Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20190731174521.GC9017@brightrain.aerifal.cx>
Date: Wed, 31 Jul 2019 13:45:21 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: vdso clock_gettime and time64

On Wed, Jul 31, 2019 at 07:11:40PM +0200, Florian Weimer wrote:
> * Rich Felker:
> 
> > On Wed, Jul 31, 2019 at 10:30:26AM +0200, Florian Weimer wrote:
> >> * Rich Felker:
> >> 
> >> > One looming thing that folks probably aren't going to like about
> >> > switching to 64-bit time_t is losing the vdso clock_gettime on old
> >> > kernels. Instead of a function call in userspace, you get *two*
> >> > syscalls, the first (time64) one failing, every time you call
> >> > clock_gettime. Of course the problem goes away immediately if you have
> >> > a time64-capable kernel providing the time64 vdso function.
> >> >
> >> > Is this a problem, and if so, what can be done about it?
> >> 
> >> Some users notice fairly quickly if the vDSO fast path is gone and file
> >> bug reports.  (This can happen for various reasons, e.g. buggy kernels
> >> detecting CPU cycle counter drift when there is actually none.)  I don't
> >> know to what extent this matters to legacy architectures.
> >
> > These are good points. A lot of these archs actually don't even have
> > vdso clock_gettime (only mips, arm, and i386 seem to).
> >
> > I wonder if it would make sense to support use of 32-bit vdso for now,
> > possibly with logic to drop it if it ever returns a negative tv_sec,
> > and consider removing it after the last kernel without time64 is
> > EOL'd, so that it's gone well before 2038.
> 
> In glibc, we perform vDSO lookup early.  I will push for a solution that
> does a probing system call during startup if it cannot find the *_time64
> vDSO entry, to determine if it should use the real *_time64 system call
> or the 32-bit system call (or vDSO).  That should help to keep the
> complexity at bay, at the cost of increased startup time, but which will
> reduce with future completion of the interfaces.
> 
> I do not think resuming a process on a kernel with a different system
> call set is supportable.

Not using vdso, it's definitely supportable; musl's fallbacks for
unsupported syscalls are entirely stateless. Doing it statefully
without data race UB all over the place is painful.

For vdso clock_gettime now, we do it on the first call and use a
relaxed atomic. It wouldn't be a big deal to do it at startup
conditional on linking of clock_gettime (with a weak init symbol) if
that helps.

Note that changing vdso is orthogonal to different syscall set. You
can be resuming on a kernel with the same syscall set, but where vdso
changed due to bugfixes or different hardware or whatever.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.