aarch64-dit 0.1.0

Wrappers for enabling/disabling the Data Independent Timing (DIT) feature on AArch64 CPUs
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171

#![no_std]
#![doc = include_str!("../README.md")]
#![doc(
    html_logo_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg",
    html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg"
)]
#![warn(missing_docs, rust_2018_idioms, unused_qualifications)]

//! ## Usage
//!
//! ```
//! use aarch64_dit::Dit;
//!
//! let dit = Dit::init();
//! assert!(!dit.is_enabled());
//! let _guard = dit.enable();
//! assert!(dit.is_enabled());
//! ```

#[cfg(not(target_arch = "aarch64"))]
compile_error!("This crate only builds on `aarch64` targets");

use core::arch::asm;

cpufeatures::new!(dit_supported, "dit");

/// Data-Independent Timing: support for enabling features of AArch64 CPUs which improve
/// constant-time operation.
pub struct Dit {
    supported: dit_supported::InitToken,
}

impl Dit {
    /// Initialize Data-Independent Timing using runtime CPU feature detection.
    pub fn init() -> Self {
        Self {
            supported: dit_supported::init(),
        }
    }

    /// Enable Data-Independent Timing (if available).
    ///
    /// Returns an RAII guard that will return DIT to its previous state when dropped.
    #[must_use]
    pub fn enable(&self) -> Guard<'_> {
        let was_enabled = if self.is_supported() {
            unsafe { set_dit_enabled() }
        } else {
            false
        };

        Guard {
            dit: self,
            was_enabled,
        }
    }

    /// Check if DIT has been enabled.
    pub fn is_enabled(&self) -> bool {
        if self.is_supported() {
            unsafe { get_dit_enabled() }
        } else {
            false
        }
    }

    /// Check if DIT is supported by this CPU.
    pub fn is_supported(&self) -> bool {
        self.supported.get()
    }
}

/// RAII guard which returns DIT to its previous state when dropped.
pub struct Guard<'a> {
    /// DIT implementation.
    dit: &'a Dit,

    /// Previous DIT state before it was enabled.
    was_enabled: bool,
}

impl Drop for Guard<'_> {
    fn drop(&mut self) {
        if self.dit.supported.get() {
            unsafe { restore_dit(self.was_enabled) }
        }
    }
}

/// Detect if DIT is enabled for the current thread by checking the processor state register.
#[target_feature(enable = "dit")]
unsafe fn get_dit_enabled() -> bool {
    let mut dit: u64;
    asm!(
        "mrs {dit}, DIT",
        dit = out(reg) dit,
        options(nomem, nostack, preserves_flags)
    );
    (dit >> 24) & 1 != 0
}

/// Enable DIT for the current thread.
///
/// Returns the previous DIT state prior to enabling DIT.
#[target_feature(enable = "dit")]
unsafe fn set_dit_enabled() -> bool {
    let was_enabled = get_dit_enabled();
    asm!("msr DIT, #1", options(nomem, nostack, preserves_flags));
    was_enabled
}

/// Restore DIT state depending on the enabled bit.
#[target_feature(enable = "dit")]
unsafe fn restore_dit(enabled: bool) {
    if !enabled {
        // Disable DIT
        asm!("msr DIT, #0", options(nomem, nostack, preserves_flags));
    }
}

#[cfg(test)]
mod tests {
    use super::{get_dit_enabled, restore_dit, set_dit_enabled, Dit};
    cpufeatures::new!(dit_supported, "dit");

    #[test]
    fn high_level_api() {
        let dit = Dit::init();
        assert!(dit.is_supported());

        {
            assert!(!dit.is_enabled());
            let _guard = dit.enable();
            assert!(dit.is_enabled());

            // Test nested usage
            {
                let _guard2 = dit.enable();
                assert!(dit.is_enabled());
            }

            assert!(dit.is_enabled());
        }

        assert!(!dit.is_enabled());
    }

    #[test]
    fn asm_wrappers() {
        let dit_token = dit_supported::init();
        if !dit_token.get() {
            panic!("DIT is not available on this CPU");
        }

        let dit_enabled = unsafe { get_dit_enabled() };
        assert!(!dit_enabled);

        let was_enabled = unsafe { set_dit_enabled() };
        assert!(!was_enabled);
        let dit_enabled = unsafe { get_dit_enabled() };
        assert!(dit_enabled);

        unsafe { restore_dit(true) };
        let dit_enabled = unsafe { get_dit_enabled() };
        assert!(dit_enabled);

        unsafe { restore_dit(false) };
        let dit_enabled = unsafe { get_dit_enabled() };
        assert!(!dit_enabled);
    }
}