[RFC PATCH glibc 17/34] hurd: Implement x86_64/intr-msg.h

Samuel Thibault samuel.thibault@gnu.org
Mon Apr 10 18:41:39 GMT 2023


Applied, thanks!

Sergey Bugaev, le dim. 19 mars 2023 18:10:00 +0300, a ecrit:
> This is a prelimenary version of intr-msg.h. I can't know whether or not
> it works until we can test it.

Sure :)

> The code relies on syscall preserving values
> of the registers used to pass syscall arguments. The code in SYSCALL_EXAMINE
> that just compares two bytes to the encoded syscall instruction is sure to
> give many false positives; we're going to need to come up with a more reliable
> scheme.

Not necessarily: this is only used for msg_report_wait, which is already
extra cautious about what it's doing, at worse it will report dumb
information, which should be fine enough for msg_report_wait.  Possibly
we could filter out by addresses of the functions known to perform an
actual system call.

Samuel

>  sysdeps/mach/hurd/x86_64/intr-msg.h | 119 ++++++++++++++++++++++++++++
>  1 file changed, 119 insertions(+)
>  create mode 100644 sysdeps/mach/hurd/x86_64/intr-msg.h
> 
> diff --git a/sysdeps/mach/hurd/x86_64/intr-msg.h b/sysdeps/mach/hurd/x86_64/intr-msg.h
> new file mode 100644
> index 00000000..5d94c85f
> --- /dev/null
> +++ b/sysdeps/mach/hurd/x86_64/intr-msg.h
> @@ -0,0 +1,119 @@
> +/* Machine-dependent details of interruptible RPC messaging.  x86_64 version.
> +   Copyright (C) 1995-2023 Free Software Foundation, Inc.
> +   This file is part of the GNU C Library.
> +
> +   The GNU C Library is free software; you can redistribute it and/or
> +   modify it under the terms of the GNU Lesser General Public
> +   License as published by the Free Software Foundation; either
> +   version 2.1 of the License, or (at your option) any later version.
> +
> +   The GNU C Library is distributed in the hope that it will be useful,
> +   but WITHOUT ANY WARRANTY; without even the implied warranty of
> +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +   Lesser General Public License for more details.
> +
> +   You should have received a copy of the GNU Lesser General Public
> +   License along with the GNU C Library; if not, see
> +   <https://www.gnu.org/licenses/>.  */
> +
> +
> +/* Note that we must mark OPTION and TIMEOUT as outputs of this operation,
> +   to indicate that the signal thread might mutate them as part
> +   of sending us to a signal handler.  */
> +
> +#define INTR_MSG_TRAP(msg, option, send_size, rcv_size, rcv_name, timeout, notify, cancel_p, intr_port_p) \
> +({									      \
> +  error_t err;								      \
> +  register uintptr_t rcv_size_r10 asm ("r10") = rcv_size;		      \
> +  register uintptr_t rcv_name_r8 asm ("r8") = rcv_name;			      \
> +  register uintptr_t timeout_r9 asm ("r9") = timeout;			      \
> +  asm volatile (							      \
> +       ".globl _hurd_intr_rpc_msg_about_to\n"				      \
> +       ".globl _hurd_intr_rpc_msg_setup_done\n"				      \
> +       ".globl _hurd_intr_rpc_msg_in_trap\n"				      \
> +       /* Clear rax before we do the check for cancel below.  This is to
> +          detect rax being set to non-zero (actually MACH_SEND_INTERRUPTED)
> +          from the outside (namely, _hurdsig_abort_rpcs), which signals us
> +          to skip the trap we were about to enter.  */			      \
> +       "				xor %[err], %[err]\n"		      \
> +       "_hurd_intr_rpc_msg_about_to:"					      \
> +       /* We need to make a last check of cancel, in case we got interrupted
> +          right before _hurd_intr_rpc_msg_about_to.  */			      \
> +       "				cmpl $0, %[cancel]\n"		      \
> +       "				jz _hurd_intr_rpc_msg_do\n"	      \
> +       /* We got interrupted, note so and return EINTR.  */		      \
> +       "				movl $0, %[intr_port]\n"	      \
> +       "				movl %[eintr], %[err]\n"	      \
> +       "				jmp _hurd_intr_rpc_msg_sp_restored\n" \
> +       "_hurd_intr_rpc_msg_do:"						      \
> +       /* Ok, prepare the mach_msg_trap arguments.  We pass the first 6 args
> +          in registers, and push the last one and a fake return address.  */  \
> +       "				pushq %[notify]\n"		      \
> +       "				pushq $0\n"			      \
> +       "_hurd_intr_rpc_msg_setup_done:"					      \
> +       /* From here on, it is safe to make us jump over the syscall.  Now
> +          check if we have been told to skip the syscall while running
> +          the above.  */						      \
> +       "				test %[err], %[err]\n"		      \
> +       "				jnz _hurd_intr_rpc_msg_in_trap\n"     \
> +       /* Do the actual syscall.  */					      \
> +       "				movq $-25, %%rax\n"		      \
> +       "_hurd_intr_rpc_msg_do_trap:	syscall # status in %[err]\n"	      \
> +       "_hurd_intr_rpc_msg_in_trap:"					      \
> +       /* Clean the arguments.  */					      \
> +       "				addq $16, %%rsp\n"		      \
> +       "_hurd_intr_rpc_msg_sp_restored:"				      \
> +       : [err] "=&a" (err), "+S" (option), [intr_port] "=m" (*intr_port_p),   \
> +         "+r" (timeout_r9)						      \
> +       : "D" (msg), "d" (send_size), "r" (rcv_size_r10), "r" (rcv_name_r8),   \
> +         [notify] "rm" ((uintptr_t) notify), [cancel] "m" (*cancel_p),	      \
> +         [eintr] "i" (EINTR)						      \
> +       : "rcx", "r11");							      \
> +  timeout = timeout_r9;							      \
> +  err;									      \
> +})
> +

> +#include "hurdfault.h"
> +
> +/* This cannot be an inline function because it calls setjmp.  */
> +#define SYSCALL_EXAMINE(state, callno)					      \
> +({									      \
> +  struct { unsigned char c[2]; } *p = (void *) ((state)->rip - 2);	      \
> +  int result;								      \
> +  if (_hurdsig_catch_memory_fault (p))					      \
> +    return 0;								      \
> +  if (result = p->c[0] == 0xf && p->c[1] == 0x5)			      \
> +    /* The PC appears to be just after a `syscall' instruction.		      \
> +       This is a system call in progress; %rax holds the call number.  */     \
> +    *(callno) = (state)->rax;						      \
> +  _hurdsig_end_catch_fault ();						      \
> +  result;								      \
> +})
> +
> +
> +/* This cannot be an inline function because it calls setjmp.  */
> +#define MSG_EXAMINE(state, msgid, rcvname, send_name, opt, tmout)	      \
> +({									      \
> +  int ret = 0;								      \
> +  const struct machine_thread_state *s = (state);			      \
> +  const mach_msg_header_t *msg = (const void *) s->rdi;			      \
> +  *(rcvname) = s->r8;							      \
> +  *(opt) = s->rsi;							      \
> +  *(tmout) = s->r9;							      \
> +  if (msg == 0)								      \
> +    {									      \
> +      *(send_name) = MACH_PORT_NULL;					      \
> +      *(msgid) = 0;							      \
> +    }									      \
> +  else									      \
> +    {									      \
> +      ret = _hurdsig_catch_memory_fault (msg) ? -1 : 0;			      \
> +      if (ret == 0)							      \
> +        {								      \
> +          *(send_name) = msg->msgh_remote_port;				      \
> +          *(msgid) = msg->msgh_id;					      \
> +          _hurdsig_end_catch_fault ();					      \
> +	}								      \
> +    }									      \
> +  ret;									      \
> +})
> -- 
> 2.39.2
> 

-- 
Samuel
---
Pour une évaluation indépendante, transparente et rigoureuse !
Je soutiens la Commission d'Évaluation de l'Inria.


More information about the Libc-alpha mailing list