mirror of
https://github.com/golang/go
synced 2024-11-22 22:30:02 -07:00
bc1da38c3d
Add a new function, WithDataIndependentTiming, which takes a function as an argument, and encloses it with calls to set/unset the DIT PSTATE bit on Arm64. Since DIT is OS thread-local, for the duration of the execution of WithDataIndependentTiming, we lock the goroutine to the OS thread, using LockOSThread. For long running operations, this is likely to not be performant, but we expect this to be tightly scoped around cryptographic operations that have bounded execution times. If locking to the OS thread turns out to be too slow, another option is to add a bit to the g state indicating if a goroutine has DIT enabled, and then have the scheduler enable/disable DIT when scheduling a g. Additionally, we add a new GODEBUG, dataindependenttiming, which allows setting DIT for an entire program. Running a program with dataindependenttiming=1 enables DIT for the program during initialization. In an ideal world PSTATE.DIT would be inherited from the parent thread, so we'd only need to set it in the main thread and then all subsequent threads would inherit the value. While this does happen in the Linux kernel [0], it is not the case for darwin [1]. Rather than add complex logic to only set it on darwin for each new thread, we just unconditionally set it in mstart1 and cgocallbackg1 regardless of the OS. DIT will already impose some overhead, and the cost of setting the bit is only ~two instructions (CALL, MSR), so it should be cheap enough. Fixes #66450 Updates #49702 [0] |
||
---|---|---|
.. | ||
next | ||
except.txt | ||
go1.1.txt | ||
go1.2.txt | ||
go1.3.txt | ||
go1.4.txt | ||
go1.5.txt | ||
go1.6.txt | ||
go1.7.txt | ||
go1.8.txt | ||
go1.9.txt | ||
go1.10.txt | ||
go1.11.txt | ||
go1.12.txt | ||
go1.13.txt | ||
go1.14.txt | ||
go1.15.txt | ||
go1.16.txt | ||
go1.17.txt | ||
go1.18.txt | ||
go1.19.txt | ||
go1.20.txt | ||
go1.21.txt | ||
go1.22.txt | ||
go1.23.txt | ||
go1.txt | ||
README |
Files in this directory are data for Go's API checker ("go tool api", in src/cmd/api). Each file is a list of API features, one per line. go1.txt (and similarly named files) are frozen once a version has been shipped. Each file adds new lines but does not remove any. except.txt lists features that may disappear without breaking true compatibility. Starting with go1.19.txt, each API feature line must end in "#nnnnn" giving the GitHub issue number of the proposal issue that accepted the new API. This helps with our end-of-cycle audit of new APIs. The same requirement applies to next/* (described below), which will become a go1.XX.txt for XX >= 19. The next/ directory contains the only files intended to be mutated. Each file in that directory contains a list of features that may be added to the next release of Go. The files in this directory only affect the warning output from the go api tool. Each file should be named nnnnn.txt, after the issue number for the accepted proposal. (The #nnnnn suffix must also appear at the end of each line in the file; that will be preserved when next/*.txt is concatenated into go1.XX.txt.) When you add a file to the api/next directory, you must add at least one file under doc/next. See doc/README.md for details.