From owner-freebsd-hackers@FreeBSD.ORG  Tue Aug 10 08:28:30 2010
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 05BC11065678
	for <freebsd-hackers@freebsd.org>; Tue, 10 Aug 2010 08:28:30 +0000 (UTC)
	(envelope-from clement.lecigne@netasq.com)
Received: from work.netasq.com (mars.netasq.com [91.212.116.3])
	by mx1.freebsd.org (Postfix) with ESMTP id 9832C8FC14
	for <freebsd-hackers@freebsd.org>; Tue, 10 Aug 2010 08:28:29 +0000 (UTC)
Received: from localhost (unknown [10.2.0.1])
	by work.netasq.com (Postfix) with ESMTP id 32D6E30CAF62
	for <freebsd-hackers@freebsd.org>;
	Tue, 10 Aug 2010 10:08:45 +0200 (CEST)
Date: Tue, 10 Aug 2010 10:08:20 +0200
From: Clement LECIGNE <clement.lecigne@netasq.com>
To: freebsd-hackers@freebsd.org
Message-ID: <20100810080818.GA24002@clem1.netasq.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.5.19 (2009-01-05)
X-Mailman-Approved-At: Tue, 10 Aug 2010 11:15:35 +0000
Subject: Optimized memcmp failure.
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Aug 2010 08:28:30 -0000

Hi,

Here is a link to a blog post speaking about timing attacks.

http://rdist.root.org/2010/08/05/optimized-memcmp-leaks-useful-timing-differences/

It describes various memcmp() implementations of some OSes. FreeBSD is
mentionned at the end of the post and it warns about the fact that gcc
uses its own builtin memcmp() function when optimization (from O1 to O3)
is set. Unfortunately the gcc builtin memcmp() seems less optimized (at
least for i386 and amd64) than the FreeBSD memcmp() implementation (found
in libc).

I wonder if you know about that and if it could be a good thing to remove
this feature during buildworld (through -fno-builtin or anything else) ?

clem1~> cat memcmp.c
int main(int ac, char **av){return memcmp("abcd", av[0], 4);}

clem1~> gcc -O0 -S memcmp.c && cat memcmp.s
(...)
call    memcmp
(...)

clem1~> gcc -O1 -S memcmp.c && cat memcmp.s
(...)
movl    $4, %ecx
cld
repz
cmpsb
seta    %al
setb    %dl
subb    %dl, %al
movsbl  %al,%eax
(...)

Cheers,

-- 
Clement LECIGNE,
« Hardly surprising. Apple. They build crap and make you pay extra. »