1*62c56f98SSadaf Ebrahimi /** 2*62c56f98SSadaf Ebrahimi * \file constant_flow.h 3*62c56f98SSadaf Ebrahimi * 4*62c56f98SSadaf Ebrahimi * \brief This file contains tools to ensure tested code has constant flow. 5*62c56f98SSadaf Ebrahimi */ 6*62c56f98SSadaf Ebrahimi 7*62c56f98SSadaf Ebrahimi /* 8*62c56f98SSadaf Ebrahimi * Copyright The Mbed TLS Contributors 9*62c56f98SSadaf Ebrahimi * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 10*62c56f98SSadaf Ebrahimi */ 11*62c56f98SSadaf Ebrahimi 12*62c56f98SSadaf Ebrahimi #ifndef TEST_CONSTANT_FLOW_H 13*62c56f98SSadaf Ebrahimi #define TEST_CONSTANT_FLOW_H 14*62c56f98SSadaf Ebrahimi 15*62c56f98SSadaf Ebrahimi #include "mbedtls/build_info.h" 16*62c56f98SSadaf Ebrahimi 17*62c56f98SSadaf Ebrahimi /* 18*62c56f98SSadaf Ebrahimi * This file defines the two macros 19*62c56f98SSadaf Ebrahimi * 20*62c56f98SSadaf Ebrahimi * #define TEST_CF_SECRET(ptr, size) 21*62c56f98SSadaf Ebrahimi * #define TEST_CF_PUBLIC(ptr, size) 22*62c56f98SSadaf Ebrahimi * 23*62c56f98SSadaf Ebrahimi * that can be used in tests to mark a memory area as secret (no branch or 24*62c56f98SSadaf Ebrahimi * memory access should depend on it) or public (default, only needs to be 25*62c56f98SSadaf Ebrahimi * marked explicitly when it was derived from secret data). 26*62c56f98SSadaf Ebrahimi * 27*62c56f98SSadaf Ebrahimi * Arguments: 28*62c56f98SSadaf Ebrahimi * - ptr: a pointer to the memory area to be marked 29*62c56f98SSadaf Ebrahimi * - size: the size in bytes of the memory area 30*62c56f98SSadaf Ebrahimi * 31*62c56f98SSadaf Ebrahimi * Implementation: 32*62c56f98SSadaf Ebrahimi * The basic idea is that of ctgrind <https://github.com/agl/ctgrind>: we can 33*62c56f98SSadaf Ebrahimi * re-use tools that were designed for checking use of uninitialized memory. 34*62c56f98SSadaf Ebrahimi * This file contains two implementations: one based on MemorySanitizer, the 35*62c56f98SSadaf Ebrahimi * other on valgrind's memcheck. If none of them is enabled, dummy macros that 36*62c56f98SSadaf Ebrahimi * do nothing are defined for convenience. 37*62c56f98SSadaf Ebrahimi * 38*62c56f98SSadaf Ebrahimi * \note #TEST_CF_SECRET must be called directly from within a .function file, 39*62c56f98SSadaf Ebrahimi * not indirectly via a macro defined under tests/include or a function 40*62c56f98SSadaf Ebrahimi * under tests/src. This is because we only run Valgrind for constant 41*62c56f98SSadaf Ebrahimi * flow on test suites that have greppable annotations inside them (see 42*62c56f98SSadaf Ebrahimi * `skip_suites_without_constant_flow` in `tests/scripts/all.sh`). 43*62c56f98SSadaf Ebrahimi */ 44*62c56f98SSadaf Ebrahimi 45*62c56f98SSadaf Ebrahimi #if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) 46*62c56f98SSadaf Ebrahimi #include <sanitizer/msan_interface.h> 47*62c56f98SSadaf Ebrahimi 48*62c56f98SSadaf Ebrahimi /* Use macros to avoid messing up with origin tracking */ 49*62c56f98SSadaf Ebrahimi #define TEST_CF_SECRET __msan_allocated_memory 50*62c56f98SSadaf Ebrahimi // void __msan_allocated_memory(const volatile void* data, size_t size); 51*62c56f98SSadaf Ebrahimi #define TEST_CF_PUBLIC __msan_unpoison 52*62c56f98SSadaf Ebrahimi // void __msan_unpoison(const volatile void *a, size_t size); 53*62c56f98SSadaf Ebrahimi 54*62c56f98SSadaf Ebrahimi #elif defined(MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND) 55*62c56f98SSadaf Ebrahimi #include <valgrind/memcheck.h> 56*62c56f98SSadaf Ebrahimi 57*62c56f98SSadaf Ebrahimi #define TEST_CF_SECRET VALGRIND_MAKE_MEM_UNDEFINED 58*62c56f98SSadaf Ebrahimi // VALGRIND_MAKE_MEM_UNDEFINED(_qzz_addr, _qzz_len) 59*62c56f98SSadaf Ebrahimi #define TEST_CF_PUBLIC VALGRIND_MAKE_MEM_DEFINED 60*62c56f98SSadaf Ebrahimi // VALGRIND_MAKE_MEM_DEFINED(_qzz_addr, _qzz_len) 61*62c56f98SSadaf Ebrahimi 62*62c56f98SSadaf Ebrahimi #else /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN || 63*62c56f98SSadaf Ebrahimi MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ 64*62c56f98SSadaf Ebrahimi 65*62c56f98SSadaf Ebrahimi #define TEST_CF_SECRET(ptr, size) 66*62c56f98SSadaf Ebrahimi #define TEST_CF_PUBLIC(ptr, size) 67*62c56f98SSadaf Ebrahimi 68*62c56f98SSadaf Ebrahimi #endif /* MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN || 69*62c56f98SSadaf Ebrahimi MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND */ 70*62c56f98SSadaf Ebrahimi 71*62c56f98SSadaf Ebrahimi #endif /* TEST_CONSTANT_FLOW_H */ 72