Re: Do we need to do anything about "dead µops?"

From: Josh Poimboeuf
Date: Tue May 04 2021 - 09:24:56 EST


On Tue, May 04, 2021 at 01:06:06PM +0000, David Laight wrote:
> From: Josh Poimboeuf
> > Sent: 04 May 2021 04:16
> ...
> > I was actually thinking more along the lines of
> >
> > val = 0;
> >
> > if (user_supplied_idx < ARRAY_SIZE) // trained to speculatively be 'true'
> > val = boring_non_secret_array[user_supplied_idx];
> >
> > if (val & 1)
> > do_something();
> >
> > In other words, the victim code wouldn't be accessing the secret
> > intentionally. So there's no reason for it to avoid doing
> > data-dependent branches.
>
> Isn't that one of the very boring standard spectre cases?

Classic v1 as described in the Spectre paper was a data-dependent
load/store, not a data-dependent branch.

--
Josh