bits 0x2e - Calender Week 46, 2023

Good reads

On memory barrier

MIT’s xv6 kernel is a great project that teaches OS basics, from pagetable to threading, from kernel to user. To make it better, it has a great documentation and has been ported to many architectures. Linux kernel source code is a vault, but it’s too much black magic for beginners.

A promising OS/ASM tutorial in chinese.
全网首发!为手写OS量身定制的一套汇编教程,从零基础到精通,学会也能用汇编手写操作 系统 https://www.bilibili.com/video/BV15j411i7SM/ There aren’t so many good learning materials in my mother tongue. I listened to the first 3 sessions as a podcast and find it pretty nice. I could use this to refresh my knowledges.

Encoding of immediate values on AArch64 by Dominik Inführ https://dinfuehr.github.io/blog/encoding-of-immediate-values-on-aarch64/

Hacking ADHD – Strategies for the Modern Developer https://www.ledger.com/blog/hacking-adhd-strategies-for-the-modern-developer

Spectre Side Channels in kernel docs: https://docs.kernel.org/admin-guide/hw-vuln/spectre.html

Spectre Returns! Speculation Attacks using the Return Stack Buffer, 2018 paper by Koruyeh et. al. https://www.usenix.org/system/files/conference/woot18/woot18-paper-koruyeh.pdf

Branch predictor: How many “if"s are too many? Including x86 and M1 benchmarks! by Marek Majkowski https://blog.cloudflare.com/branch-predictor/

  • A quick answer of “how many” is, for EPYC 7642, 4096 in a hot loop, that’s the size limit of the BTB.

Takeaways are specific to their CPU model under test.1

Takeaway 0 - branches always-taken occupy BTB, branches never taken do not.

Takeaway 1 - On this CPU a branch instruction that is taken but not predicted, costs ~7 cycles more than one that is taken and predicted. Even if the branch was unconditional.

Takeaway 2 - conditional branches never-taken are basically free - at least on this CPU.

Takeaway 3 - In the hot code you want to have less than 2K function calls

Branch prediction by Dan Luu https://danluu.com/branch-prediction/#one-bit

Static branch prediction on newer Intel processors (series of 5 articles) by Matt Godbolt, https://xania.org/201602/bpu-part-one

Reading privileged memory with a side-channel by Jann Horn, Project Zero https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

I wonder how they reverse engineered this?

void bhb_update(uint58_t *bhb_state, unsigned long src, unsigned long dst) {
    *bhb_state <<= 2;
    *bhb_state ^= (dst & 0x3f);
    *bhb_state ^= (src & 0xc0) >> 6;
    *bhb_state ^= (src & 0xc00) >> (10 - 2);
    *bhb_state ^= (src & 0xc000) >> (14 - 4);
    *bhb_state ^= (src & 0x30) << (6 - 4);
    *bhb_state ^= (src & 0x300) << (8 - 8);
    *bhb_state ^= (src & 0x3000) >> (12 - 10);
    *bhb_state ^= (src & 0x30000) >> (16 - 12);
    *bhb_state ^= (src & 0xc0000) >> (18 - 14);
}

Fun stuffs

Zork: The Great Inner Workings by Rok Ajdnik
https://medium.com/swlh/zork-the-great-inner-workings-b68012952bdc

MISC

“Warum bin ich unendlich müde, und warum schlaf ich nicht”
The line from knorkator’s track “warum” precisely describes my recent mode. I haven’t been having sleeping issue for weeks, and I always have my days and nights rolled over. I need to change that… Seriously.

Fry scream

I really need to take some time to learn the real “fry”. However I’m not sure about the sound isolation in my apartment…. https://www.youtube.com/watch?v=M0oP4k7hNro


  1. I ran the code on my i5-6440 laptop and got the similar results ↩︎

edited 27.11.2023
created 14.11.2023
EOF
[+] click to leave a comment [+]
the comment system on this blog works via email. The button
below will generate a mailto: link based on this page's url 
and invoke your email client - please edit the comment there!

[optional] even better, encrypt the email with my public key

- don't modify the subject field
- specify a nickname, otherwise your comment will be shown as   
  anonymous
- your email address will not be disclosed
- you agree that the comment is to be made public.
- to take down a comment, send the request via email.

>> SEND COMMENT <<

[BITS] - the weekly archive -
bits 0x49 - Calender Week 15, 2024 (WIP)
bits 0x48 - Calender Week 14, 2024
bits 0x47 - Calender Week 13, 2024
bits 0x46 - Calender Week 12, 2024
bits 0x45 - Calender Week 11, 2024
bits 0x44 - Calender Week 10, 2024
bits 0x43 - Calender Week 09, 2024 [VOID]
bits 0x42 - Calender Week 08, 2024 [VOID AGGREGATE]
bits 0x41 - Calender Week 07, 2024 [VOID]
bits 0x40 - Calender Week 06, 2024 [VOID]
bits 0x39 - Calender Week 05, 2024
bits 0x38 - Calender Week 04, 2024
bits 0x37 - Calender Week 03, 2024
bits 0x36 - Calender Week 02, 2024 [VOID AGGREGATE]
bits 0x35 - Calender Week 01, 2024
bits 0x34 - Calender Week 52, 2023
bits 0x33 - Calender Week 51, 2023
bits 0x32 - Calender Week 50, 2023 [VOID]
bits 0x31 - Calender Week 49, 2023
bits 0x30 - Calender Week 48, 2023
bits 0x2f - Calender Week 47, 2023
bits 0x2e - Calender Week 46, 2023
bits 0x2d - Calender Week 45, 2023
bits 0x2c - Calender Week 44, 2023
bits 0x2b - Calender Week 43, 2023
bits 0x2a - Calender Week 42, 2023