I am a FreeBSD developer and I was bitten by this bug on FreeBSD/amd64
-CURRENT as well. Probably it was silently ignored by old binutils
but it fails the same way now as Linux distros do. Most importantly,
FIPS canister built with ASM also fails as it contains aes-x86_64.o
and x86_64cpuid.o. The only way to build usable FIPS canister is
building it without ASM, i.e., "./config fipscanisterbuild no-asm &&
make".
Although the analysis seems correct (nice catch!), the actual patch
does not seem right to me, i.e., OPENSSL_ia32cap_P was NOT a pointer
on stable branches. Even for dev branches, where it IS really a
pointer, it only loaded the bottom half. Because of this problem,
the generated executable actually crashed. My patches are attached
here.
Cheers,
Jung-uk Kim
--- crypto/aes/asm/aes-x86_64.pl.orig 2010-07-26 19:00:13.000000000 -0400
+++ crypto/aes/asm/aes-x86_64.pl 2011-05-09 14:56:53.000000000 -0400
@@ -1665,7 +1665,7 @@ AES_cbc_encrypt:
lea .LAES_Td(%rip),$sbox
.Lcbc_picked_te:
- mov OPENSSL_ia32cap_P(%rip),%r10d
+ mov OPENSSL_ia32cap_P\@GOTPCREL(%rip),%r10d
cmp \$$speed_limit,%rdx
jb .Lcbc_slow_prologue
test \$15,%rdx
--- crypto/rc4/asm/rc4-x86_64.pl.orig 2010-05-13 18:00:18.000000000 -0400
+++ crypto/rc4/asm/rc4-x86_64.pl 2011-05-09 14:57:08.000000000 -0400
@@ -284,7 +284,7 @@ RC4_set_key:
xor %r10,%r10
xor %r11,%r11
- mov OPENSSL_ia32cap_P(%rip),$idx#d
+ mov OPENSSL_ia32cap_P\@GOTPCREL(%rip),$idx#d
bt \$20,$idx#d
jnc .Lw1stloop
bt \$30,$idx#d
@@ -351,7 +351,7 @@ RC4_set_key:
.align 16
RC4_options:
lea .Lopts(%rip),%rax
- mov OPENSSL_ia32cap_P(%rip),%edx
+ mov OPENSSL_ia32cap_P\@GOTPCREL(%rip),%edx
bt \$20,%edx
jnc .Ldone
add \$12,%rax
--- crypto/x86_64cpuid.pl.orig 2011-04-17 09:00:02.000000000 -0400
+++ crypto/x86_64cpuid.pl 2011-05-09 15:02:47.000000000 -0400
@@ -15,7 +15,7 @@ open STDOUT,"| $^X ${dir}perlasm/x86_64-
print<<___;
.extern OPENSSL_cpuid_setup
.section .init
- call OPENSSL_cpuid_setup
+ call OPENSSL_cpuid_setup\@PLT
.text
--- crypto/aes/asm/aes-x86_64.pl.orig 2010-07-26 19:00:13.000000000 -0400
+++ crypto/aes/asm/aes-x86_64.pl 2011-05-09 16:42:53.000000000 -0400
@@ -1665,12 +1665,12 @@ AES_cbc_encrypt:
lea .LAES_Td(%rip),$sbox
.Lcbc_picked_te:
- mov OPENSSL_ia32cap_P(%rip),%r10d
+ mov OPENSSL_ia32cap_P\@GOTPCREL(%rip),%r10
cmp \$$speed_limit,%rdx
jb .Lcbc_slow_prologue
test \$15,%rdx
jnz .Lcbc_slow_prologue
- bt \$28,%r10d
+ bt \$28,(%r10)
jc .Lcbc_slow_prologue
# allocate aligned stack frame...
--- crypto/rc4/asm/rc4-x86_64.pl.orig 2010-05-13 18:00:18.000000000 -0400
+++ crypto/rc4/asm/rc4-x86_64.pl 2011-05-09 16:46:56.000000000 -0400
@@ -284,10 +284,10 @@ RC4_set_key:
xor %r10,%r10
xor %r11,%r11
- mov OPENSSL_ia32cap_P(%rip),$idx#d
- bt \$20,$idx#d
+ mov OPENSSL_ia32cap_P\@GOTPCREL(%rip),$idx
+ bt \$20,($idx)
jnc .Lw1stloop
- bt \$30,$idx#d
+ bt \$30,($idx)
setc $ido#b
mov $ido#d,260($dat)
jmp .Lc1stloop
@@ -351,11 +351,11 @@ RC4_set_key:
.align 16
RC4_options:
lea .Lopts(%rip),%rax
- mov OPENSSL_ia32cap_P(%rip),%edx
- bt \$20,%edx
+ mov OPENSSL_ia32cap_P\@GOTPCREL(%rip),%rdx
+ bt \$20,(%rdx)
jnc .Ldone
add \$12,%rax
- bt \$30,%edx
+ bt \$30,(%rdx)
jnc .Ldone
add \$13,%rax
.Ldone:
--- crypto/x86_64cpuid.pl.orig 2011-04-17 09:00:02.000000000 -0400
+++ crypto/x86_64cpuid.pl 2011-05-09 16:22:52.000000000 -0400
@@ -15,7 +15,7 @@ open STDOUT,"| $^X ${dir}perlasm/x86_64-
print<<___;
.extern OPENSSL_cpuid_setup
.section .init
- call OPENSSL_cpuid_setup
+ call OPENSSL_cpuid_setup\@PLT
.text
