Hi,
Windows doesn’t appear to force alignment of kernel code page instructions to page boundary. Is that intentional to make tampering difficult at the cost of potential performance hit? Thanks.
Kamala
Hi,
Windows doesn’t appear to force alignment of kernel code page instructions to page boundary. Is that intentional to make tampering difficult at the cost of potential performance hit? Thanks.
Kamala
Why should it? I don’t get your concern. You don’t like that some instructions cross page boundaries?
I think this is the responsibility of the linker. I would expect the kernel loader to respect all alignment requirements via ambivalence since it will load sections from the image on page boundaries. Or something like that.
Sent from my Windows Phone
-----Original Message-----
From: “xxxxx@broadcom.com”
Sent: 11/15/2014 2:36 PM
To: “Windows System Software Devs Interest List”
Subject: RE:[ntdev] Windows kernel code page alignment
Why should it? I don’t get your concern. You don’t like that some instructions cross page boundaries?
—
NTDEV is sponsored by OSR
Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
OSR is HIRING!! See http://www.osr.com/careers
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
I don’t even understand the question.
Peter
OSR
@OSRDrivers
> Why should it? I don’t get your concern. You don’t like that some instructions
cross page boundaries?
Wouldn’t there be a performance implication otherwise? Of course, the gravity of it would be predicated on the hit count of the instruction in question. My concern although is not performance in the case I am looking at but stems from how I guard the page, slightly off topic.
I think this is the responsibility of the linker. I would expect the kernel
loader to respect all alignment requirements via ambivalence since it will load
sections from the image on page boundaries. Or something like that.
Right, I don’t expect the loader to fixup rather the linker to do the necessary adjustments. Or at least, I assumed linkers do that by default but they don’t appear to…
I don’t even understand the question.
This -
82a66ffb 0f848f010000 je nt!MmUnsecureVirtualMemory+0xe29 (82a67190)
82a67001 8b5d08 mov ebx,dword ptr [ebp+8]
If you look at the instruction at 82a66ffb, it crosses page boundary on the system/version in question, something I wasn’t expecting.
Kamala
Your expectations are mis-set.
There is no reason at all to believe that instructions wouldn’t cross page boundaries. Think about it: How would a program that’s longer than 4K deal with this? Given that instructions aren’t a fixed length, when you get to the end of the page, it’s entirely likely that the instruction will cross page boundaries.
Peter
OSR
@OSRDrivers
Actually, this is another of the “Intel optimizations” they have at least
once recommended putting in NOP’s so instructions are page / cache aligned.
No commercial compiler I know of did it, since this was like so many of the
optimizations only good for the latest greatest Intel processor and actually
slowed down earlier systems.
This has been a war between the compiler folks and the hardware designers
that go back to the first optimizing compilers, the hardware guys always
want their latest processor to be the one you optimize for, and the compiler
guys realize if they do then they get slammed when the new compiler version
produces slower code for the existing customers. At least one place I
worked (in the compiler group) wanted us to have optimization switches for
each model of the processor, at the time we figured the QA calendar time on
the product would be twice as long as the corporate release cycle.
Don Burn
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@osr.com
Sent: Thursday, November 20, 2014 9:38 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Windows kernel code page alignment
[quote]
it crosses page boundary on the
system/version in question, something I wasn’t expecting [/quote]
Your expectations are mis-set.
There is no reason at all to believe that instructions wouldn’t cross page
boundaries. Think about it: How would a program that’s longer than 4K deal
with this? Given that instructions aren’t a fixed length, when you get to
the end of the page, it’s entirely likely that the instruction will cross
page boundaries.
Peter
OSR
@OSRDrivers
NTDEV is sponsored by OSR
Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
OSR is HIRING!! See http://www.osr.com/careers
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Yes, like back in 1990 or something, right?
In terms of perf, I *believe* the only time that instruction decode pays a significant penalty for not being aligned is when you’re talking about an instruction that’s supposed to be atomic with respect to other processors, such as CMPXCHG or something with the LOCK prefix.
Other than that… does page alignment even matter when it comes to performance in 21st Century CPUs? I didn’t think so.
Peter
OSR
@OSRDrivers
That would just be a gigantic waste of critical resources.
What would happens if the code belongs to a paged section and the particular page that was allocated for one instruction happens to be paged out ? The result would be hundred or thousand of instructions being executed to satisfy just one instruction. That is not optimization.
“Given that instructions aren’t a fixed length”
Perhaps the OP isn’t aware that x86, unlike other very popular instruction sets that happen to be RISC, commonly uses variable length instructions.
-p
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@osr.com
Sent: Thursday, November 20, 2014 6:38 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Windows kernel code page alignment
[quote]
it crosses page boundary on the
system/version in question, something I wasn’t expecting [/quote]
Your expectations are mis-set.
There is no reason at all to believe that instructions wouldn’t cross page boundaries. Think about it: How would a program that’s longer than 4K deal with this? Given that instructions aren’t a fixed length, when you get to the end of the page, it’s entirely likely that the instruction will cross page boundaries.
Peter
OSR
@OSRDrivers
NTDEV is sponsored by OSR
Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
OSR is HIRING!! See http://www.osr.com/careers
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
I misunderstood the “page aligned” statement and really made to much about it. The OP’s concern was about instructions not crossing page boundaries.
Such a requirement would just force the compiler to add “nop” to the end of some pages. Now, depending on how many “nop” must be added for one executable, some additional pages may be required or not.
For the entire memory region where kernel mode binaries are mapped, this requirement would propably just result in a few additional megabytes, in the worst cases, being allocated depending on the number of drivers being loaded. So the word “gigantic” is excessive and there is no paged code issue because the next page would be accessed anyway.
xxxxx@hotmail.com wrote:
I misunderstood the “page aligned” statement and really made to much about it. The OP’s concern was about instructions not crossing page boundaries.
Such a requirement would just force the compiler to add “nop” to the end of some pages. Now, depending on how many “nop” must be added for one executable, some additional pages may be required or not.
Well, in my mind, the point is that the original poster has not thought
through his objections. Let’s consider his original example sequence,
and the same sequence with padding added:
82a66ffb 0f848f010000 je nt!MmUnsecureVirtualMemory+0xe29
(82a67190)
82a67001 8b5d08 mov ebx,dword ptr [ebp+8]
82a66ffb 9090909090 nop nop nop nop nop
82a67000 0f848f010000 je nt!MmUnsecureVirtualMemory+0xe29
(82a67190)
82a67006 8b5d08 mov ebx,dword ptr [ebp+8]
The point is that THERE IS NO DIFFERENCE IN PERFORMANCE between these
two sequences. In both cases, you have to load the second page. It
doesn’t make one diddley squat of difference whether one of the
instructions that cross the page boundary. Instruction pre-fetching
will trigger the page fault in either case.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
> The point is that THERE IS NO DIFFERENCE IN PERFORMANCE between these two sequences.
Yes.
In both cases, you have to load the second page.
Yes, that’s why I concluded “… there is no paged code issue because the next page would be accessed anyway.”
> Well, in my mind, the point is that the original poster has not thought
through his objections.
Possibly.
Let’s consider his original example…
The other me, a “SHE”would like to point out that snippet itself was NOT to make a case for performance but to help better understand what I meant by instruction crossing page boundary and in response to a query in that line.
That said, I am not entirely convinced there won’t ever be a case wherein such non-alignment would never be a problem. At best it may be more efficient if not performance critical for linkers and such to be aware of page boundary (information it ought to have during code generation) within which it generates instructions and tiny functions that are likely to be invoked more often (information it won’t necessarily have during code generation, thus apply in general).
Either way my concern relating to instructions crossing page boundary stems from a different issue I am battling which may be off-topic although my assumption that they don’t cross page boundary was predicated on performance. The consensus appear to be that it is not much of a performance issue if at all one. I will go back to working though my original concern now that I know I can’t make the assumption I made based on a reason which appears to be flawed.
On Nov 21, 2014, at 10:26 PM, xxxxx@comcast.net wrote:
That said, I am not entirely convinced there won’t ever be a case wherein such non-alignment would never be a problem. At best it may be more efficient if not performance critical for linkers and such to be aware of page boundary (information it ought to have during code generation) within which it generates instructions and tiny functions that are likely to be invoked more often (information it won’t necessarily have during code generation, thus apply in general).
Alignment can certainly have a performance effect. The compiler, for example, will sometimes add padding to make sure that a loop starts at a cache line boundary, so that the backward jumps don’t blow the cache.
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
> But remember that alignment has a global effect. The loader cannot ensure a
larger-grained alignment than the loader, which cannot ensure a larger-grained
alignment than the compiler. So if the compiler is only compiling for 32-byte
alignment, the linker and loader cannot enforce page alignment.
I won’t dispute the loader/linker/compiler role and effect here.
Thinking through this again, I am suspecting, data if we collect any would belie our current general assumption that this is a non-issue nowadays (which while true in most cases) though in reality, in some scenarios this is going to be an issue gone unnoticed because of the general assumption around it.
That said, this thread did help sanity check my assumption although the issue stemming from it need fixing which is off topic and for me to take care of. Thanks for all your input!
A memory contains many hundred of instructions. Why should the one located at the page boundary be a concern ? The performance improvement, if any, would be imperceptible.
Mr Don Burn’s statement is very important. The hardware manufacturer recommended that software developpers should align instructions but they decided to not follow these recommendations. Why ? Because this would probably result in too many nops being added to the code, thus increasing memory consumption in a way that was considered not sustainable.
Consider the following situation. Let’s say an instruction crosses the boundary between the adjacent pages A and B. Now imagine B gets swapped out while A is still in RAM .What happens when CPU tries to execute this instruction? It is obvious that this cause a page fault, but EIP stat is saved on the stack will point to page A ,rathert than B, because this is where the beginning of the failing instruction is located. Therefore, page faul handler must be able to deal with this scenario,i.e. it has to realize that it has to bring inpage B, rather than A…
Anton Bassov
Not just memory consumption, when Intel recommended this on the older CPU’s
NOP’s to align things took more cycles than were saved by the alignment on
the newer CPU. One has to be very careful about the claims of CPU
manufacturers, they will claim that Model Y is N% faster than previous Model
X. The problem is for the good ones that means for a program optimized
specifically for X and then the same code specifically optimized for Y the
speedup is N%, a lot of them aren’t that good and just optimize for Y and
run it on X, not mentioning that a program optimized for Y is almost N%
slower on X than the same program optimized for X.
Don Burn
Windows Driver Consulting
Website: http://www.windrvr.com
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: Sunday, November 23, 2014 12:38 AM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Windows kernel code page alignment
A memory contains many hundred of instructions. Why should the one located
at the page boundary be a concern ? The performance improvement, if any,
would be imperceptible.
Mr Don Burn’s statement is very important. The hardware manufacturer
recommended that software developpers should align instructions but they
decided to not follow these recommendations. Why ? Because this would
probably result in too many nops being added to the code, thus increasing
memory consumption in a way that was considered not sustainable.
NTDEV is sponsored by OSR
Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
OSR is HIRING!! See http://www.osr.com/careers
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
>Therefore, page faul handler must be able to
deal with this scenario,i.e. it has to realize that it has to bring inpage B,
rather than A
GPF exception record contains the fault access address. The exception handler doesn’t have to figure anything out.