最近洩漏出來的 Intel 程式碼...

已經有不少新聞都有報導提到最近被丟出來的 Intel 程式碼:

這些程式碼都是需要簽 NDA 或類似的合約才能拿到,這次被丟出來可以看到不少東西... 發佈的人有提到可以搜尋一些「關鍵字」,像是 backdoor 這個:

然後結果還蠻有趣的,看起來這包 20GB 的檔案可以讓不少人研究一陣子...

Google Chrome 對 CPU bug 的 patch

既然有方向了,後續應該會有人去找底層的問題...

先是在 Hacker News 上看到「Speculative fix to crashes from a CPU bug」這個猜測性的修正,這是因為他們發現在 IntelGemini Lake 低功耗晶片組上會發生很詭異的 crash:

For the last few months Chrome has been seeing many "impossible" crashes on Intel Gemini Lake, family 6 model 122 stepping 1 CPUs. These crashes only happen with 64-bit Chrome and only happen in the prologue of two functions. The crashes come and go across different Chrome versions.

然後依照 crash log 猜測跟 alignment 有關,所以決定用 gcc/clang 都有支援的 __attribute__ 強制設定 alignment 來避開,但看起來手上沒有可以重製的環境,所以只能先把實做丟上來...

Intel 最新的 Ice Lake 系列對 AES 的加速

Twitter 上看到這篇,講 Intel 推出新的指令集,對 AES 的加速效果:

進去看以後發現是講四月推出的 Ice Lake,在上面新增的 VPCLMULQDQ 指令對效能的幫助:

The introduction of the processor instructions AES-NI and VPCLMULQDQ, that are designed for speeding up encryption, and their continual performance improvements through processor generations, has significantly reduced the costs of encryption overheads.

而他們發表出來的數據說 AES-GCM 的效率直接從 ~23 cycles/byte 降到 0.64 cycles/byte,大約是 35 倍的改進?

More and more applications and platforms encrypt all of their data and traffic. As an example, we note the world wide proliferation of the use of AES-GCM, with performance dropping down to 0.64 cycles per byte (from ~23 before the instructions), on the latest Intel processors.

就算不是 AES-GCM,而是其他的 AES 相關演算法,也是三倍以上的改善:

這效能差異...