> Date: Fri, 29 Dec 2017 21:21:04 +1100 > From: Jonathan Gray <j...@jsg.id.au> > > On Fri, Dec 29, 2017 at 10:47:06AM +0100, Mark Kettenis wrote: > > The Aarch32 assembly code in libcrypto assumes that armv7 supports > > unaligned access. It does, but only if you don't enable the bit that > > makes it trap on unaligned access. And we enable that bit on OpenBSD. > > So doing a SHA256 of an unaligned buffer (something ftp(1) ends up > > doing) you SIGBUS. > > > > This currently isn't an issue since our base GCC does not advertise > > that we're compiling for armv7 and up only. It barely knows about > > armv7 at all. But with clang that is no longer true. And we really > > want to build for armv7 and up only because that gives us proper > > atomic operations and such. > > > > So here is a diff that avoids the unaligned access bits that matter > > when compiling on OpenBSD. > > > > ok? > > > > P.S. Ports people might want to apply a similar diff to the OpenSSSL > > port if we still have it. > > Any reason to not use __STRICT_ALIGNMENT for this?
The assembly code doesn't include the header file that defines __STRICT_ALIGNMENT. But I could have arm_arch.h define it and use it instead of __OpenBSD__. Makes things a little bit more obvious... Any of the LibreSSL folks have an opinion about that? > > Index: lib/libcrypto/aes/asm/aes-armv4.pl > > =================================================================== > > RCS file: /cvs/src/lib/libcrypto/aes/asm/aes-armv4.pl,v > > retrieving revision 1.2 > > diff -u -p -r1.2 aes-armv4.pl > > --- lib/libcrypto/aes/asm/aes-armv4.pl 9 Jul 2014 09:10:07 -0000 > > 1.2 > > +++ lib/libcrypto/aes/asm/aes-armv4.pl 29 Dec 2017 09:38:11 -0000 > > @@ -172,7 +172,7 @@ AES_encrypt: > > mov $rounds,r0 @ inp > > mov $key,r2 > > sub $tbl,r3,#AES_encrypt-AES_Te @ Te > > -#if __ARM_ARCH__<7 > > +#if __ARM_ARCH__<7 || defined(__OpenBSD__) > > ldrb $s0,[$rounds,#3] @ load input data in endian-neutral > > ldrb $t1,[$rounds,#2] @ manner... > > ldrb $t2,[$rounds,#1] > > @@ -216,7 +216,7 @@ AES_encrypt: > > bl _armv4_AES_encrypt > > > > ldr $rounds,[sp],#4 @ pop out > > -#if __ARM_ARCH__>=7 > > +#if __ARM_ARCH__>=7 && !defined(__OpenBSD__) > > #ifdef __ARMEL__ > > rev $s0,$s0 > > rev $s1,$s1 > > @@ -432,7 +432,7 @@ _armv4_AES_set_encrypt_key: > > mov lr,r1 @ bits > > mov $key,r2 @ key > > > > -#if __ARM_ARCH__<7 > > +#if __ARM_ARCH__<7 || defined(__OpenBSD__) > > ldrb $s0,[$rounds,#3] @ load input data in endian-neutral > > ldrb $t1,[$rounds,#2] @ manner... > > ldrb $t2,[$rounds,#1] > > @@ -517,7 +517,7 @@ _armv4_AES_set_encrypt_key: > > b .Ldone > > > > .Lnot128: > > -#if __ARM_ARCH__<7 > > +#if __ARM_ARCH__<7 || defined(__OpenBSD__) > > ldrb $i2,[$rounds,#19] > > ldrb $t1,[$rounds,#18] > > ldrb $t2,[$rounds,#17] > > @@ -588,7 +588,7 @@ _armv4_AES_set_encrypt_key: > > b .L192_loop > > > > .Lnot192: > > -#if __ARM_ARCH__<7 > > +#if __ARM_ARCH__<7 || defined(__OpenBSD__) > > ldrb $i2,[$rounds,#27] > > ldrb $t1,[$rounds,#26] > > ldrb $t2,[$rounds,#25] > > @@ -888,7 +888,7 @@ AES_decrypt: > > mov $rounds,r0 @ inp > > mov $key,r2 > > sub $tbl,r3,#AES_decrypt-AES_Td @ Td > > -#if __ARM_ARCH__<7 > > +#if __ARM_ARCH__<7 || defined(__OpenBSD__) > > ldrb $s0,[$rounds,#3] @ load input data in endian-neutral > > ldrb $t1,[$rounds,#2] @ manner... > > ldrb $t2,[$rounds,#1] > > @@ -932,7 +932,7 @@ AES_decrypt: > > bl _armv4_AES_decrypt > > > > ldr $rounds,[sp],#4 @ pop out > > -#if __ARM_ARCH__>=7 > > +#if __ARM_ARCH__>=7 && !defined(__OpenBSD__) > > #ifdef __ARMEL__ > > rev $s0,$s0 > > rev $s1,$s1 > > Index: lib/libcrypto/sha/asm/sha1-armv4-large.pl > > =================================================================== > > RCS file: /cvs/src/lib/libcrypto/sha/asm/sha1-armv4-large.pl,v > > retrieving revision 1.1.1.4 > > diff -u -p -r1.1.1.4 sha1-armv4-large.pl > > --- lib/libcrypto/sha/asm/sha1-armv4-large.pl 13 Apr 2014 15:16:35 > > -0000 1.1.1.4 > > +++ lib/libcrypto/sha/asm/sha1-armv4-large.pl 29 Dec 2017 09:38:11 > > -0000 > > @@ -95,7 +95,7 @@ ___ > > sub BODY_00_15 { > > my ($a,$b,$c,$d,$e)=@_; > > $code.=<<___; > > -#if __ARM_ARCH__<7 > > +#if __ARM_ARCH__<7 || defined(__OpenBSD__) > > ldrb $t1,[$inp,#2] > > ldrb $t0,[$inp,#3] > > ldrb $t2,[$inp,#1] > > Index: lib/libcrypto/sha/asm/sha256-armv4.pl > > =================================================================== > > RCS file: /cvs/src/lib/libcrypto/sha/asm/sha256-armv4.pl,v > > retrieving revision 1.1.1.3 > > diff -u -p -r1.1.1.3 sha256-armv4.pl > > --- lib/libcrypto/sha/asm/sha256-armv4.pl 13 Oct 2012 21:23:43 -0000 > > 1.1.1.3 > > +++ lib/libcrypto/sha/asm/sha256-armv4.pl 29 Dec 2017 09:38:11 -0000 > > @@ -51,7 +51,7 @@ sub BODY_00_15 { > > my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_; > > > > $code.=<<___ if ($i<16); > > -#if __ARM_ARCH__>=7 > > +#if __ARM_ARCH__>=7 && !defined(__OpenBSD__) > > ldr $T1,[$inp],#4 > > #else > > ldrb $T1,[$inp,#3] @ $i > > @@ -70,7 +70,7 @@ $code.=<<___; > > eor $t1,$f,$g > > #if $i>=16 > > add $T1,$T1,$t3 @ from BODY_16_xx > > -#elif __ARM_ARCH__>=7 && defined(__ARMEL__) > > +#elif __ARM_ARCH__>=7 && defined(__ARMEL__) && !defined(__OpenBSD__) > > rev $T1,$T1 > > #endif > > #if $i==15 > > Index: lib/libcrypto/sha/asm/sha512-armv4.pl > > =================================================================== > > RCS file: /cvs/src/lib/libcrypto/sha/asm/sha512-armv4.pl,v > > retrieving revision 1.1.1.3 > > diff -u -p -r1.1.1.3 sha512-armv4.pl > > --- lib/libcrypto/sha/asm/sha512-armv4.pl 13 Oct 2012 21:23:43 -0000 > > 1.1.1.3 > > +++ lib/libcrypto/sha/asm/sha512-armv4.pl 29 Dec 2017 09:38:11 -0000 > > @@ -270,7 +270,7 @@ sha512_block_data_order: > > str $Thi,[sp,#$Foff+4] > > > > .L00_15: > > -#if __ARM_ARCH__<7 > > +#if __ARM_ARCH__<7 || defined(__OpenBSD__) > > ldrb $Tlo,[$inp,#7] > > ldrb $t0, [$inp,#6] > > ldrb $t1, [$inp,#5] > > >