Xen project Mailing List

Re: [MirageOS-devel] OCaml-TLS directly on Xen

From: Thomas Leonard <talex5@xxxxxxxxx>

Date: Tue, 18 Nov 2014 11:18:11 +0000

Cc: "mirageos-devel@xxxxxxxxxxxxxxxxxxxx" <mirageos-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Tue, 18 Nov 2014 11:18:22 +0000

List-id: Developer list for MirageOS <mirageos-devel.lists.xenproject.org>

On 8 October 2014 12:58, Thomas Leonard <talex5@xxxxxxxxx> wrote: > On 1 October 2014 19:43, Hannes Mehnert <hannes@xxxxxxxxxxx> wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA384 >> >> Hi, >> >> thanks for your replies. Moving forward I've some questions; related >> is for sure https://github.com/mirage/mirage-platform/pull/102 >> (installing runtime headers for xen). >> >> C code currently lives in: >> - xen repo, extras/mini-os <- malloc, printf, console, blkfront, ... >> (GPL2) >> - mirage-platform repo, xen/runtime/xencaml <- symbols required by >> OCaml runtime (which is in runtime/ocaml) >> - OpenLibm <- should that install a math.h header? >> - a nanolibc is proposed for some more symbols (+gmp?) >> >> Which CFLAGS to use for C libraries (such as OCaml runtime etc.)? >> - enable stack protection (FORTIFY_SOURCE)? >> - enable asserts? >> - for sure -fno-builtin >> >> I generally don't trust C code, thus I'd be in favor of enabling both >> stack protection and assertions when compiling our unikernels, but am >> happy to hear your opinion. > > As I see it, we have several options: > > 1. Compile the libraries once for both Unix and Mini-OS. Hope that > things are sufficiently compatible. > > 2. Compile some libraries separately (e.g. gmp-unix, gmp-xen). > > 3. Compare all libraries separately (opam switch). > > Sounds like we need to do 2 or 3 here. I guess 2 is the easiest, since > we're already doing that with some libraries for other reasons. One important factor when choosing between these options is whether it's even safe to share OCaml code between Unix and Xen/Mini-OS (as we do currently). The AMD64 ABI [1] says "The 128-byte area beyond the location pointed to by %rsp is considered to be reserved and shall not be modified by signal or interrupt handlers. Therefore, functions may use this area for temporary data that is not needed across function calls.". This suggests to me that ocamlopt is free to use this area (the "red zone") in the code it generates. However, the red zone is not available in Mini-OS (apparently the CPU assumes it can use this area when handling interrupts, so it can't be used in kernel code, which is all code in a unikernel). If so, our current approach only works because (hopefully) ocamlopt doesn't yet take advantage of this, and we should really recompile everything for Xen, in a separate OPAM switch. [1] http://x86-64.org/documentation/abi.pdf -- Dr Thomas Leonard http://0install.net/ GPG: 9242 9807 C985 3C07 44A6 8B9A AE07 8280 59A5 3CC1 GPG: DA98 25AE CAD0 8975 7CDA BD8E 0713 3F96 CA74 D8BA _______________________________________________ MirageOS-devel mailing list MirageOS-devel@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.