| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4ed833df-54e6-454a-ab1a-73967cc51054@huaweicloud.com>
Date: Sat, 28 Sep 2024 00:18:03 +0200
From: Jonas Oberhauser <jonas.oberhauser@...weicloud.com>
To: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Boqun Feng <boqun.feng@...il.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
linux-kernel@...r.kernel.org, rcu@...r.kernel.org, linux-mm@...ck.org,
lkmm@...ts.linux.dev, "Paul E. McKenney" <paulmck@...nel.org>,
Frederic Weisbecker <frederic@...nel.org>,
Neeraj Upadhyay <neeraj.upadhyay@...nel.org>,
Joel Fernandes <joel@...lfernandes.org>,
Josh Triplett <josh@...htriplett.org>, Uladzislau Rezki <urezki@...il.com>,
Steven Rostedt <rostedt@...dmis.org>, Lai Jiangshan
<jiangshanlai@...il.com>, Zqiang <qiang.zhang1211@...il.com>,
Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...hat.com>,
Will Deacon <will@...nel.org>, Waiman Long <longman@...hat.com>,
Mark Rutland <mark.rutland@....com>, Thomas Gleixner <tglx@...utronix.de>,
Kent Overstreet <kent.overstreet@...il.com>, Vlastimil Babka
<vbabka@...e.cz>, maged.michael@...il.com,
Neeraj Upadhyay <neeraj.upadhyay@....com>
Subject: Re: [RFC PATCH 1/4] hazptr: Add initial implementation of hazard
pointers
Am 9/27/2024 um 10:10 PM schrieb Mathieu Desnoyers:
> On 2024-09-27 21:23, Jonas Oberhauser wrote:
> [...]
>> That idea seems to be confirmed by this (atrocious, not to be copied!)
>> example:
>>
>> int fct_escape_address_of_b(void)
>> {
>> int *a, *b;
>>
>> do {
>> a = READ_ONCE(p);
>> asm volatile ("" : : : "memory");
>> b = READ_ONCE(p);
>> } while (a != b);
>>
>> // really really hide b
>> int **p = &b;
>> OPTIMIZER_HIDE_VAR(p);
>>
>> asm volatile ("" : : : "memory");
>> return *b;
>> }
>>
>> This also does not generate any additional instructions, unlike just
>> using OPTIMIZER_HIDE_VAR(b).
>>
>> What is the advantage of defining OPTIMIZE_HIDE_VAR the way it
>> currently works instead of like above?
>
> Did you try it on godbolt.org ? Does it have the intended effect ?
I certainly did try and certainly read it as having the intended effect,
otherwise I wouldn't have written that it seems confirmed.
However, just because my eyes read it doesn't mean that's what happened,
and even if it happened doesn't mean that it is guaranteed to happen.
> By the looks of it, you're just creating another version of @b called
> "p", which is then never used and would be discarded by further
> optimization. >
> I'm unsure what you are trying to achieve here.
Simply put I'm trying to let the compiler think that I leaked the
address of b. After that, the memory barrier should let it think that
the b after the memory barrier might not be the same as the one before
it (which was equal to a), forcing it to read from b.
However, I suppose on second thought that that might not be enough,
because the compiler could still simply do b = a right after exiting the
while loop.
And that is true no matter what we put behind the while loop or before
the condition, as long as the condition compares a and b, right after it
the compiler can do b = a. Just took me a while to see :))
I'm not sure why gcc does the b=a with the normal OPTIMIZER_HIDE_VAR but
(as far as I read the code) doesn't do it with the above. Maybe just a
weird corner case...
Have fun,
jonas
Powered by blists - more mailing lists