/*
 * Enable the PSTATE.DIT flag in AArch64, if available.
 *
 * This guarantees that data-processing instructions (or rather, a
 * long list of specific ones) will have data-independent timing
 * (hence the name). In other words, you want to turn this bit on if
 * you're trying to do constant-time crypto.
 *
 * For maximum performance you'd want to turn this bit back off when
 * doing any CPU-intensive stuff that _isn't_ cryptographic. That
 * seems like a small concern in this code base, and carries the risk
 * of losing track of whether it was on or not, so here we just enable
 * it for the whole process. That's why there's only an enable_dit()
 * function in this file and not a disable_dit() to go with it.
 */

#include "ssh.h"

void enable_dit(void)
{
    if (!platform_dit_available())
        return;
    register uint64_t one asm("x8");
    one = 1;
    // This is the binary encoding of "msr dit, x8". You can check via, e.g.,
    // echo "msr dit,x8" | llvm-mc -triple aarch64 -mattr=+dit -show-encoding
    asm volatile(".inst 0xd51b42a8" :: "r"(one));
}