Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(318)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1559243002: Suzero. X8664. NaCl Sandboxing. (Closed)

Created:
4 years, 11 months ago by John
Modified:
4 years, 11 months ago
Reviewers:
Jim Stichnoth, Karl, sehr
CC:
native-client-reviews_googlegroups.com
Base URL:
https://chromium.googlesource.com/native_client/pnacl-subzero.git@master
Target Ref:
refs/heads/master
Visibility:
Public.

Description

Patch Set 1 : Uses ELFF64 for sandboxed code generation #

Patch Set 2 : Adds sandboxing support in lowerCall, lowerIndirectJump, and addEpilog #

Patch Set 3 : Turns address mode inference off #

Patch Set 4 : Modifies the X86 assembler so that memory references in x86-64 sandboxed do not include the 67h pre… #

Patch Set 5 : Sandboxes adjustments to rbp and rsp. #

Patch Set 6 : Fixes the addend for Elf64_Rela emission/ #

Patch Set 7 : Minor refactoring in the .py files. #

Patch Set 8 : Refactors X86BaseImpl so R15 references are gone. #

Patch Set 9 : make format is your friend. #

Patch Set 10 : Introduces new bit in the X8664 register def table to indicate the %rzp #

Patch Set 11 : Enables r15 in native mode. #

Patch Set 12 : Memory rebasing (with r15) is now done during lowering. #

Patch Set 13 : Adds a parameter to X86OperandMem::toAsmAddres() to indicate if that address is being used in an LE… #

Patch Set 14 : Recreated the Memory Operand when applying r15 sandboxing. #

Patch Set 15 : Modifies prolog code to only save the lower 32-bits in %rbp. #

Patch Set 16 : make format && s/push_rsp/push_rbp/g #

Patch Set 17 : Replaces calls by push/jmp requences in sandboxing mode. #

Patch Set 18 : Fixes 64-bit sandboxing rematerialization (--filetype=asm) #

Patch Set 19 : Fixes --filetype=asm for x8664 sandbox #

Patch Set 20 : Adds a NeedSandboxing member to TargetX86Base. Fixes the AssemblerX86Base so that emitting an lea ?… #

Patch Set 21 : Enables bisection debugging. Enables address mode formation #

Patch Set 22 : Enables some instances of mov %foo, %foo to be elided. #

Patch Set 23 : Minor fixes. Added comments to _sandbox_mem_reference #

Patch Set 24 : Adds InstBundleLock::Opt_PadToEnd for moar efficient calls in x86-64 sandbox. #

Patch Set 25 : Modifies the comment to BundleEmitHelper::padToPadToEnd. #

Patch Set 26 : Minor changes. #

Patch Set 27 : make format #

Total comments: 34

Patch Set 28 : Adds lit tests for the sandboxed call/ret sequences; add lit tests for the new pad_to_end bundle lo… #

Total comments: 2

Patch Set 29 : Addresses initial comments. #

Total comments: 2

Patch Set 30 : Addresses comments. #

Total comments: 28

Patch Set 31 : Fixes filetype=asm; addresses comments. #

Unified diffs Side-by-side diffs Delta from patch set Stats (+1590 lines, -583 lines) Patch
M Makefile.standalone View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 4 chunks +8 lines, -4 lines 0 comments Download
M pydir/run-pnacl-sz.py View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 3 chunks +4 lines, -1 line 0 comments Download
M pydir/szbuild.py View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 3 chunks +3 lines, -2 lines 0 comments Download
M pydir/targets.py View 1 2 3 4 5 6 1 chunk +1 line, -1 line 0 comments Download
M src/IceAssembler.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 2 chunks +14 lines, -0 lines 0 comments Download
M src/IceAssemblerX86Base.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 4 chunks +12 lines, -6 lines 0 comments Download
M src/IceAssemblerX86BaseImpl.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 4 chunks +36 lines, -16 lines 0 comments Download
M src/IceCfgNode.cpp View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 3 chunks +17 lines, -1 line 0 comments Download
M src/IceELFObjectWriter.cpp View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 5 chunks +27 lines, -10 lines 0 comments Download
M src/IceELFSection.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 1 chunk +11 lines, -4 lines 0 comments Download
M src/IceInst.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 1 chunk +1 line, -1 line 0 comments Download
M src/IceInst.cpp View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 2 chunks +7 lines, -0 lines 0 comments Download
M src/IceInstX8632.cpp View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 3 chunks +7 lines, -7 lines 0 comments Download
M src/IceInstX8664.cpp View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 5 chunks +47 lines, -25 lines 0 comments Download
M src/IceInstX8664.def View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 3 chunks +95 lines, -94 lines 0 comments Download
M src/IceInstX86Base.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 7 chunks +24 lines, -6 lines 0 comments Download
M src/IceInstX86BaseImpl.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 14 chunks +97 lines, -32 lines 0 comments Download
M src/IceRegistersX8664.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 4 chunks +8 lines, -8 lines 0 comments Download
M src/IceTargetLoweringX8632.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 1 chunk +9 lines, -0 lines 0 comments Download
M src/IceTargetLoweringX8632.cpp View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 3 chunks +28 lines, -2 lines 0 comments Download
M src/IceTargetLoweringX8632Traits.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 5 chunks +23 lines, -15 lines 0 comments Download
M src/IceTargetLoweringX8664.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 1 chunk +12 lines, -1 line 0 comments Download
M src/IceTargetLoweringX8664.cpp View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 8 chunks +413 lines, -38 lines 0 comments Download
M src/IceTargetLoweringX8664Traits.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 17 chunks +96 lines, -68 lines 0 comments Download
M src/IceTargetLoweringX86Base.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 12 chunks +162 lines, -4 lines 0 comments Download
M src/IceTargetLoweringX86BaseImpl.h View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 34 chunks +278 lines, -231 lines 0 comments Download
M src/IceTypes.def View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 1 chunk +9 lines, -5 lines 0 comments Download
M tests_lit/assembler/x86/sandboxing.ll View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 5 chunks +78 lines, -1 line 0 comments Download
M tests_lit/llvm2ice_tests/callindirect.pnacl.ll View 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 4 chunks +63 lines, -0 lines 0 comments Download

Messages

Total messages: 13 (4 generated)
John
And here it is. It all of is g(l)ory, x86-64 sandboxing for subzero.
4 years, 11 months ago (2016-01-12 15:32:23 UTC) #2
Jim Stichnoth
[-seh, +sehr]
4 years, 11 months ago (2016-01-12 17:12:18 UTC) #5
Jim Stichnoth
Some initial comments. https://codereview.chromium.org/1559243002/diff/520001/pydir/run-pnacl-sz.py File pydir/run-pnacl-sz.py (right): https://codereview.chromium.org/1559243002/diff/520001/pydir/run-pnacl-sz.py#newcode24 pydir/run-pnacl-sz.py:24: return flags[target] Seems like we could ...
4 years, 11 months ago (2016-01-13 18:28:27 UTC) #6
John
https://codereview.chromium.org/1559243002/diff/520001/pydir/run-pnacl-sz.py File pydir/run-pnacl-sz.py (right): https://codereview.chromium.org/1559243002/diff/520001/pydir/run-pnacl-sz.py#newcode24 pydir/run-pnacl-sz.py:24: return flags[target] On 2016/01/13 18:28:26, stichnot wrote: > Seems ...
4 years, 11 months ago (2016-01-13 20:48:03 UTC) #7
sehr
LGTM. Ultra-nits. https://codereview.chromium.org/1559243002/diff/540001/src/IceAssemblerX86BaseImpl.h File src/IceAssemblerX86BaseImpl.h (right): https://codereview.chromium.org/1559243002/diff/540001/src/IceAssemblerX86BaseImpl.h#newcode167 src/IceAssemblerX86BaseImpl.h:167: emitInt32(-4); Magic constant -4? What's the relevance ...
4 years, 11 months ago (2016-01-13 21:14:01 UTC) #8
John
https://codereview.chromium.org/1559243002/diff/540001/src/IceAssemblerX86BaseImpl.h File src/IceAssemblerX86BaseImpl.h (right): https://codereview.chromium.org/1559243002/diff/540001/src/IceAssemblerX86BaseImpl.h#newcode167 src/IceAssemblerX86BaseImpl.h:167: emitInt32(-4); On 2016/01/13 21:14:01, sehr wrote: > Magic constant ...
4 years, 11 months ago (2016-01-13 21:40:25 UTC) #9
Jim Stichnoth
otherwise lgtm https://codereview.chromium.org/1559243002/diff/580001/src/IceAssemblerX86BaseImpl.h File src/IceAssemblerX86BaseImpl.h (right): https://codereview.chromium.org/1559243002/diff/580001/src/IceAssemblerX86BaseImpl.h#newcode164 src/IceAssemblerX86BaseImpl.h:164: intptr_t call_start = Buffer.getPosition(); CallStart https://codereview.chromium.org/1559243002/diff/580001/src/IceAssemblerX86BaseImpl.h#newcode167 src/IceAssemblerX86BaseImpl.h:167: ...
4 years, 11 months ago (2016-01-14 00:09:52 UTC) #10
John
Committed patchset #31 (id:600001) manually as 56958cb33d3c1d045f2844408d825442d523f59f (presubmit successful).
4 years, 11 months ago (2016-01-14 17:18:23 UTC) #12
John
4 years, 11 months ago (2016-01-14 23:18:25 UTC) #13
Message was sent while issue was closed. 
https://codereview.chromium.org/1559243002/diff/580001/src/IceAssemblerX86Bas...
File src/IceAssemblerX86BaseImpl.h (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceAssemblerX86Bas...
src/IceAssemblerX86BaseImpl.h:164: intptr_t call_start = Buffer.getPosition();
On 2016/01/14 00:09:52, stichnot wrote:
> CallStart

Well, this is no longer needed, so I removed it.

https://codereview.chromium.org/1559243002/diff/580001/src/IceAssemblerX86Bas...
src/IceAssemblerX86BaseImpl.h:167: // In x86-32, the emitted value is an addend
to the relocation. Therefore,
On 2016/01/14 00:09:52, stichnot wrote:
> Reflow to 80-col, I think

Done.

https://codereview.chromium.org/1559243002/diff/580001/src/IceAssemblerX86Bas...
src/IceAssemblerX86BaseImpl.h:3332: void
AssemblerX86Base<TraitsType>::bind(Label *label) {
On 2016/01/14 00:09:52, stichnot wrote:
> label==>Label while you're at it...

Label is the type name. The code looks very confusing (to me) if I see Label
being used as something other than a type. I renamed it L.

<rant>thanks, llvm style guide</rant>

https://codereview.chromium.org/1559243002/diff/580001/src/IceCfgNode.cpp
File src/IceCfgNode.cpp (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceCfgNode.cpp#new...
src/IceCfgNode.cpp:1181: // after the instruction sequence starts starts at a
bundle boundary.
On 2016/01/14 00:09:52, stichnot wrote:
> starts starts

Done.

https://codereview.chromium.org/1559243002/diff/580001/src/IceInstX8632.cpp
File src/IceInstX8632.cpp (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceInstX8632.cpp#n...
src/IceInstX8632.cpp:263: const Ice::TargetLowering *TargetLowering, bool
/*LeaAddr*/) const {
On 2016/01/14 00:09:52, stichnot wrote:
> IsLeaAddr

Done.

https://codereview.chromium.org/1559243002/diff/580001/src/IceInstX8664.cpp
File src/IceInstX8664.cpp (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceInstX8664.cpp#n...
src/IceInstX8664.cpp:144: if (!Base && !Index) {
On 2016/01/14 00:09:52, stichnot wrote:
> I prefer "Base == nullptr" over "!Base"
> ... though I'm generally OK eliding "!= nullptr"

Call me a pascal programmer, but I am never OK with if (Ptr). A pointer is not a
boolean! :P

That said, this hideous idiom appeared here because of the previous condition --
my brain just inverted what was there.

https://codereview.chromium.org/1559243002/diff/580001/src/IceInstX86BaseImpl.h
File src/IceInstX86BaseImpl.h (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceInstX86BaseImpl...
src/IceInstX86BaseImpl.h:2349: if (Traits::Is64Bit) {
On 2016/01/14 00:09:52, stichnot wrote:
> I would just add this to the && conjunction below and avoid nested ifs.

I thought about this, but I decided to go with this implementation because it
shows more clearly that the nested if is only applicable in x86-64. This is also
a somewhat common idiom throughout the code base (exception: boolean constant
initialization.)

https://codereview.chromium.org/1559243002/diff/580001/src/IceLiveness.cpp
File src/IceLiveness.cpp (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceLiveness.cpp#ne...
src/IceLiveness.cpp:58: if (IsFullInit) {
On 2016/01/14 00:09:52, stichnot wrote:
> I would just revert this change completely in this CL.

This was on the spirit of last afternoon's discussion about no having
single-line ifs without { }.

Done, though.

https://codereview.chromium.org/1559243002/diff/580001/src/IceTargetLoweringX...
File src/IceTargetLoweringX8664.cpp (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceTargetLoweringX...
src/IceTargetLoweringX8664.cpp:230: // %rbp to be 'truncted' to 32-bit before
memory access.
On 2016/01/14 00:09:52, stichnot wrote:
> truncated

(I meant to write trunc'ed.)

Done.

https://codereview.chromium.org/1559243002/diff/580001/src/IceTargetLoweringX...
src/IceTargetLoweringX8664.cpp:300: // temporary. If an lea is goign to be
emitted, then eliding this movzx
On 2016/01/14 00:09:52, stichnot wrote:
> going

Done.

https://codereview.chromium.org/1559243002/diff/580001/src/IceTargetLoweringX...
File src/IceTargetLoweringX8664Traits.h (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceTargetLoweringX...
src/IceTargetLoweringX8664Traits.h:548: // register talias table still needs to
be defined.
On 2016/01/14 00:09:52, stichnot wrote:
> alias

Done.

https://codereview.chromium.org/1559243002/diff/580001/src/IceTargetLoweringX...
File src/IceTargetLoweringX86Base.h (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceTargetLoweringX...
src/IceTargetLoweringX86Base.h:364: /// x86-64 nacl sandbox.
On 2016/01/14 00:09:52, stichnot wrote:
> NaCl

Done.

https://codereview.chromium.org/1559243002/diff/580001/src/IceTargetLoweringX...
File src/IceTargetLoweringX86BaseImpl.h (right):

https://codereview.chromium.org/1559243002/diff/580001/src/IceTargetLoweringX...
src/IceTargetLoweringX86BaseImpl.h:6281: // Not completely sure whether it's OK
to leave IsRebased unset when
On 2016/01/14 00:09:52, stichnot wrote:
> reflow

Done.

https://codereview.chromium.org/1559243002/diff/580001/tests_lit/assembler/x8...
File tests_lit/assembler/x86/sandboxing.ll (right):

https://codereview.chromium.org/1559243002/diff/580001/tests_lit/assembler/x8...
tests_lit/assembler/x86/sandboxing.ll:273: ; X8664-LABEL:
bundle_lock_pad_to_end_padding_0
On 2016/01/14 00:09:52, stichnot wrote:
> I suggest adding CHECK-LABEL lines just to ensure proper synchronization.

Done.

Powered by Google App Engine
This is Rietveld 408576698