libera/#shirakumo - IRC Chatlog
Search
16:47:02
karlosz
i guess we determined that its a bit premature to start running stuff on NX - the pie-shrinkwrapping stuff is still incomplete
16:47:22
karlosz
the thing is, code and data aren't segregated enough with the current shrinkwrapping procedure
16:47:53
karlosz
the code and data segregation as currently implemented put all code objects in the text section and everything else in the data section of an ELF
16:48:24
karlosz
the key point is that code objects themselves have data embedded within them, they aren't just instructions
16:48:51
karlosz
a code object in sbcl consists of boxed data words for constants and debug info, as well as embedded entry points with self pointers
16:49:04
karlosz
this is why we still needed text relocations, and this is what the switch chokes on
16:49:44
karlosz
so to get rid of text relocations, we need to segregate the code objects even further - we need to put only the machine instructions in the text section and dislocate the constants and simple funs to the data page
16:50:09
karlosz
this will require some codegen changes and probably some in-depth plumbing in editcore
16:50:27
karlosz
but i don't see why it can't be done - the GC may need to also learn to scan code objects a bit differently
16:52:10
karlosz
but at least if we do things like this this also solves not needing to have the heap be at a fixed address
17:37:15
karlosz
the m1 macs already do some stuff that requires sbcl to handle code constants on mac specially
17:37:47
karlosz
but it's not quite as strict as nx- on mac you just copy the code component and fixup the code constants before marking everything executable and unwriteable again
17:38:40
Colleen
<shinmera> I just also wouldn't be surprised if things only get "worse" going forward.
17:39:20
karlosz
someone just reminded about a patch on the development list with fixing stacks on BSD to be nonexecutable
17:39:21
Colleen
<shinmera> like mac introducing a special meta flag you need to run an app that can make executable pages, etc.
17:40:13
Colleen
<shinmera> I'm sure on workstations the pushback to going "full nx" would be large enough to prevent it being mandatory, what with Java and so on, but yeah.
17:40:22
karlosz
so it might not be that bad to do a major rethink of how to organize code objects in sbcl anyway
17:41:37
karlosz
doug katzman has been trying to make sbcl work on aslr hardened runtimes for quite a while
17:42:18
Colleen
<shinmera> I'm more thinking back to that other change you made where the 1% performance loss was unacceptable
17:43:13
karlosz
anyway right now im just trying to think of how uninavisvely as possible getting what we want
17:43:34
karlosz
i think i can restrict most of this reorganization of code objects into the shrinkwrapping step
17:44:16
karlosz
maybe some extra nop instructions inserted in codegen and teaching GC how to scan code objects where the boxed words are disloated
17:46:13
karlosz
doug already outlined sort of something similar regarding dislocating simple funs inside code objects here: https://github.com/karlosz/sbcl/blob/d559288ba4c559b9cef8fbd33786972d26cc6876/tools-for-build/editcore.lisp#L1422
17:46:34
karlosz
i'll basically have to do that but not for performance reasons but out of security necessity
17:47:00
karlosz
no idea what this ominous refernece to problems with hash table test functions might be
19:25:24
karlosz
this is not a GC managed space but is irrelevant because immobile text space never moves
19:27:04
karlosz
so the object that looks like #<FUNCTION FOO> in sbcl is really just a header + entry point into the code object containing FOO
19:27:17
karlosz
the problem right now is that these 2 word objects are currently embedded in the code objects themselves
19:27:46
karlosz
which is a problem because it's impossible to fill in the second word of those objects without text relocation
19:28:10
karlosz
the code section gets loaded into a random address, how do you initialize that entry point word?
19:29:06
karlosz
so the idea is to make a .bss section and copy the embedded simple funs there so you can actually figure out where the entry points are and initialize them after the code section has been loaded and you acutally know the address of the text section
19:29:22
Colleen
<shinmera> Sorry for the confusion, I thought this was related to the data having to be mapped at a fixed address.