Show HN: A pure ARM64 Assembly web server, now on Linux with CGI for no reason

(github.com)

46 points

by imtomt15 hours ago |

17 comments

by nickcw10 hours ago|

[-]

I love it :-)

Back in the distant past I wrote some really big ARM 32 assembly projects. 64 bit ARM is really very similar!

I had a look through the code. Some ENTRY/EXIT macros to help with the drudgery of save restore registers & stack frame would probably help. Also some register renaming would help readability (eg if a register points to incoming data throughout a subroutine rename it pdata).

I salute your effort and please enjoy the core dumps :-)

by gjvc4 hours ago|

parent|

[-]

RISC OS had some amazing apps written ARM26/32 -- my teenage mind was boggled

by mrbluecoat7 hours ago|

prev|

[-]

> written entirely by-hand in ARM64 assembly as a fun project. It's probably got a lot of vulnerabilities I'm unaware of

Impressive, but that second part worries me. I hope one day AI security scans upon commit (or integrated in the IDE) will alleviate that risk.

What's the current security gold standard for web servers? Hiawatha? https://hiawatha.leisink.net/

by efficax6 hours ago|

parent|

[-]

Hiawatha is written in C, and so despite its security posture, it probably contains vulnerabilities.

by Lucasoato7 hours ago|

prev|

[-]

Is an assembly webserver more performant than webservers written in other languages? Are there any hard limits on how much you can squeeze when using a particular framework?

by hparadiz10 hours ago|

prev|

[-]

I love projects like this because I think eventually all common computing tasks will be broken down in constituent most computationally optimized components

by tosti12 hours ago|

prev|

[-]

This isn't a bad thing per se. I imagine this could be a thing for an embedded side project or a tiny rescue system.

Edit: or learning arm64 assembly :)

by radhitya8 hours ago|

prev|

[-]

"raw syscalls only: no libc wrappers"

insane! i wonder how many times you have spent to learn about them!

by binaryturtle5 hours ago|

parent|

[-]

Like one time? It is like any other API. You look it up, study the parameters (in this case you need to look up in which register is what argument expected) and off it goes.

by wewewedxfgdf11 hours ago|

prev|

[-]

You wrote this by hand? Impressive.

by benj11112 hours ago|

prev|

[-]

Cool. I particularly like the O'Reilly book cover that never was. Although I fear you may have misunderstood what wasm is...

Question/critique. Isn't getting the mime type by file extension a bit windowsy? Would it not be easier to read the magic number when you're at the assembly level?

by jprjr_6 hours ago|

parent|

[-]

You could argue well, if you have to open the file to read it anyway may as well look for magic numbers.

That doesn't work well with text documents which won't have any kind of magic number. So now you're doing some heuristics to determine is this text/plain, text/html, text/svg? You're pretty much just guessing at that point.

A good number of file formats out there are just Zip files with a particular structure. JAR files, docx - so relying on magic numbers doesn't really work for those, either.

Also to service a HEAD request you'd have to open the file and read a few bytes that you just discard.

If you just do it by extensions you don't need to read files at all or perform heuristics, and no ambiguity for what mimetypes to use for text documents, zip-based formats, etc.

by kunley11 hours ago|

prev|

[-]

Ahh, this little gem ported to Linux, great! That opens much more possibilities to play with it, thanks

by sylware7 hours ago|

prev|

[-]

arm64 is an IP-locked ISA, namely it is not worth assembly writting, stick to plain and simple C.

RISC-V is. I am self-hosting many of my internet thingies. I plan to move to RISC-V only hardware and to rewrite my internet software directly in mono-threaded paranoid RISC-V assembly.

by AntronX6 hours ago|

parent|

[-]

> arm64 is an IP-locked ISA, namely it is not worth assembly writting

Why is that a problem? Google search returns 3K page arm64 ISA manual. What else do you need to write asm?

by jprjr_5 hours ago|

parent|

[-]

Nothing else, I think what the're more concerned with is how open an architecture is.

I think with RISC-V if you wanted to design your own chips and stuff you can just do it, whereas ARM doesn't let you do that.

I'm not about to build my own chips so it doesn't matter all that much to me but I understand where the person is coming from. They'd rather write assembly for the more open architecture.

by wewewedxfgdf8 hours ago|

prev|

[-]

There's critical security flaws in this web server. Consult your local LLM for a security analysis.