| |||||||||||||
|
| |||||||||||||
Cross compiling compilerCross compiling compilerPosted Apr 9, 2004 6:29 UTC (Fri) by pynm0001 (guest, #18379)In reply to: Cross compiling compiler by libra Parent article: Green Hills Software on free software in the military
I'm not sure exactly what you mean, so I'm going to give an example, and you can tell me whether it's right or wrong. You're saying that if you have (say) Solaris CC on Pentium compiling for Sparc, and gcc on PowerPC compiling for Sparc, that the resulting object code for Sparc should be identical on both machines? The answer would be no, unfortunately, unless a fluke occurred. If both compilers are good, they will produce equivalent code, but the code will almost certainly not be byte-for-byte equal. However, even if the compilers produce byte-for-byte identical code, that doesn't mean that secret code in a compiler is impossible, because I could go and write a compiler later that adds secret code. The problem with your logic is that producing identical output for two compilers doesn't imply that all compilers on all platforms are either all corrupt or all clean.
(Log in to post comments)
Cross compiling compiler Posted Apr 9, 2004 7:28 UTC (Fri) by baldrick (subscriber, #4123) [Link] Probably what he means is that you bootstrap gcc using a non-gcccompiler and also using gcc itself. If the final gcc you get is the same in both cases then you can be pretty sure there is no Thompson trojan lurking inside gcc. I understand that this is one of the reasons the gcc developers work hard to make gcc compilable by a wide range of other compilers.
Cross compiling compiler Posted Apr 9, 2004 7:37 UTC (Fri) by pynm0001 (guest, #18379) [Link] Ah, that's a good idea. Although I feel that my other argument aboutequivalent code remains. A non-gcc compiler shouldn't produce the same exact binary that gcc itself would, merely one which works the same.
Cross compiling compiler Posted Apr 9, 2004 12:13 UTC (Fri) by libra (guest, #2515) [Link] That's why I added the term iteration in my post. The idea is :Compile GCC with compiler C_A on platform P_A for platform P Then on platform P you have GCC_A and GCC_B, they are certainly note binary equivalent, but functionally shall be. As the code has been audited, and two platforms/compiler were involved, we may assume that one of the two is not tainted. So now we do : Compile GCC with GCC_A on P If both GCC_A and GCC_B are really functionally equivalent then the results shall now be binary identical (at that iteration, or maybe at the next one due to some cross compilation problems that may occur). If you can never reach an iteration where both results are stable and identical, then you have a problem, otherwise you nearly have the proof you want (unless all compiler of the world are tainted the same way, highly unlikely). Note that for better results it shall be done with 3 or 4 different compiler. Also note that if you find a small binary difference at some point you may very well gain the key of the backdoor (in GCC or in C_x) by analyzing that difference, unless it is just a bug you would have to point out for the improvement of GCC. Sorry not to have been clear the first time. Hope it is OK now.
Cross compiling compiler Posted Apr 9, 2004 19:54 UTC (Fri) by pynm0001 (guest, #18379) [Link] I see what you're saying now (I was up too late last night :-( ).Indeed, it sounds like a very good idea, I can't see any flaws in the logic. Of course, we can't even apply that test to MSVC, so I guess Open Source wins another security battle due to the other side's forfeit. :-)
|
|
||||||||||||