--
You received this message because you are subscribed to the Google Groups "android-ndk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-ndk...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAH1xqgm0f3nGNJ42pEXqobf1DLcQ1FcSfcMU-sTAkTx4PX5mtg%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAFVaGhvsntPSUbd9ZwEwdFTVO%2B7eDcmuFHm3iaWvyX9oJDvtRw%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAJgzZorvHaaco0g_tJDmfg_9Cbe6qEnBy8XdwvfkfoiD0uk4bg%40mail.gmail.com.
Afraid not,My testing hardware is a bit unusual. I have a lot of testing, because we test the Android version of the modeler as thoroughly as the Windows and Linux versions. It's helpful to be able to run it all on one device and that needs Cortex-X level performance. However, if you run a 'phone with a Cortex-X series core flat out for most of a day, you find that the power input over USB 3.x can't keep the battery charged. The device runs out of power and stops. I've tried an Asus device with two USB ports, but it would not charge on its high-capacity port and talk to the host computer on the low-capacity port at the same time, I also tried a OnePlus device with wireless charging, and the charging stopped as soon as I connected the device to the host computer. Both seemed to share their i/o hardware between several uses to save a few cents.I'm currently using hardware development kit devices sold by Qualcomm <https://developer.qualcomm.com/hardware/snapdragon-8-gen-1-hdk>. They don't have batteries, and their mains power adapters will run them indefinitely at full speed. They also can't suffer bulged batteries.
--
You received this message because you are subscribed to the Google Groups "android-ndk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-ndk...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAJAyTCC_SOA_9T%3DpdzgTQgK0t8iKYHCtmFDaaw%2B2LAx%3Dn-isJw%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAJgzZorvHaaco0g_tJDmfg_9Cbe6qEnBy8XdwvfkfoiD0uk4bg%40mail.gmail.com.
> it won't "go off" in the first place, because it won't be enabled by
> the OS if you have too old a cpu and/or kernel.
Aha! That would be worth adding to the documentation, unless it's already there and I missed it.
Pros:
Can be enabled in all builds without causing problems on older devices
Android uses PAC/BTI instructions that do nothing on older processors that don't support the new instructions. Only ARMv9 devices will have the PAC/BTI protection, but you can run the same code on ARMv8 devices too: no need for multiple variants of your library.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAH1xqg%3DWUW5hH1%3DMr4ezOYyJ8dv%3DimViKYJtSkUEZnyV0CEccQ%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAJgzZoreBQvu4L%3DmU0XPxDjArkZ2s0GU87o1YPmV3sUteEv71w%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAFVaGhu2QiGtpDgFVxrnTRfu8KOgayR1bQdbM-4mMXrJgYBbqQ%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAJgzZopvPHLbTJjX489CjaCUFJP9eU6FTz3qLX4DLp6zeSDxLw%40mail.gmail.com.
fwiw, i didn't even try and went straight to assembler:
https://android-review.googlesource.com/c/platform/system/core/+/2699774
normally each file also includes a copyright header. it's just a
historical accident that these .S files don't, and i'll fix that. (i'd
love for us to move to SPDX headers one of these years, but i'm not
holding my breath!)
https://android-review.googlesource.com/c/platform/system/core/+/2767705
>> fwiw, i didn't even try and went straight to assembler:
>> https://android-review.googlesource.com/c/platform/system/core/+/2699774
https://android-review.googlesource.com/c/platform/system/core/+/2767705
> If you can point me to the documentation for the note.gnu.property section the source file sets up, I can check if that's correct. If that was missing the BTI flag, that could presumably produce this problem?
it's there at the end of .S file:
https://cs.android.com/android/platform/superproject/main/+/main:system/core/debuggerd/crasher/arm64/crashglue.S;l=101
look for that in your final ELF file. llvm-readelf lets you dump the notes, and will decode them.
Thanks very much, I think I'm good now,
John
yeah, PAC is "self contained" in the sense that either a function is
compiled with PAC or it isn't --- neither callers nor callees need to
know, so it's fine to mix PAC and non-PAC code. ("fine" albeit
"probably unintended"!)
BTI, on the other hand, is more asymmetric --- if you've linked
together code built with and without BTI, you can't tell the cpu to
trap because you don't know that you don't have BTI-enabled code
calling non-BTI-enabled code (and thus landing on something other than
a BTI instruction).
--
You received this message because you are subscribed to the Google Groups "android-ndk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-ndk...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/android-ndk/CAH1xqgkumXEFLTULF%3DbNd-Dx72PoXC9W7F%3Dhr-UxBgUMVzcSPg%40mail.gmail.com.
so if you care about this kind of thing, the only real reason i cann
think of not to enable this (and the reason why we haven't flipped the
ndk default yet) is that you might reasonably question whether the
[small] code size increase is valuable to enough [of your] users to
warrant it. and that's a question for you and your customers to
discuss (probably involving checking your Play dashboard to see what
devices your users are actually using).
> It slows down my performance benchmarks by 0.4% on a Snapdragon 845 running Android 9, where it's all no-ops, or 1.6% on
> a Snapdragon 8 Gen 1 with Android 12, where I can set off PAC and BTI traps at will. I presume that the slowdown on the 845
> is just no-op time, and the larger slowdown when the traps are active is mostly due to the hash computations for PAC. Those
> computations can presumably be partly hidden by out-of-order execution, but not entirely.
> I'll need to discuss this with my Head of Product, but I expect we'll go ahead with it.
yeah, definitely a product decision, but I'm glad you got it to the
point where it's in their hands! You know where to find us if you hit
any technical problems (from your impressively extensive testing) :-)
looking to the future, it looks like we should just get QARMA3 "for free" on suitable hardware:
https://patchwork.kernel.org/project/linux-arm-kernel/patch/20220131170654.6238...@arm.com/
it's actually worse than that --- function pointer protection just
keeps getting harder the more you think about it... there's all kinds
of weird stuff to worry about, from questionable (but common in some
contexts) code where the function type and function pointer type don't
exactly match, through stuff like laundering through void*, to whether
function pointer equality works between authenticated and
unauthenticated pointers, to give just a few examples. there's lots
more! (plus of course the critical "and how does anyone actually roll
any of this out?" question.)