7f559750 <__udivsi3>
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefff9f4
(gdb) stepi
| (gdb) stepi
0x00404938 in __udivsi3 ()
| 0x7f559750 in __udivsi3 ()
1: x/i $pc
| 1: x/i $pc
=> 0x404938 <__udivsi3+488>: b 0x40495c <__aeabi_ldiv0>
| => 0x7f559750 <__udivsi3>: subs r2, r1, #1
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefff9f4
(gdb) stepi
| (gdb) stepi
0x0040495c in __aeabi_ldiv0 ()
| 0x7f559754 in __udivsi3 ()
1: x/i $pc
| 1: x/i $pc
=> 0x40495c <__aeabi_ldiv0>: push {r1, lr}
| => 0x7f559754 <__udivsi3+4>: bxeq lr
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9f0
| 4: /x $sp = 0xbefff9f4
(gdb) stepi
| (gdb) stepi
0x00404960 in __aeabi_ldiv0 ()
| 0x7f559758 in __udivsi3 ()
1: x/i $pc
| 1: x/i $pc
=> 0x404960 <__aeabi_ldiv0+4>: mov r0, #8
| => 0x7f559758 <__udivsi3+8>: bcc 0x7f559930 <__udivsi3+480>
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9e8
| 4: /x $sp = 0xbefff9f4
(gdb) stepi
| (gdb) stepi
0x00404964 in __aeabi_ldiv0 ()
| 0x7f55975c in __udivsi3 ()
1: x/i $pc
| 1: x/i $pc
=> 0x404964 <__aeabi_ldiv0+8>: bl 0x400bf0 <raise@plt>
| => 0x7f55975c <__udivsi3+12>: cmp r0, r1
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9e8
| 4: /x $sp = 0xbefff9f4
(gdb) stepi
| (gdb) stepi
0x00400bf0 in raise@plt ()
| 0x7f559760 in __udivsi3 ()
1: x/i $pc
| 1: x/i $pc
=> 0x400bf0 <raise@plt>: add r12, pc, #0, 12
| => 0x7f559760 <__udivsi3+16>: bls 0x7f559914 <__udivsi3+452>
2: /x $r1 = 0x0
| 2: /x $r1 = 0x88
3: /x $r5 = 0x0
| 3: /x $r5 = 0x88
4: /x $sp = 0xbefff9e8
| 4: /x $sp = 0xbefff9f4
--- jitterentropy-rngd-1.2.1.orig/jitterentropy-base.c
+++ jitterentropy-rngd-1.2.1/jitterentropy-base.c
@@ -306,7 +306,7 @@ struct sha_ctx {
/* CTX size allows any hash type up to SHA3-224 */
#define SHA_MAX_CTX_SIZE 368
#define HASH_CTX_ON_STACK(name)
\
- uint8_t name ## _ctx_buf[SHA_MAX_CTX_SIZE]; \
+ uint8_t __attribute__((aligned(8))) name ## _ctx_buf[SHA_MAX_CTX_SIZE];
\
struct sha_ctx *name = (struct sha_ctx *) name ## _ctx_buf
/*