From d6aaee10fdc21063b63e8d392b302eafe83f134a Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Tue, 20 Aug 2024 10:21:54 +0100 Subject: [PATCH] Disable optionally safe test hook in threading builds Signed-off-by: Janos Follath --- tf-psa-crypto/drivers/builtin/src/bignum_core.c | 10 +++++----- tf-psa-crypto/drivers/builtin/src/bignum_core.h | 5 ++++- .../tests/suites/test_suite_bignum_core.function | 16 ++++++++-------- 3 files changed, 17 insertions(+), 14 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/src/bignum_core.c b/tf-psa-crypto/drivers/builtin/src/bignum_core.c index 3a24c85329..629fb9c500 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum_core.c +++ b/tf-psa-crypto/drivers/builtin/src/bignum_core.c @@ -747,7 +747,7 @@ static void exp_mod_precompute_window(const mbedtls_mpi_uint *A, } } -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) // Set to a default that is neither MBEDTLS_MPI_IS_PUBLIC nor MBEDTLS_MPI_IS_SECRET int mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC + MBEDTLS_MPI_IS_SECRET + 1; #endif @@ -771,7 +771,7 @@ static inline void exp_mod_calc_first_bit_optionally_safe(const mbedtls_mpi_uint *E_limb_index = E_bits / biL; *E_bit_index = E_bits % biL; } -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC; #endif } else { @@ -781,7 +781,7 @@ static inline void exp_mod_calc_first_bit_optionally_safe(const mbedtls_mpi_uint */ *E_limb_index = E_limbs; *E_bit_index = 0; -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) // Only mark the codepath safe if there wasn't an unsafe codepath before if (mbedtls_mpi_optionally_safe_codepath != MBEDTLS_MPI_IS_PUBLIC) { mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_SECRET; @@ -803,7 +803,7 @@ static inline void exp_mod_table_lookup_optionally_safe(mbedtls_mpi_uint *Wselec { if (window_public == MBEDTLS_MPI_IS_PUBLIC) { memcpy(Wselect, Wtable + window * AN_limbs, AN_limbs * ciL); -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_PUBLIC; #endif } else { @@ -811,7 +811,7 @@ static inline void exp_mod_table_lookup_optionally_safe(mbedtls_mpi_uint *Wselec * memory access patterns. */ mbedtls_mpi_core_ct_uint_table_lookup(Wselect, Wtable, AN_limbs, welem, window); -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) // Only mark the codepath safe if there wasn't an unsafe codepath before if (mbedtls_mpi_optionally_safe_codepath != MBEDTLS_MPI_IS_PUBLIC) { mbedtls_mpi_optionally_safe_codepath = MBEDTLS_MPI_IS_SECRET; diff --git a/tf-psa-crypto/drivers/builtin/src/bignum_core.h b/tf-psa-crypto/drivers/builtin/src/bignum_core.h index 90a2dee8c4..3d32bf2c5d 100644 --- a/tf-psa-crypto/drivers/builtin/src/bignum_core.h +++ b/tf-psa-crypto/drivers/builtin/src/bignum_core.h @@ -830,7 +830,10 @@ void mbedtls_mpi_core_from_mont_rep(mbedtls_mpi_uint *X, mbedtls_mpi_uint mm, mbedtls_mpi_uint *T); -#if defined(MBEDTLS_TEST_HOOKS) +/* + * Can't define thread local variables with our abstraction layer: do nothing if threading is on. + */ +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) extern int mbedtls_mpi_optionally_safe_codepath; static inline void mbedtls_mpi_optionally_safe_codepath_reset(void) diff --git a/tf-psa-crypto/tests/suites/test_suite_bignum_core.function b/tf-psa-crypto/tests/suites/test_suite_bignum_core.function index accfffd816..39a50520aa 100644 --- a/tf-psa-crypto/tests/suites/test_suite_bignum_core.function +++ b/tf-psa-crypto/tests/suites/test_suite_bignum_core.function @@ -1302,11 +1302,11 @@ void mpi_core_exp_mod(char *input_N, char *input_A, TEST_CF_SECRET(A, A_limbs * sizeof(mbedtls_mpi_uint)); TEST_CF_SECRET(N, N_limbs * sizeof(mbedtls_mpi_uint)); TEST_CF_SECRET(E, E_limbs * sizeof(mbedtls_mpi_uint)); -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) mbedtls_mpi_optionally_safe_codepath_reset(); #endif mbedtls_mpi_core_exp_mod(Y, A, N, N_limbs, E, E_limbs, R2, T); -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) TEST_EQUAL(mbedtls_mpi_optionally_safe_codepath, MBEDTLS_MPI_IS_SECRET); #endif TEST_EQUAL(0, memcmp(X, Y, N_limbs * sizeof(mbedtls_mpi_uint))); @@ -1317,11 +1317,11 @@ void mpi_core_exp_mod(char *input_N, char *input_A, /* Test the unsafe variant */ -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) mbedtls_mpi_optionally_safe_codepath_reset(); #endif mbedtls_mpi_core_exp_mod_unsafe(Y, A, N, N_limbs, E, E_limbs, R2, T); -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) TEST_EQUAL(mbedtls_mpi_optionally_safe_codepath, MBEDTLS_MPI_IS_PUBLIC); #endif TEST_EQUAL(0, memcmp(X, Y, N_limbs * sizeof(mbedtls_mpi_uint))); @@ -1334,22 +1334,22 @@ void mpi_core_exp_mod(char *input_N, char *input_A, TEST_CF_SECRET(A, A_limbs * sizeof(mbedtls_mpi_uint)); TEST_CF_SECRET(N, N_limbs * sizeof(mbedtls_mpi_uint)); TEST_CF_SECRET(E, E_limbs * sizeof(mbedtls_mpi_uint)); -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) mbedtls_mpi_optionally_safe_codepath_reset(); #endif mbedtls_mpi_core_exp_mod(A, A, N, N_limbs, E, E_limbs, R2, T); -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) TEST_EQUAL(mbedtls_mpi_optionally_safe_codepath, MBEDTLS_MPI_IS_SECRET); #endif TEST_EQUAL(0, memcmp(X, A, N_limbs * sizeof(mbedtls_mpi_uint))); TEST_CF_PUBLIC(A, A_limbs * sizeof(mbedtls_mpi_uint)); memcpy(A, A_copy, sizeof(A) * A_limbs); -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) mbedtls_mpi_optionally_safe_codepath_reset(); #endif mbedtls_mpi_core_exp_mod_unsafe(A, A, N, N_limbs, E, E_limbs, R2, T); -#if defined(MBEDTLS_TEST_HOOKS) +#if defined(MBEDTLS_TEST_HOOKS) && !defined(MBEDTLS_THREADING_C) TEST_EQUAL(mbedtls_mpi_optionally_safe_codepath, MBEDTLS_MPI_IS_PUBLIC); #endif TEST_EQUAL(0, memcmp(X, A, N_limbs * sizeof(mbedtls_mpi_uint)));