Google Git
Sign in
boringssl/boringssl.git/3a3552247ecb0bfb260a36d9da7a3bce7fdc3f8a^!/.
commit
3a3552247ecb0bfb260a36d9da7a3bce7fdc3f8a
[log] [tgz]
author
Adam Langley <agl@google.com>
Wed Sep 25 15:51:53 2019 -0700
committer
Adam Langley <agl@google.com>
Wed Sep 25 23:18:21 2019 +0000
tree
e102efd27bce5184519a4fbfb728605f0b6c8fca
parent
622e46bf27d74a8ac405c1465cf23680e73af02a [diff]
Only attempt to mprotect FIPS module for AArch64.

This need doesn't arise on other Android platforms at the current time.

Change-Id: I38c9b5417ec6717210f5797d86d226ab0d9a4232
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/37744
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c
index 54f113b..2706722 100644
--- a/crypto/fipsmodule/bcm.c
+++ b/crypto/fipsmodule/bcm.c

@@ -115,7 +115,7 @@
 extern const uint8_t BORINGSSL_bcm_rodata_end[];
 #endif
 
-#if defined(OPENSSL_ANDROID)
+#if defined(OPENSSL_ANDROID) && defined(OPENSSL_AARCH64)
 static void BORINGSSL_maybe_set_module_text_permissions(int permission) {
   // Android may be compiled in execute-only-memory mode, in which case the
   // .text segment cannot be read. That conflicts with the need for a FIPS