Open PierreRamoin-1A opened 5 years ago
I ran into the same problem. The openssl asm puts constants (rodata, essentially) in the .text segment, which confuses BOLT. I worked around it by putting the constants into .rodata. I was working in the context of "ring" which is a Rust crypto library that includes the openssl code. I'll try to get this all upstreamed soon, though given how many projects embed random copies of subsets of openssl, it may take a while...
Actually, the "reference in the middle of instruction detected" warning is a new regression in BOLT since 71e5fc4a6734869bee50b6f2430c30d8a155e9d. I just tried with an up to date BOLT and am now seeing it as well.
Since I'm running BOLT on a shared library, this actually fails instead of just printing warnings: BOLT-WARNING: conditional tail call detected in function GFp_bn_power5/1 at 0xf129c. BOLT-WARNING: reference in the middle of instruction detected in function GFp_bn_power5/1 at offset 0x6f9 BOLT-ERROR: unable to keep processing in relocation mode
Hi @nolanl Thanks for your investigation / work! For the shared library, it's my bad. It was not running relocs as I didn't add --emit-relocations flag at link time. If I add the flag, it fails with this output:
BOLT-INFO: Target architecture: x86_64
BOLT-INFO: shared object or position-independent executable detected
BOLT-INFO: first alloc address is 0x0
BOLT-INFO: creating new program header table at address 0x400000, offset 0x400000
BOLT-INFO: enabling relocation mode
BOLT-INFO: enabling -align-macro-fusion=all since no profile was specified
BOLT-WARNING: sizes differ for function aesni_set_encrypt_key/1. FDE : 1173; symbol table : 1374. Using max size.
BOLT-WARNING: sizes differ for function poly1305_blocks_avx/1. FDE : 420; symbol table : 2842. Using max size.
BOLT-WARNING: sizes differ for function poly1305_blocks_avx2/1. FDE : 420; symbol table : 2008. Using max size.
BOLT-WARNING: sizes differ for function sha1_block_data_order_shaext/1. FDE : 627; symbol table : 629. Using max size.
BOLT-WARNING: FDE [0x1ce9c0, 0x1cea9e) conflicts with function poly1305_blocks_avx/crypto/poly1305/libcrypto-shlib-poly1305-x86_64.o/1(*2)
BOLT-WARNING: FDE [0x1ceaa0, 0x1cf31a) conflicts with function poly1305_blocks_avx/crypto/poly1305/libcrypto-shlib-poly1305-x86_64.o/1(*2)
BOLT-WARNING: FDE [0x1cf580, 0x1cf677) conflicts with function poly1305_blocks_avx2/crypto/poly1305/libcrypto-shlib-poly1305-x86_64.o/1(*2)
BOLT-WARNING: FDE [0x1cf680, 0x1cfb98) conflicts with function poly1305_blocks_avx2/crypto/poly1305/libcrypto-shlib-poly1305-x86_64.o/1(*2)
BOLT-WARNING: FDE [0x1dcdc7, 0x1dd41f) conflicts with function RC4
BOLT-WARNING: split function detected on input : fd_gets.cold.3/1. The support is limited in relocation mode.
BOLT-WARNING: reference in the middle of instruction detected in function _x86_64_AES_encrypt_compact/crypto/aes/libcrypto-shlib-aes-x86_64.o/1(*2) at offset 0x270
BOLT-ERROR: unable to keep processing in relocation mode
If you have a working patch, can you share it in the mean time it get upstreamed?
I have a patch that makes it work with 71e5fc4a6734869bee50b6f2430c30d8a155e9d BOLT. I'll ask about posting it, I am working on a contract at the moment.
I've attached the patches, sorry for the delay.
Two caveats:
Hi,
@nolanl Do you have any plan to upsteam these fixes in OpenSSL in anyway. The .rodata one seems fine to me, the other one exposing labels as global symbol seems stranger, maybe we should look at what a compiler generates for static functions and try to copy that behavior.
Cheers, Romain
I plan to upstream them to ring, and will probably also submit them to boringssl and openssl.
The global symbol thing is just a hack, but I didn't worry about it because it is way less hacky than the rest of the function.
Hi,
It looks like the asm files in OpenSSL were recently udpated to patch the CFI annotations in it. It might be worth checking if latest releases are working fine now.
Cheers, Romain
Hi,
I tried to apply BOLT on a binary (C++) which use the crypto library of OpenSSL (v1.1.1b). This library generate a lot of WARNING in BOLT before to fail on relocations (No fail but still warnings with
-relocs=0
).I tried to apply BOLT directly on libcrypto.so (I use the static lib on my binary but it was for the test), it don't fail but I still have all the warnings.
Here is the output:
After some investigation, it looks like the problem come along with the ASM part of crypto.
Indeed, if I compile the lib with the
-no-asm
flag, everything is working as expected and these warnings disappears (my binary is BOLTED successfully with relocations).