* [PATCH v2] Docs/zh_CN: Translate speculation.rst to Simplified Chinese
@ 2025-06-06 17:08 chris.wei.cui
0 siblings, 0 replies; only message in thread
From: chris.wei.cui @ 2025-06-06 17:08 UTC (permalink / raw)
To: alexs, si.yanteng, dzm91; +Cc: corbet, linux-doc, Cui Wei
From: Cui Wei <chris.wei.cui@gmail.com>
translate the "speculation.rst" into Simplified Chinese and adjust
zh_CN/staging/index.rst.
Signed-off-by: Cui Wei <chris.wei.cui@gmail.com>
---
.../translations/zh_CN/staging/index.rst | 2 +-
.../zh_CN/staging/speculation.rst | 85 +++++++++++++++++++
2 files changed, 86 insertions(+), 1 deletion(-)
create mode 100644 Documentation/translations/zh_CN/staging/speculation.rst
diff --git a/Documentation/translations/zh_CN/staging/index.rst b/Documentation/translations/zh_CN/staging/index.rst
index bb55c81c84a3..6d68fabce175 100644
--- a/Documentation/translations/zh_CN/staging/index.rst
+++ b/Documentation/translations/zh_CN/staging/index.rst
@@ -13,6 +13,7 @@
.. toctree::
:maxdepth: 2
+ speculation
xz
TODOList:
@@ -21,6 +22,5 @@ TODOList:
* lzo
* remoteproc
* rpmsg
-* speculation
* static-keys
* tee
diff --git a/Documentation/translations/zh_CN/staging/speculation.rst b/Documentation/translations/zh_CN/staging/speculation.rst
new file mode 100644
index 000000000000..c36d33f67897
--- /dev/null
+++ b/Documentation/translations/zh_CN/staging/speculation.rst
@@ -0,0 +1,85 @@
+.. SPDX-License-Identifier: GPL-2.0
+.. include:: ../disclaimer-zh_CN.rst
+
+:Original: Documentation/staging/speculation.rst
+
+:翻译:
+
+ 崔巍 Cui Wei <chris.wei.cui@gmail.com>
+
+========
+推测执行
+========
+
+本文档解释了推测执行的潜在影响,以及如何使用通用API来减轻不良影响。
+
+------------------------------------------------------------------------------
+
+为提高性能并减少平均延迟,许多现代处理器都采用分支预测等推测执行技术,执行结果
+可能在后续阶段被丢弃。
+
+通常情况下,我们无法从架构状态(如寄存器内容)观察到推测执行。然而,在某些情况
+下从微架构状态观察其影响是可能的,例如数据是否存在于缓存中。这种状态可能会形成
+侧信道,通过观察侧信道可以提取秘密信息。
+
+例如,在分支预测存在的情况下,边界检查可能被推测执行的代码忽略。考虑以下代码::
+
+ int load_array(int *array, unsigned int index)
+ {
+ if (index >= MAX_ARRAY_ELEMS)
+ return 0;
+ else
+ return array[index];
+ }
+
+在arm64上,可以编译成如下汇编序列::
+
+ CMP <index>, #MAX_ARRAY_ELEMS
+ B.LT less
+ MOV <returnval>, #0
+ RET
+ less:
+ LDR <returnval>, [<array>, <index>]
+ RET
+
+处理器有可能误预测条件分支,并推测性装载array[index],即使index >= MAX_ARRAY_ELEMS。
+这个值随后会被丢弃,但推测的装载可能会影响微架构状态,随后可被测量到。
+
+涉及多个依赖内存访问的更复杂序列可能会导致敏感信息泄露。以前面的示例为基础,考虑
+以下代码::
+
+ int load_dependent_arrays(int *arr1, int *arr2, int index)
+ {
+ int val1, val2,
+
+ val1 = load_array(arr1, index);
+ val2 = load_array(arr2, val1);
+
+ return val2;
+ }
+
+根据推测,对load_array()的第一次调用可能会返回一个越界地址的值,而第二次调用将影响
+依赖于该值的微架构状态。这可能会提供一个任意读取原语。
+
+缓解推测执行侧信道
+==================
+
+内核提供了一个通用API以确保即使在推测情况下也能遵守边界检查。受推测执行侧信道影响
+的架构应当实现这些原语。
+
+<linux/nospec.h>中的array_index_nospec()辅助函数可用于防止信息通过侧信道泄漏。
+
+调用array_index_nospec(index, size)将返回一个经过净化的索引值,即使在CPU推测执行
+条件下,该值也会被严格限制在[0, size)范围内。
+
+这可以用来保护前面的load_array()示例::
+
+ int load_array(int *array, unsigned int index)
+ {
+ if (index >= MAX_ARRAY_ELEMS)
+ return 0;
+ else {
+ index = array_index_nospec(index, MAX_ARRAY_ELEMS);
+ return array[index];
+ }
+ }
--
2.43.0
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2025-06-06 17:09 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-06-06 17:08 [PATCH v2] Docs/zh_CN: Translate speculation.rst to Simplified Chinese chris.wei.cui
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).