Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Conditionally enable OPENSSL_NO_ASM for Visual Studio #21427

Merged
merged 1 commit into from
Dec 17, 2019
Merged

Conditionally enable OPENSSL_NO_ASM for Visual Studio #21427

merged 1 commit into from
Dec 17, 2019

Conversation

zackgalbreath
Copy link
Contributor

@zackgalbreath zackgalbreath commented Dec 9, 2019
edited by jtattermusch
Loading

This configuration variable was originally disabled due to a bug
in CMake. If we are using a "new enough" version of CMake (3.13+)
we can now enable this flag for Visual Studio builds.

@karthikravis
@jtattermusch

see #16376

@jtattermusch jtattermusch self-assigned this Dec 9, 2019
@jtattermusch
Copy link
Contributor

The concern is whether I need to install nasm or some other assembler that's not part of visual studio to be able to build without OPENSSL_NO_ASM - if so, it could be a regression for users that currently build with cmake + VS.

@zackgalbreath
Copy link
Contributor Author

The concern is whether I need to install nasm or some other assembler that's not part of visual studio to be able to build without OPENSSL_NO_ASM - if so, it could be a regression for users that currently build with cmake + VS.

We could use CheckLanguage from within cmake/ssl.cmake to make sure that the ASM_NASM language can be enabled. Does that sound like a reasonable safeguard to you?

@jtattermusch
Copy link
Contributor

jtattermusch commented Dec 15, 2019
edited
Loading

I tried on a machine that doesn't have NASM installed and got this error:

-- Didn't find assembler
CMake Error at third_party/boringssl/crypto/CMakeLists.txt:60 (enable_language):                                                                                                                  
No CMAKE_ASM_NASM_COMPILER could be found.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
-- Configuring incomplete, errors occurred!

@jtattermusch
Copy link
Contributor

The concern is whether I need to install nasm or some other assembler that's not part of visual studio to be able to build without OPENSSL_NO_ASM - if so, it could be a regression for users that currently build with cmake + VS.

We could use CheckLanguage from within cmake/ssl.cmake to make sure that the ASM_NASM language can be enabled. Does that sound like a reasonable safeguard to you?

I don't have experience with CheckLanguage, but it could work.
We should only enable asm if we're sure it's not going to break people's builds.
Perhaps we could have some setting to specify that we really want assembly optimizations (and avoid setting OPENSSL_NO_ASM if that setting is used) - the idea is that some users might want to ensure that ASM optimizations are actually being used (as opposed to disabling them silently which can have performance implications)

@davidben
Copy link
Contributor

From the BoringSSL side, consider the assembly all but mandatory. It may be worth breaking builds with an explicit opt-out. Cryptography has more complex correctness requirements than most code. It's performance-sensitive and needs to meet some odd "constant-time" security requirements.

Two of the most important symmetric algorithms, AES and GHASH (the hash in AES-GCM), do not map well to portable C. Meeting constant-time security requirements takes performance tradeoffs. With assembly, we can use dedicated hardware instructions on modern CPUs. Assembly also lets us use SIMD instructions for a middle tier of fallback: given SSSE3 (x86) or NEON (arm), we can build AES and GHASH out of byte shuffle operations.

OPENSSL_NO_ASM limits you to bottom of the fallback tower. Until a month ago, that fallback was not even constant-time, meaning assembly is required for security. It is not just an optimization. This is poor, so I've been replacing those fallbacks. Our fallback GHASH is constant-time as of November, but I still need to fix the AES fallback. However, these fixes come with perf hits. (Really this is undoing a perf win we never earned.) When we evaluate the tradeoffs here, we assume that assembly is enabled.

The TLS library will prioritize ChaCha20-Poly1305 when AES hardware is unavailable (either due to the hardware itself or OPENSSL_NO_ASM), but AES-GCM is still widely-used. (Note since that post was written, ARMv8 added crypto extensions. AES hardware is now common on mobile too.)

@jtattermusch
Copy link
Contributor

@davidben thanks for the input, we will consider this, but I'd like to consider it separately from this PR.
If OPENSSL_NO_ASM if discouraged, we'd need a solution for e.g. older cmake versions, which is not something we are trying to address in this PR.
For purposes of this PR, let's not require users to have NASM installed (= same behavior as before), but let's use it where possible.
Later (in a different PR), we can change the behavior into only using OPENSSL_NO_ASM when explicitly specified by the user, if that's something that will improve the overall security.

@zackgalbreath
Conditionally set OPENSSL_NO_ASM for Visual Studio
5f073ed 
This configuration variable was originally set due to a bug in CMake.

We now build BoringSSL with assembly optimizations on Visual Studio
provided that the version of CMake we're using is "new enough" (3.13+)
and the NASM assembler is installed.
jtattermusch
jtattermusch approved these changes Dec 16, 2019
View reviewed changes
Copy link
Contributor

@jtattermusch jtattermusch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM once tests pass.

@jtattermusch jtattermusch added the release notes: yes Indicates if PR needs to be in release notes label Dec 16, 2019
@jtattermusch
Copy link
Contributor

@veblush need another Googler's LGTM.

@jtattermusch jtattermusch merged commit b5c3056 into grpc:master Dec 17, 2019
@jtattermusch jtattermusch mentioned this pull request Dec 17, 2019
Closed
@zackgalbreath zackgalbreath mentioned this pull request Dec 19, 2019
Closed
@lock lock bot locked as resolved and limited conversation to collaborators Mar 17, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@veblush veblush veblush approved these changes

@jtattermusch jtattermusch jtattermusch approved these changes

@apolcyn apolcyn Awaiting requested review from apolcyn apolcyn is a code owner

@nicolasnoble nicolasnoble Awaiting requested review from nicolasnoble

Assignees

@jtattermusch jtattermusch

Labels
lang/c++ release notes: yes Indicates if PR needs to be in release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@zackgalbreath @jtattermusch @davidben @veblush @grpc-kokoro