[Cryptography] Does RISC V solve Spectre ?

[Nico Williams]

On Fri, Mar 23, 2018 at 07:40:56PM -0700, Ray Dillinger wrote:
> Determining when to undertake these actions is not too hard for the
> logic overhead expressed in silicon which presently runs during the code
> execution. Moving that overhead to the compiler doesn't make it more
> complex than it already is.

It definitely is more complex: for the compiler writers.  They now have
to repeat this exercise for every release of a CPU.  And software needs
to be recompiled for each CPU release, or else JITed -- which means it's
more complex for others too.

Also, it's not as trivial as you might think because the time to perform
a load is not predictable because of the various levels of cache, the
time to store isn't either because of cache coherency issues, and the
time to perform memory barriers and atomic memory operations isn't
predictable for the same reasons.  Meaning: a compiler can't quite
schedule things correctly.  Instead a compiler might have to generate
micro event loops where hopefully work can be found to do while waiting.
Ultimately a compiler might even generate code that speculates, leaving
you roughly at square one (though trading the horrible CPU update
considerations for software update considerations)!

This road is just no fun to travel, and that's probably why we haven't
gone that far on it.

Nico
--