From 08691679b51c3e8e985c3b29056bb85ebdf1e031 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Fri, 28 Jul 2023 16:17:57 +0100 Subject: [PATCH] Enable testing of asm under Memsan Signed-off-by: Dave Rodgman --- library/constant_time_impl.h | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/library/constant_time_impl.h b/library/constant_time_impl.h index 91418e58ff..f8f6bb194d 100644 --- a/library/constant_time_impl.h +++ b/library/constant_time_impl.h @@ -37,15 +37,7 @@ #include "mbedtls/bignum.h" #endif - -/* Disable asm under Memsan because it confuses Memsan and generates false errors */ -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) -#define MBEDTLS_CT_NO_ASM -#elif defined(__has_feature) -#if __has_feature(memory_sanitizer) -#define MBEDTLS_CT_NO_ASM -#endif -#endif +#include "../tests/include/test/constant_flow.h" /* armcc5 --gnu defines __GNUC__ but doesn't support GNU's extended asm */ #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && (!defined(__ARMCC_VERSION) || \ @@ -79,7 +71,19 @@ extern volatile mbedtls_ct_uint_t mbedtls_ct_zero; static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x) { #if defined(MBEDTLS_CT_ASM) + /* Prevent false positives from Memsan - otherwise it will report the asm as + * accessing secret data. */ + TEST_CF_PUBLIC(&x, sizeof(x)); + asm volatile ("" : [x] "+r" (x) :); + + /* Mark the return value as secret. This is needed so that code of the form: + * + * if (mbedtls_ct_compiler_opaque(secret)) { ... } + * + * will fail const-flow tests. + */ + TEST_CF_SECRET(&x, sizeof(x)); return x; #else return x ^ mbedtls_ct_zero;