search

mirage / hacl

Archived. Curve25519 support has been integrated into mirage-crypto-ec (via fiat-crypto). Hacl bindings are available from the hacl-star opam package. OCaml bindings for HACL* elliptic curves
https://github.com/mirage/mirage-crypto
Other
20 stars 5 forks source link

The distribution does not compile on CentOS 7 and Oracle Linux 7 #46

Open dinosaure opened 3 years ago

dinosaure commented 3 years ago

See this trace from this OPAM CI output:

#=== ERROR while compiling hacl_x25519.0.2.2 ==================================#
# context              2.0.7 | linux/x86_64 | ocaml-base-compiler.4.11.1 | file:///src
# path                 ~/.opam/4.11/.opam-switch/build/hacl_x25519.0.2.2
# command              ~/.opam/4.11/bin/dune build -p hacl_x25519 -j 47 @install
# exit-code            1
# env-file             ~/.opam/log/hacl_x25519-1-efc922.env
# output-file          ~/.opam/log/hacl_x25519-1-efc922.out
### output ###
#        gmake freestanding/libhacl_x25519_freestanding_stubs.a
# touch libhacl_x25519_freestanding_stubs.a
#          gcc src/Hacl_Hash.o (exit 1)
# (cd _build/default/src && /usr/bin/gcc -std=gnu99 -O2 -fno-strict-aliasing -fwrapv -fno-builtin-memcmp -fPIC -D_FILE_OFFSET_BITS=64 -D_REENTRANT -std=gnu99 -O2 -fno-strict-aliasing -fwrapv -fno-builtin-memcmp -fPIC -I . -I kremlin/include -I kremlin/kremlib/dist/minimal -g -I /home/opam/.opam/4.11/lib/ocaml -I /home/opam/.opam/4.11/lib/bigarray-compat -I /home/opam/.opam/4.11/lib/cstruct -I /home/opam/.opam/4.11/lib/eqaf -I kremlin -o Hacl_Hash.o -c Hacl_Hash.c)
# In file included from Hacl_Hash.h:24:0,
#                  from Hacl_Hash.c:25:
# evercrypt_targetconfig.h:19:18: error: missing binary operator before token "("
#  #if __has_include("config.h")
#                   ^
# In file included from libintvector.h:13:0,
#                  from Hacl_Hash.h:25,
#                  from Hacl_Hash.c:25:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/tmmintrin.h:31:3: error: #error "SSSE3 instruction set not enabled"
#  # error "SSSE3 instruction set not enabled"
#    ^
# In file included from libintvector.h:14:0,
#                  from Hacl_Hash.h:25,
#                  from Hacl_Hash.c:25:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/smmintrin.h:31:3: error: #error "SSE4.1 instruction set not enabled"
#  # error "SSE4.1 instruction set not enabled"
#    ^
# In file included from libintvector.h:207:0,
#                  from Hacl_Hash.h:25,
#                  from Hacl_Hash.c:25:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/wmmintrin.h:34:3: error: #error "AES/PCLMUL instructions not enabled"
#  # error "AES/PCLMUL instructions not enabled"
#    ^
# In file included from Hacl_Hash.h:25:0,
#                  from Hacl_Hash.c:25:
# libintvector.h:209:1: error: unknown type name '__m256i'
#  typedef __m256i Lib_IntVector_Intrinsics_vec256;
#  ^
#          gcc src/Hacl_Curve25519_51.o (exit 1)
# (cd _build/default/src && /usr/bin/gcc -std=gnu99 -O2 -fno-strict-aliasing -fwrapv -fno-builtin-memcmp -fPIC -D_FILE_OFFSET_BITS=64 -D_REENTRANT -std=gnu99 -O2 -fno-strict-aliasing -fwrapv -fno-builtin-memcmp -fPIC -I . -I kremlin/include -I kremlin/kremlib/dist/minimal -g -I /home/opam/.opam/4.11/lib/ocaml -I /home/opam/.opam/4.11/lib/bigarray-compat -I /home/opam/.opam/4.11/lib/cstruct -I /home/opam/.opam/4.11/lib/eqaf -I kremlin -o Hacl_Curve25519_51.o -c Hacl_Curve25519_51.c)
# In file included from Hacl_Curve25519_51.h:24:0,
#                  from Hacl_Curve25519_51.c:25:
# evercrypt_targetconfig.h:19:18: error: missing binary operator before token "("
#  #if __has_include("config.h")
#                   ^
# In file included from libintvector.h:13:0,
#                  from Hacl_Curve25519_51.h:25,
#                  from Hacl_Curve25519_51.c:25:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/tmmintrin.h:31:3: error: #error "SSSE3 instruction set not enabled"
#  # error "SSSE3 instruction set not enabled"
#    ^
# In file included from libintvector.h:14:0,
#                  from Hacl_Curve25519_51.h:25,
#                  from Hacl_Curve25519_51.c:25:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/smmintrin.h:31:3: error: #error "SSE4.1 instruction set not enabled"
#  # error "SSE4.1 instruction set not enabled"
#    ^
# In file included from libintvector.h:207:0,
#                  from Hacl_Curve25519_51.h:25,
#                  from Hacl_Curve25519_51.c:25:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/wmmintrin.h:34:3: error: #error "AES/PCLMUL instructions not enabled"
#  # error "AES/PCLMUL instructions not enabled"
#    ^
# In file included from Hacl_Curve25519_51.h:25:0,
#                  from Hacl_Curve25519_51.c:25:
# libintvector.h:209:1: error: unknown type name '__m256i'
#  typedef __m256i Lib_IntVector_Intrinsics_vec256;
#  ^
#          gcc src/Hacl_Ed25519.o (exit 1)
# (cd _build/default/src && /usr/bin/gcc -std=gnu99 -O2 -fno-strict-aliasing -fwrapv -fno-builtin-memcmp -fPIC -D_FILE_OFFSET_BITS=64 -D_REENTRANT -std=gnu99 -O2 -fno-strict-aliasing -fwrapv -fno-builtin-memcmp -fPIC -I . -I kremlin/include -I kremlin/kremlib/dist/minimal -g -I /home/opam/.opam/4.11/lib/ocaml -I /home/opam/.opam/4.11/lib/bigarray-compat -I /home/opam/.opam/4.11/lib/cstruct -I /home/opam/.opam/4.11/lib/eqaf -I kremlin -o Hacl_Ed25519.o -c Hacl_Ed25519.c)
# In file included from Hacl_Ed25519.h:24:0,
#                  from Hacl_Ed25519.c:25:
# evercrypt_targetconfig.h:19:18: error: missing binary operator before token "("
#  #if __has_include("config.h")
#                   ^
# In file included from libintvector.h:13:0,
#                  from Hacl_Ed25519.h:25,
#                  from Hacl_Ed25519.c:25:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/tmmintrin.h:31:3: error: #error "SSSE3 instruction set not enabled"
#  # error "SSSE3 instruction set not enabled"
#    ^
# In file included from libintvector.h:14:0,
#                  from Hacl_Ed25519.h:25,
#                  from Hacl_Ed25519.c:25:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/smmintrin.h:31:3: error: #error "SSE4.1 instruction set not enabled"
#  # error "SSE4.1 instruction set not enabled"
#    ^
# In file included from libintvector.h:207:0,
#                  from Hacl_Ed25519.h:25,
#                  from Hacl_Ed25519.c:25:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/wmmintrin.h:34:3: error: #error "AES/PCLMUL instructions not enabled"
#  # error "AES/PCLMUL instructions not enabled"
#    ^
# In file included from Hacl_Ed25519.h:25:0,
#                  from Hacl_Ed25519.c:25:
# libintvector.h:209:1: error: unknown type name '__m256i'
#  typedef __m256i Lib_IntVector_Intrinsics_vec256;
#  ^
#          gcc src/hacl_x25519_stubs.o (exit 1)
# (cd _build/default/src && /usr/bin/gcc -std=gnu99 -O2 -fno-strict-aliasing -fwrapv -fno-builtin-memcmp -fPIC -D_FILE_OFFSET_BITS=64 -D_REENTRANT -std=gnu99 -O2 -fno-strict-aliasing -fwrapv -fno-builtin-memcmp -fPIC -I . -I kremlin/include -I kremlin/kremlib/dist/minimal -g -I /home/opam/.opam/4.11/lib/ocaml -I /home/opam/.opam/4.11/lib/bigarray-compat -I /home/opam/.opam/4.11/lib/cstruct -I /home/opam/.opam/4.11/lib/eqaf -I kremlin -o hacl_x25519_stubs.o -c hacl_x25519_stubs.c)
# In file included from Hacl_Curve25519_51.h:24:0,
#                  from hacl_x25519_stubs.c:4:
# evercrypt_targetconfig.h:19:18: error: missing binary operator before token "("
#  #if __has_include("config.h")
#                   ^
# In file included from libintvector.h:13:0,
#                  from Hacl_Curve25519_51.h:25,
#                  from hacl_x25519_stubs.c:4:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/tmmintrin.h:31:3: error: #error "SSSE3 instruction set not enabled"
#  # error "SSSE3 instruction set not enabled"
#    ^
# In file included from libintvector.h:14:0,
#                  from Hacl_Curve25519_51.h:25,
#                  from hacl_x25519_stubs.c:4:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/smmintrin.h:31:3: error: #error "SSE4.1 instruction set not enabled"
#  # error "SSE4.1 instruction set not enabled"
#    ^
# In file included from libintvector.h:207:0,
#                  from Hacl_Curve25519_51.h:25,
#                  from hacl_x25519_stubs.c:4:
# /usr/lib/gcc/x86_64-redhat-linux/4.8.5/include/wmmintrin.h:34:3: error: #error "AES/PCLMUL instructions not enabled"
#  # error "AES/PCLMUL instructions not enabled"
#    ^
# In file included from Hacl_Curve25519_51.h:25:0,
#                  from hacl_x25519_stubs.c:4:
# libintvector.h:209:1: error: unknown type name '__m256i'
#  typedef __m256i Lib_IntVector_Intrinsics_vec256;
#  ^
dinosaure commented 3 years ago

I'm not sure about which processors they use but it seems clear that it's about SSSE3/SSE4.1/AES/PCLMUL instructions. In that case, we should take a look on what mirage-crypto does (I think it needs at least SSE2, SSSE3 and AES instructions).

hannesm commented 3 years ago

we should take a look on what mirage-crypto does

pretty simple, in config/cfg.ml it looks which architecture it compiles for, and does:

  let accelerate_flags =
    match arch with
    | `x86_64 -> [ "-DACCELERATE"; "-mssse3"; "-maes"; "-mpclmul" ]
    | _ -> []
  in

I don't know how hacl is supposed to be compiled -- the errors may be due to an old gcc which does not support __has_include. also I'm not able to find a config.h in our repository... it may need some deeper look into the evercrypt build system and feature detection...

kit-ty-kate commented 3 years ago

I don't know how hacl is supposed to be compiled -- the errors may be due to an old gcc which does not support __has_include

Sounds about right. GCC in those distributions is quite old (4.8 in both cases)