From owner-freebsd-current@FreeBSD.ORG  Mon Jun 14 01:43:10 2010
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BBF91106567D
	for <current@freebsd.org>; Mon, 14 Jun 2010 01:43:10 +0000 (UTC)
	(envelope-from cpghost@cordula.ws)
Received: from ey-out-2122.google.com (ey-out-2122.google.com [74.125.78.25])
	by mx1.freebsd.org (Postfix) with ESMTP id 533648FC13
	for <current@freebsd.org>; Mon, 14 Jun 2010 01:43:09 +0000 (UTC)
Received: by ey-out-2122.google.com with SMTP id 22so568279eye.3
	for <current@freebsd.org>; Sun, 13 Jun 2010 18:43:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.213.4.207 with SMTP id 15mr1616535ebs.72.1276479788880; Sun, 
	13 Jun 2010 18:43:08 -0700 (PDT)
Received: by 10.213.12.199 with HTTP; Sun, 13 Jun 2010 18:43:08 -0700 (PDT)
X-Originating-IP: [93.203.56.11]
In-Reply-To: <20100613213512.GG87112@cicely7.cicely.de>
References: <20100611162118.GR39829@acme.spoerlein.net>
	<867hm5tl6u.fsf@ds4.des.no>
	<20100612153526.GA3632@acme.spoerlein.net>
	<20100612163208.GS87112@cicely7.cicely.de>
	<864oh86tnl.fsf@ds4.des.no>
	<20100612225216.GT87112@cicely7.cicely.de>
	<86k4q33pk2.fsf@ds4.des.no>
	<20100613160035.GD87112@cicely7.cicely.de>
	<20100613162026.GQ40531@camelot.theinternet.com.au>
	<20100613213512.GG87112@cicely7.cicely.de>
Date: Mon, 14 Jun 2010 03:43:08 +0200
Message-ID: <AANLkTimiTMS4igjY5VFTLkXXH-CkaUH6crN0pgNWlDyz@mail.gmail.com>
From: "C. P. Ghost" <cpghost@cordula.ws>
To: ticso@cicely.de
Content-Type: text/plain; charset=ISO-8859-1
Cc: FreeBSD Current <current@freebsd.org>
Subject: Re: Cleanup for cryptographic algorithms vs. compiler optimizations
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Jun 2010 01:43:10 -0000

On Sun, Jun 13, 2010 at 11:35 PM, Bernd Walter <ticso@cicely7.cicely.de> wrote:
> Crypto code wasn't aware of this problem and this is a way more
> obviuous optimization than function exchange.
> And I do believe that the programmers were clever people.
> Alarming, isn't it?
> Maybe paranoid users might consider compiling their OS with -O0, but
> I don't think this is the right way.

I think that most crypto code isn't compiled with strong optimizations
anyway, even when the rest of the OS or program is (or can be). After all,
we do have separate compilation units... as long as you don't enable LTO,
of course.

Turning off strong optimizations for crypto code may seem paradoxical,
but since most performance-critical routines often contain hand-optimized
assembly anyway, and compiler-optimizations may be counter-productive
here, the point is rather moot, usually.

> It is amazing how strong the influence of optimization is and how weak
> the programmers assumptions are.

Indeed. That's a classic trap that trips a lot of crypto programmers
in particular, and even seasoned C programmers occasionally.

-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/