[FMV][AArch64] Remove features which expose non exploitable runtime behavior. #355
Conversation
|
LGTM |
|
The same justification applies to dit - the behaviour is determined by a control bit, and the architecture feature merely allows this bit to be switched on. |
labrinea
force-pushed
the
fmv-remove-runtime-features
branch
from
49c5c13 to
5d316ea
Compare
|
Added feature |
|
Looks good to me. |
…ehavior. Features dit, ebf16, memtag3, and rpres allow existing instructions to behave differently depending on the value of certain control registers. FMV does not read the content of control registers making these features unsuitable for runtime dispatch. See the ACLE patch for more info: ARM-software/acle#355
…ehavior. Feature dit provides independent timing for data processing instructions according to the value CPSR.DIT of the Current Program Status Register. The runtime detection in FMV does not examine the content of control registers, therefore such features are not suitable for runtime dispatch since they cannot be exploited in a meaningful way. See the ACLE patch for more info: ARM-software/acle#355 Depends on llvm/llvm-project#114387
|
I don't agree with the justification for removal of |
I kinda see your point, but the value of CPSR.DIT cannot be detected at runtime in order to choose a function version based on that. Even if it was the case I still can't think of a meaningful example. Perhaps something like the following snippet? __attribute__((target_version("dit"))) bool enableDIT(void) { asm volatile ("msr dit, x0"); return true; }
__attribute__((ttarget_version("default"))) bool enableDIT(void) { return false; }
if (enableDIT())
// do something
else
// do something elseI am not sure what kind of decisions can be made in the if-else logic based on this. |
|
I feel this should be sufficient justification to keep it: |
|
This solves a very real problem, by the way: https://developer.apple.com/documentation/xcode/writing-arm64-code-for-apple-platforms#Enable-DIT-for-constant-time-cryptographic-operations |
By "ISA feature presence check" I mean whether or not the cpu supports DIT at all, not runtime detection of whether or not DIT is enabled. Those two axes are almost orthogonal, but FMV is only useful for the former, so I agree that it is not useful for the latter. |
…ehavior.
Feature `rpres` allows an increase in the precision of the single-precision
floating-point reciprocal estimate and reciprocal square root estimate
from an 8-bit mantissa to a 12-bit mantissa depending on the value FPCR.AH
of the Floating-point Control Register.
Similarly, `ebf16` allows existing floating-point instructions (BFDOT, BFMMLA,
BFMOPA, BFMOPS, and BFVDOT) to change numeric behaviour depending on the
value FPCR.EBF of the Floating-point Control Register.
Feature `memtag3` allows Tag Check Faults to change behaviour depending on
the value SCTLR_ELx.{TCF, TCF0} of the System Control Register.
The runtime detection in FMV does not examine the content of control
registers, therefore runtime dispatch cannot be based on that. One may
argue there is value in altering the control register from a version,
for example "msr dit, ARM-software#1" if the feature is available on hardware. The
registers FPCR and SCTLR_ELx can be accessed in the absence of rpres,
ebf16, and memtag3, making it hard to justify adding them to the compiler.
labrinea
force-pushed
the
fmv-remove-runtime-features
branch
from
5d316ea to
c0c6d7b
Compare
|
Thanks. Merging now |
…ehavior. (#114387) Features ebf16, memtag3, and rpres allow existing instructions to behave differently depending on the value of certain control registers. FMV does not read the content of control registers making these features unsuitable for runtime dispatch. See the ACLE patch for more info: ARM-software/acle#355
…ehavior. (llvm#114387) Features ebf16, memtag3, and rpres allow existing instructions to behave differently depending on the value of certain control registers. FMV does not read the content of control registers making these features unsuitable for runtime dispatch. See the ACLE patch for more info: ARM-software/acle#355
Feature
rpresallows an increase in the precision of the single-precisionfloating-point reciprocal estimate and reciprocal square root estimate
from an 8-bit mantissa to a 12-bit mantissa depending on the value FPCR.AH
of the Floating-point Control Register.
Similarly,
ebf16allows existing floating-point instructions (BFDOT, BFMMLA,BFMOPA, BFMOPS, and BFVDOT) to change numeric behaviour depending on the
value FPCR.EBF of the Floating-point Control Register.
Feature
memtag3allows Tag Check Faults to change behaviour depending onthe value SCTLR_ELx.{TCF, TCF0} of the System Control Register.
The runtime detection in FMV does not examine the content of control
registers, therefore runtime dispatch cannot be based on that. One may
argue there is value in altering the control register from a version,
for example "msr dit, #1" if the feature is available on hardware. The
registers FPCR and SCTLR_ELx can be accessed in the absence of rpres,
ebf16, and memtag3, making it hard to justify adding them to the compiler.
name: Pull request
about: Technical issues, document format problems, bugs in scripts or feature proposal.
Thank you for submitting a pull request!
If this PR is about a bugfix:
Please use the bugfix label and make sure to go through the checklist below.
If this PR is about a proposal:
We are looking forward to evaluate your proposal, and if possible to
make it part of the Arm C Language Extension (ACLE) specifications.
We would like to encourage you reading through the contribution
guidelines, in particular the section on submitting
a proposal.
Please use the proposal label.
As for any pull request, please make sure to go through the below
checklist.
Checklist: (mark with
Xthose which apply)PR (do not bother creating the issue if all you want to do is
fixing the bug yourself).
SPDX-FileCopyrightTextlines on topof any file I have edited. Format is
SPDX-FileCopyrightText: Copyright {year} {entity or name} <{contact informations}>(Please update existing copyright lines if applicable. You can
specify year ranges with hyphen , as in
2017-2019, and usecommas to separate gaps, as in
2018-2020, 2022).Copyrightsection of the sources of thespecification I have edited (this will show up in the text
rendered in the PDF and other output format supported). The
format is the same described in the previous item.
tricky to set up on non-*nix machines). The sequence can be
found in the contribution
guidelines. Don't
worry if you cannot run these scripts on your machine, your
patch will be automatically checked in the Actions of the pull
request.
introduced in this PR in the section Changes for next
release of the section Change Control/Document history
of the document. Create Changes for next release if it does
not exist. Notice that changes that are not modifying the
content and rendering of the specifications (both HTML and PDF)
do not need to be listed.
correctness of the result in the PDF output (please refer to the
instructions on how to build the PDFs
locally).
draftversionis set totruein the YAML headerof the sources of the specifications I have modified.
in the README page of the project.