| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKwvOdnfh9nWwu1xV=WDbETGiabwDxXxQDRCAfpa-+kSZijb9w@mail.gmail.com>
Date: Tue, 18 Aug 2020 13:27:54 -0700
From: Nick Desaulniers <ndesaulniers@...gle.com>
To: Arvind Sankar <nivedita@...m.mit.edu>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
"H. Peter Anvin" <hpa@...or.com>,
Masahiro Yamada <masahiroy@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Michal Marek <michal.lkml@...kovi.net>,
Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>,
Kees Cook <keescook@...omium.org>,
Tony Luck <tony.luck@...el.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
Michael Ellerman <mpe@...erman.id.au>,
Joe Perches <joe@...ches.com>,
Joel Fernandes <joel@...lfernandes.org>,
Daniel Axtens <dja@...ens.net>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Alexandru Ardelean <alexandru.ardelean@...log.com>,
Yury Norov <yury.norov@...il.com>,
"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>,
Ard Biesheuvel <ardb@...nel.org>,
"Paul E . McKenney" <paulmck@...nel.org>,
Daniel Kiper <daniel.kiper@...cle.com>,
Bruce Ashfield <bruce.ashfield@...il.com>,
Marco Elver <elver@...gle.com>,
Vamshi K Sthambamkadi <vamshi.k.sthambamkadi@...il.com>,
Andi Kleen <ak@...e.de>,
Dávid Bolvanský <david.bolvansky@...il.com>,
Eli Friedman <efriedma@...cinc.com>
Subject: Re: [PATCH 0/4] -ffreestanding/-fno-builtin-* patches
On Tue, Aug 18, 2020 at 1:24 PM Arvind Sankar <nivedita@...m.mit.edu> wrote:
>
> On Tue, Aug 18, 2020 at 12:13:22PM -0700, Linus Torvalds wrote:
> > On Tue, Aug 18, 2020 at 12:03 PM H. Peter Anvin <hpa@...or.com> wrote:
> > >
> > > I'm not saying "change the semantics", nor am I saying that playing
> > > whack-a-mole *for a limited time* is unreasonable. But I would like to go back
> > > to the compiler authors and get them to implement such a #pragma: "this
> > > freestanding implementation *does* support *this specific library function*,
> > > and you are free to call it."
> >
> > I'd much rather just see the library functions as builtins that always
> > do the right thing (with the fallback being "just call the standard
> > function").
> >
> > IOW, there's nothing wrong with -ffreestanding if you then also have
> > __builtin_memcpy() etc, and they do the sane compiler optimizations
> > for memcpy().
> >
> > What we want to avoid is the compiler making *assumptions* based on
> > standard names, because we may implement some of those things
> > differently.
> >
>
> -ffreestanding as it stands today does have __builtin_memcpy and
> friends. But you need to then use #define memcpy __builtin_memcpy etc,
> which is messy and also doesn't fully express what you want. #pragma, or
> even just allowing -fbuiltin-foo options would be useful.
>
> The two compilers have some peculiarities, which means you really can't
> have functions with the same name that do something else if you want to
> use builtins at all, and can also lead to missed optimizations.
>
> For eg, __builtin_strchr(s,'\0') can be optimized to strlen. gcc will
> optimize it that way even if -ffreestanding is used (so strlen has to
> mean strlen), while clang won't, so it misses a potential optimization.
> This is admittedly a silly example, but you could imagine something like
> strncpy being optimized to memcpy+memset if the source length was
> previously computed.
>
> PS: clang optimizes sprintf, but doesn't provide __builtin_sprintf?
https://bugs.llvm.org/show_bug.cgi?id=47224
--
Thanks,
~Nick Desaulniers
Powered by blists - more mailing lists