Consolidate Windows ASLR workarounds for upstream secp256k1 changes #25251
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Maybe the oldest |
I've outlined in the commits which versions of binutils are affected by the bug, and that includes, for example, the version shipped with Ubuntu Focal, which is almost certainly still used to cross-compile WIndows binaries. The comment you've linked too, says to update the doc to mention that version that includes the fix, which has been done here. |
|
Concept ACK. |
laanwj
reviewed
May 31, 2022
|
Concept ACK This is more elegant. Exporting only the entry point makes much more sense than exporting secp256k1 symbols. Although it can't hurt (no one dynloads a binary, i'd hope!), it could be a risk for shared libraries where the symbols could interfere. Edit:
Wait, I'm wrong here. It could hurt, if we dynamically link against libraries that (directly or indirectly) use another version of secp256k1. I remember we had a problem like this with OpenSSL a long time ago where our statically linked version of OpenSSL conflicted with the one Qt was using. It's quite an edge case though 😄 But it's always better to err on the safe side, I mean. |
|
cc also @real-or-random @jonasnick |
|
ACK with or without the suggestion here. |
Thanks so much for this reminder, I had forgotten about this edge case! Very helpful to keep in mind. |
…anges Achieve this by adding a MAIN_FUNCTION macro, consolidating the docs, and introducing the macro across our distributed binaries. Also update the docs to explain that anyone using binutils < 2.36 is effected by this issue. Release builds are not, because they use binutils 2.37. Currently LTS Linux distros, like Ubuntu Focal, ship with 2.34. https://packages.ubuntu.com/focal/binutils
44c2452 Merge bitcoin-core/secp256k1#1105: Don't export symbols in static libraries 6f6cab9 abi: Don't export symbols in static Windows libraries 485f608 Merge bitcoin-core/secp256k1#1104: Fix the false positive of `SECP_64BIT_ASM_CHECK` 8b013fc Merge bitcoin-core/secp256k1#1056: Save negations in var-time group addition 7efc983 Fix the false positive of `SECP_64BIT_ASM_CHECK` 2f984ff Save negations in var-time group addition git-subtree-dir: src/secp256k1 git-subtree-split: 44c2452
fanquake
force-pushed
the
libsecp256k1_no_more_static_export
branch
from
66514bb
to
913b1f2
Compare
|
Changed the approach to using a |
| @@ -854,7 +855,7 @@ static int CommandLineRawTx(int argc, char* argv[]) | |||
| return nRet; | |||
| } | |||
|
|
|||
| int main(int argc, char* argv[]) | |||
| MAIN_FUNCTION | |||
There was a problem hiding this comment.
I like this macro approach more but would it make sense to have the macro cover only contain __declspec(dllexport) and the empty string?
Hiding the function arguments obscures the code somewhat (though in that case, most people can probably infer int argc, char* argv[]).
There was a problem hiding this comment.
There's something to be said for doing it that way, on the other hand, I suggested this because it makes it clear that it's to be used for the main() function. We could ostensibly even add a linter that detects "bare" definitions of main and rejects them.
We will at some point need finer control over exporting than this, for the shared libraries, but it's out of scope for this PR.
There was a problem hiding this comment.
clang-tidy linter pushed here: theuni/bitcoin-tidy@b2c8d38
This was a helpful exercise. The win32-specificness of this means that you have to run clang-tidy in Windows mode (--target=x86_64-w64-mingw32), which is really inconvenient for what should be a pretty general-purpose tool.
It occurs to me that this makes for a good distinction for what would be a good clang plugin vs a clang-tidy plugin. In this case, I think we'd prefer to check for this as a side-effect of compilation (clang-plugin) instead since that machinery is already arch-specific.
There was a problem hiding this comment.
No opinion on the scope of the macro, both arguments make sense to me. It has no effect on detection by clang/clang-tidy.
|
Code review ACK 913b1f2 |
theuni
approved these changes
Jun 13, 2022
| @@ -854,7 +855,7 @@ static int CommandLineRawTx(int argc, char* argv[]) | |||
| return nRet; | |||
| } | |||
|
|
|||
| int main(int argc, char* argv[]) | |||
| MAIN_FUNCTION | |||
There was a problem hiding this comment.
clang-tidy linter pushed here: theuni/bitcoin-tidy@b2c8d38
This was a helpful exercise. The win32-specificness of this means that you have to run clang-tidy in Windows mode (--target=x86_64-w64-mingw32), which is really inconvenient for what should be a pretty general-purpose tool.
It occurs to me that this makes for a good distinction for what would be a good clang plugin vs a clang-tidy plugin. In this case, I think we'd prefer to check for this as a side-effect of compilation (clang-plugin) instead since that machinery is already arch-specific.
| @@ -854,7 +855,7 @@ static int CommandLineRawTx(int argc, char* argv[]) | |||
| return nRet; | |||
| } | |||
|
|
|||
| int main(int argc, char* argv[]) | |||
| MAIN_FUNCTION | |||
There was a problem hiding this comment.
No opinion on the scope of the macro, both arguments make sense to me. It has no effect on detection by clang/clang-tidy.
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this pull request
Jun 15, 2022
…m secp256k1 changes c41bfd1 Squashed 'src/secp256k1/' changes from 8746600..44c2452 (fanquake) fbae8c5 compat: Consolidate mingw-w64 ASLR workaround for upstream libsecp changes (fanquake) Pull request description: bitcoin#18702 added a work around for `bitcoin-cli.exe`, to fix ASLR on Windows. ASLR was functioning for the rest of our binaries, mostly by accident, because: > [All other Windows binaries that we distribute (bitcoind, bitcoin-qt, bitcoin-wallet, bitcoin-tx and test_bitcoin) do not suffer this issue, and currently having working ASLR. This is due to them exporting (inadvertent or not) libsecp256k1 symbols, and, as a result, the .reloc section is not stripped by ld.](bitcoin#18702) Upstream, libsecp256k1 has recently made a change to [no-longer export symbols in static libraries](bitcoin-core/secp256k1#1105) (see related discussion in bitcoin#25008). This would mean that on the next subtree update, anyone building using an older binutils (< 2.36) would be (silently) producing Windows binaries with non-functioning ASLR. Our release binaries would not be affected, as in our Guix environment we currently use binutils 2.37. To prevent users building with older binutils from silently losing ASLR on Windows, this PR applies our work around (export `main`) to the rest of our binaries, and updates the associated documentation to mention the affected binutils versions, so we know when it can be dropped. I've included both the libsecp256k1 subtree update, and the ASLR related changes in this PR. Happy to split the changes up if reviewers would prefer. Guix Build (x86_64): ```bash 24fa1053fa3d310c4274f0700ac36f3c6e5b4486dc7f1aa7b2a5ded6937cf2b6 guix-build-913b1f2a5eb2/output/aarch64-linux-gnu/SHA256SUMS.part 96c4150f93c1356dc02f3d383699bcd856da7f769344606324fdc111fbfa8031 guix-build-913b1f2a5eb2/output/aarch64-linux-gnu/bitcoin-913b1f2a5eb2-aarch64-linux-gnu-debug.tar.gz 5e4adcaddf20a33cd4803e5a10f9a0653bcd40b1dfc7b680a741a17047103948 guix-build-913b1f2a5eb2/output/aarch64-linux-gnu/bitcoin-913b1f2a5eb2-aarch64-linux-gnu.tar.gz adfdac8fef797b13d845c13ab682611d0cc49a9772c2bd40f7aa6dbb1b4f11a8 guix-build-913b1f2a5eb2/output/arm-linux-gnueabihf/SHA256SUMS.part d51849bf907eecb168066a208b702314779fc12ae6fcaa8b5c2c3497e91820b9 guix-build-913b1f2a5eb2/output/arm-linux-gnueabihf/bitcoin-913b1f2a5eb2-arm-linux-gnueabihf-debug.tar.gz ca33ebed13316410d6d79e2db06f9bce8839fbc7216a5bc01a06745b2e470c2e guix-build-913b1f2a5eb2/output/arm-linux-gnueabihf/bitcoin-913b1f2a5eb2-arm-linux-gnueabihf.tar.gz 799fd15fa1e53d773a5ce391b7059920b54680591ee76bdc56bc7485a12d2af6 guix-build-913b1f2a5eb2/output/arm64-apple-darwin/SHA256SUMS.part 0122eb5fdd4cce7077ee1a2bba8c5bd3557c1d3f12f2f2aad7216de33bea213e guix-build-913b1f2a5eb2/output/arm64-apple-darwin/bitcoin-913b1f2a5eb2-arm64-apple-darwin-unsigned.dmg 3a630cc96bf9a43cbb89976aabdddb7a9069f74320277a499f3bbb96526d9c5d guix-build-913b1f2a5eb2/output/arm64-apple-darwin/bitcoin-913b1f2a5eb2-arm64-apple-darwin-unsigned.tar.gz e2530bab501750fd3d60776ba077bc4a8b145cc95e3a77105d86b388a1d961e1 guix-build-913b1f2a5eb2/output/arm64-apple-darwin/bitcoin-913b1f2a5eb2-arm64-apple-darwin.tar.gz f8fbc07221bd21f996dc29c65725740e9c2bfc9365367c806601f12b8e2d2691 guix-build-913b1f2a5eb2/output/dist-archive/bitcoin-913b1f2a5eb2.tar.gz fdbc8224d774f2428f037e65d9ac5728613cddee4ddcf6f1d144421cb1f37b3b guix-build-913b1f2a5eb2/output/powerpc64-linux-gnu/SHA256SUMS.part c1098cba38aee264ee7de82be3d5f8c1ec2c915c30763292fa9b6dc37aba8de8 guix-build-913b1f2a5eb2/output/powerpc64-linux-gnu/bitcoin-913b1f2a5eb2-powerpc64-linux-gnu-debug.tar.gz 567b8bf896a79e2f1b4961ec4f6c3501e414822f84f6fb40c9e3546e67ab08ff guix-build-913b1f2a5eb2/output/powerpc64-linux-gnu/bitcoin-913b1f2a5eb2-powerpc64-linux-gnu.tar.gz cbd7713550c5922ee28e0915b0425dc702bb299ad6809ff60e389604f4da3a31 guix-build-913b1f2a5eb2/output/powerpc64le-linux-gnu/SHA256SUMS.part e50fa6e370602a956942703ab349808c01e7365a00faead941d9e6be3800c65c guix-build-913b1f2a5eb2/output/powerpc64le-linux-gnu/bitcoin-913b1f2a5eb2-powerpc64le-linux-gnu-debug.tar.gz 2380fbdf6916769783a0e6c7848fb8d3b3cb5c44c26817009a8481e815098e3a guix-build-913b1f2a5eb2/output/powerpc64le-linux-gnu/bitcoin-913b1f2a5eb2-powerpc64le-linux-gnu.tar.gz a0fecb7b0d0a93aa15825572a0e1284f4776a5808f9f5eda7b2ddddaf2457fb2 guix-build-913b1f2a5eb2/output/riscv64-linux-gnu/SHA256SUMS.part 14fe505f06de009b50c2b4ce0e0430ba09fa66385ff50aa90f9ed0b03a321e61 guix-build-913b1f2a5eb2/output/riscv64-linux-gnu/bitcoin-913b1f2a5eb2-riscv64-linux-gnu-debug.tar.gz 98a70df9a6851d5221d8f8404f9656048ecf7cac2c9dffd2b6a55107783a60ad guix-build-913b1f2a5eb2/output/riscv64-linux-gnu/bitcoin-913b1f2a5eb2-riscv64-linux-gnu.tar.gz decb20f8de61e3eeda7e8f6fefcbaf56593c37d989672c6e7e2cd5c8e982c342 guix-build-913b1f2a5eb2/output/x86_64-apple-darwin/SHA256SUMS.part e14275e1bbbe54179fb68b50ed7c72de4c7ebc5b442c7793daf9974be523e8da guix-build-913b1f2a5eb2/output/x86_64-apple-darwin/bitcoin-913b1f2a5eb2-x86_64-apple-darwin-unsigned.dmg 6bb2d9f6c8123156b0e11b73f67f4e4e780e6bccb739e600f4e9b06b29aa3832 guix-build-913b1f2a5eb2/output/x86_64-apple-darwin/bitcoin-913b1f2a5eb2-x86_64-apple-darwin-unsigned.tar.gz 1f0fab16e32e4c9892b272edf43beb8e5de60bf8a04f41744809dc2a31b4f1b9 guix-build-913b1f2a5eb2/output/x86_64-apple-darwin/bitcoin-913b1f2a5eb2-x86_64-apple-darwin.tar.gz 3d7e45c7189a8855ea8a0d498dcd4d3189aa01c528eac194300cdb59f79471f2 guix-build-913b1f2a5eb2/output/x86_64-linux-gnu/SHA256SUMS.part 87b75a47a620dbd8ccf20768a3d82adf0b797ad86b7384cca62a7cf489b7a74c guix-build-913b1f2a5eb2/output/x86_64-linux-gnu/bitcoin-913b1f2a5eb2-x86_64-linux-gnu-debug.tar.gz 7e06af11bcef3ba6fd48501a09fbac86746537bad063f36caf39cd6bb857d3a8 guix-build-913b1f2a5eb2/output/x86_64-linux-gnu/bitcoin-913b1f2a5eb2-x86_64-linux-gnu.tar.gz c9ca794f7307df6f891008d92997719be95794f4670d018d0275f2a6c580d160 guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/SHA256SUMS.part 7eb1551cdafc0a44e5b5fcea703c6eeb6fc0bca601b57ab52d1e5e62db3ccffc guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/bitcoin-913b1f2a5eb2-win64-debug.zip 8ef87c85c520aef150f4c11a9082e8a0b1ac74c5b6f4fcdceb9e734eb8106bca guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/bitcoin-913b1f2a5eb2-win64-setup-unsigned.exe c5886ab3d6303bf8c946e4aafcfdfb5ee7dc9fbb50c34dfc5224db2f1f3b2a44 guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/bitcoin-913b1f2a5eb2-win64-unsigned.tar.gz f473902cea9e763b98ad69c5dcfaa990430f9b0f777112af5f1d289492d8cefe guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/bitcoin-913b1f2a5eb2-win64.zip ``` Guix Build (arm64): ```bash a175ce0055b206fe7b2752fa5ae33eed0f31236f7b37bbb530425532d88007c2 guix-build-913b1f2a5eb2/output/arm-linux-gnueabihf/SHA256SUMS.part 1ab5d59685593eedbb59b5284d81cce568a6c9c900303f97c69e8194cb5bb7f5 guix-build-913b1f2a5eb2/output/arm-linux-gnueabihf/bitcoin-913b1f2a5eb2-arm-linux-gnueabihf-debug.tar.gz 8d1b48d38b8af696b929ac077ba7e3dabb7c565862409b2f35db2217ab9bdb06 guix-build-913b1f2a5eb2/output/arm-linux-gnueabihf/bitcoin-913b1f2a5eb2-arm-linux-gnueabihf.tar.gz 90230652cb39e2707ac79569899183dc1ff5d08c059e7a01d0c65144251679b5 guix-build-913b1f2a5eb2/output/arm64-apple-darwin/SHA256SUMS.part 2b86da5e1ccebf348478ca69463d1be09c0f563ffa370ee5170c82ba706a7577 guix-build-913b1f2a5eb2/output/arm64-apple-darwin/bitcoin-913b1f2a5eb2-arm64-apple-darwin-unsigned.dmg 648e968dbf3af3bf8a79d714f4395091058e2ff4294b202a0dc9b5e0092b4732 guix-build-913b1f2a5eb2/output/arm64-apple-darwin/bitcoin-913b1f2a5eb2-arm64-apple-darwin-unsigned.tar.gz bebe7ed21e4f74866ca99be31839beff01eac57afbaa2878f5c6637f0239c631 guix-build-913b1f2a5eb2/output/arm64-apple-darwin/bitcoin-913b1f2a5eb2-arm64-apple-darwin.tar.gz f8fbc07221bd21f996dc29c65725740e9c2bfc9365367c806601f12b8e2d2691 guix-build-913b1f2a5eb2/output/dist-archive/bitcoin-913b1f2a5eb2.tar.gz 87156fe1fb397eaa1d1f15c36f2677b6aeb32eefac02202b2735f7d3165fceb1 guix-build-913b1f2a5eb2/output/powerpc64-linux-gnu/SHA256SUMS.part 5f06e885564780d7dce78cc8cbb21b8dd5addba8b90bb2b8a7f03e946b6ed633 guix-build-913b1f2a5eb2/output/powerpc64-linux-gnu/bitcoin-913b1f2a5eb2-powerpc64-linux-gnu-debug.tar.gz 95b9c0a7d82e7055c99d013fa183abf654caf14539c5ec9cfe785838f45747fc guix-build-913b1f2a5eb2/output/powerpc64-linux-gnu/bitcoin-913b1f2a5eb2-powerpc64-linux-gnu.tar.gz 8da6f0fb2bdc492f96ee70ca323787521e7fce7ebe2b9adb43b7b6ae56ff1916 guix-build-913b1f2a5eb2/output/powerpc64le-linux-gnu/SHA256SUMS.part a60623ac5bb76b3eae3129b4f32fe7287e526e043bd2e58f80ce5fccf91ef20c guix-build-913b1f2a5eb2/output/powerpc64le-linux-gnu/bitcoin-913b1f2a5eb2-powerpc64le-linux-gnu-debug.tar.gz c9bbdca3c41c3783d57734e0fda875a6353bbf8fec8c8e61f037259acaad28cd guix-build-913b1f2a5eb2/output/powerpc64le-linux-gnu/bitcoin-913b1f2a5eb2-powerpc64le-linux-gnu.tar.gz 5f76aef2eed312153b60712450b4376b4965c2b0c86d2ddfc0b7f3d23fb31eee guix-build-913b1f2a5eb2/output/riscv64-linux-gnu/SHA256SUMS.part 40ad7ca605bb75e153a481a455b344f27d9c0b713f1312fc2a7703116508a127 guix-build-913b1f2a5eb2/output/riscv64-linux-gnu/bitcoin-913b1f2a5eb2-riscv64-linux-gnu-debug.tar.gz 6031d28d6405f03b685884fdee6c2cc2126afffdc867ab743ca0c9cfcad81ac2 guix-build-913b1f2a5eb2/output/riscv64-linux-gnu/bitcoin-913b1f2a5eb2-riscv64-linux-gnu.tar.gz decb20f8de61e3eeda7e8f6fefcbaf56593c37d989672c6e7e2cd5c8e982c342 guix-build-913b1f2a5eb2/output/x86_64-apple-darwin/SHA256SUMS.part e14275e1bbbe54179fb68b50ed7c72de4c7ebc5b442c7793daf9974be523e8da guix-build-913b1f2a5eb2/output/x86_64-apple-darwin/bitcoin-913b1f2a5eb2-x86_64-apple-darwin-unsigned.dmg 6bb2d9f6c8123156b0e11b73f67f4e4e780e6bccb739e600f4e9b06b29aa3832 guix-build-913b1f2a5eb2/output/x86_64-apple-darwin/bitcoin-913b1f2a5eb2-x86_64-apple-darwin-unsigned.tar.gz 1f0fab16e32e4c9892b272edf43beb8e5de60bf8a04f41744809dc2a31b4f1b9 guix-build-913b1f2a5eb2/output/x86_64-apple-darwin/bitcoin-913b1f2a5eb2-x86_64-apple-darwin.tar.gz b90d8c7252fd42809ac9bf8c7e5cf9c9207f7412314e9e6904ee2e51222bc8c5 guix-build-913b1f2a5eb2/output/x86_64-linux-gnu/SHA256SUMS.part b6cbcd305a9b6b8dcc6be71703745835c9e3e7652a3f3b18e7018f5ddb0fc26d guix-build-913b1f2a5eb2/output/x86_64-linux-gnu/bitcoin-913b1f2a5eb2-x86_64-linux-gnu-debug.tar.gz 6da0cf8fedd9c285926c132102d1e8f9d6fde7e0ecdac3ba159a3464fc2e98c0 guix-build-913b1f2a5eb2/output/x86_64-linux-gnu/bitcoin-913b1f2a5eb2-x86_64-linux-gnu.tar.gz 30d2b25cdfce03edc2bfb8d39dcdcc6636ed3637cc0176f43f715dc795ab929e guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/SHA256SUMS.part 6028017fabcddac50857667d63da979b04a6dc331a26715f875e2db96b8935d7 guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/bitcoin-913b1f2a5eb2-win64-debug.zip 8ef87c85c520aef150f4c11a9082e8a0b1ac74c5b6f4fcdceb9e734eb8106bca guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/bitcoin-913b1f2a5eb2-win64-setup-unsigned.exe c5886ab3d6303bf8c946e4aafcfdfb5ee7dc9fbb50c34dfc5224db2f1f3b2a44 guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/bitcoin-913b1f2a5eb2-win64-unsigned.tar.gz 4af0477e156b9a0c6fa1754ba7446b8c6c021075531aa4051980e47fa586e196 guix-build-913b1f2a5eb2/output/x86_64-w64-mingw32/bitcoin-913b1f2a5eb2-win64.zip ``` Symbol exporting as of this PR (`bitcoind.exe`): ```bash Export Table: DLL name: bitcoind.exe Ordinal base: 1 Ordinal RVA Name 1 0xa09670 main ``` Symbol exporting in the 23.0 bins (`bitcoind.exe`): ```bash Export Table: DLL name: bitcoind.exe Ordinal base: 1 Ordinal RVA Name 1 0x5569f0 secp256k1_context_clone 2 0x556890 secp256k1_context_create 3 0x556bd0 secp256k1_context_destroy 4 0xa12710 secp256k1_context_no_precomp 5 0x556900 secp256k1_context_preallocated_clone 6 0x556740 secp256k1_context_preallocated_clone_size 7 0x556750 secp256k1_context_preallocated_create 8 0x556ae0 secp256k1_context_preallocated_destroy 9 0x556710 secp256k1_context_preallocated_size 10 0x5589c0 secp256k1_context_randomize 11 0x556c80 secp256k1_context_set_error_callback 12 0x556c20 secp256k1_context_set_illegal_callback 13 0x558260 secp256k1_ec_privkey_negate 14 0x5584e0 secp256k1_ec_privkey_tweak_add 15 0x558730 secp256k1_ec_privkey_tweak_mul 16 0x5572a0 secp256k1_ec_pubkey_cmp 17 0x5589f0 secp256k1_ec_pubkey_combine 18 0x557f40 secp256k1_ec_pubkey_create 19 0x558270 secp256k1_ec_pubkey_negate 20 0x556dc0 secp256k1_ec_pubkey_parse 21 0x5570d0 secp256k1_ec_pubkey_serialize 22 0x5584f0 secp256k1_ec_pubkey_tweak_add 23 0x558740 secp256k1_ec_pubkey_tweak_mul 24 0x558100 secp256k1_ec_seckey_negate 25 0x5583a0 secp256k1_ec_seckey_tweak_add 26 0x5585f0 secp256k1_ec_seckey_tweak_mul 27 0x557ed0 secp256k1_ec_seckey_verify 28 0x559120 secp256k1_ecdsa_recover 29 0x558f50 secp256k1_ecdsa_recoverable_signature_convert 30 0x558d00 secp256k1_ecdsa_recoverable_signature_parse_compact 31 0x558e70 secp256k1_ecdsa_recoverable_signature_serialize_compact 32 0x557da0 secp256k1_ecdsa_sign 33 0x558fe0 secp256k1_ecdsa_sign_recoverable 34 0x557ab0 secp256k1_ecdsa_signature_normalize 35 0x557540 secp256k1_ecdsa_signature_parse_compact 36 0x5573b0 secp256k1_ecdsa_signature_parse_der 37 0x557a10 secp256k1_ecdsa_signature_serialize_compact 38 0x557660 secp256k1_ecdsa_signature_serialize_der 39 0x557bf0 secp256k1_ecdsa_verify 40 0x5598a0 secp256k1_keypair_create 41 0x559af0 secp256k1_keypair_pub 42 0x559a60 secp256k1_keypair_sec 43 0x559bc0 secp256k1_keypair_xonly_pub 44 0x559d20 secp256k1_keypair_xonly_tweak_add 45 0xa9e0c0 secp256k1_nonce_function_bip340 46 0xa9e0e0 secp256k1_nonce_function_default 47 0xa9e0e8 secp256k1_nonce_function_rfc6979 48 0x559f00 secp256k1_schnorrsig_sign 49 0x559f30 secp256k1_schnorrsig_sign_custom 50 0x559fd0 secp256k1_schnorrsig_verify 51 0x556ce0 secp256k1_scratch_space_create 52 0x556d50 secp256k1_scratch_space_destroy 53 0x558c20 secp256k1_tagged_sha256 54 0x559470 secp256k1_xonly_pubkey_cmp 55 0x559530 secp256k1_xonly_pubkey_from_pubkey 56 0x559290 secp256k1_xonly_pubkey_parse 57 0x5593a0 secp256k1_xonly_pubkey_serialize 58 0x559650 secp256k1_xonly_pubkey_tweak_add 59 0x559780 secp256k1_xonly_pubkey_tweak_add_check ``` ACKs for top commit: laanwj: Code review ACK 913b1f2 theuni: ACK 913b1f2 Tree-SHA512: d3811c5731fab05bb68af72b7af231de8505b026bd1b2cd710e3e60386e793c2743412529142aa9893893f9d24c6e94dbac48ea59451bf55ae637d2e75e2b0a9
This was referenced Apr 19, 2023
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
#18702 added a work around for
bitcoin-cli.exe, to fix ASLR on Windows. ASLR was functioning for the rest of our binaries, mostly by accident, because:Upstream, libsecp256k1 has recently made a change to no-longer export symbols in static libraries (see related discussion in #25008). This would mean that on the next subtree update, anyone building using an older binutils (< 2.36) would be (silently) producing Windows binaries with non-functioning ASLR. Our release binaries would not be affected, as in our Guix environment we currently use binutils 2.37.
To prevent users building with older binutils from silently losing ASLR on Windows, this PR applies our work around (export
main) to the rest of our binaries, and updates the associated documentation to mention the affected binutils versions, so we know when it can be dropped.I've included both the libsecp256k1 subtree update, and the ASLR related changes in this PR. Happy to split the changes up if reviewers would prefer.
Guix Build (x86_64):
Guix Build (arm64):
Symbol exporting as of this PR (
bitcoind.exe):Export Table: DLL name: bitcoind.exe Ordinal base: 1 Ordinal RVA Name 1 0xa09670 mainSymbol exporting in the 23.0 bins (
bitcoind.exe):Export Table: DLL name: bitcoind.exe Ordinal base: 1 Ordinal RVA Name 1 0x5569f0 secp256k1_context_clone 2 0x556890 secp256k1_context_create 3 0x556bd0 secp256k1_context_destroy 4 0xa12710 secp256k1_context_no_precomp 5 0x556900 secp256k1_context_preallocated_clone 6 0x556740 secp256k1_context_preallocated_clone_size 7 0x556750 secp256k1_context_preallocated_create 8 0x556ae0 secp256k1_context_preallocated_destroy 9 0x556710 secp256k1_context_preallocated_size 10 0x5589c0 secp256k1_context_randomize 11 0x556c80 secp256k1_context_set_error_callback 12 0x556c20 secp256k1_context_set_illegal_callback 13 0x558260 secp256k1_ec_privkey_negate 14 0x5584e0 secp256k1_ec_privkey_tweak_add 15 0x558730 secp256k1_ec_privkey_tweak_mul 16 0x5572a0 secp256k1_ec_pubkey_cmp 17 0x5589f0 secp256k1_ec_pubkey_combine 18 0x557f40 secp256k1_ec_pubkey_create 19 0x558270 secp256k1_ec_pubkey_negate 20 0x556dc0 secp256k1_ec_pubkey_parse 21 0x5570d0 secp256k1_ec_pubkey_serialize 22 0x5584f0 secp256k1_ec_pubkey_tweak_add 23 0x558740 secp256k1_ec_pubkey_tweak_mul 24 0x558100 secp256k1_ec_seckey_negate 25 0x5583a0 secp256k1_ec_seckey_tweak_add 26 0x5585f0 secp256k1_ec_seckey_tweak_mul 27 0x557ed0 secp256k1_ec_seckey_verify 28 0x559120 secp256k1_ecdsa_recover 29 0x558f50 secp256k1_ecdsa_recoverable_signature_convert 30 0x558d00 secp256k1_ecdsa_recoverable_signature_parse_compact 31 0x558e70 secp256k1_ecdsa_recoverable_signature_serialize_compact 32 0x557da0 secp256k1_ecdsa_sign 33 0x558fe0 secp256k1_ecdsa_sign_recoverable 34 0x557ab0 secp256k1_ecdsa_signature_normalize 35 0x557540 secp256k1_ecdsa_signature_parse_compact 36 0x5573b0 secp256k1_ecdsa_signature_parse_der 37 0x557a10 secp256k1_ecdsa_signature_serialize_compact 38 0x557660 secp256k1_ecdsa_signature_serialize_der 39 0x557bf0 secp256k1_ecdsa_verify 40 0x5598a0 secp256k1_keypair_create 41 0x559af0 secp256k1_keypair_pub 42 0x559a60 secp256k1_keypair_sec 43 0x559bc0 secp256k1_keypair_xonly_pub 44 0x559d20 secp256k1_keypair_xonly_tweak_add 45 0xa9e0c0 secp256k1_nonce_function_bip340 46 0xa9e0e0 secp256k1_nonce_function_default 47 0xa9e0e8 secp256k1_nonce_function_rfc6979 48 0x559f00 secp256k1_schnorrsig_sign 49 0x559f30 secp256k1_schnorrsig_sign_custom 50 0x559fd0 secp256k1_schnorrsig_verify 51 0x556ce0 secp256k1_scratch_space_create 52 0x556d50 secp256k1_scratch_space_destroy 53 0x558c20 secp256k1_tagged_sha256 54 0x559470 secp256k1_xonly_pubkey_cmp 55 0x559530 secp256k1_xonly_pubkey_from_pubkey 56 0x559290 secp256k1_xonly_pubkey_parse 57 0x5593a0 secp256k1_xonly_pubkey_serialize 58 0x559650 secp256k1_xonly_pubkey_tweak_add 59 0x559780 secp256k1_xonly_pubkey_tweak_add_check