lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 8 Mar 2016 19:55:49 +0300
From:	Stas Sergeev <stsp@...t.ru>
To:	Ingo Molnar <mingo@...nel.org>
Cc:	linux-kernel@...r.kernel.org,
	Andy Lutomirski <luto@...capital.net>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
	Borislav Petkov <bp@...e.de>, Brian Gerst <brgerst@...il.com>,
	Oleg Nesterov <oleg@...hat.com>,
	Richard Weinberger <richard@....at>,
	Stas Sergeev <stsp@...rs.sourceforge.net>
Subject: Re: [PATCH] [Cleanup] x86: signal: unify the sigaltstack check with
 other arches

08.03.2016 19:20, Ingo Molnar пишет:
> * Stas Sergeev <stsp@...t.ru> wrote:
>
>> 25.02.2016 11:25, Ingo Molnar пишет:
>>> * Stas Sergeev <stsp@...t.ru> wrote:
>>>
>>>> Currently x86's get_sigframe() checks for "current->sas_ss_size"
>>>> to determine whether there is a need to switch to sigaltstack.
>>>> The common practice used by all other arches is to check for
>>>> sas_ss_flags(sp) == 0
>>>>
>>>> This patch makes the code consistent with other arches.
>>>> The slight complexity of the patch is added by the optimization on
>>>> !sigstack check that was requested by Andy Lutomirski: sas_ss_flags(sp)==0
>>>> already implies that we are not on a sigstack, so the code is shuffled
>>>> to avoid the duplicate checking.
>>> So this changelog is missing an analysis about what effect this change will have
>>> on applications. Can any type of user-space code see a change in behavior? If yes,
>>> what will happen and is that effect desirable?
>> This is a clean-up, and as such, there is no visible effect.
>> If there is - it is a bug.
>> The purpose of this patch is only to unify the x86 code with
>> what all the other arches do. It was initially the part of the
>> rejected series, but now it is just a clean-up.
> Ok, so AFAICS the relevant change is:
>
> -               if (current->sas_ss_size)
> -                       sp = current->sas_ss_sp + current->sas_ss_size;
> +               if (sas_ss_flags(sp) == 0)
> +                       sp = current->sas_ss_sp + current->sas_ss_size;
>
> and since sas_ss_flags() is defined as:
>
> static inline int sas_ss_flags(unsigned long sp)
> {
>          if (!current->sas_ss_size)
>                  return SS_DISABLE;
>
>          return on_sig_stack(sp) ? SS_ONSTACK : 0;
> }
>
> sas_ss_flags() returns 0 iff current->sas_ss_size && !on_sig_stack().
>
> But we already have on_sig_stack(sp) calculated. Why not write that as:
>
> +               if (current->sas_ss_size && !onsigstack)
> +                       sp = current->sas_ss_sp + current->sas_ss_size;
>
> and since we check '!onsigstack' in both branches, we might as well factor it out
> into a single condition ... and arrive to the exact code that we began with.
>
> So what happened is that every other arch has a non-optimal version of this
> function.
>
> And if you look at the x86-32 defconfig build size difference:
>
>     text    data     bss     dec     hex filename
>     4155       0       0    4155    103b signal.o.before
>     4299       0       0    4299    10cb signal.o.after
>
> i.e. your patch increases the generated code size. So I don't see the upside.
144 bytes increase?
The upside is to use the common functions, shared across
the arches, rather than making an assumptions on what that
function does, and inlining it.

> If this is really duplicated across architectures then we should perhaps try to
> factor out this check into kernel/signal.c or so, and share it between
> architectures more seriously?
IMHO you are trying to do the gcc work here.
It should inline the functions without your help.
Since all the above functions are in the sched.h header
and are marked as "inline", I think gcc has enough
information to not re-evaluate on_sig_stack() twice.
If it hits the memory barrier and does not trust the
previous value of on_sig_stack(), then perhaps you can
simply move the line "onsigstack = on_sig_stack();" right
before the SA_ONSTACK check. In this case I hope gcc
will be able to emit "if (current->sas_ss_size && !onsigstack)".
And if we had the common "if (!onsigstack)" for both branches,
that Andy asked the remove, then gcc perhaps could reduce
the check to just "if (current->sas_ss_size)"as it knows that
on_sig_stack() returns 0 here. Though I don't see any problem
for gcc to move the onsigstack check back, so that it to
cover both branches again.
So just moving the "onsigstack = on_sig_stack();" a few
lines down, should do what you want and generate the
code similar to the old one.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ