1
0
mirror of https://github.com/golang/go synced 2024-11-22 22:00:02 -07:00
go/api
Roland Shoemaker bc1da38c3d crypto/subtle: add DIT closure
Add a new function, WithDataIndependentTiming, which takes a function as
an argument, and encloses it with calls to set/unset the DIT PSTATE bit
on Arm64.

Since DIT is OS thread-local, for the duration of the execution of
WithDataIndependentTiming, we lock the goroutine to the OS thread, using
LockOSThread. For long running operations, this is likely to not be
performant, but we expect this to be tightly scoped around cryptographic
operations that have bounded execution times.

If locking to the OS thread turns out to be too slow, another option is
to add a bit to the g state indicating if a goroutine has DIT enabled,
and then have the scheduler enable/disable DIT when scheduling a g.

Additionally, we add a new GODEBUG, dataindependenttiming, which allows
setting DIT for an entire program. Running a program with
dataindependenttiming=1 enables DIT for the program during
initialization. In an ideal world PSTATE.DIT would be inherited from
the parent thread, so we'd only need to set it in the main thread and
then all subsequent threads would inherit the value. While this does
happen in the Linux kernel [0], it is not the case for darwin [1].
Rather than add complex logic to only set it on darwin for each new
thread, we just unconditionally set it in mstart1 and cgocallbackg1
regardless of the OS. DIT will already impose some overhead, and the
cost of setting the bit is only ~two instructions (CALL, MSR), so it
should be cheap enough.

Fixes #66450
Updates #49702

[0] e8bdb3c8be/arch/arm64/kernel/process.c (L373)
[1] 8d741a5de7/osfmk/arm64/status.c (L1666)

Change-Id: I78eda691ff9254b0415f2b54770e5850a0179749
Reviewed-on: https://go-review.googlesource.com/c/go/+/598336
Reviewed-by: Michael Knyszek <mknyszek@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-11-19 16:47:03 +00:00
..
next crypto/subtle: add DIT closure 2024-11-19 16:47:03 +00:00
except.txt syscall: selectively update zerrors_* on openbsd/386, openbsd/arm and openbsd/amd64 2024-06-16 23:08:08 +00:00
go1.1.txt strconv: quote rune 007F as \x7f, not \u007f 2022-03-31 20:37:15 +00:00
go1.2.txt
go1.3.txt
go1.4.txt
go1.5.txt
go1.6.txt go/types: rename Importer2 to ImporterFrom 2016-01-13 23:40:13 +00:00
go1.7.txt unicode: upgrade to version 9.0.0 2016-06-28 15:08:11 +00:00
go1.8.txt Revert "cmd/go: note when some Go files were ignored on no-Go-files errors" 2016-12-21 05:25:57 +00:00
go1.9.txt cmd/api: set architecture sizes when type checking 2021-10-04 20:20:20 +00:00
go1.10.txt text/template: revert CL 66410 "add break, continue actions in ranges" 2018-02-06 05:00:01 +00:00
go1.11.txt crypto/tls: make ConnectionState.ExportKeyingMaterial a method 2018-08-22 03:48:56 +00:00
go1.12.txt api: add os.(*File).SyscallConn to go1.12.txt 2019-01-02 21:21:53 +00:00
go1.13.txt api/go1.13: add debug/elf.Symbol fields added in CL 184099 2019-08-08 18:44:16 +00:00
go1.14.txt cmd/api: add API checks for freebsd/arm64 2023-02-17 20:31:46 +00:00
go1.15.txt go/printer: remove exported StdFormat flag 2020-07-17 02:15:01 +00:00
go1.16.txt cmd/api: track darwin arm64 port 2022-12-02 16:30:41 +00:00
go1.17.txt cmd/api: add API checks for freebsd/arm64 2023-02-17 20:31:46 +00:00
go1.18.txt cmd/api: add API checks for freebsd/arm64 2023-02-17 20:31:46 +00:00
go1.19.txt cmd/api: track deprecations 2022-12-02 16:29:41 +00:00
go1.20.txt cmd/api: add API checks for freebsd/riscv64 2023-02-17 21:23:32 +00:00
go1.21.txt go/ast: deprecate Object 2023-08-07 09:39:17 +00:00
go1.22.txt Revert "archive/tar: add FileInfoNames interface" 2024-01-24 20:54:27 +00:00
go1.23.txt crypto/tls: apply QUIC session event flag to QUICResumeSession events 2024-06-25 17:08:08 +00:00
go1.txt
README api/README: refer to doc/README.md 2024-01-31 19:22:50 +00:00

Files in this directory are data for Go's API checker ("go tool api", in src/cmd/api).

Each file is a list of API features, one per line.

go1.txt (and similarly named files) are frozen once a version has been
shipped. Each file adds new lines but does not remove any.

except.txt lists features that may disappear without breaking true
compatibility.

Starting with go1.19.txt, each API feature line must end in "#nnnnn"
giving the GitHub issue number of the proposal issue that accepted
the new API. This helps with our end-of-cycle audit of new APIs.
The same requirement applies to next/* (described below), which will
become a go1.XX.txt for XX >= 19.

The next/ directory contains the only files intended to be mutated.
Each file in that directory contains a list of features that may be added
to the next release of Go. The files in this directory only affect the
warning output from the go api tool. Each file should be named
nnnnn.txt, after the issue number for the accepted proposal.
(The #nnnnn suffix must also appear at the end of each line in the file;
that will be preserved when next/*.txt is concatenated into go1.XX.txt.)

When you add a file to the api/next directory, you must add at least one file
under doc/next. See doc/README.md for details.