Re: [PATCH] x86: add hintable NOPs emulation

[Marcos Del Sol Vives]

El 21/08/2025 a las 14:28, David Laight escribió:
>> This is going to be terribly slow if there's a significant number of
>> traps (like with endbr32), but yeah, this ought to work.
> 
> Could you patch the memory resident page to contain a supported nop?
> (without marking it 'dirty')
> Then the same function wouldn't trap until the code page was reloaded
> from the source file.
> 

While I had thought of that, to be honest I'm not knowledgeable enough
in kernel development to pull that off without being 100% sure I did not
introduce any compatibility or security issues, so I preferred for the
time being to play it safe.

Anyhow, I made a simple benchmark running "sudo" with NOPASSWD as provided
by Debian bookworm i686, and another version compiled without ENDBR32s, and
the overhead does not seem to be too high:

# time for i in {1..100}; do ./sudo-nocet echo "" >/dev/null; done
real    0m6,001s
user    0m3,664s
sys     0m1,576s

# time for i in {1..100}; do sudo echo "" >/dev/null; done
real    0m5,983s
user    0m3,546s
sys     0m1,717s

The original binary has 203 "endbr32"s, and they result in a 0.3% slowdown
for this binary in particular, which is totally acceptable IMO.

Greetings,
Marcos