When trying to produce a port for deltachat-rpc-server 2.53.0, I
stumbled on a problem with the aws_lc_rc crate which is used for TLS.
The port builds two executables deltachat-rpc-server and deltachat-repl
which reliably crash when making a TLS connection:
Thread 2 "tokio-rt-worker" received signal SIGSEGV, Segmentation fault.
0x... in aws_lc_0_41_0_curve25519_x25519base ()
I suspect this is similar to the exec-only violations which were
encountered with the ring-0.16 crate, where key algorithms making use of
assembly-language code are attempting to read from an executable-only
region, /usr/local mounted with wxallowed. This led to the making of the
security/rust-ring port maintained by tb@.
I managed to patch deltachat-rpc-server to use ring-0.17 instead of
aws_lc_rs, and this now connects reliably with TLS. I will continue to
test.
Further details I hope are useful and don't get email-mangled too much:
Thread 2 "tokio-rt-worker" received signal SIGSEGV, Segmentation fault.
[Switching to thread 545152 of process 63390]
0x000007098249f9d3 in aws_lc_0_41_0_curve25519_x25519base ()
(gdb) x/i $pc
=> 0x7098249f9d3 <aws_lc_0_41_0_curve25519_x25519base+95>: mov
(%r10),%rax
$ objdump -t /usr/local/bin/deltachat-repl | \
> grep x25519base_edwards25519_0g
0000000002c827ef l .text 0000000000000000
Lcurve25519_x25519base_edwards25519_0g
(gdb) disas /r aws_lc_0_41_0_curve25519_x25519base,+200
Dump of assembler code from 0x7098249f974 to 0x7098249fa3c:
0x000007098249f974 <aws_lc_0_41_0_curve25519_x25519base+0>:
f3 0f 1e fa endbr64
0x000007098249f978 <aws_lc_0_41_0_curve25519_x25519base+4>:
53 push %rbx
0x000007098249f979 <aws_lc_0_41_0_curve25519_x25519base+5>:
55 push %rbp
0x000007098249f97a <aws_lc_0_41_0_curve25519_x25519base+6>:
41 54 push %r12
0x000007098249f97c <aws_lc_0_41_0_curve25519_x25519base+8>:
41 55 push %r13
0x000007098249f97e <aws_lc_0_41_0_curve25519_x25519base+10>:
41 56 push %r14
0x000007098249f980 <aws_lc_0_41_0_curve25519_x25519base+12>:
41 57 push %r15
0x000007098249f982 <aws_lc_0_41_0_curve25519_x25519base+14>:
48 81 ec e8 01 00 00 sub $0x1e8,%rsp
0x000007098249f989 <aws_lc_0_41_0_curve25519_x25519base+21>:
48 89 bc 24 c0 01 00 00 mov %rdi,0x1c0(%rsp)
0x000007098249f991 <aws_lc_0_41_0_curve25519_x25519base+29>:
48 8b 06 mov (%rsi),%rax
0x000007098249f994 <aws_lc_0_41_0_curve25519_x25519base+32>:
48 89 04 24 mov %rax,(%rsp)
0x000007098249f998 <aws_lc_0_41_0_curve25519_x25519base+36>:
48 8b 46 08 mov 0x8(%rsi),%rax
0x000007098249f99c <aws_lc_0_41_0_curve25519_x25519base+40>:
48 89 44 24 08 mov %rax,0x8(%rsp)
0x000007098249f9a1 <aws_lc_0_41_0_curve25519_x25519base+45>:
48 8b 46 10 mov 0x10(%rsi),%rax
0x000007098249f9a5 <aws_lc_0_41_0_curve25519_x25519base+49>:
48 89 44 24 10 mov %rax,0x10(%rsp)
0x000007098249f9aa <aws_lc_0_41_0_curve25519_x25519base+54>:
48 b8 ff ff ff ff ff ff ff 3f movabs $0x3fffffffffffffff,%rax
0x000007098249f9b4 <aws_lc_0_41_0_curve25519_x25519base+64>:
48 23 46 18 and 0x18(%rsi),%rax
0x000007098249f9b8 <aws_lc_0_41_0_curve25519_x25519base+68>:
48 89 44 24 18 mov %rax,0x18(%rsp)
0x000007098249f9bd <aws_lc_0_41_0_curve25519_x25519base+73>:
48 8b 04 24 mov (%rsp),%rax
0x000007098249f9c1 <aws_lc_0_41_0_curve25519_x25519base+77>:
48 83 e0 08 and $0x8,%rax
0x000007098249f9c5 <aws_lc_0_41_0_curve25519_Thread 2
"tokio-rt-worker" received signal SIGSEGV, Segmentation fault.
[Switching to thread 460650 of process 4252]
0x00000afc2b6a69d3 in aws_lc_0_41_0_curve25519_x25519base ()
(gdb) bt
#0 0x00000afc2b6a69d3 in aws_lc_0_41_0_curve25519_x25519base ()
#1 0x00000afc2b54025d in aws_lc_0_41_0_X25519_keypair ()
#2 0x00000afc2b521bbe in pkey_x25519_keygen ()
#3 0x00000afc2b55ab8c in aws_lc_0_41_0_EVP_PKEY_keygen ()
#4 0x00000afc2b51350a in aws_lc_rs::evp_pkey::<impl
aws_lc_rs::ptr::ManagedPointer<*mut
aws_lc_sys::universal_crypto::evp_pkey_st>>::generate ()
#5 0x00000afc2b4fc570 in aws_lc_rs::agreement::PrivateKey::generate ()
#6 0x00000afc2b4f8e99 in <rustls::crypto::aws_lc_rs::kx::KxGroup as
rustls::crypto::SupportedKxGroup>::start ()
#7 0x00000afc2b46929c in rustls::client::client_conn::<impl
rustls::conn::ConnectionCore<rustlsn::ClientConnectionData>>::for_client ()
#8 0x00000afc2b4be0d4 in
rustls::client::client_conn::connection::ClientConnection::new_with_al
#9 0x00000afc299b73bd in
tokio_rustls::client::TlsConnector::connect_impl ()
#10 0x00000afc29db21a4 in deltachat::net::tls::wrap_tls::{{closure}} ()
#11 0x00000afc29e39155 in
deltachat::imap::client::Client::connection_attempt::{{closure}} ()
#12 0x00000afc29cdc4ee in tokio::runtime::task::core::Core<T,S>::poll ()
#13 0x00000afc29ae84d7 in
tokio::runtime::task::harness::Harness<T,S>::poll ()
#14 0x00000afc2bcc0984 in
tokio::runtime::scheduler::multi_thread::worker::Context::run_task ()
#15 0x00000afc2bcbfce0 in
tokio::runtime::scheduler::multi_thread::worker::Context::run ()
#16 0x00000afc2bc9a51d in tokio::runtime::context::scoped::Scoped<T>::set ()
#17 0x00000afc2bcbe23f in
tokio::runtime::scheduler::multi_thread::worker::run ()
#18 0x00000afc29cd8555 in tokio::runtime::task::core::Core<T,S>::poll ()
#19 0x00000afc29ab2c71 in
tokio::runtime::task::harness::Harness<T,S>::poll ()
#20 0x00000afc2bcaecb4 in tokio::runtime::blocking::pool::Inner::run ()
#21 0x00000afc2bc93bb3 in
std::sys::backtrace::__rust_begin_short_backtrace ()
#22 0x00000afc2bc9cdd6 in
core::ops::function::FnOnce::call_once{{vtable.shim}} ()
#23 0x00000afc2be53be0 in
std::sys::thread::unix::Thread::new::thread_start ()
#24 0x00000afe4275c132 in _rthread_start (v=0x0) at
/usr/src/lib/librthread/rthread.c:99
#25 0x00000aff0c479aaa in __tfork_thread () at
/usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:8
x25519base+81>: 4c 8d 15 23 2e 00 00 lea 0x2e23(%rip),%r10
# 0x709824a27ef <Lcurve25519_x25519base_edwards25519_0g>
0x000007098249f9cc <aws_lc_0_41_0_curve25519_x25519base+88>:
4c 8d 1d 7c 2e 00 00 lea 0x2e7c(%rip),%r11 # 0x709824a284f
<Lcurve25519_x25519base_edwards25519_8g>
=> 0x000007098249f9d3 <aws_lc_0_41_0_curve25519_x25519base+95>: 49
8b 02 mov (%r10),%rax
0x000007098249f9d6 <aws_lc_0_41_0_curve25519_x25519base+98>:
49 8b 0b mov (%r11),%rcx
0x000007098249f9d9 <aws_lc_0_41_0_curve25519_x25519base+101>:
48 0f 45 c1 cmovne %rcx,%rax
0x000007098249f9dd <aws_lc_0_41_0_curve25519_x25519base+105>:
48 89 84 24 80 00 00 00 mov %rax,0x80(%rsp)
0x000007098249f9e5 <aws_lc_0_41_0_curve25519_x25519base+113>:
49 8b 42 08 mov 0x8(%r10),%rax
0x000007098249f9e9 <aws_lc_0_41_0_curve25519_x25519base+117>:
49 8b 4b 08 mov 0x8(%r11),%rcx
0x000007098249f9ed <aws_lc_0_41_0_curve25519_x25519base+121>:
48 0f 45 c1 cmovne %rcx,%rax
0x000007098249f9f1 <aws_lc_0_41_0_curve25519_x25519base+125>:
48 89 84 24 88 00 00 00 mo
0x000007098249f9f9 <aws_lc_0_41_0_curve25519_x25519base+133>:
49 8b 42 10 mo
0x000007098249f9fd <aws_lc_0_41_0_curve25519_x25519base+137>:
49 8b 4b 10 mo
0x000007098249fa01 <aws_lc_0_41_0_curve25519_x25519base+141>:
48 0f 45 c1 cm
0x000007098249fa05 <aws_lc_0_41_0_curve25519_x25519base+145>:
48 89 84 24 90 00 00 00 mo
0x000007098249fa0d <aws_lc_0_41_0_curve25519_x25519base+153>:
49 8b 42 18 mo
0x000007098249fa11 <aws_lc_0_41_0_curve25519_x25519base+157>:
49 8b 4b 18 mo
0x000007098249fa15 <aws_lc_0_41_0_curve25519_x25519base+161>:
48 0f 45 c1 cm
0x000007098249fa19 <aws_lc_0_41_0_curve25519_x25519base+165>:
48 89 84 24 98 00 00 00 mo
0x000007098249fa21 <aws_lc_0_41_0_curve25519_x25519base+173>:
49 8b 42 20 mo
--Type <RET> for more, q to quit, c to continue without paging-- c
0x000007098249fa25 <aws_lc_0_41_0_curve25519_x25519base+177>:
49 8b 4b 20 mo
0x000007098249fa29 <aws_lc_0_41_0_curve25519_x25519base+181>:
48 0f 45 c1 cm
0x000007098249fa2d <aws_lc_0_41_0_curve25519_x25519base+185>:
48 89 84 24 a0 00 00 00 mo
0x000007098249fa35 <aws_lc_0_41_0_curve25519_x25519base+193>:
49 8b 42 28 mo
0x000007098249fa39 <aws_lc_0_41_0_curve25519_x25519base+197>:
49 8b 4b 28 mo
End of assembler dump.
Backtrace from another session:
Thread 2 "tokio-rt-worker" received signal SIGSEGV, Segmentation fault.
[Switching to thread 460650 of process 4252]
0x00000afc2b6a69d3 in aws_lc_0_41_0_curve25519_x25519base ()
(gdb) bt
#0 0x00000afc2b6a69d3 in aws_lc_0_41_0_curve25519_x25519base ()
#1 0x00000afc2b54025d in aws_lc_0_41_0_X25519_keypair ()
#2 0x00000afc2b521bbe in pkey_x25519_keygen ()
#3 0x00000afc2b55ab8c in aws_lc_0_41_0_EVP_PKEY_keygen ()
#4 0x00000afc2b51350a in aws_lc_rs::evp_pkey::<impl
aws_lc_rs::ptr::ManagedPointer<*mut
aws_lc_sys::universal_crypto::evp_pkey_st>>::generate ()
#5 0x00000afc2b4fc570 in aws_lc_rs::agreement::PrivateKey::generate ()
#6 0x00000afc2b4f8e99 in <rustls::crypto::aws_lc_rs::kx::KxGroup as
rustls::crypto::SupportedKxGroup>::start ()
#7 0x00000afc2b46929c in rustls::client::client_conn::<impl
rustls::conn::ConnectionCore<rustlsn::ClientConnectionData>>::for_client ()
#8 0x00000afc2b4be0d4 in
rustls::client::client_conn::connection::ClientConnection::new_with_al
#9 0x00000afc299b73bd in
tokio_rustls::client::TlsConnector::connect_impl ()
#10 0x00000afc29db21a4 in deltachat::net::tls::wrap_tls::{{closure}} ()
#11 0x00000afc29e39155 in
deltachat::imap::client::Client::connection_attempt::{{closure}} ()
#12 0x00000afc29cdc4ee in tokio::runtime::task::core::Core<T,S>::poll ()
#13 0x00000afc29ae84d7 in
tokio::runtime::task::harness::Harness<T,S>::poll ()
#14 0x00000afc2bcc0984 in
tokio::runtime::scheduler::multi_thread::worker::Context::run_task ()
#15 0x00000afc2bcbfce0 in
tokio::runtime::scheduler::multi_thread::worker::Context::run ()
#16 0x00000afc2bc9a51d in tokio::runtime::context::scoped::Scoped<T>::set ()
#17 0x00000afc2bcbe23f in
tokio::runtime::scheduler::multi_thread::worker::run ()
#18 0x00000afc29cd8555 in tokio::runtime::task::core::Core<T,S>::poll ()
#19 0x00000afc29ab2c71 in
tokio::runtime::task::harness::Harness<T,S>::poll ()
#20 0x00000afc2bcaecb4 in tokio::runtime::blocking::pool::Inner::run ()
#21 0x00000afc2bc93bb3 in
std::sys::backtrace::__rust_begin_short_backtrace ()
#22 0x00000afc2bc9cdd6 in
core::ops::function::FnOnce::call_once{{vtable.shim}} ()
#23 0x00000afc2be53be0 in
std::sys::thread::unix::Thread::new::thread_start ()
#24 0x00000afe4275c132 in _rthread_start (v=0x0) at
/usr/src/lib/librthread/rthread.c:99
#25 0x00000aff0c479aaa in __tfork_thread () at
/usr/src/lib/libc/arch/amd64/sys/tfork_thread.S:8
The relevant Cargo.toml entry was:
tokio-rustls = { version = "0.26.2",
default-features = false,
features = ["aws-lc-rs", "tls12"] }
This probably affects other rust ports because aws-lc-rs is the default
feature for current versions of rustls. I hope the above info is
helpful: I have reached the limits of my understanding however. I will
keep a broken version of the package aside in case any more debugging
info is needed.
regards
Chris