Re: Is there a hidden channel in X authentication?

[wwieser () gmx de]

Did you try to insert a usleep(1) before the writev() syscall? This 
_might_ narrow down the noise as the last timer interrupt is just done when 
usleep returns (On i386, the time resolution is 1/100s = 10000usec; 
AFAIK usleep will not sleep shorter than time resolution.) 

wwieser

On Tuesday 22 May 2001 00:28, Pavel Kankovsky wrote:
> <--snip-->
>
> cookie.c (X11 test):
> <--snip-->
> #include <stdio.h>
> #include <string.h>
> #include <sys/uio.h>
> #include <sys/socket.h>
> #include <sys/un.h>
>
> /* taken from Linux kernel */
> #define rdtsc(low, high) \
>   __asm__ __volatile__("rdtsc" : "=a" (low), "=d" (high))
> #define sub64(xlow, xhigh, ylow, yhigh) \
>   __asm__("subl %2,%0\n\tsbbl %3,%1" \
>
>           :"=a" (xlow), "=d" (xhigh) \
>           :"g" (ylow), "g" (yhigh),  \
>
>            "0" (xlow), "1" (xhigh))
> unsigned long
> measure(int dpy, const char *cookie)
> {
>   unsigned long startlo, starthi;
>   unsigned long endlo, endhi;
>   int s, r;
>   char c;
>   struct iovec vec[4];
>   struct sockaddr_un sun;
>
>   vec[0].iov_base = "l\0\v\0\0\0\22\0\20\0\0\0";
>   vec[0].iov_len = 12;
>   vec[1].iov_base = "MIT-MAGIC-COOKIE-1";
>   vec[1].iov_len = 18;
>   vec[2].iov_base = "\0\0";
>   vec[2].iov_len = 2;
>   vec[3].iov_base = (char *) cookie;
>   vec[3].iov_len = 16;
>
>   s = socket(AF_UNIX, SOCK_STREAM, 0);
>   if (s < 0) return ~0UL;
>   sun.sun_family = AF_UNIX;
>   sprintf(sun.sun_path, "/tmp/.X11-unix/X%d", dpy);
>   r = connect(s, (struct sockaddr *) &sun, sizeof(sun));
>   if (r < 0) { close(s); return ~0UL; }
usleep(1);
>   rdtsc(startlo, starthi);
>   (void) writev(s, vec, 4);
>   (void) read(s, &c, 1);
>   rdtsc(endlo, endhi);
>   sub64(endlo, endhi, startlo, starthi);
>
>   close(s);
>   if (endhi) return ~0UL; /* argh */
>   return endlo;
> }
>
> int
> main()
> {
>   char a[16], b[16];
>   int i, j, count;
>   unsigned long ta, tb, tmin, t1;
>
>   for (j = 0; j < sizeof(a); ++j)
>     a[j] = j;
>   for (i = 0; i <= sizeof(a); ++i) {
>     for (j = 0; j < i; ++j) b[j] = a[j];
>     for (; j < sizeof(a); ++j) b[j] = ~a[j];
>     count = 100000;
>     ta = tb = 0; tmin = ~0UL;
>     for (j = 0; j < count; ) {
>       t1 = measure(99, b);
>       if (t1 == ~0UL) continue;
>       if (t1 < tmin) tmin = t1;
>       tb += t1 % count;
>       if (tb >= count) { ++ta; tb -= count; }
>       ta += t1 / count;
>       ++j;
>     }
>     printf("%2d %10lu %10lu\n", i, ta, tmin);
>   }
>   return 0;
> }