[PATCH 0/2] wireguard-linux-compat: grsecurity compat patches

Mathias Krause minipli at grsecurity.net
Mon Dec 6 16:24:35 UTC 2021


Am 06.12.21 um 15:48 schrieb Jason A. Donenfeld:
> I couldn't repro with a new kernel either. Only these old ones.
> 
> Here are some object files for the logs in the earlier message:
> https://data.zx2c4.com/curve25519-miscompile-a87440f8-7d1e-4179-be83-c82b4636a448.tar.zst

Just a heads-up, some of these seem to have been compiled with a recent
gcc which might not be what was intended?:

$ strings -fa curve25519-*.o | grep -i gcc
curve25519-3.11.10.o: GCC: (GNU) 4.9.4
curve25519-3.12.74.o: GCC: (Gentoo 11.2.0 p1) 11.2.0
curve25519-3.14.79.o: GCC: (Gentoo 11.2.0 p1) 11.2.0
curve25519-3.15.10.o: GCC: (GNU) 4.9.4
curve25519-3.16.85.o: GCC: (Gentoo 11.2.0 p1) 11.2.0
curve25519-3.17.8.o: GCC: (GNU) 5.5.0
curve25519-3.19.8.o: GCC: (GNU) 5.5.0
curve25519-4.0.9.o: GCC: (GNU) 5.5.0
curve25519-4.5.7.o: GCC: (GNU) 6.5.0
curve25519-4.6.7.o: GCC: (GNU) 6.5.0
curve25519-4.7.10.o: GCC: (GNU) 6.5.0
curve25519-4.8.17.o: GCC: (GNU) 6.5.0

Anyhow, now I'm able to reproduce it myself. Was a PEBCAK config failure.

I'll look into it and work on a fix!

Thanks,
Mathias



More information about the WireGuard mailing list