[src/trunk]: src/crypto/external/bsd/openssl/dist/crypto Expand on importance...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/crypto/external/bsd/openssl/dist/crypto Expand on importance...
From: riastradh <riastradh%NetBSD.org@localhost>
Date: Sun, 19 Jul 2020 17:56:33 +0000

details:   https://anonhg.NetBSD.org/src/rev/d4d21132c90a
branches:  trunk
changeset: 936121:d4d21132c90a
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Sun Jul 19 15:33:08 2020 +0000

description:
Expand on importance of not using fpu for crypto if there's no fpu.

diffstat:

 crypto/external/bsd/openssl/dist/crypto/ppccap.c |  7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

diffs (17 lines):

diff -r 691f024b1a49 -r d4d21132c90a crypto/external/bsd/openssl/dist/crypto/ppccap.c
--- a/crypto/external/bsd/openssl/dist/crypto/ppccap.c  Sun Jul 19 15:16:22 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/crypto/ppccap.c  Sun Jul 19 15:33:08 2020 +0000
@@ -374,8 +374,11 @@
     size_t len = sizeof(val);
 
     /*
-     * If machdep.fpu_present == 0, FPU is absent and emulated by software.
-     * Avoid using it for better performance.
+     * If machdep.fpu_present == 0, FPU is absent and emulated by
+     * software.  In that case, using FPU instructions hurts rather
+     * than helps performance, and the software is unlikely to run in
+     * constant time so it would expose us to timing side channel
+     * attacks.  So don't do it!
      */
     error = sysctlbyname("machdep.fpu_present", &val, &len, NULL, 0);
     if (error != 0 || (error == 0 && val != 0))

Prev by Date: [src/trunk]: src/usr.bin/make/unit-tests make(1): add test for stray dollar s...
Next by Date: [src/trunk]: src/usr.bin/make Nix trailing whitespace.
Previous by Thread: [src/trunk]: src/usr.bin/make/unit-tests make(1): add test for stray dollar s...
Next by Thread: [src/trunk]: src/usr.bin/make Nix trailing whitespace.
Indexes:

Home | Main Index | Thread Index | Old Index