Proposal: Not supporting x86 w/o SSE2
Hello WebKittens, To mitigate recent side-channel attacks, we added `lfence` in x86 WebKit. But this is supported in x86 SSE2. So the ToT WebKit is not usable with very old x86 CPUs which do not have SSE2[1]. According to [2], Mozilla Firefox 49 no longer supports x86 w/o SSE2. Since Firefox 45 ESR is already End of Life, all the supported Firefox require SSE2 on x86. Chromium also does not support x86 if it does not have SSE2 IIRC[3]. So, no major browsers support x86 w/o SSE2 right now. I think our stakeholders do not maintain non-SSE2 x86. Even if it works, it is potentially vulnerable, and I think it is not acceptable for the browser engine. My proposal here is clarifying that WebKit does not support x86 not having SSE2. [1]: https://bugs.webkit.org/show_bug.cgi?id=188145 [2]: https://support.mozilla.org/en-US/kb/your-hardware-no-longer-supported [3]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763290
Sounds good. There are clients of WebKit outside web browsing. A significant client like that on Windows at Apple is iTunes. I checked <https://www.apple.com/itunes/download/> and Windows versions of iTunes require a processor with support for SSE2, so clarifying WebKit’s lack of support won’t be a problem there. — Darin
On Mon, Jul 30, 2018 at 4:37 AM Darin Adler <darin@apple.com> wrote:
Sounds good.
There are clients of WebKit outside web browsing. A significant client like that on Windows at Apple is iTunes. I checked < https://www.apple.com/itunes/download/> and Windows versions of iTunes require a processor with support for SSE2, so clarifying WebKit’s lack of support won’t be a problem there.
That's cool! I also want to note that Windows 7 seems dropping non-SSE2 x86 support[1]
Symptom A Stop error occurs on computers that don't support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2). Workaround Upgrade your machines with a processor that supports SSE2 or virtualize those machines.
[1]: https://support.microsoft.com/en-us/help/4088875/windows-7-update-kb4088875
— Darin
Technically, many of WebKitGTK+'s distributors require that it not use SSE2 instructions in 32-bit builds. I am no longer sure which ones. (It used to be the case for Fedora, for example, but that changed recently.) In practice, so few people care about these old machines anymore that such use is unlikely to be noticed by many users. Certain software (including Firefox and Chromium) has already started to require SSE2 and is broken on these machines, so the requirement is already not fulfilled by other software. E.g. it is clear that Debian is not patching Firefox or Chromium to remove the SSE2 instructions. So times change, and I think we can get away with starting to require SSE2, if there is a compelling reason to do so. But according to Filip's review in that bug, we probably don't need to do so right now. Michael
participants (3)
-
Darin Adler
-
Michael Catanzaro
-
Yusuke SUZUKI