diff options
| author | Russ Cox <rsc@golang.org> | 2020-01-06 10:31:39 -0500 |
|---|---|---|
| committer | Russ Cox <rsc@golang.org> | 2020-03-13 19:05:46 +0000 |
| commit | 877ef86bec593cd7e40899ac5446791e65b47839 (patch) | |
| tree | 1889b71db027e147f6b2aef734c928ff572a4d95 /test/codegen | |
| parent | d84cbec8908a04aa56889919942a3210963abaef (diff) | |
| download | go-877ef86bec593cd7e40899ac5446791e65b47839.tar.xz | |
cmd/compile: add spectre mitigation mode enabled by -spectre
This commit adds a new cmd/compile flag -spectre,
which accepts a comma-separated list of possible
Spectre mitigations to apply, or the empty string (none),
or "all". The only known mitigation right now is "index",
which uses conditional moves to ensure that x86-64 CPUs
do not speculate past index bounds checks.
Speculating past index bounds checks may be problematic
on systems running privileged servers that accept requests
from untrusted users who can execute their own programs
on the same machine. (And some more constraints that
make it even more unlikely in practice.)
The cases this protects against are analogous to the ones
Microsoft explains in the "Array out of bounds load/store feeding ..."
sections here:
https://docs.microsoft.com/en-us/cpp/security/developer-guidance-speculative-execution?view=vs-2019#array-out-of-bounds-load-feeding-an-indirect-branch
Change-Id: Ib7532d7e12466b17e04c4e2075c2a456dc98f610
Reviewed-on: https://go-review.googlesource.com/c/go/+/222660
Reviewed-by: Keith Randall <khr@golang.org>
Diffstat (limited to 'test/codegen')
| -rw-r--r-- | test/codegen/spectre.go | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/test/codegen/spectre.go b/test/codegen/spectre.go new file mode 100644 index 0000000000..3753498d09 --- /dev/null +++ b/test/codegen/spectre.go @@ -0,0 +1,38 @@ +// +build amd64 +// asmcheck -gcflags=-spectre=index + +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package codegen + +func IndexArray(x *[10]int, i int) int { + // amd64:`CMOVQCC` + return x[i] +} + +func IndexString(x string, i int) byte { + // amd64:`CMOVQCC` + return x[i] +} + +func IndexSlice(x []float64, i int) float64 { + // amd64:`CMOVQCC` + return x[i] +} + +func SliceArray(x *[10]int, i, j int) []int { + // amd64:`CMOVQHI` + return x[i:j] +} + +func SliceString(x string, i, j int) string { + // amd64:`CMOVQHI` + return x[i:j] +} + +func SliceSlice(x []float64, i, j int) []float64 { + // amd64:`CMOVQHI` + return x[i:j] +} |