Hello, the attached patches have been used to successfully enable and test Intel CET support in an Intel emulator on SDV hardware.
The patches are minimally intrusive and enable to use a future countermeasure that is very useful as it makes ROP attacks very hard to carry out. GCC already has all the needed support to create CET hardened code, however the hand-coded assembly needs to be changed to conform. Without these changes all the binaries that load nettle will otherwise have CET disabled, as it is an all-or-nothing at the binary level and missing ENDBRANCH instruction cause the program to terminate on indirect jump/call instructions. The second patch is used to make the system happy when hardening flags are enabled in gcc, as it generates the appropriate section information that tells the linker all is good. Unfortunately I do not have actual tests for this feature (one of the reasons why it is behind a configure flag even though it is safe to add the code on any x86 hardware) because the only real way to test this is to run on hardware or emulators that cause the segfaults on errors. But we can add a simple test later once hardware becomes available. Finally while looking at the assembly I noticed that some functions have a PROLOGUE() defined but not an EPILOGUE() macro defined in their .asm files. It is unclear to me if this is an error or intentional so didn't touch those, it doesn't affect functionality for this patch anyway. HTH, Simo. -- Simo Sorce Sr. Principal Software Engineer Red Hat, Inc
From de1b9bfeb4f8ad9a6bf8608c4b8c727dba315982 Mon Sep 17 00:00:00 2001 From: Simo Sorce <s...@redhat.com> Date: Tue, 23 Apr 2019 18:03:35 -0400 Subject: [PATCH 1/2] Add Intel CET protection support In upcoming processors Intel will make available Control-Flow Enforcement Technology, which is comprised of two hardware countermeasures against ROP based attacks. The first is called Shadow Stack and checks that return from function calls are not tampered with by keeping a shadow stack that cannot be modified by aplications. This measure requires no code changes (except for code that intentionally modifes the return pointer on the stack). The second is called Indirect Branch Tracking and is used to insure only targets of indirect jumps are actually jumped to. This requires modification of code to insert a special instruction that identifies a valid indirect jump target. When enforcement is turned on, if an indirect jump does not end on this special instruction the cpu raises an exception. These instructions are noops on older CPU models so it is safe to use them in all x86(_64) code. To enable these protections gcc also inroduces a new GNU property note section that marks a piece of code as CET ready. If the note is in place the dynamic linker will be able to confirm that all loaded libraries support CET and will turn on CET protection for the binary. The changes here consist mostly in adding the GNU property note section to all x86(_64) assembly files and the proper ENDBRANCH instruction for the function entrypoints which is where other code calls into via indirect call. Signed-off-by: Simo Sorce <s...@redhat.com> --- asm.m4 | 25 ++++++++++++++++++++++++- config.m4.in | 2 ++ configure.ac | 17 +++++++++++++++++ x86/aes-decrypt-internal.asm | 1 + x86/aes-encrypt-internal.asm | 1 + x86/arcfour-crypt.asm | 1 + x86/camellia-crypt-internal.asm | 1 + x86/md5-compress.asm | 1 + x86/sha1-compress.asm | 1 + x86_64/aes-decrypt-internal.asm | 4 +++- x86_64/aes-encrypt-internal.asm | 3 ++- x86_64/aesni/aes-decrypt-internal.asm | 1 + x86_64/aesni/aes-encrypt-internal.asm | 1 + x86_64/camellia-crypt-internal.asm | 1 + x86_64/chacha-core-internal.asm | 3 ++- x86_64/fat/cpuid.asm | 2 +- x86_64/gcm-hash8.asm | 1 + x86_64/md5-compress.asm | 1 + x86_64/memxor.asm | 1 + x86_64/memxor3.asm | 1 + x86_64/poly1305-internal.asm | 1 + x86_64/salsa20-core-internal.asm | 1 + x86_64/salsa20-crypt.asm | 1 + x86_64/serpent-decrypt.asm | 2 ++ x86_64/serpent-encrypt.asm | 2 ++ x86_64/sha1-compress.asm | 1 + x86_64/sha256-compress.asm | 1 + x86_64/sha3-permute.asm | 1 + x86_64/sha512-compress.asm | 1 + x86_64/sha_ni/sha1-compress.asm | 1 + x86_64/sha_ni/sha256-compress.asm | 1 + x86_64/umac-nh-n.asm | 1 + x86_64/umac-nh.asm | 1 + 33 files changed, 79 insertions(+), 5 deletions(-) diff --git a/asm.m4 b/asm.m4 index 8da47201..c6db52e5 100644 --- a/asm.m4 +++ b/asm.m4 @@ -32,7 +32,8 @@ define(<GMP_NUMB_BITS>,<>)dnl define(<PROLOGUE>, <.globl C_NAME($1) DECLARE_FUNC(C_NAME($1)) -C_NAME($1):>) +C_NAME($1): +CET_ENDBR>) define(<EPILOGUE>, <ifelse(ELF_STYLE,yes, @@ -59,6 +60,28 @@ WORDS_BIGENDIAN,no,<$2>, m4exit(1)>)>) define(<IF_LE>, <IF_BE(<$2>, <$1>)>) +dnl GNU properties section to enable CET protections +define(<GNU_CET_SECTION>, +<ifelse(CET_PROTECTION,yes, +<.pushsection .note.gnu.property,"a" +ALIGN(8) +.long 1f - 0f +.long 4f - 1f +.long 5 +0: +.string "GNU" +1: +ALIGN(8) +.long 0xc0000002 +.long 3f - 2f +2: +.long 0x03 +3: +ALIGN(8) +4: +.popsection +>,<>)>) + dnl Struct defining macros dnl STRUCTURE(prefix) diff --git a/config.m4.in b/config.m4.in index 11f90a40..c3ebad60 100644 --- a/config.m4.in +++ b/config.m4.in @@ -8,6 +8,8 @@ define(<ALIGN_LOG>, <@ASM_ALIGN_LOG@>)dnl define(<W64_ABI>, <@W64_ABI@>)dnl define(<RODATA>, <@ASM_RODATA@>)dnl define(<WORDS_BIGENDIAN>, <@ASM_WORDS_BIGENDIAN@>)dnl +define(<CET_PROTECTION>, <@ASM_CET_PROTECTION@>)dnl +define(<CET_ENDBR>, <@ASM_CET_ENDBR@>)dnl divert(1) @ASM_MARK_NOEXEC_STACK@ divert diff --git a/configure.ac b/configure.ac index 00d2bf5d..6e12bb1f 100644 --- a/configure.ac +++ b/configure.ac @@ -93,6 +93,10 @@ AC_ARG_ENABLE(mini-gmp, AC_HELP_STRING([--enable-mini-gmp], [Enable mini-gmp, used instead of libgmp.]),, [enable_mini_gmp=no]) +AC_ARG_ENABLE(cet-protection, + AC_HELP_STRING([--enable-cet-protection], [Enable intel CET protection instructions. (default=no)]),, + [enable_cet_protection=no]) + if test "x$enable_mini_gmp" = xyes ; then NETTLE_USE_MINI_GMP=1 HOGWEED_EXTRA_SYMBOLS="mpz_*;gmp_*;mpn_*;mp_*;" @@ -701,6 +705,8 @@ ASM_COFF_STYLE='no' ASM_TYPE_FUNCTION='@function' ASM_TYPE_PROGBITS='@progbits' ASM_MARK_NOEXEC_STACK='' +ASM_CET_PROTECTION='no' +ASM_CET_ENDBR='' ASM_ALIGN_LOG='' if test x$enable_assembler = xyes ; then @@ -812,6 +818,15 @@ EOF [nettle_cv_asm_align_log=yes], [nettle_cv_asm_align_log=no])]) ASM_ALIGN_LOG="$nettle_cv_asm_align_log" + + if test "x$enable_cet_protection" = xyes ; then + ASM_CET_PROTECTION=yes + if test "$ABI" = 64 ; then + ASM_CET_ENDBR=endbr64 + else + ASM_CET_ENDBR=endbr32 + fi + fi fi AC_SUBST(ASM_SYMBOL_PREFIX) @@ -823,6 +838,8 @@ AC_SUBST(ASM_MARK_NOEXEC_STACK) AC_SUBST(ASM_ALIGN_LOG) AC_SUBST(W64_ABI) AC_SUBST(ASM_WORDS_BIGENDIAN) +AC_SUBST(ASM_CET_PROTECTION) +AC_SUBST(ASM_CET_ENDBR) AC_SUBST(EMULATOR) AC_SUBST(LIBNETTLE_MAJOR) diff --git a/x86/aes-decrypt-internal.asm b/x86/aes-decrypt-internal.asm index ff535b6a..1d16f6db 100644 --- a/x86/aes-decrypt-internal.asm +++ b/x86/aes-decrypt-internal.asm @@ -175,3 +175,4 @@ PROLOGUE(_nettle_aes_decrypt) popl %ebx ret EPILOGUE(_nettle_aes_decrypt) +GNU_CET_SECTION() diff --git a/x86/aes-encrypt-internal.asm b/x86/aes-encrypt-internal.asm index 934158f7..d9579e04 100644 --- a/x86/aes-encrypt-internal.asm +++ b/x86/aes-encrypt-internal.asm @@ -175,3 +175,4 @@ PROLOGUE(_nettle_aes_encrypt) popl %ebx ret EPILOGUE(_nettle_aes_encrypt) +GNU_CET_SECTION() diff --git a/x86/arcfour-crypt.asm b/x86/arcfour-crypt.asm index df3fe869..11f592e7 100644 --- a/x86/arcfour-crypt.asm +++ b/x86/arcfour-crypt.asm @@ -123,3 +123,4 @@ C .Lloop_done: popl %ebx ret EPILOGUE(nettle_arcfour_crypt) +GNU_CET_SECTION() diff --git a/x86/camellia-crypt-internal.asm b/x86/camellia-crypt-internal.asm index ce8c57f0..afac1fcc 100644 --- a/x86/camellia-crypt-internal.asm +++ b/x86/camellia-crypt-internal.asm @@ -223,3 +223,4 @@ PROLOGUE(_nettle_camellia_crypt) popl %ebx ret EPILOGUE(_nettle_camellia_crypt) +GNU_CET_SECTION() diff --git a/x86/md5-compress.asm b/x86/md5-compress.asm index c849c082..6293f052 100644 --- a/x86/md5-compress.asm +++ b/x86/md5-compress.asm @@ -185,3 +185,4 @@ PROLOGUE(nettle_md5_compress) popl %ebx ret EPILOGUE(nettle_md5_compress) +GNU_CET_SECTION() diff --git a/x86/sha1-compress.asm b/x86/sha1-compress.asm index 03bdcdc9..4e1f121c 100644 --- a/x86/sha1-compress.asm +++ b/x86/sha1-compress.asm @@ -1541,6 +1541,7 @@ C ROUND_F2(SB, SC, SD, SE, SA, 79, K4VALUE) popl %ebx ret EPILOGUE(nettle_sha1_compress) +GNU_CET_SECTION() C TODO: diff --git a/x86_64/aes-decrypt-internal.asm b/x86_64/aes-decrypt-internal.asm index 43f2f394..5db39868 100644 --- a/x86_64/aes-decrypt-internal.asm +++ b/x86_64/aes-decrypt-internal.asm @@ -62,7 +62,7 @@ C work. define(<TMP>,<%rbp>) .file "aes-decrypt-internal.asm" - + C _aes_decrypt(unsigned rounds, const uint32_t *keys, C const struct aes_table *T, C size_t length, uint8_t *dst, @@ -70,6 +70,7 @@ define(<TMP>,<%rbp>) .text ALIGN(16) PROLOGUE(_nettle_aes_decrypt) + W64_ENTRY(6, 0) test PARAM_LENGTH, PARAM_LENGTH jz .Lend @@ -150,3 +151,4 @@ PROLOGUE(_nettle_aes_decrypt) W64_EXIT(6, 0) ret EPILOGUE(_nettle_aes_decrypt) +GNU_CET_SECTION() diff --git a/x86_64/aes-encrypt-internal.asm b/x86_64/aes-encrypt-internal.asm index dfb498f5..93c0774a 100644 --- a/x86_64/aes-encrypt-internal.asm +++ b/x86_64/aes-encrypt-internal.asm @@ -63,7 +63,7 @@ C work. define(<TMP>,<%rbp>) .file "aes-encrypt-internal.asm" - + C _aes_encrypt(unsigned rounds, const uint32_t *keys, C const struct aes_table *T, C size_t length, uint8_t *dst, @@ -151,3 +151,4 @@ PROLOGUE(_nettle_aes_encrypt) W64_EXIT(6, 0) ret EPILOGUE(_nettle_aes_encrypt) +GNU_CET_SECTION() diff --git a/x86_64/aesni/aes-decrypt-internal.asm b/x86_64/aesni/aes-decrypt-internal.asm index 3d6d6e30..1b1a1a4d 100644 --- a/x86_64/aesni/aes-decrypt-internal.asm +++ b/x86_64/aesni/aes-decrypt-internal.asm @@ -132,3 +132,4 @@ PROLOGUE(_nettle_aes_decrypt) W64_EXIT(6, 16) ret EPILOGUE(_nettle_aes_decrypt) +GNU_CET_SECTION() diff --git a/x86_64/aesni/aes-encrypt-internal.asm b/x86_64/aesni/aes-encrypt-internal.asm index 99caf1f8..f7338ef6 100644 --- a/x86_64/aesni/aes-encrypt-internal.asm +++ b/x86_64/aesni/aes-encrypt-internal.asm @@ -132,3 +132,4 @@ PROLOGUE(_nettle_aes_encrypt) W64_EXIT(6, 16) ret EPILOGUE(_nettle_aes_encrypt) +GNU_CET_SECTION() diff --git a/x86_64/camellia-crypt-internal.asm b/x86_64/camellia-crypt-internal.asm index 040e030f..71750172 100644 --- a/x86_64/camellia-crypt-internal.asm +++ b/x86_64/camellia-crypt-internal.asm @@ -200,3 +200,4 @@ PROLOGUE(_nettle_camellia_crypt) W64_EXIT(6, 0) ret EPILOGUE(_nettle_camellia_crypt) +GNU_CET_SECTION() diff --git a/x86_64/chacha-core-internal.asm b/x86_64/chacha-core-internal.asm index 9e5dc394..125adfe8 100644 --- a/x86_64/chacha-core-internal.asm +++ b/x86_64/chacha-core-internal.asm @@ -82,7 +82,7 @@ define(<QROUND>, < psrld <$>25, T0 por T0, X1 >) - + C _chacha_core(uint32_t *dst, const uint32_t *src, unsigned rounds) .text ALIGN(16) @@ -126,3 +126,4 @@ PROLOGUE(_nettle_chacha_core) W64_EXIT(3, 6) ret EPILOGUE(_nettle_chacha_core) +GNU_CET_SECTION() diff --git a/x86_64/fat/cpuid.asm b/x86_64/fat/cpuid.asm index f317d56e..c4a5b538 100644 --- a/x86_64/fat/cpuid.asm +++ b/x86_64/fat/cpuid.asm @@ -56,4 +56,4 @@ PROLOGUE(_nettle_cpuid) W64_EXIT(2) ret EPILOGUE(_nettle_cpuid) - +GNU_CET_SECTION() diff --git a/x86_64/gcm-hash8.asm b/x86_64/gcm-hash8.asm index bfaa6ef8..54608ae8 100644 --- a/x86_64/gcm-hash8.asm +++ b/x86_64/gcm-hash8.asm @@ -199,6 +199,7 @@ ALIGN(16) jnz .Lread_loop ret EPILOGUE(_nettle_gcm_hash8) +GNU_CET_SECTION() define(<W>, <0x$2$1>) RODATA diff --git a/x86_64/md5-compress.asm b/x86_64/md5-compress.asm index 182b8f18..ef1fcb89 100644 --- a/x86_64/md5-compress.asm +++ b/x86_64/md5-compress.asm @@ -174,3 +174,4 @@ PROLOGUE(nettle_md5_compress) ret EPILOGUE(nettle_md5_compress) +GNU_CET_SECTION() diff --git a/x86_64/memxor.asm b/x86_64/memxor.asm index f07f0017..a0ea94b4 100644 --- a/x86_64/memxor.asm +++ b/x86_64/memxor.asm @@ -171,3 +171,4 @@ ifdef(<USE_SSE2>, < >) EPILOGUE(nettle_memxor) +GNU_CET_SECTION() diff --git a/x86_64/memxor3.asm b/x86_64/memxor3.asm index 8ff3e79c..b0c0e35c 100644 --- a/x86_64/memxor3.asm +++ b/x86_64/memxor3.asm @@ -261,3 +261,4 @@ ifelse(USE_SSE2, yes, < EPILOGUE(nettle_memxor3) +GNU_CET_SECTION() diff --git a/x86_64/poly1305-internal.asm b/x86_64/poly1305-internal.asm index c780d122..d7edc4f9 100644 --- a/x86_64/poly1305-internal.asm +++ b/x86_64/poly1305-internal.asm @@ -183,3 +183,4 @@ define(<T1>, <%rax>) W64_EXIT(2, 0) ret +GNU_CET_SECTION() diff --git a/x86_64/salsa20-core-internal.asm b/x86_64/salsa20-core-internal.asm index 4ef07be0..c1690880 100644 --- a/x86_64/salsa20-core-internal.asm +++ b/x86_64/salsa20-core-internal.asm @@ -109,3 +109,4 @@ PROLOGUE(_nettle_salsa20_core) W64_EXIT(3, 9) ret EPILOGUE(_nettle_salsa20_core) +GNU_CET_SECTION() diff --git a/x86_64/salsa20-crypt.asm b/x86_64/salsa20-crypt.asm index cc1d58ca..e0348956 100644 --- a/x86_64/salsa20-crypt.asm +++ b/x86_64/salsa20-crypt.asm @@ -245,3 +245,4 @@ PROLOGUE(nettle_salsa20_crypt) ret EPILOGUE(nettle_salsa20_crypt) +GNU_CET_SECTION() diff --git a/x86_64/serpent-decrypt.asm b/x86_64/serpent-decrypt.asm index ee4bf9ad..9a93dfc7 100644 --- a/x86_64/serpent-decrypt.asm +++ b/x86_64/serpent-decrypt.asm @@ -713,3 +713,5 @@ PROLOGUE(nettle_serpent_decrypt) pop %rbx W64_EXIT(4, 13) ret + +GNU_CET_SECTION() diff --git a/x86_64/serpent-encrypt.asm b/x86_64/serpent-encrypt.asm index d6636537..a29358ca 100644 --- a/x86_64/serpent-encrypt.asm +++ b/x86_64/serpent-encrypt.asm @@ -748,3 +748,5 @@ C parallell. pop %rbx W64_EXIT(4, 13) ret + +GNU_CET_SECTION() diff --git a/x86_64/sha1-compress.asm b/x86_64/sha1-compress.asm index dd48de0e..54dfa313 100644 --- a/x86_64/sha1-compress.asm +++ b/x86_64/sha1-compress.asm @@ -305,3 +305,4 @@ PROLOGUE(nettle_sha1_compress) W64_EXIT(2, 0) ret EPILOGUE(nettle_sha1_compress) +GNU_CET_SECTION() diff --git a/x86_64/sha256-compress.asm b/x86_64/sha256-compress.asm index 5b7d0dcd..8dbccc5b 100644 --- a/x86_64/sha256-compress.asm +++ b/x86_64/sha256-compress.asm @@ -208,3 +208,4 @@ PROLOGUE(_nettle_sha256_compress) W64_EXIT(3, 0) ret EPILOGUE(_nettle_sha256_compress) +GNU_CET_SECTION() diff --git a/x86_64/sha3-permute.asm b/x86_64/sha3-permute.asm index 805b59af..a4d0cf0b 100644 --- a/x86_64/sha3-permute.asm +++ b/x86_64/sha3-permute.asm @@ -107,6 +107,7 @@ define(<ROTL64>, < C sha3_permute(struct sha3_state *ctx) .text +GNU_CET_SECTION() ALIGN(16) PROLOGUE(nettle_sha3_permute) W64_ENTRY(1, 16) diff --git a/x86_64/sha512-compress.asm b/x86_64/sha512-compress.asm index 4ff1f32a..37563e93 100644 --- a/x86_64/sha512-compress.asm +++ b/x86_64/sha512-compress.asm @@ -208,3 +208,4 @@ PROLOGUE(_nettle_sha512_compress) W64_EXIT(3, 0) ret EPILOGUE(_nettle_sha512_compress) +GNU_CET_SECTION() diff --git a/x86_64/sha_ni/sha1-compress.asm b/x86_64/sha_ni/sha1-compress.asm index ab848fdd..3cbca5e2 100644 --- a/x86_64/sha_ni/sha1-compress.asm +++ b/x86_64/sha_ni/sha1-compress.asm @@ -146,3 +146,4 @@ PROLOGUE(nettle_sha1_compress) W64_EXIT(2, 10) ret EPILOGUE(nettle_sha1_compress) +GNU_CET_SECTION() diff --git a/x86_64/sha_ni/sha256-compress.asm b/x86_64/sha_ni/sha256-compress.asm index f2a4bd32..f9fe3757 100644 --- a/x86_64/sha_ni/sha256-compress.asm +++ b/x86_64/sha_ni/sha256-compress.asm @@ -173,3 +173,4 @@ PROLOGUE(_nettle_sha256_compress) W64_EXIT(3, 10) ret EPILOGUE(_nettle_sha256_compress) +GNU_CET_SECTION() diff --git a/x86_64/umac-nh-n.asm b/x86_64/umac-nh-n.asm index ecb6396a..195d5886 100644 --- a/x86_64/umac-nh-n.asm +++ b/x86_64/umac-nh-n.asm @@ -273,3 +273,4 @@ PROLOGUE(_nettle_umac_nh_n) W64_EXIT(5, 14) ret EPILOGUE(_nettle_umac_nh_n) +GNU_CET_SECTION() diff --git a/x86_64/umac-nh.asm b/x86_64/umac-nh.asm index a6938e02..7bfc87ba 100644 --- a/x86_64/umac-nh.asm +++ b/x86_64/umac-nh.asm @@ -79,3 +79,4 @@ PROLOGUE(_nettle_umac_nh) W64_EXIT(3, 7) ret EPILOGUE(_nettle_umac_nh) +GNU_CET_SECTION() -- 2.20.1
From f93675c080f5244216b77664d7ce27daab89ec39 Mon Sep 17 00:00:00 2001 From: Simo Sorce <s...@redhat.com> Date: Wed, 24 Apr 2019 16:13:59 -0400 Subject: [PATCH 2/2] Fix generation of build notes if supported This is needed to build correctly on platfroms that use hardening flags and build notes on .c files. Signed-off-by: Simo Sorce <s...@redhat.com> --- Makefile.in | 4 +++- configure.ac | 23 +++++++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index 440de9f7..4e603047 100644 --- a/Makefile.in +++ b/Makefile.in @@ -17,6 +17,8 @@ OPT_HOGWEED_OBJS = @OPT_HOGWEED_OBJS@ OPT_NETTLE_SOURCES = @OPT_NETTLE_SOURCES@ +ASM_GEN_BUILD_NOTES = @ASM_GEN_BUILD_NOTES@ + SUBDIRS = tools testsuite examples include config.make @@ -396,7 +398,7 @@ ecc-25519.$(OBJEXT): ecc-25519.h .asm.$(OBJEXT): $(srcdir)/asm.m4 machine.m4 config.m4 $(M4) $(srcdir)/asm.m4 machine.m4 config.m4 $< >$*.s - $(COMPILE) -c $*.s + $(COMPILE) -c $*.s $(ASM_GEN_BUILD_NOTES) @echo "$@ : $< $(srcdir)/asm.m4 machine.m4 config.m4" >$@.d # Texinfo rules diff --git a/configure.ac b/configure.ac index 6e12bb1f..87a97468 100644 --- a/configure.ac +++ b/configure.ac @@ -708,6 +708,7 @@ ASM_MARK_NOEXEC_STACK='' ASM_CET_PROTECTION='no' ASM_CET_ENDBR='' ASM_ALIGN_LOG='' +ASM_GEN_BUILD_NOTES='' if test x$enable_assembler = xyes ; then AC_CACHE_CHECK([if globals are prefixed by underscore], @@ -827,6 +828,27 @@ EOF ASM_CET_ENDBR=endbr32 fi fi + + AC_CACHE_CHECK([if --generate-missing-build-notes is supported], + nettle_cv_asm_build_notes, + [ # Default + nettle_cv_asm_build_notes=no + + cat >conftest.s << EOF +.text +EOF + FLAG="-Wa,--generate-missing-build-notes=yes" + nettle_assemble="$CC $CFLAGS $CPPFLAGS -c conftest.s $FLAG >conftest.out 2>&1" + if AC_TRY_EVAL(nettle_assemble); then + nettle_cv_asm_build_notes=yes + else + nettle_cv_asm_build_notes=no + fi + rm -f conftest.*]) + if test x$nettle_cv_asm_build_notes = xyes ; then + ASM_GEN_BUILD_NOTES='-Wa,--generate-missing-build-notes=yes' + fi + fi AC_SUBST(ASM_SYMBOL_PREFIX) @@ -840,6 +862,7 @@ AC_SUBST(W64_ABI) AC_SUBST(ASM_WORDS_BIGENDIAN) AC_SUBST(ASM_CET_PROTECTION) AC_SUBST(ASM_CET_ENDBR) +AC_SUBST(ASM_GEN_BUILD_NOTES) AC_SUBST(EMULATOR) AC_SUBST(LIBNETTLE_MAJOR) -- 2.20.1
_______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs