From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pf1-x444.google.com (mail-pf1-x444.google.com [IPv6:2607:f8b0:4864:20::444]) by sourceware.org (Postfix) with ESMTPS id EC896386F02B for ; Wed, 22 Apr 2020 06:56:48 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org EC896386F02B Received: by mail-pf1-x444.google.com with SMTP id r14so615587pfg.2 for ; Tue, 21 Apr 2020 23:56:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:subject:to:cc:references:in-reply-to :mime-version:message-id:content-transfer-encoding; bh=McFY1qmfP9otNM9K4ThqnjSfg4IHXwK59iAZ0RpC3/0=; b=mr6HJNpOHs+Fg2MjI38lN+6dM30mXXN8bIB6bHiNohMcV0yeQLfdpbFUohBh5sKdFY jh4pI7+nIYGZ2QoHqm3u/a+ioJ+PD8VsWyUQhj33DzcS+vYj4Io/Go0PxFIxYDFHkSzg DgxUUZnbZi8paX4L9xkP+yeBOHFZ94qSvSp+2S1OFn1u5qiDqaZtkiPknWWwqrwVb0sG ZJNifVP/C4OYzKlZvLmXifj0/CkiLed02cB7X6+O77ppI1/K5CvgyQ7WvU7DXPibRoH/ g+sr7zqAK5bzl0GIVD+DNJbR0oS3yD2WhIlHi3Mm8LY24WxArKULX/DgPsiEhdq3Fosz zJVg== X-Gm-Message-State: AGi0PuZNDBVwPg/X0stgROTU7xlVlmSNndHdHbSsWijsLjigKVispZKo qVd/kWAMJoeqDCmv+u8mpCju1w72 X-Google-Smtp-Source: APiQypL2bvrJpMnUAGbe1Gdl7oeNveEtwNKWNpmIrUM5eIUx+uqLrvcBGD43Q3+qdWvb232bkHIJ+w== X-Received: by 2002:a63:e03:: with SMTP id d3mr18039918pgl.47.1587538607940; Tue, 21 Apr 2020 23:56:47 -0700 (PDT) Received: from localhost ([203.185.249.170]) by smtp.gmail.com with ESMTPSA id d14sm4516503pfr.35.2020.04.21.23.56.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Apr 2020 23:56:47 -0700 (PDT) Date: Wed, 22 Apr 2020 16:54:18 +1000 From: Nicholas Piggin Subject: Re: Powerpc Linux 'scv' system call ABI proposal take 2 To: Adhemerval Zanella , Rich Felker , David Laight Cc: "libc-alpha@sourceware.org" , "libc-dev@lists.llvm.org" , "linuxppc-dev@lists.ozlabs.org" , "musl@lists.openwall.com" , Segher Boessenkool References: <1586931450.ub4c8cq8dj.astroid@bobo.none> <20200415225539.GL11469@brightrain.aerifal.cx> <20200416153756.GU11469@brightrain.aerifal.cx> <4b2a7a56-dd2b-1863-50e5-2f4cdbeef47c@linaro.org> <20200416175932.GZ11469@brightrain.aerifal.cx> <4f824a37-e660-8912-25aa-fde88d4b79f3@linaro.org> <20200416183151.GA11469@brightrain.aerifal.cx> <1587344003.daumxvs1kh.astroid@bobo.none> <20200421143941.GJ11469@brightrain.aerifal.cx> <960127e0-57a0-55b4-f309-ae0a675c7756@linaro.org> In-Reply-To: <960127e0-57a0-55b4-f309-ae0a675c7756@linaro.org> MIME-Version: 1.0 Message-Id: <1587536988.ivnp421w2w.astroid@bobo.none> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, KAM_NUMSUBJECT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Apr 2020 06:56:50 -0000 Let me try to summarise what we have. - vdso style call is ruled out as unnecessary with possible security=20 concerns. Caller can internally use indirect branch to select variant=20 if it wants to use that mechanism to select. - LR clobber seems to handled okay by gcc. It can increase size of small=20 leaf wrapper functions, but they can use the caller stack frame for=20 this (and even red zone for saving other things if necessary), but not=20 a huge amount. - -ve error return seems to be favoured by everyone. Experimentally,=20 it's better for musl (but musl could probably improve cr0[SO] error=20 handling a bit 'asm goto'). - Preserving syscall args and volatiles up to r8 is a small but=20 noticable help for cases that inline the call rather than always call=20 wrappers. This is unlikely to be helpful unless 'sc' support is=20 compiled out but I'll consider doing it for the long term. Next step=20 is to trace and test on real hardware. - One thing that nobody has really asked about is error handling for=20 unsupported scv vectors, so I would like to just go over it: Today, the scv facility is disabled by the kernel (FSCR[SCV] is=20 cleared), which makes any `scv` instruction take a facility unavailable, which ends up printing a kernel message about SCV facility unavilable, and SIGILL's the process with ILL_ILLOPC. Enabling 'scv 0' will enable 1-127 as well, so the kernel has to handle=20 those somehow. What we are saying is that we will allocate HWCAP bits in future if we=20 implement more scv vectors, so userspace is not *supposed* to rely on=20 this, but kernel has to choose some behaviour for invalid vectors. My proposal was to do the same SIGILL (with no kernel facility message), so it appears to behave the same way to userspace as it does now. There=20 is also the ILL_ILLOPN code that could be used as invalid operand, but powerpc does not use this much, and e.g., the static instruction=20 coded operands e.g., invalid mfspr generate ILL_ILLOPC so we could=20 consider the entire instruction as the opcode, and input register values=20 as operands. Now I don't know why a process would want to distinguish between=20 FSCR[SCV]=3D0 and the case where it is enabled but kernel doesn't=20 implement the vector, but maybe it does? Another option would be to use a different signal. I don't see that any=20 are more suitable. Or return without a signal but -ENOSYS or something in r3. This doesn't=20 seem so good because an invalid scv vector is not a system call, and a=20 failure ABI would constrain any future implementation just a little bit. Any objections to SIGILL ILL_ILLOPC? Thanks, Nick