From 08691679b51c3e8e985c3b29056bb85ebdf1e031 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Fri, 28 Jul 2023 16:17:57 +0100
Subject: [PATCH] Enable testing of asm under Memsan

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/constant_time_impl.h | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h
index 91418e58ff..f8f6bb194d 100644
--- a/library/constant_time_impl.h
+++ b/library/constant_time_impl.h
@@ -37,15 +37,7 @@
 #include "mbedtls/bignum.h"
 #endif
 
-
-/* Disable asm under Memsan because it confuses Memsan and generates false errors */
-#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN)
-#define MBEDTLS_CT_NO_ASM
-#elif defined(__has_feature)
-#if __has_feature(memory_sanitizer)
-#define MBEDTLS_CT_NO_ASM
-#endif
-#endif
+#include "../tests/include/test/constant_flow.h"
 
 /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */
 #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && (!defined(__ARMCC_VERSION) || \
@@ -79,7 +71,19 @@ extern volatile mbedtls_ct_uint_t mbedtls_ct_zero;
 static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x)
 {
 #if defined(MBEDTLS_CT_ASM)
+    /* Prevent false positives from Memsan - otherwise it will report the asm as
+     * accessing secret data. */
+    TEST_CF_PUBLIC(&x, sizeof(x));
+
     asm volatile ("" : [x] "+r" (x) :);
+
+    /* Mark the return value as secret. This is needed so that code of the form:
+     *
+     * if (mbedtls_ct_compiler_opaque(secret)) { ... }
+     *
+     * will fail const-flow tests.
+     */
+    TEST_CF_SECRET(&x, sizeof(x));
     return x;
 #else
     return x ^ mbedtls_ct_zero;