[PATCH] D26872: Outliner: Add MIR-level outlining pass
Matthias Braun via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Feb 24 14:01:21 PST 2017
MatzeB added a comment.
In https://reviews.llvm.org/D26872#686175, @silvas wrote:
> Also, this pass will almost surely introduce timing side-channel attacks into cryptography code (code that would otherwise by "constant time" and needs to be for security).
>
> I'm not sure how heavily we care about this security aspect as a community, but I'm a slightly wary of having this on by default at any optimization level due to this issue. E.g. a size-constrained program for a secure processing element on a phone recompiles with this option and it silently breaks the security of the entire device. Hopefully the folks programming the secure element have some sort of testing to avoid this or at least have all critical primitives written in asm (or done by a hardware peripheral).
>
> I can't think of any other optimizations we have that would move a program away from being "constant time"; is there any precedent?
?!? This should be true for most compiler transformations. I don't know how these problems are handled in practice but I doubt they enable compiler optimizations. I don't see why we should start this discussion with this particular review.
https://reviews.llvm.org/D26872
More information about the llvm-commits
mailing list