mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-23 16:20:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove references to new-test approach in design

Browse Source 
This is already covered in the design exploration and since the other
approach was chose, we do not need to discuss it in the detailed design
section.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit is contained in:
David Horstmann 2023-10-25 15:33:50 +01:00
parent 2b86df87da
commit c59913822e
1 changed files with 1 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/architecture/psa-shared-memory.md
View File

@ -525,14 +525,7 @@ This should either poison or unpoison the given buffer based on the value of `sh
The PSA copying function must then have test hooks implemented as outlined in [Validation of copying by memory poisoning](#validation-of-copying-by-memory-poisoning).
For test implementation, we may choose one of two approaches:
* Use transparent allocation-based memory poisoning.
* Use memory poisoning functions and a new testsuite.
As discussed in [the design exploration](#validation-with-existing-tests), the transparent approach is preferred.
We will specify the particularities of each approach's implementation below.
As discussed in [the design exploration](#validation-with-existing-tests), the preferred approach for implementing copy-testing is to implement it transparently using existing tests. This is specified in more detail below.
#### Transparent allocation-based memory poisoning
@ -560,8 +553,6 @@ psa_status_t mem_poison_psa_aead_update(psa_aead_operation_t *operation,
#define psa_aead_update(...) mem_poison_psa_aead_update(__VA_ARGS__)
```
#### Memory poisoning functions and a new testsuite
#### Configuration of poisoning tests
Since the memory poisoning tests will require the use of interfaces specific to the sanitizers used to poison memory, they must be guarded by new config options, for example `PSA_TEST_COPYING_ASAN` and `PSA_TEST_COPYING_VALGRIND`, as well as `MBEDTLS_TEST_HOOKS`. These would be analogous to the existing `MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN` and `MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND`. Since they require special tooling, these options should not be enabled in either the `default` or `full` configurations. Instead, as with the constant flow testing options, they should be enabled in a new component in `all.sh` that performs the copy testing with Valgrind or ASan.