[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Minios-devel] [UNIKRAFT PATCHv3 04/25] plat/common: Do obfuscates arithmetic for kernel image symbols

To: Wei Chen <wei.chen@xxxxxxx>, minios-devel@xxxxxxxxxxxxxxxxxxxx, simon.kuenzer@xxxxxxxxx, florian.schmidt@xxxxxxxxx, yuri.volchkov@xxxxxxxxx, Sharan.Santhanam@xxxxxxxxx, Felipe.Huici@xxxxxxxxx
From: Julien Grall <julien.grall@xxxxxxx>
Date: Fri, 14 Dec 2018 11:13:34 +0000
Cc: Kaly.Xin@xxxxxxx, nd@xxxxxxx, Jianyong.Wu@xxxxxxx, Justin.He@xxxxxxx
Delivery-date: Fri, 14 Dec 2018 11:13:43 +0000
List-id: Mini-os development list <minios-devel.lists.xenproject.org>

Hi,

On 13/12/2018 09:15, Wei Chen wrote:

As we discussed in [1], the C spec states that comparing 2 pointers
belonging to distinct object is undefined [2]. In this case, we defined
macros to wrap kernel image symbols. they  will make GCC can not
recognize varirable's original type, and do further assumptions for it.

[1] https://lists.xen.org/archives/html/minios-devel/2018-11/msg00054.html
[2] 
https://wiki.sei.cmu.edu/confluence/display/c/ARR36-C.+Do+not+subtract+or+compare+two+pointers+that+do+not+refer+to+the+same+array

Signed-off-by: Wei Chen <wei.chen@xxxxxxx>
---
  plat/common/include/sections.h | 32 ++++++++++++++++++++++++++++++++
  1 file changed, 32 insertions(+)

diff --git a/plat/common/include/sections.h b/plat/common/include/sections.h
index 42f41d2..b32389c 100644
--- a/plat/common/include/sections.h
+++ b/plat/common/include/sections.h
@@ -62,4 +62,36 @@ extern char __bss_start[];
  /* _end: end of kernel image */
  extern char _end[];

+

+/* The C spec states that comparing 2 pointers belonging to distinct object is 
undefined:
+ * 
https://wiki.sei.cmu.edu/confluence/display/c/ARR36-C.+Do+not+subtract+or+compare+two+pointers+that+do+not+refer+to+the+same+array
+ *
+ * In this case, we define following macro to access above symbols. This will
+ * help us to avoid subtracting or comparing these symbols as distinct 
pointers.
+ *
+ * This macro hide the original variable for a variable address, it will make
+ * GCC couldn't recognize varirable's original type, and do further assumptions


s/varirable's/variable/

+ * for it.
+ */
+#define HIDE_VAR_FOR_GCC(var, ofs)     \
+({                                     \
+       unsigned long __var;            \
+       __var = (unsigned long) (var);  \
+       (typeof(var))(__var + (ofs));   \
+})


I don't understand how this avoids GCC to "see-through". Can you explain it?

Also, why is it GCC specific? How about compiler like Clang?

Cheers,

--
Julien Grall

_______________________________________________
Minios-devel mailing list
Minios-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/minios-devel

Follow-Ups:
- Re: [Minios-devel] [UNIKRAFT PATCHv3 04/25] plat/common: Do obfuscates arithmetic for kernel image symbols
  - From: Wei Chen (Arm Technology China)

References:
- [Minios-devel] [UNIKRAFT PATCHv3 00/25] Follow up patches for Arm64 support series#1
  - From: Wei Chen
- [Minios-devel] [UNIKRAFT PATCHv3 04/25] plat/common: Do obfuscates arithmetic for kernel image symbols
  - From: Wei Chen

Prev by Date: Re: [Minios-devel] [UNIKRAFT PATCH 7/7] plat/common: Implement generic_timer_cpu_block
Next by Date: Re: [Minios-devel] [UNIKRAFT PATCH] lib/uknetdev: Introduce receive buffer allocator callback
Previous by thread: [Minios-devel] [UNIKRAFT PATCHv3 04/25] plat/common: Do obfuscates arithmetic for kernel image symbols
Next by thread: Re: [Minios-devel] [UNIKRAFT PATCHv3 04/25] plat/common: Do obfuscates arithmetic for kernel image symbols
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.