Make sure that extra UNPOISON calls do not cause the poisoning counter
to underflow and wrap around.
Memory that is unpoisoned multiple times should remain unpoisoned.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Some platforms may support ASan but be C99-only (no C11 support).
These platforms will support ASan metatests but not memory poisoning,
which requires C11 features.
To allow for this, create a separate platform requirement, "poison",
in metatest.c to distinguish generic ASan metatests from ones that
require suppport for memory poisoning.
In practice our platforms support both, so run "poison" tests in
the same all.sh components where we run "asan" ones.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This allows unusually-nested memory poisoning to work correctly, since
it keeps track of whether any buffers are still poisoned, rather than
just disabling poisoning at the first call to the UNPOISON() macro.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Set the C_STANDARD property on the mbedtls_test target to 11.
This requests C11 for the tests only.
If C11 is not supported the build will not fail, since
C_STANDARD_REQUIRED is not set, and memory poisoning will be disabled
by a preprocessor check on __STDC_VERSION__.
Additionally, reintroduce previous C99 enforcement on the rest of the
library.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Migrate to the new redirect format introduced by ReadTheDocs in
readthedocs/readthedocs.org#10881
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Fix // comments stopping on 'n' instead of newlines. Also allow
backslash-newline in // comments.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
`psa_collect_statuses.py` runs `make RECORD_PSA_STATUS_COVERAGE_LOG=1`,
which builds with `RECORD_PSA_STATUS_COVERAGE_LOG`. In this mode, the build
includes wrappers for PSA functions, which conflict with the newly
introduced wrappers that are enabled whenever `MBEDTLS_TEST_HOOKS` is
enabled. In the future, the collect-statuses mechanism should use the new
generic wrapper mechanism. For the time being, keep the old wrappers and
avoid the new wrappers when doing the collect-statuses build.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For now, only instrument the one function for which buffer copying has been
implemented, namely `psa_cipher_encrypt`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Code in unit tests (`tests/suites/*.function`) and in test support
code (`tests/src/**.c`) will now go through the wrapper functions when they
call a PSA API function and `MBEDTLS_TEST_HOOKS` is enabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Commit files generated by `tests/scripts/generate_psa_wrappers.py`. As of
this commit, the new code is neither useful (the wrappers just call the
underlying functions) nor used (the wrapper functions are not called from
anywhere). This will change in subsequent commits.
This is a deviation from our normal practice of generating
configuration-independent platform-independent files as part of the build in
the development branch. The PSA test wrappers will be committed to the
repository for some time for two reasons:
* In the short term, we will review the generated code but not fully review
the generator script.
* The build scripts cannot yet accommodate a generated header file.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The new script `tests/scripts/generate_psa_wrappers.py` generates the
implementation of wrapper functions for PSA API functions, as well as a
header that defines macros that redirect calls to the wrapper functions. By
default, the wrapper functions just call the underlying library function.
With `--log`, the wrapper functions log the arguments and return values.
This commit only introduces the new script. Subsequent commits will
integrate the wrappers in the build.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The Base class generates trivial wrappers that just call the underlying
function. It is meant as a base class to construct useful wrapper generators.
The Logging class generates wrappers that can log the inputs and outputs to
a function.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
These error codes are only returned if the program has been tampered with,
so they should be CORRUPTION_DETECTED.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
psa_wipe_key_slot can now be called on a slot in any state, if the slot's state
is PSA_SLOT_FULL or PSA_SLOT_PENDING_DELETION then there must be exactly 1 registered
reader.
Remove the state changing calls that are no longer necessary.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
