Incorrect HWCAP2 check for AArch32
Open, NormalPublic


Checking available extension to arm architecture in function detect_arm_at_hwcap in file src/hwf-arm.c is done by testing flags of HWCAP2 auxv value against predefined values.
Flags itself are defined like this:

#ifndef HWCAP2_AES
# define HWCAP2_AES    1
#ifndef HWCAP2_PMULL
# define HWCAP2_PMULL  2
#ifndef HWCAP2_SHA1
# define HWCAP2_SHA1   3
#ifndef HWCAP2_SHA2
# define HWCAP2_SHA2   4

static const struct feature_map_s arm_features[] =
    { HWCAP_NEON, 0, " neon", HWF_ARM_NEON },
    { 0, HWCAP2_AES, " aes", HWF_ARM_AES },
    { 0, HWCAP2_SHA1," sha1", HWF_ARM_SHA1 },
    { 0, HWCAP2_SHA2, " sha2", HWF_ARM_SHA2 },
    { 0, HWCAP2_PMULL, " pmull", HWF_ARM_PMULL },

If you look at HWCAP2 flags you will see that they in fact not flags, but corresponding bit numbers.
On machines that not support SHA1/SHA2 crypto extensions, but support AES, PMULL or/and CRC32 extension this causes libgcrypt to incorrectly think that SHA1/SHA2 crypto extensions are present, which in the end causes SIGILL when SHA instructions are being executed.

Correctly there must be flags, not bits numbers:

#ifndef HWCAP2_SHA1
# define HWCAP2_SHA1   4
#ifndef HWCAP2_SHA2
# define HWCAP2_SHA2   8
Nik_ created this task.Dec 22 2020, 12:40 AM
jukivili claimed this task.Tue, Dec 22, 8:42 AM
jukivili added a subscriber: jukivili.

Thanks for reporting this. You are correct, those HWCAP2_SHA1 and HWCAP2_SHA2 defines are wrong.

werner triaged this task as Normal priority.Tue, Jan 5, 9:12 AM
werner added a subscriber: werner.Thu, Jan 7, 11:42 AM

Do we need to backport to 1.8?

werner moved this task from Backlog to For 1.9 on the libgcrypt board.Thu, Jan 7, 11:42 AM

Yes, bug is also in 1.8 branch.

werner removed a project: libgcrypt.
werner added a project: libgcrypt.
werner moved this task from For 1.9 to For 1.8 on the libgcrypt board.Mon, Jan 18, 7:08 PM