Improved mitigation of base OT issue.

data61 · Aug 12, 2024 · a9a13b1 · a9a13b1
1 parent b6aa32f
commit a9a13b1
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 3 deletions.
diff --git a/CONFIG b/CONFIG
@@ -48,6 +48,8 @@ ARCH =
 AVX_OT = 0
 endif
 
+AVX_SIMPLEOT = AVX_OT
+
 ifeq ($(OS), Darwin)
 BREW_CFLAGS += -I/usr/local/opt/openssl/include -I`brew --prefix`/opt/openssl/include -I`brew --prefix`/include
 BREW_LDLIBS += -L/usr/local/opt/openssl/lib -L`brew --prefix`/lib -L`brew --prefix`/opt/openssl/lib
@@ -73,7 +75,7 @@ ifeq ($(USE_GF2N_LONG),1)
 GF2N_LONG = -DUSE_GF2N_LONG
 endif
 
-ifeq ($(AVX_OT), 0)
+ifeq ($(AVX_SIMPLEOT), 0)
 CFLAGS += -DNO_AVX_OT
 endif
 

diff --git a/OT/BaseOT.cpp b/OT/BaseOT.cpp
@@ -2,12 +2,17 @@
 #include "Tools/random.h"
 #include "Tools/benchmarking.h"
 #include "Tools/Bundle.h"
+#include "Processor/OnlineOptions.h"
 
 #include <stdio.h>
 #include <iostream>
 #include <fstream>
 #include <pthread.h>
 
+#ifdef __linux__
+#include <cpuid.h>
+#endif
+
 extern "C" {
 #ifndef NO_AVX_OT
 #include "SimpleOT/ot_sender.h"
@@ -106,10 +111,31 @@ void receiver_keygen(ref10_RECEIVER* r, unsigned char (*keys)[HASHBYTES])
     ref10_receiver_keygen(r, keys);
 }
 
+int BaseOT::avx = -1;
+
+bool BaseOT::use_avx()
+{
+    if (avx == -1)
+    {
+        avx = cpu_has_avx(true);
+#if defined(__linux__) and defined(__x86_64__)
+        int info[4];
+        __cpuid(0x80000003, info[0], info[1], info[2], info[3]);
+        string str((char*) info, 16);
+        if (OnlineOptions::singleton.has_option("debug_cpu"))
+            cerr << "CPU: " << str << endl;
+        if (str.find("Gold 63") != string::npos)
+            avx = 0;
+#endif
+    }
+
+    return avx;
+}
+
 void BaseOT::exec_base(bool new_receiver_inputs)
 {
 #ifndef NO_AVX_OT
-    if (cpu_has_avx(true))
+    if (use_avx())
         exec_base<SIMPLEOT_SENDER, SIMPLEOT_RECEIVER>(new_receiver_inputs);
     else
 #endif
@@ -254,7 +280,10 @@ void BaseOT::exec_base(bool new_receiver_inputs)
                 string error = "Sender outputs are the same at " + to_string(i)
                         + ": " + sender_inputs[i][0].str();
 #ifdef NO_AVX_OT
-                error += ". Try compiling with 'AVX_OT = 0' in CONFIG.mine";
+                error += "This is a known problem with some Xeon CPUs. ";
+                error += "We would appreciate if you report the output of "
+                        "'cat /proc/cpuinfo | grep name'. ";
+                error += "Try compiling with 'AVX_SIMPLEOT = 0' in CONFIG.mine";
 #endif
                 throw runtime_error(error);
             }

diff --git a/OT/BaseOT.h b/OT/BaseOT.h
@@ -39,6 +39,8 @@ class BaseOT
     static void hash_with_id(BitVector& bits, long id);
 
 public:
+    static int avx;
+
     /// Receiver choice bits
 	BitVector receiver_inputs;
 	/// Sender inputs
@@ -116,6 +118,8 @@ class BaseOT
 	bool is_sender() { return (bool) (ot_role & SENDER); }
 	bool is_receiver() { return (bool) (ot_role & RECEIVER); }
 
+	bool use_avx();
+
 	/// CPU-specific instantiation of Simplest OT using Curve25519
 	template<class T, class U>
 	void exec_base(bool new_receiver_inputs=true);