Robert Griesemer [Wed, 20 Nov 2024 20:50:54 +0000 (12:50 -0800)]
doc: document new restriction on cgo-generated method receicer types
Follow-up on CL 629715.
For #60725.
Change-Id: I1b980ad44f73550b633c74fc881c70255e7d8565
Reviewed-on: https://go-review.googlesource.com/c/go/+/630335
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com>
Michael Matloob [Wed, 20 Nov 2024 18:39:14 +0000 (13:39 -0500)]
cmd/go: remove base.ShortPathConservative
This CL first removes the base.ShortPathConservative function. It had
two classes of uses. The first was in opening files where the paths end
up in error messages. In all those cases, the non-shortened paths are
used to open the files, and ShortPath is only used for the error
messages. The second is in base.RelPaths. RelPaths will now call
ShortPath for each of the paths passed in instead of calling
RelConservative and then doing the same check as ShortPath to see if the
path is shorter.
To avoid the possibility of incorrect relative paths ending up in error
messages (that might have command lines suggested for users to run), and
to avoid the possibility of incorrect relative paths appearing in the
output of base.RelPaths, base.ShortPaths always does an os.SameFile
check to make sure that the relative path its providing is actually
correct. Since this makes ShortPath slower than just manipulating paths
(because we need to stat the files), we need to be continue to enforce
that ShortPath is only called for error messages (with the exception of
base.RelPaths and its callers).
This is a simpler way of solving the problem that base.ShortPaths
intended to solve.
For #68383
Change-Id: I474f464f51a9acb2250069dea3054b55d95a4ab4
Reviewed-on: https://go-review.googlesource.com/c/go/+/630276
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
Now that crypto/internal/fips140deps has been checked in,
we can enforce the full restrictions in the go command:
crypto/internal/fips can only import crypto/internal, not internal/...
Change-Id: I035470dbd478a5997c37ffabd268117969ed00a5
Reviewed-on: https://go-review.googlesource.com/c/go/+/630135 Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Matloob <matloob@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
Russ Cox [Wed, 20 Nov 2024 14:03:35 +0000 (09:03 -0500)]
all: rename crypto/internal/fips to crypto/internal/fips140
Sometimes we've used the 140 suffix (GOFIPS140, crypto/fips140)
and sometimes not (crypto/internal/fips, cmd/go/internal/fips).
Use it always, to avoid having to remember which is which.
Also, there are other FIPS standards, like AES (FIPS 197), SHA-2 (FIPS 180),
and so on, which have nothing to do with FIPS 140. Best to be clear.
For #70123.
Change-Id: I33b29dabd9e8b2703d2af25e428f88bc81c7c307
Reviewed-on: https://go-review.googlesource.com/c/go/+/630115 Reviewed-by: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Russ Cox <rsc@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
qmuntal [Wed, 20 Nov 2024 15:02:03 +0000 (16:02 +0100)]
cmd/cgo/internal/testsanitizers: fix TSAN tests using setarch
Some systems don't have permissions to run setarch, for example
when running in a docker container without the --privileged flag.
This change makes the tests skip the setarch command if it fails.
Fixes #70463
Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-asan-clang15
Change-Id: I02fbd423ba809f5229b8639c9abe6fd275f32558
Reviewed-on: https://go-review.googlesource.com/c/go/+/630096
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Robert Griesemer [Tue, 19 Nov 2024 18:28:45 +0000 (10:28 -0800)]
go/types, types2: disallow new methods on (aliases to) cgo-generated types
This makes methods on aliases of cgo-generated types a new compiler error.
That is ok because cgo-behavior is not covered by the G1 compatibility
guarantee.
Background: In 2023 we fixed a gopls issue related to this by actually
enabling methods on cgo-generated types in the first place (#59944).
See the discussion in #60725 and this CL for why we believe it is ok
to make this an error now.
Based on a variation of CL 503596 (by Xie Cui).
Fixes #60725.
For #59944.
Change-Id: I7e9e6e1a76447167483a282b268f5183214027c9
Reviewed-on: https://go-review.googlesource.com/c/go/+/629715 Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Robert Findley <rfindley@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Robert Griesemer [Mon, 18 Nov 2024 20:45:17 +0000 (12:45 -0800)]
go/types, types2: disallow new methods on generic alias and instantiated types
If the receiver is an alias declaring type parameters, report
an error and ensure that the receiver type remains invalid.
Collect type parameters etc. as before but do not attempt to
find their constraints or instantiate the receiver type.
The constraints of the type parameters will be invalid by
default. The receiver type will not be (lazily) instantiated
which causes problems with existing invariants.
If a receiver denotes an instantiated (alias or defined) type,
report an error and ensure that the receiver type remains invalid.
While at it, add more comments and bring go/types and types2
closer together where there were differences.
Fixes #70417.
Change-Id: I87ef0b42d2f70464664cacc410f4b7eb1c994241
Reviewed-on: https://go-review.googlesource.com/c/go/+/629080 Reviewed-by: Robert Findley <rfindley@google.com>
Auto-Submit: Robert Griesemer <gri@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Michael Anthony Knyszek [Wed, 20 Nov 2024 19:24:56 +0000 (19:24 +0000)]
runtime: keep cleanup closure alive across adding the cleanup special
This is similar to the weak handle bug in #70455. In short, there's a
window where a heap-allocated value is only visible through a special
that has not been made visible to the GC yet.
For #70455.
Change-Id: Ic2bb2c60d422a5bc5dab8d971cfc26ff6d7622bc
Reviewed-on: https://go-review.googlesource.com/c/go/+/630277
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Carlos Amedee <carlos@golang.org>
Michael Anthony Knyszek [Wed, 20 Nov 2024 19:12:58 +0000 (19:12 +0000)]
runtime: explicitly keep handle alive during getOrAddWeakHandle
getOrAddWeakHandle is very careful about keeping its input alive across
the operation, but not very careful about keeping the heap-allocated
handle it creates alive. In fact, there's a window in this function
where it is *only* visible via the special. Specifically, the window of
time between when the handle is stored in the special and when the
special actually becomes visible to the GC.
(If we fail to add the special because it already exists, that case is
fine. We don't even use the same handle value, but the one we obtain
from the attached GC-visible special, *and* we return that value, so it
remains live.)
Fixes #70455.
Change-Id: Iadaff0cfb93bcaf61ba2b05be7fa0519c481de82
Reviewed-on: https://go-review.googlesource.com/c/go/+/630315
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Michael Knyszek <mknyszek@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Carlos Amedee <carlos@golang.org>
Robert Griesemer [Tue, 19 Nov 2024 04:06:13 +0000 (20:06 -0800)]
spec: document restrictions for method receivers that are aliases
For #70417.
Change-Id: I5e6b3011f356c7ecd8f64f5dcf0a6a77dcb21bbf
Reviewed-on: https://go-review.googlesource.com/c/go/+/629577
Auto-Submit: Robert Griesemer <gri@google.com>
TryBot-Bypass: Robert Griesemer <gri@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Robert Griesemer <gri@google.com>
Roland Shoemaker [Wed, 20 Nov 2024 19:06:35 +0000 (11:06 -0800)]
doc/godebug: document we removed x509sha1
Change-Id: I4a4ff0b9e0d3584b96e414d60b889d68fa8660c0
Reviewed-on: https://go-review.googlesource.com/c/go/+/630236
Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
GenerateKey(nil) is documented to use crypto/rand.Reader, but we didn't
have a test.
While at it, since it's documented to be equivalent to NewKeyFromSeed,
actually implement it that way. This has the probably good side effect
of making it deterministic in FIPS mode. The other GenerateKey use
MaybeReadByte, so can change, but this one is probably worth keeping
deterministic. It's just slightly less compliant, but ok as long as
crypto/rand.Reader is the default one.
Intentionally leaving crypto/internal/fips/ed25519.GenerateKey in, in
case we need to switch to it during the life of the module.
Change-Id: Ic203436ff452bb9740291b9ca17f85aa6ae20b6e
Reviewed-on: https://go-review.googlesource.com/c/go/+/630099
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Brian Gabin [Mon, 21 Oct 2024 04:58:08 +0000 (21:58 -0700)]
cmd/go/testdata/script: restrict test to check only exe name
Avoid test failures caused by 'v2' in user environment paths.
Modify the test to check only the output executable name and ensure it is not 'v2', rather than inspecting the entire path.
Fixes #67989
Change-Id: Ida2131f6c9b41724df1b6b5e31413252c5009d25
Reviewed-on: https://go-review.googlesource.com/c/go/+/621315
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Sam Thanawalla <samthanawalla@google.com> Reviewed-by: Michael Matloob <matloob@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
Roland Shoemaker [Fri, 15 Nov 2024 15:40:49 +0000 (07:40 -0800)]
cmd/go: enforce -Wl,--push-state logic only when it is a prefix
Make sure we only run the --push-state logic when -Wl,--push-state is a
prefix of the argument, not just present in the argument string.
Thanks to Juho Forsén of Mattermost for reporting this issue.
Change-Id: I799f7854ff680674fd84cf2136fadf70817fc7e2
Reviewed-on: https://go-review.googlesource.com/c/go/+/628415
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
Running `go tool` with no arguments will now list built in tools
followed by module defined tools.
Running `go tool X` where X matches either the full package path,
or the last segment of the package path, of a defined tool will
build the tool to a known location and immediately execute it.
For golang/go#48429
Change-Id: I02249df8dad12fb74aa244002f82a81af20e732f
Reviewed-on: https://go-review.googlesource.com/c/go/+/534817 Reviewed-by: Michael Matloob <matloob@golang.org> Reviewed-by: Sam Thanawalla <samthanawalla@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
thepudds [Wed, 21 Jun 2023 18:42:03 +0000 (14:42 -0400)]
cmd/internal/testdir: print stderr if go list fails while gathering stdlib import config
If cmd/compile is in an unhappy state, the testdir test can
fail with an unhelpful 'exit code 1' log message if
'go list' fails while gathering stdlib import config
When running individual files, such as:
go test cmd/internal/testdir -run='Test/escape.*.go'
This might also happen in other uses, or it might be
that a more expansive set of tests such as run.bash
might first trigger a more useful error.
This change prints stderr and states that it is 'go list'
that is having problems to help someone track down the
proper issue.
Change-Id: Iba658ea139bb9087ab8adb00c9f65080a1b6ee76
Reviewed-on: https://go-review.googlesource.com/c/go/+/524941 Reviewed-by: Matthew Dempsky <mdempsky@google.com> Reviewed-by: Than McIntosh <thanm@google.com>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
thepudds [Fri, 18 Aug 2023 19:24:39 +0000 (15:24 -0400)]
cmd/internal/testdir: update errors when filepaths include 'C:\'
Currently on Windows, commands like:
go test cmd/internal/testdir -run=foo -update_errors
will fail to update the errors because the parsing is
currently confused by the ':' in filepaths that
start with 'C:\', and wrongly thinks that ':' marks
the end of the Go filename.
Instead of finding the first ':', use a regexp
to find what looks to be the end of the Go filename.
Change-Id: I091106da55b8e9e9cf421814abf26a6f8b821af9
Reviewed-on: https://go-review.googlesource.com/c/go/+/524942 Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Matthew Dempsky <mdempsky@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Russ Cox [Sun, 17 Nov 2024 21:55:51 +0000 (16:55 -0500)]
cmd/go: add GOFIPS140 snapshot support
GOFIPS140 does two things: (1) control whether to build binaries that
run in FIPS-140 mode by default, and (2) control which version of the
crypto/internal/fips source tree to use during a build.
This CL implements part (2). The older snapshot source trees are
stored in GOROOT/lib/fips140 in module-formatted zip files,
even though crypto/internal/fips is not technically a module.
(Reusing the module packing and unpacking code avoids reinventing it.)
See cmd/go/internal/fips/fips.go for an overview.
The documentation for GOFIPS140 is in a follow-up CL.
For #70200.
Change-Id: I73a610fd2c9ff66d0cced37d51acd8053497238e
Reviewed-on: https://go-review.googlesource.com/c/go/+/629201 Reviewed-by: Michael Matloob <matloob@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Mark Ryan [Fri, 2 Feb 2024 14:02:05 +0000 (15:02 +0100)]
internal/bytealg: optimize IndexByte for riscv64
The existing implementations of IndexByte and IndexByteString for
riscv64 are very simplistic. They load and compare a single byte at
a time in a tight loop. It's possible to improve performance in the
general case by loading and checking 8 bytes at a time. This is
achieved using the 'Determine if a word has a byte equal to n' bit
hack from https://graphics.stanford.edu/~seander/bithacks.html.
We broadcast the byte we're looking for across a 64 bit register,
let v be the result of xoring that register with 8 bytes loaded
from the buffer and then use the formula,
which evaluates to true if any one of the bytes in v is 0, i.e,
matches the byte we're looking for. We then just need to figure
out which byte out of the 8 it is to return the correct index.
This change generally improves performance when the byte we're
looking for is not in the first 24 bytes of the buffer and degrades
performance slightly when it is.
Some example benchmarks results from the bytes and strings package
are presented below. These were generated on a VisionFive2 running
Ubuntu 24.04.
As these functions are so heavily used this change impacts other
benchmarks. I include the improvements in geomean for the all the
benchmarks in the strings and bytes packages, along with some
selected benchmarks to illustrate the impact of the change.
geomean for bytes 13.81µ 12.92µ -6.44%
geomean for string 9.385µ 9.224µ -1.72%
Note that when building for rva22u64 a single Zbb instruction is used
in the main loop. This also helps to improve performance slightly.
The geomean for all the bytes benchmarks when building with
GORISCV64=rva22u64 with and without the patch is shown below.
geomean for bytes (rva22u64) 13.46µ 12.49µ -7.21%
Examples of non-Index benchmarks affected by this commit.
ReadString uses IndexByte to search for a byte stored at the end of
32KB buffer, so we see a speed up. SplitSingleByteSeparator searches
large buffers, but the byte being sought occurs within the first 15
bytes of the buffer, 76% of the time, hence the slowdown. In
SplitMultiByteSeparator the first byte of the separator only occurs
in the first 15 bytes 33% of the time so we see a speed up.
Change-Id: I6210ea2f3decdc6d2e0609df72b1b66e6d6f5395
Reviewed-on: https://go-review.googlesource.com/c/go/+/561275 Reviewed-by: Joel Sing <joel@sing.id.au> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Meng Zhuo <mengzhuo1203@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Guoqi Chen [Wed, 30 Oct 2024 11:11:49 +0000 (19:11 +0800)]
cmd/compile, internal/runtime/atomic: add Xchg8 for loong64
In Loongson's new microstructure LA664 (Loongson-3A6000) and later, the atomic
instruction AMSWAP[DB]{B,H} [1] is supported. Therefore, the implementation of
the atomic operation exchange can be selected according to the CPUCFG flag LAM_BH:
AMSWAPDBB(full barrier) instruction is used on new microstructures, and traditional
LL-SC is used on LA464 (Loongson-3A5000) and older microstructures. This can
significantly improve the performance of Go programs on new microstructures.
Because Xchg8 implemented using traditional LL-SC uses too many temporary
registers, it is not suitable for intrinsics.
Change-Id: I02ba68f66a2210b6902344fdc9975eb62de728ab
Reviewed-on: https://go-review.googlesource.com/c/go/+/623058
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: sophie zhao <zhaoxiaolin@loongson.cn> Reviewed-by: Meidan Li <limeidan@loongson.cn> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Mauri de Souza Meneguzzo <mauri870@gmail.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Filippo Valsorda [Sun, 17 Nov 2024 17:38:29 +0000 (18:38 +0100)]
crypto/internal/fips: handle the one possible PCT failure
Since ECDSA private keys are irredeemably malleable, an application
could construct one where the public key doesn't match the private key.
They'd be very much on their own, but crashing the program feels a bit
harsh.
Add this one to the list of issues caused by exposing the ECDSA (and
RSA) key values as big.Ints.
For #69536
Change-Id: Iaa65c73d7145e74f860ca097fa9641448442fbf9
Reviewed-on: https://go-review.googlesource.com/c/go/+/628855
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Filippo Valsorda [Sat, 16 Nov 2024 22:45:05 +0000 (23:45 +0100)]
crypto/ecdsa: implement deterministic and hedged signatures
For the future, some test vectors we should generate and then share
through Wycheproof or CCTV:
- A private key with a leading zero byte.
- A hash longer than the modulus.
- A hash longer than the P-521 modulus by a few bits.
- Reductions happening in hashToNat and bits2octets.
Filippo Valsorda [Sat, 16 Nov 2024 13:10:02 +0000 (14:10 +0100)]
crypto/internal/bigmod: drop math/big dependency
If when the dust settles the Bytes and SetBytes round-trip is visible in
profiles (only plausible in RSA), then we can add a SetBits method like
in CL 511375.
Change-Id: I3e6677e849d7a3786fa7297437b119a47715225f
Reviewed-on: https://go-review.googlesource.com/c/go/+/628675
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Russ Cox <rsc@golang.org>
Filippo Valsorda [Thu, 14 Nov 2024 21:02:02 +0000 (22:02 +0100)]
crypto/ecdh: move implementation to crypto/internal/fips/ecdh
This intentionally gives up on the property of not computing the public
key until requested. It was nice, but it was making the code too
complex. The average use case is to call PublicKey immediately after
GenerateKey anyway.
Added support in the module for P-224, just in case we'd ever want to
support it in crypto/ecdh.
Tried various ways to fix test/fixedbugs/issue52193.go to be meaningful,
but crypto/ecdh is pretty complex and all the solutions would end up
locking in crypto/ecdh structure rather than compiler behavior. The rest
of that test is good enough on its own anyway. If we do the work in the
future of making crypto/ecdh zero-allocations using the affordances of
the compiler, we can add a more robust TestAllocations on our side.
For #69536
Change-Id: I68ac3955180cb31f6f96a0ef57604aaed88ab311
Reviewed-on: https://go-review.googlesource.com/c/go/+/628315 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
crypto/internal/nistec: drop endianness swap assembly
It has negligible performance impact now that we have compiler
intrinsics, and removing it helps slightly narrow the gap between
the assembly and Go implementations.
Change-Id: Ia02807a973b567952c659bb4868632a73ff3c143
Reviewed-on: https://go-review.googlesource.com/c/go/+/627939 Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
crypto/internal/nistec: use Booth multiplication in purego P-256
Brings ScalarMult from 71 adds/op + 259 doubles/op to 58 adds/op + 263
doubles/op and ScalarBaseMult from 64 adds/op to 42 adds/op, matching
the assembly scalar multiplication algorithm.
Change-Id: I6603b52d1c3b2c25ace471bd36044149f6e8cfab
Reviewed-on: https://go-review.googlesource.com/c/go/+/627937 Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Filippo Valsorda [Thu, 14 Nov 2024 11:41:47 +0000 (12:41 +0100)]
crypto/internal/fips: move most tests to crypto/internal/fipstest
As explained in fips_test.go, we generally want to minimize tests inside
the FIPS module. When there is a relevant calling package, the tests
should go there, otherwise in fipstest.
This required redoing a bit the CAST failure tests, but the new version
is actually more robust because it will fail if a _ import is missing.
Since TestCAST doesn't print a line for each passed CAST anymore, made
GODEBUG=fips140=debug do that, in case we need to show it to the lab.
For #69536
Change-Id: I0c1b82a4e9ee39e8df9bbe95bebb0527753f51c8
Reviewed-on: https://go-review.googlesource.com/c/go/+/627955 Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Paul E. Murphy [Tue, 5 Nov 2024 19:50:46 +0000 (13:50 -0600)]
crypto/aes: add optimized AES-CTR for ppc64le
This should be a relatively trivial implementation for PPC64
with minor optimizations depending on GOPPC64 value.
GOPPC64=power9 showed about 5% improvement on power10.
Performance is substantially improved on power10 (compiled
with GOPPC64=power9)
Russ Cox [Sun, 17 Nov 2024 21:54:11 +0000 (16:54 -0500)]
cmd/go/internal/modfetch: export new func Unzip
Add new func Unzip, which is Download (= download+unzip)
without the download. This will be used for unpacking the
FIPS module zips, which are part of the Go distribution,
not downloaded.
Change-Id: Ia04f8c376db8cb1cf27acb5567dd256afb10f410
Reviewed-on: https://go-review.googlesource.com/c/go/+/629200
Auto-Submit: Russ Cox <rsc@golang.org> Reviewed-by: Michael Matloob <matloob@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Russ Cox [Thu, 14 Nov 2024 19:09:54 +0000 (14:09 -0500)]
cmd/go: add basic GOFIPS140 support
GOFIPS140 does two things: (1) control whether to build binaries that
run in FIPS-140 mode by default, and (2) control which version of the
crypto/internal/fips source tree to use during a build.
This CL implements part (1). It recognizes the GOFIPS140 settings
"off" and "latest" and uses them to set the default GODEBUG=fips140
setting to "off" or "on" accordingly.
The documentation for GOFIPS140 is in a follow-up CL.
See cmd/go/internal/fips/fips.go for an overview.
For #70200.
Change-Id: I045f8ae0f19778a1e72a5cd2b6a7b0c88934fc30
Reviewed-on: https://go-review.googlesource.com/c/go/+/629198
Auto-Submit: Russ Cox <rsc@golang.org> Reviewed-by: Michael Matloob <matloob@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Keith Randall [Tue, 19 Nov 2024 00:37:59 +0000 (16:37 -0800)]
internal/runtime/maps: hash copy of key instead of key itself
Hashing the key means we have to take the address of it. That inhibits
subsequent optimizations on the key variable.
By hashing a copy, we incur an extra store at the hash callsite, but
we no longer need a load of the key in the inner loop. It can live
in a register throughout. (Technically, it gets spilled around
the call to the hasher, but it gets restored outside the loop.)
Maybe one day we can have special hash functions that take
int64/int32/string instead of *int64/*int32/*string.
Change-Id: Iba3133f6e82328f53c0abcb5eec13ee47c4969d1
Reviewed-on: https://go-review.googlesource.com/c/go/+/629419 Reviewed-by: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Pratt <mpratt@google.com>
Keith Randall [Tue, 19 Nov 2024 00:12:48 +0000 (16:12 -0800)]
internal/runtime/maps: use simpler calculation for slot element
This reduces the adds required at the return point from 3 to 1.
(The multiply inside g.elem() does get CSE'd with the one inside
g.key(), but the rest of the adds don't.)
Instead, compute the element as just a fixed offset from the key.
Change-Id: Ia4d7664efafcdca5e9daeb77d270651bb186232c
Reviewed-on: https://go-review.googlesource.com/c/go/+/629535 Reviewed-by: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Pratt <mpratt@google.com>
Tobias Klauser [Tue, 19 Nov 2024 12:38:42 +0000 (13:38 +0100)]
internal/syscall/unix, os: add and use Waitid syscall wrapper on linux
Instead of open-coding the waitid syscall wrapper add it to
internal/syscall/unix. As the syscall is currently only used on Linux,
switch the implementation in os.(*Process).blockUntilWaitable to use the
128-byte unix.SiginfoChild type instead of a plain 128-byte buffer.
Also use ignoringEINTR for the waitid calls instead of open-coding it.
Change-Id: I8dc47e361faa1f5e912d5de021f119c91c9f12f5
Reviewed-on: https://go-review.googlesource.com/c/go/+/629655 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Tobias Klauser <tobias.klauser@gmail.com>
Damien Neil [Tue, 11 Jun 2024 18:02:18 +0000 (11:02 -0700)]
internal/synctest: new package for testing concurrent code
Add an internal (for now) implementation of testing/synctest.
The synctest.Run function executes a tree of goroutines in an
isolated environment using a fake clock. The synctest.Wait function
allows a test to wait for all other goroutines within the test
to reach a blocking point.
For #67434
For #69687
Change-Id: Icb39e54c54cece96517e58ef9cfb18bf68506cfc
Reviewed-on: https://go-review.googlesource.com/c/go/+/591997 Reviewed-by: Michael Pratt <mpratt@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Filippo Valsorda [Sat, 12 Oct 2024 18:22:44 +0000 (20:22 +0200)]
crypto/internal/mlkem768: update to final FIPS 203
Main changes are the domain separator in KeyGen, dropping support for
the extended decapsulation key encoding in favor of seeds (see
https://words.filippo.io/ml-kem-seeds/), and documentation changes.
Change-Id: I8773034929094b3242aa39ac6e9d007c2bc94e63
Reviewed-on: https://go-review.googlesource.com/c/go/+/621975 Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Joe Tsai [Tue, 19 Nov 2024 01:34:06 +0000 (17:34 -0800)]
encoding/json: check exact structure of local error types in tests
During the development of error wrapping (#29934),
the tests were modified to stop using reflect.DeepEqual
since the prototype for error wrapping at the time included
frame information of where the error was created.
However, that change diminished the fidelity of the test
so that it is no longer as strict, which affects the endeavor
to implement v1 in terms of the v2 prototype.
For locally declared error types, use reflect.DeepEqual
to check that the exact structure of the error value matches.
Change-Id: I443d418533866ab8d533bca3785fdc741e2c140e
Reviewed-on: https://go-review.googlesource.com/c/go/+/629517
Auto-Submit: Damien Neil <dneil@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Reviewed-by: Daniel Martí <mvdan@mvdan.cc> Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Russ Cox [Thu, 14 Nov 2024 07:31:46 +0000 (02:31 -0500)]
cmd/dist: add GOFIPS140 setting
GOFIPS140 will be used to control whether to build binaries that
run in FIPS-140 mode by default, as well as which version of
crypto/internal/fips is used during a given build.
It is a target configuration variable analogous to
GOOS, GOARCH, CGO_ENABLED, and the like, so the
default value is recorded in the toolchain during make.bash.
This CL adds the GOFIPS140 setting to the build process
and records the default for use by cmd/go.
For #70200.
Change-Id: Iafcb5a4207f00fae8bcd93e0184a63c72526abea
Reviewed-on: https://go-review.googlesource.com/c/go/+/629196 Reviewed-by: Michael Matloob <matloob@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Russ Cox [Sun, 17 Nov 2024 00:40:42 +0000 (19:40 -0500)]
cmd/go/internal/fsys: add Bind to add bind mounts
fsys.Bind(repl, dir) makes the virtual file system
redirect any references to dir to use repl instead.
In Plan 9 terms, it binds repl onto dir.
In Linux terms, it does a mount --bind of repl onto dir.
Or think of it as being like a symlink dir -> repl being
added to the virtual file system.
This is a separate layer from the overlay so that editors
working in the replacement directory can still apply
their own replacements within that tree, and also so
that editors working in the original dir do not have any
effect at all.
(If the binds and the overlay were in the same sorted list,
we'd have problems with keeping the relative priorities
of individual entries correct.)
Change-Id: Ibc88021cc95a3b8574efd5f37772ccb723aa8f7b
Reviewed-on: https://go-review.googlesource.com/c/go/+/628702
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Russ Cox <rsc@golang.org> Reviewed-by: Michael Matloob <matloob@golang.org>
Russ Cox [Sun, 17 Nov 2024 16:51:52 +0000 (11:51 -0500)]
cmd/internal/obj/arm64: recognize FIPS static temps as unaligned
Code like x := [12]byte{1,2,3,4,5,6,7,8,9,10,11,12} stores x in
a pair of registers and uses MOVD/MOVWU to load the values
from RODATA. The code generator needs to understand not
to use the aligned PC-relative relocation for that sequence.
In non-FIPS modes, more statictemp optimizations can be applied
and this problematic sequence doesn't happen.
Fix the decision about whether to assume alignment to match
the code used by the linker when deciding what to align.
Fixes the linker failure in CL 626437 patch set 5.
Change-Id: Iedad862c6faee758d4a2c5120cab2d329265b134
Reviewed-on: https://go-review.googlesource.com/c/go/+/628835
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Russ Cox <rsc@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
TryBot-Bypass: Russ Cox <rsc@golang.org>
George Adams [Tue, 19 Nov 2024 10:05:27 +0000 (10:05 +0000)]
Revert "os: check for valid Windows path when creating files"
This reverts commit CL 618496.
Reason for revert: https://github.com/golang/go/issues/54040#issuecomment-2485151973
Change-Id: I3bf27f7fdd475a005cb6aa190994153504e96fb5
Reviewed-on: https://go-review.googlesource.com/c/go/+/629595 Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Quim Muntal <quimmuntal@gmail.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com>
qmuntal [Mon, 18 Nov 2024 08:31:59 +0000 (09:31 +0100)]
os/user: fix race detector failure
The race detector doesn't like that windows.GetSid* functions return
pointers to the SID structure. This change makes these functions return
values instead and mark them with nocheckptr.
Fixes #70378
Cq-Include-Trybots: luci.golang.try:gotip-windows-amd64-race
Change-Id: Iba39d75bb31679d25a5ee43b51e4abb0c435dbac
Reviewed-on: https://go-review.googlesource.com/c/go/+/628995 Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>