This blog post presents a revised and more robust method for invoking raw OpenBSD system calls directly from C code, bypassing the standard C library. It improves upon a previous example by handling variable-length argument lists and demonstrating how to package those arguments correctly for system calls. The core improvement involves using assembly code to dynamically construct the system call arguments on the stack and then execute the syscall instruction. This allows for a more general and flexible approach compared to hardcoding argument handling for each specific system call. The provided code example demonstrates this technique with the getpid() system call.
OpenBSD has contributed significantly to operating system security and development through proactive approaches. These include innovations like memory safety mitigations such as W^X (preventing simultaneous write and execute permissions on memory pages) and pledge() (restricting system calls available to a process), advanced cryptography and randomization techniques, and extensive code auditing practices. The project also champions portable and reusable code, evident in the creation of OpenSSH, OpenNTPD, and other tools, which are now widely used across various platforms. Furthermore, OpenBSD emphasizes careful documentation and user-friendly features like the package management system, highlighting a commitment to both security and usability.
Hacker News users discuss OpenBSD's historical focus on proactive security, praising its influence on other operating systems. Several commenters highlight OpenBSD's pledge ("secure by default") and the depth of its code audits, contrasting it favorably with Linux's reactive approach. Some debate the practicality of OpenBSD for everyday use, citing hardware compatibility challenges and a smaller software ecosystem. Others acknowledge these limitations but emphasize OpenBSD's value as a learning resource and a model for secure coding practices. The maintainability of its codebase and the project's commitment to simplicity are also lauded. A few users mention specific innovations like OpenSSH and CARP, while others appreciate the project's consistent philosophy and long-term vision.
Summary of Comments ( 18 )
https://news.ycombinator.com/item?id=43340385
Several Hacker News commenters discuss the impracticality of the raw syscall demo, questioning its real-world usefulness and emphasizing that libraries like libc exist for a reason. Some appreciated the technical depth and the exploration of low-level system interaction, viewing it as an interesting educational exercise. One commenter suggested the demo could be useful for specialized scenarios like writing a dynamic linker or a microkernel. There was also a brief discussion about the performance implications and the idea that bypassing libc wouldn't necessarily result in significant speed improvements, and might even be slower in some cases. Some users also debated the portability of the code and suggested alternative methods for achieving similar results.
The Hacker News post "A more robust raw OpenBSD syscall demo" (https://news.ycombinator.com/item?id=43340385) has a modest number of comments, sparking a discussion primarily around the practicality and implications of the demonstrated technique.
One commenter points out the historical context of similar syscall techniques in older systems, mentioning how CP/M and DOS worked, highlighting the simplicity and directness of these older approaches. They suggest that while the demo might be "neat," it's not particularly novel.
Another commenter raises a concern about the portability of this method. They specifically mention the interaction with dynamic linkers like ld.so and how this approach might clash with Position Independent Executables (PIE), a common security feature in modern systems. This raises a practical barrier to using this technique in many real-world scenarios.
Building upon the portability concerns, a separate commenter notes the potential issues with signal handling and memory management, especially in multi-threaded environments. They explain that relying on the stack for argument passing in a raw syscall context can become problematic when signals interrupt execution or when threads are involved.
One commenter expresses skepticism about the "robustness" claimed in the title, arguing that true robustness in system calls necessitates proper error handling and boundary checks. They imply the demo, in its simplicity, lacks these vital aspects.
A different commenter delves into the details of OpenBSD's system call implementation, specifically mentioning the
syscall()wrapper function. They explain that this wrapper handles some of the low-level details, contrasting it with the rawer approach demonstrated in the linked blog post. This provides additional context on the standard way system calls are usually invoked in OpenBSD.Finally, a commenter pivots the discussion slightly, mentioning the security implications of directly manipulating the stack for system call arguments. They suggest that this method might create vulnerabilities, especially if the input is not properly sanitized or validated. This adds another layer of concern regarding the practicality and safety of the demonstrated technique.
In summary, the comments on the Hacker News post offer a range of perspectives, from historical context and comparisons with older systems to concerns about portability, robustness, and security. While some find the demo interesting, others express reservations about its real-world applicability and potential drawbacks.