Syscall: Fix Syscall::Call's X86-64 implementation for CFI unwinding

sandbox/linux/seccomp-bpf/syscall.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sandbox/linux/seccomp-bpf/syscall.h"
 
 #include <asm/unistd.h>
 #include <errno.h>
 
 #include "base/basictypes.h"
@@ skipping 71 matching lines @@
     "pop  %edi; .cfi_restore edi; .cfi_adjust_cfa_offset -4\n"
     "pop  %esi; .cfi_restore esi; .cfi_adjust_cfa_offset -4\n"
     "ret\n"
     ".cfi_endproc\n"
     "9:.size SyscallAsm, 9b-SyscallAsm\n"
 #elif defined(__x86_64__)
     ".text\n"
     ".align 16, 0x90\n"
     ".type SyscallAsm, @function\n"
     "SyscallAsm:.cfi_startproc\n"
     // Check if "%rax" is negative. If so, do not attempt to make a

[jln (very slow on Chromium), 2014/10/20 21:24:02]

Upate comment

[mdempsky, 2014/10/20 21:41:21]

Done.

     // system call. Instead, compute the return address that is visible
     // to the kernel after we execute "syscall". This address can be
     // used as a marker that BPF code inspects.
-    "test %rax, %rax\n"
+    "test %rdi, %rdi\n"
     "jge  1f\n"
     // Always make sure that our code is position-independent, or the
     // linker will throw a hissy fit on x86-64.
-    "call 0f;   .cfi_adjust_cfa_offset  8\n"
-    "0:pop  %rax; .cfi_adjust_cfa_offset -8\n"
-    "addq $2f-0b, %rax\n"
+    "lea 2f(%rip), %rax\n"
     "ret\n"
     // We declared all clobbered registers to the compiler. On x86-64,

[jln (very slow on Chromium), 2014/10/20 21:24:02]

Update comment. To make review easier, we could write that the called-saved
registers are limited to rbx, rbp and r12-r15

[mdempsky, 2014/10/20 21:41:21]

Done.

     // there really isn't much of a problem with register pressure. So,
     // we can go ahead and directly copy the entries from the arguments
     // array into the appropriate CPU registers.
-    "1:movq  0(%r12), %rdi\n"
-    "movq  8(%r12), %rsi\n"
-    "movq 16(%r12), %rdx\n"
-    "movq 24(%r12), %r10\n"
-    "movq 32(%r12), %r8\n"
-    "movq 40(%r12), %r9\n"
+    "1:movq %rdi, %rax\n"
+    "movq  0(%rsi), %rdi\n"
+    "movq 16(%rsi), %rdx\n"
+    "movq 24(%rsi), %r10\n"
+    "movq 32(%rsi), %r8\n"
+    "movq 40(%rsi), %r9\n"
+    "movq  8(%rsi), %rsi\n"
     // Enter the kernel.
     "syscall\n"
     // This is our "magic" return address that the BPF filter sees.
     "2:ret\n"
     ".cfi_endproc\n"
     "9:.size SyscallAsm, 9b-SyscallAsm\n"
 #elif defined(__arm__)
     // Throughout this file, we use the same mode (ARM vs. thumb)
     // that the C++ compiler uses. This means, when transfering control
     // from C++ to assembly code, we do not need to switch modes (e.g.
@@ skipping 119 matching lines @@
     "mov x8, x0\n"
     "ldr x0, [x6, #0]\n"
     // Enter the kernel
     "svc 0\n"
     "2:ret\n"
     ".cfi_endproc\n"
     ".size SyscallAsm, .-SyscallAsm\n"
 #endif
     );  // asm
 
+#if defined(__x86_64__)
+extern "C" {
+intptr_t SyscallAsm(intptr_t nr, const intptr_t args[6]);
+}
+#endif
+
 }  // namespace
 
 intptr_t Syscall::InvalidCall() {
   // Explicitly pass eight zero arguments just in case.
   return Call(kInvalidSyscallNumber, 0, 0, 0, 0, 0, 0, 0, 0);
 }
 
 intptr_t Syscall::Call(int nr,
                        intptr_t p0,
                        intptr_t p1,
@@ skipping 32 matching lines @@
   intptr_t ret = nr;
   asm volatile(
       "call SyscallAsm\n"
       // N.B. These are not the calling conventions normally used by the ABI.
       : "=a"(ret)
       : "0"(ret), "D"(args)
       : "cc", "esp", "memory", "ecx", "edx");
 #elif defined(__x86_64__)
   intptr_t ret = nr;
   {
-    register const intptr_t* data __asm__("r12") = args;
-    asm volatile(
-        "lea  -128(%%rsp), %%rsp\n"  // Avoid red zone.
-        "call SyscallAsm\n"
-        "lea  128(%%rsp), %%rsp\n"
-        // N.B. These are not the calling conventions normally used by the ABI.
-        : "=a"(ret)
-        : "0"(ret), "r"(data)
-        : "cc",
-          "rsp",
-          "memory",
-          "rcx",
-          "rdi",
-          "rsi",
-          "rdx",
-          "r8",
-          "r9",
-          "r10",
-          "r11");
+    ret = SyscallAsm(ret, args);

[jln (very slow on Chromium), 2014/10/20 21:24:02]

Shouldn't we pass nr instead of ret?

[mdempsky, 2014/10/20 21:41:21]

Done.

   }
 #elif defined(__arm__)
   intptr_t ret;
   {
     register intptr_t inout __asm__("r0") = nr;
     register const intptr_t* data __asm__("r6") = args;
     asm volatile(
         "bl SyscallAsm\n"
         // N.B. These are not the calling conventions normally used by the ABI.
         : "=r"(inout)
@@ skipping 85 matching lines @@
   }
 
   // Set an error status so it can be used outside of this function
   *err_ret = err_stat;
 
   return ret;
 }
 #endif  // defined(__mips__)
 
 }  // namespace sandbox