From cd1de6350ea446f7d026c185f6648a7e98c4b89b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 9 May 2023 10:12:34 +0100 Subject: [PATCH 1/5] Changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/safer-ct.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/safer-ct.txt diff --git a/ChangeLog.d/safer-ct.txt b/ChangeLog.d/safer-ct.txt new file mode 100644 index 000000000..965472845 --- /dev/null +++ b/ChangeLog.d/safer-ct.txt @@ -0,0 +1,6 @@ +Security + * Updates to constant time C code so that compilers are less likely to use + conditional instructions (Clang was observed to use these). Conditional + instructions might have an observable difference in timing. Introduce + assembly implementations for 32 and 64-bit Arm which are guaranteed not + to use conditional instructions. From d441a14f3828e1f8ec977ad08b6b91f5ee3e5b98 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 12 Jun 2023 17:27:52 +0100 Subject: [PATCH 2/5] Add reference to x86 asm Signed-off-by: Dave Rodgman --- ChangeLog.d/safer-ct.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog.d/safer-ct.txt b/ChangeLog.d/safer-ct.txt index 965472845..b32d78b16 100644 --- a/ChangeLog.d/safer-ct.txt +++ b/ChangeLog.d/safer-ct.txt @@ -2,5 +2,5 @@ Security * Updates to constant time C code so that compilers are less likely to use conditional instructions (Clang was observed to use these). Conditional instructions might have an observable difference in timing. Introduce - assembly implementations for 32 and 64-bit Arm which are guaranteed not - to use conditional instructions. + assembly implementations for 32 and 64-bit Arm and for x86 and x86-64, + which are guaranteed not to use conditional instructions. From 3fc3ae708ef895517adacdccbeb57db16393b4d1 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 15 Aug 2023 12:24:31 +0100 Subject: [PATCH 3/5] wip Signed-off-by: Dave Rodgman --- ChangeLog.d/safer-ct.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/ChangeLog.d/safer-ct.txt b/ChangeLog.d/safer-ct.txt index b32d78b16..b1f38e717 100644 --- a/ChangeLog.d/safer-ct.txt +++ b/ChangeLog.d/safer-ct.txt @@ -1,6 +1,7 @@ Security * Updates to constant time C code so that compilers are less likely to use - conditional instructions (Clang was observed to use these). Conditional - instructions might have an observable difference in timing. Introduce - assembly implementations for 32 and 64-bit Arm and for x86 and x86-64, - which are guaranteed not to use conditional instructions. + conditional instructions, which might have an observable difference in + timing (Clang was observed to generate conditional instructions). + Introduce assembly implementations of constant time code for + Thumb 1 & Thumb 2, 32-bit Arm, aarch64, x86 and x86-64, which are + guaranteed not to use conditional instructions. From 241a80b717425c3ab3467c0404d546ff2e499264 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Thu, 7 Sep 2023 12:01:29 +0100 Subject: [PATCH 4/5] Improve changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/safer-ct.txt | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/ChangeLog.d/safer-ct.txt b/ChangeLog.d/safer-ct.txt index b1f38e717..6c417f44b 100644 --- a/ChangeLog.d/safer-ct.txt +++ b/ChangeLog.d/safer-ct.txt @@ -1,7 +1,6 @@ Security - * Updates to constant time C code so that compilers are less likely to use - conditional instructions, which might have an observable difference in - timing (Clang was observed to generate conditional instructions). - Introduce assembly implementations of constant time code for - Thumb 1 & Thumb 2, 32-bit Arm, aarch64, x86 and x86-64, which are + * Updates to constant-time C code so that compilers are less likely to use + conditional instructions, which can have an observable difference in + timing. (Clang has been seen to do this.) Also introduce assembly + implementations for 32 and 64-bit Arm and for x86 and x86-64, which are guaranteed not to use conditional instructions. From 26923c7e4919fdd9b8cb048a2864e340be2eea9b Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 8 Sep 2023 10:45:34 +0100 Subject: [PATCH 5/5] Add missing hyphen Signed-off-by: Dave Rodgman --- ChangeLog.d/safer-ct.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/safer-ct.txt b/ChangeLog.d/safer-ct.txt index 6c417f44b..0a5b632ab 100644 --- a/ChangeLog.d/safer-ct.txt +++ b/ChangeLog.d/safer-ct.txt @@ -2,5 +2,5 @@ Security * Updates to constant-time C code so that compilers are less likely to use conditional instructions, which can have an observable difference in timing. (Clang has been seen to do this.) Also introduce assembly - implementations for 32 and 64-bit Arm and for x86 and x86-64, which are + implementations for 32- and 64-bit Arm and for x86 and x86-64, which are guaranteed not to use conditional instructions.