| Age | Commit message (Collapse) | Author |
|---|
|
The Apple documentation [0] indicates that when enabling DIT (via MSR),
a speculation barrier should be used. The rationale for this is not
explained, but one could assume that they perhaps do not treat MSR of
a PSTATE bit as a context synchronization event, and thus the CPU might
speculatively execute instructions that would be affected by DIT before
the MSR takes effect.
Arm on the other hand [1], explicitly states that MSR of a PSTATE bit is
a context synchronization event, and thus speculation barriers are not
needed.
In order to square this circle, we keep the speculation barrier, but
only use it on Apple Silicon.
[0] http://go/appledoc/xcode/writing-arm64-code-for-apple-platforms#Enable-DIT-for-constant-time-cryptographic-operations
[1] https://developer.arm.com/documentation/100941/0101/Barriers?lang=en
Fixes #77776
Change-Id: I17a91adc8e4d90fe2288592547986c82a9356cde
Reviewed-on: https://go-review.googlesource.com/c/go/+/748460
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
|
|
In EnableDIT, if DIT is already enabled, return early instead of
executing MSR and DSB/ISB, since they are not particularly cheap
instructions.
Also, if we have support for the SB (Speculation Barrier) instruction,
use it instead of DSB+ISB when enabling DIT, since SB is cheaper.
Change-Id: I1b3ecbd95ed42bfd10d646125704abf4e80b6d2e
Reviewed-on: https://go-review.googlesource.com/c/go/+/729800
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
|
|
When enabling DIT on ARM64, add speculation barrier instructions to
ensure that subsequent instructions are executed using the updated
DIT state.
See https://developer.apple.com/documentation/xcode/writing-arm64-code-for-apple-platforms#Enable-DIT-for-constant-time-cryptographic-operations
which recommends doing this. The Arm documentation for DIT doesn't tell
you to do this, but it seems prudent.
Change-Id: Idbc87b332650a77b8cb3509c11377bf5c724f3cf
Reviewed-on: https://go-review.googlesource.com/c/go/+/726980
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
|
|
The compiler cannot currently determine that the accesses to len8tab
are within bounds. Cast to uint8 to avoid unnecessary bounds checks.
Fixes #76166
Change-Id: I1fd930bba2b20d3998252c476308642e08ce00b4
Reviewed-on: https://go-review.googlesource.com/c/go/+/718040
Reviewed-by: Meng Zhuo <mengzhuo1203@gmail.com>
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
Auto-Submit: Keith Randall <khr@golang.org>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
Auto-Submit: Joel Sing <joel@sing.id.au>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
|
|
OpenBSD is bumping up against the nosplit limit, and openbsd/ppc64
is over it. Increase StackGuardMultiplier on OpenBSD, matching AIX.
Change-Id: I61e17c99ce77e1fd3f368159dc4615aeae99e913
Reviewed-on: https://go-review.googlesource.com/c/go/+/632996
Reviewed-by: Keith Randall <khr@golang.org>
Reviewed-by: Keith Randall <khr@google.com>
Auto-Submit: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
|
|
We shouldn't spend human code review time checking this.
Let the computer check.
Change-Id: I6de9d733c128d833b958b0e43a52b564e8f82dd3
Reviewed-on: https://go-review.googlesource.com/c/go/+/630417
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
|
|
Add a new function, WithDataIndependentTiming, which takes a function as
an argument, and encloses it with calls to set/unset the DIT PSTATE bit
on Arm64.
Since DIT is OS thread-local, for the duration of the execution of
WithDataIndependentTiming, we lock the goroutine to the OS thread, using
LockOSThread. For long running operations, this is likely to not be
performant, but we expect this to be tightly scoped around cryptographic
operations that have bounded execution times.
If locking to the OS thread turns out to be too slow, another option is
to add a bit to the g state indicating if a goroutine has DIT enabled,
and then have the scheduler enable/disable DIT when scheduling a g.
Additionally, we add a new GODEBUG, dataindependenttiming, which allows
setting DIT for an entire program. Running a program with
dataindependenttiming=1 enables DIT for the program during
initialization. In an ideal world PSTATE.DIT would be inherited from
the parent thread, so we'd only need to set it in the main thread and
then all subsequent threads would inherit the value. While this does
happen in the Linux kernel [0], it is not the case for darwin [1].
Rather than add complex logic to only set it on darwin for each new
thread, we just unconditionally set it in mstart1 and cgocallbackg1
regardless of the OS. DIT will already impose some overhead, and the
cost of setting the bit is only ~two instructions (CALL, MSR), so it
should be cheap enough.
Fixes #66450
Updates #49702
[0] https://github.com/torvalds/linux/blob/e8bdb3c8be08c9a3edc0a373c0aa8729355a0705/arch/arm64/kernel/process.c#L373
[1] https://github.com/apple-oss-distributions/xnu/blob/8d741a5de7ff4191bf97d57b9f54c2f6d4a15585/osfmk/arm64/status.c#L1666
Change-Id: I78eda691ff9254b0415f2b54770e5850a0179749
Reviewed-on: https://go-review.googlesource.com/c/go/+/598336
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
|
|
Moving these intrinsics to a base package enables other internal/runtime
packages to use them.
There is no immediate need for getclosureptr outside of runtime, but it
is moved for consistency with the other intrinsics.
For #54766.
Change-Id: Ia68b16a938c8cb84cb222469db28e3a83861be5d
Reviewed-on: https://go-review.googlesource.com/c/go/+/613262
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
|
|
Moving these intrinsics to a base package enables other internal/runtime
packages to use them.
For #54766.
Change-Id: I45a530422207dd94b5ad4eee51216c9410a84040
Reviewed-on: https://go-review.googlesource.com/c/go/+/613261
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
|
|
Moving these intrinsics to a base package enables other internal/runtime
packages to use them.
For #54766.
Change-Id: I0b3eded3bb45af53e3eb5bab93e3792e6a8beb46
Reviewed-on: https://go-review.googlesource.com/c/go/+/613260
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
|
|
just removed a single byte :)
Change-Id: Icd734f9f8f22b2ed0d9d0125d18b6d291bb14cd6
GitHub-Last-Rev: 93c0fd00d863c8a992c63f1bc01c0877b1bdff0c
GitHub-Pull-Request: golang/go#69056
Reviewed-on: https://go-review.googlesource.com/c/go/+/607878
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
|
|
Cleanup and friction reduction
For #65355.
Change-Id: Ia14c9dc584a529a35b97801dd3e95b9acc99a511
Reviewed-on: https://go-review.googlesource.com/c/go/+/600436
Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Keith Randall <khr@golang.org>
|
