On Sat, Nov 03, 2007 at 10:26:14PM +0100, Andy Polyakov wrote: > >>> [EMAIL PROTECTED]:~$ readelf -r > >>> /usr/src/openssl-0.9.8e/i686/cmov/libcrypto.so.0.9.8 > >>> [...] > >>> 0006354c 000ce102 R_386_PC32 00062630 DES_encrypt2 > >>> ... > >>> 0006bd93 000c3e02 R_386_PC32 0006b820 BF_decrypt > >>> [...] > >>> > >>> So it seems there are indeed relocations in the .text section > >> The problem appears to be Debian specific. According to diff found at > >> http://packages.qa.debian.org/o/openssl.html they remove -Bsymbolic from > >> linker command line. This option takes care of relocations in generic > >> openssl source available from ftp://ftp.openssl.org/source/. If Debian > >> insists on removing this option, then formally they are responsible for > >> resolving this relocations:-) I'm ready to listen to reasons why Debian > >> considers -Bsymbolic inappropriate, but I want to point out that our > >> goal is to target wide range of OSes, not some particular Linux > >> distribution. > > > > -Bsymbolic changes the order in which symbols are looked up so that it > > takes the one from the local library, and not the first one > > ... meaning that -Bsymbolic *ensures* that cryptographically significant > control flow is contained within the library. Symbol versioning allows > to avoid conflicts, but it does not *ensure* that internal symbol can't > be overridden and that control flow doesn't leave the library > boundaries, not in uncontrollable manner. In other words, that's the way > we like it. Even if we used symbol versioning (well, probably we should > and will at some point), we would still use -Bsymbolic.
I believe that -Bsymbolic only gives you a fall sense of security and only makes it a little harder to replace some functions, but not that much. > > -Bsymbolic has some side effects. One of them is that the dynamic linker > > needs to create a special symbol table for such libraries and makes > > symbol lookup slower. > > While not having -Bsymbolic effectively makes all calls indirect, which > negatively affects run-time performance... I would like to point out a few things: - Using -Bsymbolic adds a 1 time extra cost for every symbol looked up, so this is mostly a start up cost which you probably don't care about. - There are only a few function calls that are direct, most of the library is PIC and uses indirect calls. - Atleast one of the text relocations can be avoided and still be a direct call by making the function local instead of global. It would be great that all that are in a critical path could be avoided this way. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
