lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 20 Mar 2022 22:04:14 +0700
From:   Ammar Faizi <ammarfaizi2@...weeb.org>
To:     David Laight <David.Laight@...LAB.COM>, Willy Tarreau <w@....eu>
Cc:     "Paul E. McKenney" <paulmck@...nel.org>,
        Alviro Iskandar Setiawan <alviro.iskandar@...weeb.org>,
        Nugraha <richiisei@...il.com>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        GNU/Weeb Mailing List <gwml@...r.gnuweeb.org>,
        "x86@...nel.org" <x86@...nel.org>,
        "llvm@...ts.linux.dev" <llvm@...ts.linux.dev>
Subject: Re: [RFC PATCH v1 3/6] tools/nolibc: i386: Implement syscall with 6
 arguments

On 3/20/22 8:10 PM, David Laight wrote:
> From: Ammar Faizi
>> Sent: 20 March 2022 09:38
>>
>> In i386, the 6th argument of syscall goes in %ebp. However, both Clang
>> and GCC cannot use %ebp in the clobber list and in the "r" constraint
>> without using -fomit-frame-pointer. To make it always available for any
>> kind of compilation, the below workaround is implemented.
>>
>> For clang (the Assembly statement can't clobber %ebp):
>>    1) Save the %ebp value to the redzone area -4(%esp).
> 
> i386 doesn't have a redzone.
> If you get a signal it will trash -4(%sp)

OK, I missed that one. Thanks for reviewing this.

>> For GCC, fortunately it has a #pragma that can force a specific function
>> to be compiled with -fomit-frame-pointer, so it can always use "r"(var)
>> where `var` is a variable bound to %ebp.
> 
> How is that going to work for an inlined functon?

It works, but obviously the inline modifier here is just a hint for the
compiler, not a requirement. I just took a look at the GCC generated code.
It doesn't inline the ____do_syscall6() despite it's marked as inline.

I think this one shouldn't be marked as inline. I will remove the inline
in the next version.

> And using xchg is slow - it is always locked.
> 
> One possibility might be to do:
> 	push arg6
> 	push %ebp
> 	mov  %ebp, 4(%sp)

Did you mean `mov 4(%esp), %ebp`?

> 	int  0x80
> 	pop  %ebp
> 	add  %esp,4

I think your solution is better than the xchg approach (with the 3rd line
fixed). Will take this in for the next version.

> Although I'm not sure you really want to allocate 4k pages
> for every malloc() call.
> 
> Probably better to write a mini 'libc' that uses sbrk()
> and a best fit scan of a linear free list.

^ This part is addressed by Willy's response. I will still go with mmap()
in the next version.

And yes, we do waste space for small allocations here, but we don't hit
the scale that the waste space will cause problem.

-- 
Ammar Faizi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ