1
0
mirror of https://github.com/golang/go synced 2024-11-22 04:44:39 -07:00
Commit Graph

61615 Commits

Author SHA1 Message Date
Paul E. Murphy
fa52db6a3f crypto/internal/fips/aes/gcm: fix PPC64 gcm debug option logic
AES-GCM is always supported, unless the debug option explicitly
turns it off.

Change-Id: Iac17fd8429307d48daa601249a2505bcd1b1f892
Reviewed-on: https://go-review.googlesource.com/c/go/+/629695
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Archana Ravindar <aravinda@redhat.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
2024-11-19 18:44:13 +00:00
Filippo Valsorda
48d260cbd9 crypto/internal/fips/aes: add CAST
For #69536

Change-Id: I6ecbe8b05f9f01afe2aa32c59fc56c9e1c6ea6b4
Reviewed-on: https://go-review.googlesource.com/c/go/+/626437
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 18:22:12 +00:00
Russ Cox
fd0294b99c cmd/internal/obj/arm64: recognize FIPS static temps as unaligned
Code like x := [12]byte{1,2,3,4,5,6,7,8,9,10,11,12} stores x in
a pair of registers and uses MOVD/MOVWU to load the values
from RODATA. The code generator needs to understand not
to use the aligned PC-relative relocation for that sequence.

In non-FIPS modes, more statictemp optimizations can be applied
and this problematic sequence doesn't happen.

Fix the decision about whether to assume alignment to match
the code used by the linker when deciding what to align.

Fixes the linker failure in CL 626437 patch set 5.

Change-Id: Iedad862c6faee758d4a2c5120cab2d329265b134
Reviewed-on: https://go-review.googlesource.com/c/go/+/628835
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
TryBot-Bypass: Russ Cox <rsc@golang.org>
2024-11-19 18:21:27 +00:00
Filippo Valsorda
eeddabcadb crypto/md5,crypto/sha512: fix AppendBinary -> BinaryAppender docs typo
Change-Id: Ia2caecd0a54e1100ad523f0dc76f17babcd0ffca
Reviewed-on: https://go-review.googlesource.com/c/go/+/626878
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 17:45:28 +00:00
Filippo Valsorda
050109c4fb crypto/internal/fips/hkdf: correctly set the service indicator for short salts
For #69536

Change-Id: Ibe2623311c8be5fb3e7411b33e61bf66d026e14d
Reviewed-on: https://go-review.googlesource.com/c/go/+/626877
Reviewed-by: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
2024-11-19 17:45:26 +00:00
Filippo Valsorda
69c3cb8d1b crypto/internal/fips/ssh: implement SSH KDF
For #69536

Change-Id: I0788469400de6a39cb22a6936a74d71066c476b1
Reviewed-on: https://go-review.googlesource.com/c/go/+/626875
Reviewed-by: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
2024-11-19 17:45:24 +00:00
Filippo Valsorda
c9408a154a crypto/internal/fips/tls12: implement TLS 1.2 KDF
For #69536

Change-Id: If2477c5249a7c7db45c1af05e715ae0b61e7d940
Reviewed-on: https://go-review.googlesource.com/c/go/+/626837
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Russ Cox <rsc@golang.org>
2024-11-19 17:45:22 +00:00
Filippo Valsorda
743746a3a5 crypto/internal/fips/tls13: implement TLS 1.3 KDF
The new implementation encodes the key schedule into the type system,
which is actually nicer than what we had before.

For #69536

Change-Id: Iddab62c2aae40bc2425a155443576bb9b7aafe03
Reviewed-on: https://go-review.googlesource.com/c/go/+/626836
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Commit-Queue: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
2024-11-19 17:45:20 +00:00
George Adams
5deea4c242 Revert "os: check for valid Windows path when creating files"
This reverts commit CL 618496.

Reason for revert: https://github.com/golang/go/issues/54040#issuecomment-2485151973

Change-Id: I3bf27f7fdd475a005cb6aa190994153504e96fb5
Reviewed-on: https://go-review.googlesource.com/c/go/+/629595
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Quim Muntal <quimmuntal@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
2024-11-19 17:26:40 +00:00
qmuntal
405a0c4ae8 os/user: fix race detector failure
The race detector doesn't like that windows.GetSid* functions return
pointers to the SID structure. This change makes these functions return
values instead and mark them with nocheckptr.

Fixes #70378

Cq-Include-Trybots: luci.golang.try:gotip-windows-amd64-race
Change-Id: Iba39d75bb31679d25a5ee43b51e4abb0c435dbac
Reviewed-on: https://go-review.googlesource.com/c/go/+/628995
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 16:52:49 +00:00
Roland Shoemaker
afa9880638 crypto/internal/hpke: add Recipient role
Adds the Recipient role, alongside the existing Sender role. Also factor
out all of the shared underlying bits and pieces into a shared type that
is embedded in the Sender/Recipient roles.

Change-Id: I7640d8732aa0dd5cc9e38b8c26f0cfa7856170f6
Reviewed-on: https://go-review.googlesource.com/c/go/+/623575
Auto-Submit: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
2024-11-19 16:48:05 +00:00
Roland Shoemaker
bc1da38c3d crypto/subtle: add DIT closure
Add a new function, WithDataIndependentTiming, which takes a function as
an argument, and encloses it with calls to set/unset the DIT PSTATE bit
on Arm64.

Since DIT is OS thread-local, for the duration of the execution of
WithDataIndependentTiming, we lock the goroutine to the OS thread, using
LockOSThread. For long running operations, this is likely to not be
performant, but we expect this to be tightly scoped around cryptographic
operations that have bounded execution times.

If locking to the OS thread turns out to be too slow, another option is
to add a bit to the g state indicating if a goroutine has DIT enabled,
and then have the scheduler enable/disable DIT when scheduling a g.

Additionally, we add a new GODEBUG, dataindependenttiming, which allows
setting DIT for an entire program. Running a program with
dataindependenttiming=1 enables DIT for the program during
initialization. In an ideal world PSTATE.DIT would be inherited from
the parent thread, so we'd only need to set it in the main thread and
then all subsequent threads would inherit the value. While this does
happen in the Linux kernel [0], it is not the case for darwin [1].
Rather than add complex logic to only set it on darwin for each new
thread, we just unconditionally set it in mstart1 and cgocallbackg1
regardless of the OS. DIT will already impose some overhead, and the
cost of setting the bit is only ~two instructions (CALL, MSR), so it
should be cheap enough.

Fixes #66450
Updates #49702

[0] e8bdb3c8be/arch/arm64/kernel/process.c (L373)
[1] 8d741a5de7/osfmk/arm64/status.c (L1666)

Change-Id: I78eda691ff9254b0415f2b54770e5850a0179749
Reviewed-on: https://go-review.googlesource.com/c/go/+/598336
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 16:47:03 +00:00
Russ Cox
44cea1234d cmd/go/internal/fsys: replace file tree with sorted list
Replace the tree of nodes with a sorted list of file replacements.
The most important property of this representation is that it
allows replacing directories: a replacement x -> y where y is
a directory could not be implemented before, because it would
require making a node for every file in the tree rooted at y,
or else it would require unsuccessful lookups for files like
x/a/b/c/d/e/f/g/h/i/j/k to try every possible parent in order
to discover the x -> y mapping.

The sorted list makes it easy to find the x -> y mapping:
when you do the binary search for x/a/b/c/d/e/f/g/h/i/j/k,
you end up immediately after the x -> y mapping, so stepping
backward one entry provides the mapping we need, if it exists.

This CL does not allow overlay files to include directories,
but now it is possible. This is at least useful for other kinds
of experiments (like FIPS).

Change-Id: Ief0afaee82e644dab8ae4eafeec20440afee2e36
Reviewed-on: https://go-review.googlesource.com/c/go/+/628701
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Matloob <matloob@golang.org>
2024-11-19 16:43:49 +00:00
Filippo Valsorda
2ef00e2734 crypto/internal/fips/hkdf: new package
Tests imported from x/crypto, but the actual implementation was simpler
to implement ex-novo with a #61477-like API.

Updates #61477
For #69536

Change-Id: I5a9e8a71d8abd5b2aa6b74e73bf7f631ed0115cd
Reviewed-on: https://go-review.googlesource.com/c/go/+/621275
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Russ Cox <rsc@golang.org>
2024-11-19 16:27:13 +00:00
Filippo Valsorda
f916d93e41 crypto/cipher: add NewGCMWithRandomNonce
Fixes #69981

Change-Id: I0cad11f5d7673304c5a6d85fc598ddc27ab93738
Reviewed-on: https://go-review.googlesource.com/c/go/+/629175
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
2024-11-19 16:26:40 +00:00
Filippo Valsorda
380903588c crypto/internal/fips/aes/gcm: add GCMForSSH
For #69536

Change-Id: Ia368f515893a95e176149e23239a8e253fc5272f
Reviewed-on: https://go-review.googlesource.com/c/go/+/629095
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2024-11-19 16:24:57 +00:00
Filippo Valsorda
bedde1bee0 crypto: check all cpu.X86 flags for features used in assembly
These are most likely redundant, but cmd/compile/internal/amd64's
TestGoAMD64v1 turns them off when clobbering those instructions, so we
need to know to skip the assembly in those cases.

Thankfully we have Avo now that adds a helpful comment with the list of
features used by each generated function!

Also improve the error output of TestGoAMD64v1. It had broken before in
#49402 and had required the exact same patch.

Change-Id: I7fab8f36042cdff630f806723aa1d8124c294f60
Reviewed-on: https://go-review.googlesource.com/c/go/+/626876
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Reviewed-by: Keith Randall <khr@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 15:48:59 +00:00
Filippo Valsorda
e66229a22a crypto/internal/fips/aes: add service indicators
For #69536

Change-Id: I485c165b1d9fcd7b09ff151bbeebc57d8908bcb8
Reviewed-on: https://go-review.googlesource.com/c/go/+/626835
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
2024-11-19 14:36:19 +00:00
Russ Cox
8f22369136 cmd/go/internal/fsys: refactor overlay consistency checks
Do the overlay consistency checks separate from constructing
the overlay data structure. This makes sure that the data structure
can be changed without worrying about losing the checks.

Change-Id: I9ff50cc366b5362adc5570f94e6caf646ddf5046
Reviewed-on: https://go-review.googlesource.com/c/go/+/628700
Auto-Submit: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Matloob <matloob@golang.org>
2024-11-19 05:49:58 +00:00
Russ Cox
8767a090d5 cmd/go/internal/fsys: refactor vfs lookup
Refactor vfs lookup into 'func stat', which knows the internal
data structures for the vfs and returns information about a
given path. The callers can then all use stat and avoid direct
knowledge of the internal data structures.

This is setting up for a different internal data structure.

Change-Id: I496b7b3fb686cdde81b14687f65eb0bf51ec62be
Reviewed-on: https://go-review.googlesource.com/c/go/+/628699
Auto-Submit: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Matloob <matloob@golang.org>
2024-11-19 05:42:03 +00:00
Russ Cox
7ded55f941 cmd/go/internal/fsys: convert to proper ReadDir
Many releases ago we migrated
from ioutil.ReadDir, which returned []os.FileInfo,
to os.ReadDir, which returns []fs.DirEntry.
The latter is faster, but the former is expected by go/build.Context.

Convert fsys to use the new ReadDir signature.
This should make the go command faster when scanning
source trees, and it brings cmd/go up to date with the rest
of the tree.

Similarly, convert Walk to WalkDir.

Change-Id: I767a8548d7ca7cc3c05f2ff073d18070a4e8a0da
Reviewed-on: https://go-review.googlesource.com/c/go/+/628698
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Michael Matloob <matloob@golang.org>
TryBot-Bypass: Russ Cox <rsc@golang.org>
Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
2024-11-19 05:07:42 +00:00
Russ Cox
f174c31f3e cmd/go/internal/fsys: minor cleanup
Rename canonicalize to abs.
Rename IsDirWithGoFiles to IsGoDir.
Remove Init argument.
Split OverlayPath into Actual and Renamed.
Clean up doc comments.
Other minor cleanups.

Preparation for larger changes.

Change-Id: Ida022588149a1618a63acc91e3800b09df873b6e
Reviewed-on: https://go-review.googlesource.com/c/go/+/628697
TryBot-Bypass: Russ Cox <rsc@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Michael Matloob <matloob@golang.org>
2024-11-19 05:07:40 +00:00
Russ Cox
0b4cde34ac cmd/go/internal/fsys: move glob, walk code into new files
The Glob and Walk code does not depend on any of the fsys internals;
it simply uses ReadDir as an opaque abstraction.
Move it to separate files so that when working on the
actual overlay abstraction, it is out of sight, out of mind.

Change-Id: Ifa98feaaaafe5c1d8d8edce82de4fd0c78f599c4
Reviewed-on: https://go-review.googlesource.com/c/go/+/628696
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
TryBot-Bypass: Russ Cox <rsc@golang.org>
Reviewed-by: Michael Matloob <matloob@golang.org>
2024-11-19 05:07:37 +00:00
Ian Lance Taylor
b6aada5e81 doc/godebug: document that unrecognized GODEBUG entries are ignored
Change-Id: I6debc82913ae9fa02bee55dc87d35574f5265008
Reviewed-on: https://go-review.googlesource.com/c/go/+/629576
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
2024-11-19 03:56:07 +00:00
Ian Lance Taylor
aae088b16a doc/godebug: fix tipo
Change-Id: Ib67d81d8e3aa33c6a506813194cc5710b3d5cdd0
Reviewed-on: https://go-review.googlesource.com/c/go/+/629575
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
2024-11-19 03:52:47 +00:00
Michael Anthony Knyszek
b09478b9c9 mime: disable TestLookupMallocs with ASAN
With the synchashtriemap GOEXPERIMENT, this allocates now, but just
under ASAN. That's OK, just skip the test under ASAN.

Fixes #70428.

Change-Id: I1ab4f7c06505c84309946358643715085f0db506
Reviewed-on: https://go-review.googlesource.com/c/go/+/629456
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
2024-11-19 02:54:28 +00:00
Austin Clements
3e7cb78800 cmd/go: re-enable build JSON from go test -json, now with GODEBUG
This re-enables the behavior of CL 536399 (by effectively reverting CL
628955), so now go test -json again includes build output and failures
as JSON rather than text.

However, since this behavior is clearly enough to trip up some build
systems, this CL includes a GODEBUG=gotestjsonbuildtext that can be
set to 1 to revert to the old behavior.

Fixes #70402.
Updates #62067.

Cq-Include-Trybots: luci.golang.try:gotip-darwin-arm64_13,gotip-linux-amd64-longtest,gotip-windows-amd64-longtest
Change-Id: I84e778cd844783dacfc83433e391b5ccb5925127
Reviewed-on: https://go-review.googlesource.com/c/go/+/629335
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Austin Clements <austin@google.com>
2024-11-19 02:39:44 +00:00
Guoqi Chen
5432cd96fd cmd/compiler,internal/runtime/atomic: optimize Cas{64,32} on loong64
In Loongson's new microstructure LA664 (Loongson-3A6000) and later, the atomic
compare-and-exchange instruction AMCAS[DB]{B,W,H,V} [1] is supported. Therefore,
the implementation of the atomic operation compare-and-swap can be selected according
to the CPUCFG flag LAMCAS: AMCASDB(full barrier) instruction is used on new
microstructures, and traditional LL-SC is used on LA464 (Loongson-3A5000) and older
microstructures. This can significantly improve the performance of Go programs on
new microstructures.

goos: linux
goarch: loong64
pkg: internal/runtime/atomic
cpu: Loongson-3A6000 @ 2500.00MHz
         |  bench.old   |  bench.new                           |
         |   sec/op     |   sec/op       vs base               |
Cas        46.84n ±  0%   22.82n ±  0%  -51.28% (p=0.000 n=20)
Cas-2      47.58n ±  0%   29.57n ±  0%  -37.85% (p=0.000 n=20)
Cas-4      43.27n ± 20%   25.31n ± 13%  -41.50% (p=0.000 n=20)
Cas64      46.85n ±  0%   22.82n ±  0%  -51.29% (p=0.000 n=20)
Cas64-2    47.43n ±  0%   29.53n ±  0%  -37.74% (p=0.002 n=20)
Cas64-4    43.18n ±  0%   25.28n ±  2%  -41.46% (p=0.000 n=20)
geomean    45.82n         25.74n        -43.82%

goos: linux
goarch: loong64
pkg: internal/runtime/atomic
cpu: Loongson-3A5000 @ 2500.00MHz
         |  bench.old  |  bench.new                         |
         |   sec/op    |   sec/op      vs base              |
Cas        50.05n ± 0%   51.26n ± 0%  +2.42% (p=0.000 n=20)
Cas-2      52.80n ± 0%   53.11n ± 0%  +0.59% (p=0.000 n=20)
Cas-4      55.97n ± 0%   57.31n ± 0%  +2.39% (p=0.000 n=20)
Cas64      50.05n ± 0%   51.26n ± 0%  +2.42% (p=0.000 n=20)
Cas64-2    52.68n ± 0%   53.11n ± 0%  +0.82% (p=0.000 n=20)
Cas64-4    55.96n ± 0%   57.26n ± 0%  +2.33% (p=0.000 n=20)
geomean    52.86n        53.83n       +1.82%

[1]: https://loongson.github.io/LoongArch-Documentation/LoongArch-ELF-ABI-EN.html

Change-Id: I9b777c63c124fb492f61c903f77061fa2b4e5322
Reviewed-on: https://go-review.googlesource.com/c/go/+/613396
Reviewed-by: Meidan Li <limeidan@loongson.cn>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Qiqi Huang <huangqiqi@loongson.cn>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 01:15:07 +00:00
Michael Anthony Knyszek
ec7824b6bb cmd/go: disable fuzz instrumentation for internal/godebug
This is thought to be the cause of certain recent longtest failures.
Let's try it out.

This appears to fix the longtests fuzz failures. I suspect that the
sync.Map in internal/godebug is at fault with the implementation
changing. I'm not sure yet exactly why this is a problem, maybe inlining
that didn't happen before? I don't know exactly when coverage
instrumentation happens in the compiler, but this is definitely the
problem.

For good measure, let's add internal/sync. If sync is on the list,
internal/sync should be, too.

Fixes #70429.
Fixes #70430.
Fixes #70431.

Change-Id: Ic9f49daa0956e3a50192bcc7778983682b5d12b8
Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-longtest
Reviewed-on: https://go-review.googlesource.com/c/go/+/629475
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 00:45:21 +00:00
Filippo Valsorda
79c0041daf crypto/internal/fips/aes/gcm: add GCMForTLS12 and GCMForTLS13
For #69536

Change-Id: I2d7b6e7b9932d0f0f582a5ab0bb871395dc2a1e8
Reviewed-on: https://go-review.googlesource.com/c/go/+/626675
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
2024-11-19 00:32:09 +00:00
Filippo Valsorda
b86f770bec crypto/internal/fips/aes/gcm: add SealWithRandomNonce
We don't expose it as an AEAD yet because the logic for that is complex
due to overlap issues. For #69981 we will make a cipher.AEAD wrapper
outside the FIPS module, but maybe a v2 interface will make it easier,
and then we'll be able to use this method more directly.

Updates #69981
For #69536

Change-Id: Id88191c01443b0dec89ff0d6c4a6289f519369d1
Reviewed-on: https://go-review.googlesource.com/c/go/+/624916
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
2024-11-19 00:32:04 +00:00
Filippo Valsorda
2b1a151524 crypto/internal/fips/aes/gcm: add CounterKDF
Change-Id: I236f9d8c4637793c1bda39f69573481356f8e362
Reviewed-on: https://go-review.googlesource.com/c/go/+/626436
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
2024-11-19 00:31:19 +00:00
Filippo Valsorda
7cc488c8b5 crypto/internal/fips/aes/gcm: add CMAC
Change-Id: I5602dbf485c5c8a221e71c79961588e33f90452d
Reviewed-on: https://go-review.googlesource.com/c/go/+/626435
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2024-11-19 00:31:17 +00:00
Filippo Valsorda
7d7618971e crypto/aes,crypto/cipher: test all available implementations
TestEmptyPlaintext and TestCryptBlocks were folded into cryptotest.

Change-Id: I6131ab8582eb0e6d3a1b24bab1147a145d9766ac
Reviewed-on: https://go-review.googlesource.com/c/go/+/624738
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 00:31:13 +00:00
Filippo Valsorda
deee5322fc crypto/internal/fips/aes: move GCM to its own package
For #69536

Change-Id: Idcef2411c1fd4da302412609f28e438839e8aa4b
Reviewed-on: https://go-review.googlesource.com/c/go/+/624736
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
2024-11-19 00:31:11 +00:00
Filippo Valsorda
ecdc8c1b3f crypto/internal/cryptotest: add SkipTestAllocations
[                                                                     ]
[    It has been [ 0 ] days since Filippo broke a TestAllocations.    ]
[                                                                     ]

Concentrate all the skips in one place, so we don't have to re-discover
always the same ones via trial and error.

This might over-skip fixable allocations, but all these targets are not
fast anyway, so they are not worth going back for.

Removed the sysrand TestAllocations because it causes an import loop
with cryptotest and it's covered by TestAllocations in crypto/rand.

Change-Id: Icd40e97f9128e037f567147f8c9dafa758a47fac
Reviewed-on: https://go-review.googlesource.com/c/go/+/626438
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
2024-11-19 00:30:25 +00:00
Filippo Valsorda
cf531372b2 crypto/internal/fips/drbg: add CAST and service indicator
For #69536

Change-Id: If216a7537013bd9bbe90026ffe983a6bf50029c8
Reviewed-on: https://go-review.googlesource.com/c/go/+/625435
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 00:30:21 +00:00
Filippo Valsorda
0d8b96de05 crypto/internal/fips/drbg: implement FIPS-mode randomness generation
For #69536

Change-Id: I5bc83360fcd9114cc76314c3570977e9811fd1c6
Reviewed-on: https://go-review.googlesource.com/c/go/+/624978
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2024-11-19 00:30:18 +00:00
Filippo Valsorda
e67037fb27 crypto/internal/fips/drbg: implement CTR_DRBG
For #69536

Change-Id: I016bb723841acbda50f013db46f9d2dda200e1fd
Reviewed-on: https://go-review.googlesource.com/c/go/+/624977
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
2024-11-19 00:30:16 +00:00
Filippo Valsorda
644628536f crypto/rand: move OS interaction to crypto/internal/sysrand
We're going to use that package as the passive entropy source for the
FIPS module, and we need to import it from a package that will be
imported by crypto/rand.

Since there is no overridable Reader now, introduced a mechanism to test
the otherwise impossible failure of the OS entropy source.

For #69536

Change-Id: I558687ed1ec896dba05b99b937970bb809de3fe7
Reviewed-on: https://go-review.googlesource.com/c/go/+/624976
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
2024-11-19 00:29:28 +00:00
Filippo Valsorda
f705cf8f96 crypto/rand: replace crypto/aes with internal/chacha8rand for plan9
We will need to import this functionality from the FIPS module, and we
can't import AES from there. Plan 9 is not going to be FIPS validated
anyway, so we can use non-approved cryptography.

For #69536

Change-Id: I7921ec0829b576de2e80f3a7d0a9a776ff387684
Reviewed-on: https://go-review.googlesource.com/c/go/+/624975
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
2024-11-19 00:29:26 +00:00
Filippo Valsorda
c4aea46784 crypto/aes: move to crypto/internal/fips/aes
The crypto/aes <-> crypto/cipher interfaces and the hardware support
upgrades were layered over the years, and had grown unwieldily.

Before: conditionally wrap the private crypto/aes type in private types
that implement an interface that's interface-upgraded by crypto/cipher
to replace the generic implementation in crypto/cipher.

crypto/aes depended on crypto/cipher, which is backwards.

After: provide concrete exported implementations of modes in
crypto/internal/fips/aes that crypto/cipher returns if the input Block
is the crypto/internal/fips/aes concrete implementation.

crypto/aes and crypto/cipher both depend on crypto/internal/fips/aes.

Also, made everything follow go.dev/wiki/TargetSpecific by only putting
the minimal code necessary and no exported functions in build-tagged
files.

The GCM integration still uses an interface upgrade, because the generic
implementation is complex enough that it was not trivial to duplicate.
This will be fixed in a future CL to make review easier.

For #69536

Change-Id: I21c2b93a498edb31c562b1aca824e21e8457fdff
Reviewed-on: https://go-review.googlesource.com/c/go/+/624395
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
2024-11-19 00:29:22 +00:00
Boris Nagaev
0240c91383 crypto/aes: speedup CTR mode on AMD64 and ARM64
The implementation runs up to 8 AES instructions in different registers
one after another in ASM code. Because CPU has instruction pipelining
and the instructions do not depend on each other, they can run in
parallel with this layout of code. This results in significant speedup
compared to the regular implementation in which blocks are processed in
the same registers so AES instructions do not run in parallel.

GCM mode already utilizes the approach.

The ASM implementation of ctrAble has most of its code in XORKeyStreamAt
method which has an additional argument, offset. It allows to use it
in a stateless way and to jump to any location in the stream. The method
does not exist in pure Go and boringcrypto implementations.

[ Mailed as CL 413594, then edited by filippo@ to manage the counter
with bits.Add64, remove bounds checks, make the assembly interface more
explicit, and to port the amd64 to Avo. Squeezed another -6.38% out. ]

goos: linux
goarch: amd64
pkg: crypto/cipher
cpu: AMD Ryzen 7 PRO 8700GE w/ Radeon 780M Graphics
            │  19df80d792  │             c8b0409d40              │
            │    sec/op    │   sec/op     vs base                │
AESCTR/50-8    64.68n ± 0%   26.89n ± 0%  -58.42% (p=0.000 n=10)
AESCTR/1K-8   1145.0n ± 0%   135.8n ± 0%  -88.14% (p=0.000 n=10)
AESCTR/8K-8   9145.0n ± 0%   917.5n ± 0%  -89.97% (p=0.000 n=10)
geomean        878.2n        149.6n       -82.96%

            │  19df80d792  │               c8b0409d40               │
            │     B/s      │      B/s       vs base                 │
AESCTR/50-8   737.2Mi ± 0%   1773.3Mi ± 0%  +140.54% (p=0.000 n=10)
AESCTR/1K-8   848.5Mi ± 0%   7156.6Mi ± 0%  +743.40% (p=0.000 n=10)
AESCTR/8K-8   853.8Mi ± 0%   8509.9Mi ± 0%  +896.70% (p=0.000 n=10)
geomean       811.4Mi         4.651Gi       +486.94%

Fixes #20967
Updates #39365
Updates #26673

Co-authored-by: Filippo Valsorda <filippo@golang.org>
Change-Id: Iaeea29fb93a56456f2e54507bc25196edb31b84b
Reviewed-on: https://go-review.googlesource.com/c/go/+/621958
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
2024-11-19 00:24:58 +00:00
David Chase
170436c045 cmd/compile: strongly favor closure inlining
This tweaks the inlining cost knob for closures
specifically, they receive a doubled budget.  The
rationale for this is that closures have a lot of
"crud" in their IR that will disappear after inlining,
so the standard budget penalizes them unnecessarily.

This is also the cause of these bugs -- looking at the
code involved, these closures "should" be inlineable,
therefore tweak the parameters until behavior matches
expectations.  It's not costly in binary size, because
the only-called-from-one-site case is common (especially
for rangefunc iterators).

I can imagine better fixes and I am going to try to
get that done, but this one is small and makes things
better.

Fixes #69411, #69539.

Change-Id: I8a892c40323173a723799e0ddad69dcc2724a8f9
Reviewed-on: https://go-review.googlesource.com/c/go/+/629195
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 00:04:51 +00:00
Damien Neil
b8fe88393b os: correctly handle errno==0 in (*Process).blockUntilWaitable
CL 627478 inadvertently returns a non-nil error
containing a syscall.Errno(0).

Change-Id: I1d6a9d0575d3ed651ddc02f30505437d0d266bb3
Reviewed-on: https://go-review.googlesource.com/c/go/+/629515
Auto-Submit: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Commit-Queue: Ian Lance Taylor <iant@google.com>
2024-11-18 23:26:47 +00:00
Michael Anthony Knyszek
a65f1a467f weak: move internal/weak to weak, and update according to proposal
The updates are:
- API documentation changes.
- Removal of the old package documentation discouraging linkname.
- Addition of new package documentation with some advice.
- Renaming of weak.Pointer.Strong -> weak.Pointer.Value.

Fixes #67552.

Change-Id: Ifad7e629b6d339dacaf2ca37b459d7f903e31bf8
Reviewed-on: https://go-review.googlesource.com/c/go/+/628455
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Auto-Submit: Michael Knyszek <mknyszek@google.com>
2024-11-18 22:29:23 +00:00
qmuntal
5e82cba9bd os/user: skip tests that create users when running on dev machines
Creating and deleting users is tricky to get right, and it's not
something we want to do on a developer machine. This change skips the
tests that create users when not running on a Go builder.

This will fix #70396, although I still don't understand why the test
user couldn't be recreated.

Fixes #70396

Change-Id: Ie7004dc209f94e72152c7d6bd8ec95cc12c79757
Reviewed-on: https://go-review.googlesource.com/c/go/+/627877
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
2024-11-18 20:45:28 +00:00
Keith Randall
45869f5931 runtime: get rid of gc programs for types
Instead, have the runtime build the gc bitmaps on demand
at runtime.

Change-Id: If7a245bc62e4bce3ce80972410b0ed307d921abe
Reviewed-on: https://go-review.googlesource.com/c/go/+/616255
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Keith Randall <khr@google.com>
2024-11-18 20:36:14 +00:00
khr@golang.org
7588cc9b00 cmd/link: use types (and not GC programs) to build data/bss ptrmasks
The linker knows the types of the global variables. We can use those
types to build the GC programs that describe the data and bss pointer masks.

That way we don't use the GC programs of the constituent types.
This is part of an effort to remove GC programs from the runtime.

There's a major complication in that when we're linking against a
shared library (typically, libstd.so), the relocations we need to
break apart arrays and structs into constituent types are difficult to
find. Load that additional data when linking against shared libraries.

Change-Id: I8516b24a0604479895c7b8a8a358d3cd8d421530
Reviewed-on: https://go-review.googlesource.com/c/go/+/546216
Reviewed-by: Keith Randall <khr@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
2024-11-18 20:36:04 +00:00
Michael Anthony Knyszek
aecb8faa91 sync: make HashTrieMap[any, any] the default implementation of Map
This change adds a GOEXPERIMENT, synchashtriemap, which replaces the
internals of a sync.Map with internal/sync.HashTrieMap[any, any]. The
main purpose behind this change is improved performance. Across almost
every benchmark, HashTrieMap[any, any] performs better than Map.

Also, relax TestMapClearNoAllocations to allow for one allocation.
Currently, the HashTrieMap allocates a new empty root node and stores
it: that's the whole clear operation. At the cost of some complexity, we
could allow Clear to have zero allocations by clearing the root node.
The complexity comes down to allowing threads to race to install a new
root node *or* creating a top-level mutex for installing a root node.

But I'm not sure this is worth it. Whether Clear or some other operation
takes the hit for allocating a single node almost certainly doesn't
matter. And Clear is still much, much faster in the new implementation
than the old, so I don't consider this a regression.

Change-Id: I939aa70a0edf2e850cedbea239aaf29a11a77b79
Reviewed-on: https://go-review.googlesource.com/c/go/+/608335
Auto-Submit: Michael Knyszek <mknyszek@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: David Chase <drchase@google.com>
2024-11-18 20:35:42 +00:00