Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Future small tweaks to switcher? #334

Open
6 tasks
nwf opened this issue Nov 5, 2024 · 1 comment
Open
6 tasks

Future small tweaks to switcher? #334

nwf opened this issue Nov 5, 2024 · 1 comment

Comments

@nwf
Copy link
Member

nwf commented Nov 5, 2024
edited
Loading

While writing (and trying to actually finish) #320, follow-up work has sprung to mind. Just jotting down so I don't forget. This list might grow with time.

  • Since Switcher fixes from #320 #326 (specifically b9d2191) landed, we now do a cincoffset and cmove. We should instead convert the SPILL_SLOT_c* offsets to be negative relative to an unmoved csp and then do the cincoffset instead of the cmove. This is easy, barely worth mentioning, but I'd rather do it after rather than before WIP: various tweaks to, and a pile of documentation for, the switcher and exception handler #320, because rebasing is getting old.
  • @davidchisnall's "assume MSHWM now" comment; it's been a long time since we've driven without it (though @rmn30 notes that it could be useful to keep configurable for benchmarking)
    • After that, it would be nice to permute the fields of TrustedStackGeneric to make its tuple-like nature (spill frame, stack, miscellaneous state) more obvious; and some more commentary here couldn't hurt.
  • .Lswitch_trusted_stack_exhausted looks an awful lot like a subset of switcher_skip_compartment_call. Can we readily shuffle the latter so that the former can be made to look like .Lswitch_stack_too_small?
  • .Lhandle_error_try_stackful and .Lhandle_error_try_stackless both want the value 0xffff in s1; can we shuffle things around so that that's live-in to both rather than being li-d separately in each?
  • The CSetBoundsExact in .Lswitch_stack_chop could fail if stacks are large and the current cursor is not sufficiently aligned. We could, in decreasing order of preference,...
    • use CSetBoundsRoundDown (CSetBoundsRoundDown cheriot-sail#74) once it exists
    • decide that's OK, and just unwind back into the caller when we try to zero the stack, as now (because we're after the update to the TrustedStack::frameoffset at the end of .Ltrusted_stack_push) but with more documentation
    • manually test (I'd rather not stick more instructions on the fast path, but it is an option)
@nwf nwf mentioned this issue Nov 7, 2024
Open
@davidchisnall
Copy link
Collaborator

One more for the list:

  • Use MScratch as the temporary home of CSP so MTDC is always a trusted stack or null.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nwf @davidchisnall