This option causes nested calls to PSA functions, so is not compatible
with memory poisoning as it currently stands.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
`gcc-14` added a new `-Wcalloc-transposed-args` warning recently. It
detected minor infelicity in `calloc()` API usage in `mbedtls`:
In file included from /build/mbedtls/tests/include/test/ssl_helpers.h:19,
from /build/mbedtls/tests/src/test_helpers/ssl_helpers.c:11:
/build/mbedtls/tests/src/test_helpers/ssl_helpers.c: In function 'mbedtls_test_init_handshake_options':
/build/mbedtls/tests/include/test/macros.h:128:46:
error: 'calloc' sizes specified with 'sizeof' in the earlier argument
and not in the later argument [-Werror=calloc-transposed-args]
128 | (pointer) = mbedtls_calloc(sizeof(*(pointer)), \
| ^
Signed-off-by: Sergei Trofimovich <slyich@gmail.com>
Add ticket write/parse test functions as defined
by mbedtls_ssl_ticket_write/parse_t. They are
intended to be used in negative testing
involving tickets.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove the use of extern and instead use an accessor to get the address
of the test info mutex (defined only if MBEDTLS_TEST_MUTEX_USAGE is
defined, to hopefully stop more general usage)
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Only mbedtls_test_opaque_unwrap_key() is actually needed by other
test drivers to deal with opaque keys. mbedtls_test_opaque_wrap_key()
can be kept private to test_driver_key_management.c.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Make sure that extra UNPOISON calls do not cause the poisoning counter
to underflow and wrap around.
Memory that is unpoisoned multiple times should remain unpoisoned.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This allows unusually-nested memory poisoning to work correctly, since
it keeps track of whether any buffers are still poisoned, rather than
just disabling poisoning at the first call to the UNPOISON() macro.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
`psa_collect_statuses.py` runs `make RECORD_PSA_STATUS_COVERAGE_LOG=1`,
which builds with `RECORD_PSA_STATUS_COVERAGE_LOG`. In this mode, the build
includes wrappers for PSA functions, which conflict with the newly
introduced wrappers that are enabled whenever `MBEDTLS_TEST_HOOKS` is
enabled. In the future, the collect-statuses mechanism should use the new
generic wrapper mechanism. For the time being, keep the old wrappers and
avoid the new wrappers when doing the collect-statuses build.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Code in unit tests (`tests/suites/*.function`) and in test support
code (`tests/src/**.c`) will now go through the wrapper functions when they
call a PSA API function and `MBEDTLS_TEST_HOOKS` is enabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Commit files generated by `tests/scripts/generate_psa_wrappers.py`. As of
this commit, the new code is neither useful (the wrappers just call the
underlying functions) nor used (the wrapper functions are not called from
anywhere). This will change in subsequent commits.
This is a deviation from our normal practice of generating
configuration-independent platform-independent files as part of the build in
the development branch. The PSA test wrappers will be committed to the
repository for some time for two reasons:
* In the short term, we will review the generated code but not fully review
the generator script.
* The build scripts cannot yet accommodate a generated header file.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Allow memory poisoning to be enabled and disabled at runtime using a
thread-local flag. This allows poisoning to be disabled whenever a PSA
function is called but not through the test wrappers, removing false
positive use-after-poisons.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Make sure that we don't enable memory poisoning when
MBEDTLS_PSA_COPY_CALLER_BUFFERS is disabled.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Since we are applying hooks transparently to all tests, we cannot setup
and teardown test hooks in the tests. Instead we must do this in the
test wrappers which are used to pre-poison and unpoison memory.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Use the preprocessor to wrap psa_cipher_encrypt in a wrapper that
poisons the input and output buffers.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit
- Reverts changes previously done to psa_crypto_helpers.[c,h]
- Implements a new check for open key slots in
mbedtls_test_helper_is_psa_leaking():
- when CTR_DRBG does not use AES_C or PSA does not have an external
RNG, then we allow 1 key slot (it's the one holding the AES key)
- when the above conditions are not met, then we fallback to the
usual check for "no open key slots remaining"
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
When AES_C is not defined CTR_DRBG relies on PSA to get AES-ECB. This
means that, when AES-ECB is accelerated, each random operation goes through
driver access as well. This might result in unexpectedly increased
counters for driver's access.
We add extra counters in test_driver_[cipher/key_management].c to be
more specific on which driver functions are accessed and ignore
extra accesses due to CTR_DRBG.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit also adds AES_PSA_[INIT/DONE] in "psa_crypto_helpers.h". Its
scope is to call PSA_[INIT/DONE] only when AES_C is not defined (which is
when PSA is effectively required for CTR_DRBG).
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
After adding a check in ssl_conf_check(), we have configured RNG via
mbedtls_ssl_conf_rng() for TLS tests in both test_suite_ssl.function
and test_suite_debug.function. As a result, rng_get() is not only
available when MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED enabled.
Therefore, we remove the guard for rng_get() to make it accessible for
TLS tests which have call for mbedtls_ssl_setup().
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Asan poisons memory with an 8-byte granularity. We want to make sure that
the whole specified region is poisoned (our typical use case is a
heap-allocated object, and we want to poison the whole object, and we don't
care about the bytes after the end of the object and up to the beginning of
the next object). So align the start and end of the region to (un)poison to
an 8-byte boundary.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
While an area of memory is poisoned, reading or writing from it triggers a
sanitizer violation.
Implemented for ASan.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
