NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
re: port-sparc/57594: openssl speed crashes on sparcv8
The following reply was made to PR port-sparc/57594; it has been noted by GNATS.
From: matthew green <mrg%eterna.com.au@localhost>
To: Martin Husemann <martin%duskware.de@localhost>
Cc: gnats-bugs%netbsd.org@localhost
Subject: re: port-sparc/57594: openssl speed crashes on sparcv8
Date: Thu, 31 Aug 2023 08:12:16 +1000
Martin Husemann writes:
> On Thu, Aug 31, 2023 at 05:47:13AM +1000, matthew green wrote:
> > must be something in newer openssl that ends up leaving %y with
> > 0x99 and wasn't hit before, as this bug is old.
>
> It is mostly random - and may only hit on some CPU implementations.
> I have a patch (and an upstream bug report/pull request) that I will
> commit soonish. With that I have been unable to reproduce the crash
> in several runs.
i wrote a simple program that reproduces it immediately:
#include <stdio.h>
#include <openssl/crypto.h>
int
main(void)
{
char largeish[32];
printf("testing with 0 in %y\n");
__asm __volatile("wr 0, %y");
OPENSSL_cleanse(largeish, sizeof largeish);
printf("testing with 0x99 in %y\n");
__asm __volatile("wr 0x99, %y");
OPENSSL_cleanse(largeish, sizeof largeish);
}
this patch fixes it:
fix v8/v9 detection code for openssl.
this code uses a trick where the encoding on both v8 and v9 are
the same, and are not illegal instructions, but that the v9 one
has a detectable difference than v8.
the idea is that we perform a "subcc" (set condition codes) which
sets "%ccr" on v9, which is an unimplemented "%asr2" on v8, then
we read %ccr (v9) or %asr2 (v8), which will always be 0x99 on v9,
and .. is non-trapping but impleentation defined on v8.
for most implementations this returns the value of the %y reg.
as nothing actually sets %y in this path, it remains the value it
was most recently set to by something (anything), and if it just
happens to be 0x99 then the v9 paths will be taken on v8.
fix this by clearing the %y register before the potential read.
fixes PR#57594.
Index: crypto/external/bsd/openssl/dist/crypto/sparccpuid.S
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /cvsroot/src/crypto/external/bsd/openssl/dist/crypto/sparccpuid.=
S,v
retrieving revision 1.10
diff -p -u -r1.10 sparccpuid.S
--- crypto/external/bsd/openssl/dist/crypto/sparccpuid.S 7 May 2023 18:40:=
16 -0000 1.10
+++ crypto/external/bsd/openssl/dist/crypto/sparccpuid.S 30 Aug 2023 21:04=
:12 -0000
@@ -51,6 +51,10 @@ OPENSSL_wipe_cpu:
! to determine if the CPU the code is executing on is V8- or
! V9-compliant, as V9 returns a distinct value of 0x99,
! "negative" and "borrow" bits set in both %icc and %xcc.
+ ! XXXNETBSD PR#57594
+ ! we clear %y here in case it just happens to have 0x99 in it
+ ! and the v8 host takes the v9 path and faults.
+ wr 0, %y
.word 0x91408000 !rd %ccr,%o0
cmp %o0,0x99
bne .v8
@@ -178,6 +182,10 @@ walk_reg_wins:
OPENSSL_atomic_add:
#ifndef ABI64
subcc %g0,1,%o2
+ ! XXXNETBSD PR#57594
+ ! we clear %y here in case it just happens to have 0x99 in it
+ ! and the v8 host takes the v9 path and faults.
+ wr 0, %y
.word 0x95408000 !rd %ccr,%o2, see comment above
cmp %o2,0x99
be .v9
@@ -226,6 +234,10 @@ OPENSSL_atomic_add:
.align 32
_sparcv9_rdtick:
subcc %g0,1,%o0
+ ! XXXNETBSD PR#57594
+ ! we clear %y here in case it just happens to have 0x99 in it
+ ! and the v8 host takes the v9 path and faults.
+ wr 0, %y
.word 0x91408000 !rd %ccr,%o0
cmp %o0,0x99
bne .notick
@@ -387,6 +399,10 @@ OPENSSL_cleanse:
.Lot:
#ifndef ABI64
subcc %g0,1,%g1
+ ! XXXNETBSD PR#57594
+ ! we clear %y here in case it just happens to have 0x99 in it
+ ! and the v8 host takes the v9 path and faults.
+ wr 0, %y
! see above for explanation
.word 0x83408000 !rd %ccr,%g1
cmp %g1,0x99
Home |
Main Index |
Thread Index |
Old Index