mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-11-10 13:00:29 +03:00
Kernel: Use RDTSC instead of get_fast_random() for syscall stack noise
This was the original approach before we switched to get_fast_random() which wasn't fast enough, so we added a buffer. Unfortunately that buffer is racy and we can actually skid past the end of it and continue fetching "random" offsets from the adjacent memory for a while, until we run out of kernel data segment and trip a fault. Instead of making this even more convoluted, let's just go back to the pleasantly simple (RDTSC & 0xff) approach. :^) Fixes #4912.
This commit is contained in:
Andreas Kling
parent
05c48cc8d8
commit
dce030eefc
Notes:
sideshowbarker
2024-07-18 21:46:29 +09:00
Author: https://github.com/awesomekling Commit: https://github.com/SerenityOS/serenity/commit/dce030eefca
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2018-2020, Andreas Kling <kling@serenityos.org>
|
||||
* Copyright (c) 2018-2021, Andreas Kling <kling@serenityos.org>
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
@ -28,7 +28,6 @@
|
||||
#include <Kernel/Arch/i386/CPU.h>
|
||||
#include <Kernel/Panic.h>
|
||||
#include <Kernel/Process.h>
|
||||
#include <Kernel/Random.h>
|
||||
#include <Kernel/ThreadTracer.h>
|
||||
#include <Kernel/VM/MemoryManager.h>
|
||||
|
||||
@ -137,10 +136,6 @@ KResultOr<FlatPtr> handle(RegisterState& regs, FlatPtr function, FlatPtr arg1, F
|
||||
|
||||
}
|
||||
|
||||
constexpr int RandomByteBufferSize = 256;
|
||||
u8 g_random_byte_buffer[RandomByteBufferSize];
|
||||
int g_random_byte_buffer_offset = RandomByteBufferSize;
|
||||
|
||||
void syscall_handler(TrapFrame* trap)
|
||||
{
|
||||
auto& regs = *trap->regs;
|
||||
@ -160,13 +155,11 @@ void syscall_handler(TrapFrame* trap)
|
||||
|
||||
// Apply a random offset in the range 0-255 to the stack pointer,
|
||||
// to make kernel stacks a bit less deterministic.
|
||||
// Since this is very hot code, request random data in chunks instead of
|
||||
// one byte at a time. This is a noticeable speedup.
|
||||
if (g_random_byte_buffer_offset == RandomByteBufferSize) {
|
||||
get_fast_random_bytes(g_random_byte_buffer, RandomByteBufferSize);
|
||||
g_random_byte_buffer_offset = 0;
|
||||
}
|
||||
auto* ptr = (char*)__builtin_alloca(g_random_byte_buffer[g_random_byte_buffer_offset++]);
|
||||
u32 lsw;
|
||||
u32 msw;
|
||||
read_tsc(lsw, msw);
|
||||
|
||||
auto* ptr = (char*)__builtin_alloca(lsw & 0xff);
|
||||
asm volatile(""
|
||||
: "=m"(*ptr));
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user