|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Minios-devel] [UNIKRAFT PATCHv3 04/25] plat/common: Do obfuscates arithmetic for kernel image symbols
Hi Julien, > -----Original Message----- > From: Julien Grall <julien.grall@xxxxxxx> > Sent: 2018年12月14日 19:14 > To: Wei Chen (Arm Technology China) <Wei.Chen@xxxxxxx>; minios- > devel@xxxxxxxxxxxxxxxxxxxx; simon.kuenzer@xxxxxxxxx; > florian.schmidt@xxxxxxxxx; > yuri.volchkov@xxxxxxxxx; Sharan.Santhanam@xxxxxxxxx; Felipe.Huici@xxxxxxxxx > Cc: Kaly Xin (Arm Technology China) <Kaly.Xin@xxxxxxx>; nd <nd@xxxxxxx>; > Jianyong Wu (Arm Technology China) <Jianyong.Wu@xxxxxxx>; Justin He (Arm > Technology China) <Justin.He@xxxxxxx> > Subject: Re: [Minios-devel] [UNIKRAFT PATCHv3 04/25] plat/common: Do > obfuscates arithmetic for kernel image symbols > > Hi, > > On 13/12/2018 09:15, Wei Chen wrote: > > As we discussed in [1], the C spec states that comparing 2 pointers > > belonging to distinct object is undefined [2]. In this case, we defined > > macros to wrap kernel image symbols. they will make GCC can not > > recognize varirable's original type, and do further assumptions for it. > > > > [1] https://lists.xen.org/archives/html/minios-devel/2018-11/msg00054.html > > [2] https://wiki.sei.cmu.edu/confluence/display/c/ARR36- > C.+Do+not+subtract+or+compare+two+pointers+that+do+not+refer+to+the+same+array > > > > Signed-off-by: Wei Chen <wei.chen@xxxxxxx> > > --- > > plat/common/include/sections.h | 32 ++++++++++++++++++++++++++++++++ > > 1 file changed, 32 insertions(+) > > > > diff --git a/plat/common/include/sections.h b/plat/common/include/sections.h > > index 42f41d2..b32389c 100644 > > --- a/plat/common/include/sections.h > > +++ b/plat/common/include/sections.h > > @@ -62,4 +62,36 @@ extern char __bss_start[]; > > /* _end: end of kernel image */ > > extern char _end[]; > > > > + > > +/* The C spec states that comparing 2 pointers belonging to distinct object > is undefined: > > + * https://wiki.sei.cmu.edu/confluence/display/c/ARR36- > C.+Do+not+subtract+or+compare+two+pointers+that+do+not+refer+to+the+same+array > > + * > > + * In this case, we define following macro to access above symbols. This > will > > + * help us to avoid subtracting or comparing these symbols as distinct > pointers. > > + * > > + * This macro hide the original variable for a variable address, it will > make > > + * GCC couldn't recognize varirable's original type, and do further > assumptions > > s/varirable's/variable/ > > > + * for it. > > + */ > > +#define HIDE_VAR_FOR_GCC(var, ofs) \ > > +({ \ > > + unsigned long __var; \ > > + __var = (unsigned long) (var); \ > > + (typeof(var))(__var + (ofs)); \ > > +}) > > I don't understand how this avoids GCC to "see-through". Can you explain it? We just hide the relationship of the pointer and the object using this MACRO. > > Also, why is it GCC specific? How about compiler like Clang? I remember I had checked with Simon, in this stage, we just need to focus on GCC. > > Cheers, > > -- > Julien Grall _______________________________________________ Minios-devel mailing list Minios-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/minios-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |