| As an example, the Amazon implementation doesn't refer to gcc's[1] and clang's[2] "zero_call_used_regs" to zeroise CPU registers upon return or exception of functions working on crypto secrets. OpenSSL doesn't either.[3] firedancer _does_ use "zero_call_used_regs" to allow gcc/clang to zeroise used CPU registers.[9] As another example, the Amazon implementation also doesn't refer to gcc's "strub" attribute which zeroises the function's stack upon return or exception of functions working on crypto secrets.[4][5] OpenSSL doesn't either.[3] firedancer _does_ use the "strub" attribute to allow gcc to zeroise the function's stack.[9] Is there a performance impact? [6] has the overhead at 0% for X25519 for implementing CPU register and stack zeroisation. Compiling the Linux kernel with "CONFIG_ZERO_CALL_USED_REGS=1" for x64_64 (impacting all kernel functions) was found to result in a 1-1.5% performance penalty.[7][8] [1] https://gcc.gnu.org/onlinedocs/gcc/Common-Function-Attribute... [2] https://clang.llvm.org/docs/AttributeReference.html#zero-cal... [3] https://github.com/openssl/openssl/discussions/24321 [4] https://gcc.gnu.org/onlinedocs/gcc-14.2.0/gcc/Common-Type-At... [5] https://gcc.gnu.org/onlinedocs/gcc/Stack-Scrubbing.html [6] https://eprint.iacr.org/2023/1713.pdf [7] https://www.phoronix.com/review/zero-used-regs/5 [8] https://lore.kernel.org/lkml/20210505191804.4015873-1-keesco... [9] FD_FN_UNSANITIZED: https://github.com/firedancer-io/firedancer/blob/master/src/... |