tech-pkg archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: security/polkit not working with evbarm-current
On Tue, Jun 28, 2016 at 10:21:56PM -0700, Michael Plass wrote:
> On Jun 26, 2016, at 3:41 PM, Michael Plass wrote:
>
> >
> > On Jun 26, 2016, at 2:03 AM, Thomas Klausner wrote:
> >
> >> On Sat, Jun 25, 2016 at 07:30:52PM -0700, Michael Plass wrote:
> >>>
> >>> On Jun 25, 2016, at 3:50 PM, Michael Plass wrote:
> >>>
> >>>> On Jun 25, 2016, at 11:55 AM, Thomas Klausner wrote:
> >>>>
> >>>>> On Wed, Jun 22, 2016 at 07:15:59PM -0700, Michael Plass wrote:
> >>>>>> On Jun 14, 2016, at 12:13 AM, John Klos wrote:
> >>>>>>
> >>>>>>> /usr/local/bin/xsltproc -nonet --stringparam man.base.url.for.relative.links /usr/local/share/gtk-doc/html/polkit-1/ --xincludehttp://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl pkcheck.xml
> >>>>>>> /usr/local/lib/libgcrypt.so.20: text relocations/usr/local/lib/libgcrypt.so.20: text relocations
> >>>>>>>
> >>>>>>> /usr/local/lib/libgcrypt.so.20: Cannot write-enable text segment: Permission denied/usr/local/lib/libgcrypt.so.20: Cannot write-enable text segment: Permission denied
> >>>>>>>
> >>>>>>> /usr/local/lib/libgcrypt.so.20: text relocations/usr/local/lib/libgcrypt.so.20: text relocations
> >>>>>>>
> >>>>>>> /usr/local/lib/libgcrypt.so.20: Cannot write-enable text segment: Permission denied/usr/local/lib/libgcrypt.so.20: Cannot write-enable text segment: Permission denied
> >>>>>>>
> >>>>>>> gmake[3]: *** [Makefile:647: polkitd.8] Error 1
> >>>>>>
> >>>>>> I ran into a similar problem today, building devel/git-contrib.
> >>>>>> A workaround is
> >>>>>>
> >>>>>> # paxctl +m /usr/pkg/bin/xsltproc
> >>>>>>
> >>>>>> (see http://mail-index.netbsd.org/current-users/2016/05/20/msg029398.html)
> >>>>>
> >>>>> That's strange. This paxctl is not necessary for me on 7.99.32/amd64,
> >>>>> and I don't think there should be differences between the
> >>>>> architectures in this regard. (My cc1 also does not need +m.)
> >>>>>
> >>>>> Can you update to 7.99.32 and check if it's still needed?
> >>>>> Thomas
> >>>>>
> >>>>>
> >>>>
> >>>>
> >>>> Will do - I happen to have a build underway.
> >>>>
> >>>> But I think it may be in libgcrypt, which has a fair bit of assembly code
> >>>> for various architectures, including armv7-neon. All of the programs in
> >>>> /usr/pkgsrc/security/libgcrypt/work/libgcrypt-1.7.1/tests get the same message:
> >>>>
> >>>> $ /usr/pkgsrc/security/libgcrypt/work/libgcrypt-1.7.1/tests/version
> >>>> /usr/pkg/lib/libgcrypt.so.20: text relocations
> >>>> /usr/pkg/lib/libgcrypt.so.20: Cannot write-enable text segment: Permission denied
> >>>>
> >>>> - Michael
> >>>>
> >>>> NetBSD mipi 7.99.30 NetBSD 7.99.30 (RPI2) #3: Sun Jun 19 20:55:51 PDT 2016 michael@mipi:/usr/obj/sys/arch/evbarm/compile/RPI2 evbarm
> >>>>
> >>>
> >>> Indeed, configuring libgcrypt with --disable-neon-support seems to avoid the problem.
> >>
> >> I don't speak ARM ASM; do you want to fix it or should we use
> >> --disable-neon-support for now to work around it?
> >> Thomas
> >>
> >>
> >
> >
> > I'm not very familiar with ARM ASM myself, but I think I tracked
> > down the offending instruction. With the following change, the
> > library reference works:
> > =======================
> > diff --git a/work/libgcrypt-1.7.1/cipher/poly1305-armv7-neon.S b/work/libgcrypt-1.7.1/cipher/poly1305-armv7-neon.S
> > index 1134e85..e2727bd 100644
> > --- a/work/libgcrypt-1.7.1/cipher/poly1305-armv7-neon.S
> > +++ b/work/libgcrypt-1.7.1/cipher/poly1305-armv7-neon.S
> > @@ -52,7 +52,7 @@ _gcry_poly1305_armv7_neon_init_ext:
> > and r2, r2, r2
> > moveq r14, #-1
> > ldmia r1!, {r2-r5}
> > - ldr r7, =.Lpoly1305_init_constants_neon
> > + adr r7, .Lpoly1305_init_constants_neon
> > mov r6, r2
> > mov r8, r2, lsr #26
> > mov r9, r3, lsr #20
> > =======================
> > Running make check gets a bus error in tests/basic, but that's doing
> > an aes test so I don't think it's related to the poly1305 change. The rest
> > of the tests pass (hashtest-256g was skipped).
> >
> > Hopefully someone who does know ARM ASM can review the above change!
>
> Thomas,
>
> I ran some tests, and I think the patch I provided for poly1305 is OK.
>
> I also investigated the bus error in tests/basic. This happens on armv7 because
> the assembly code in cipher/rijndael-arm.S assumes that unaligned accesses are OK,
> which is true except for ldm/stm (load and store multiple). On armv6 it works because
> the assembler does not define __ARM_FEATURE_UNALIGNED, so the extra instructions to
> handle the alignment are generated. So I tried undefining this symbol near the top
> of the module, and this allowed the tests to pass. By the way, disabling neon
> support doesn't help with this second problem.
>
> Here's the diff for both fixes:
> ==================================
> diff --git a/work/libgcrypt-1.7.1/cipher/poly1305-armv7-neon.S b/work/libgcrypt-1.7.1/cipher/poly1305-armv7-neon.S
> index 1134e85..e2727bd 100644
> --- a/work/libgcrypt-1.7.1/cipher/poly1305-armv7-neon.S
> +++ b/work/libgcrypt-1.7.1/cipher/poly1305-armv7-neon.S
> @@ -52,7 +52,7 @@ _gcry_poly1305_armv7_neon_init_ext:
> and r2, r2, r2
> moveq r14, #-1
> ldmia r1!, {r2-r5}
> - ldr r7, =.Lpoly1305_init_constants_neon
> + adr r7, .Lpoly1305_init_constants_neon
> mov r6, r2
> mov r8, r2, lsr #26
> mov r9, r3, lsr #20
> diff --git a/work/libgcrypt-1.7.1/cipher/rijndael-arm.S b/work/libgcrypt-1.7.1/cipher/rijndael-arm.S
> index 694369d..34a9acc 100644
> --- a/work/libgcrypt-1.7.1/cipher/rijndael-arm.S
> +++ b/work/libgcrypt-1.7.1/cipher/rijndael-arm.S
> @@ -19,6 +19,7 @@
> */
>
> #include <config.h>
> +#undef __ARM_FEATURE_UNALIGNED
>
> #if defined(__ARMEL__)
> #ifdef HAVE_COMPATIBLE_GCC_ARM_PLATFORM_AS
> ==================================
>
Thanks for the detailed analysis.
Can you please file bug reports for these upstream?
Thomas
Home |
Main Index |
Thread Index |
Old Index