Add MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
This option allows to test the constant-flow nature of selected code, using MemSan and the fundamental observation behind ctgrind that the set of operations allowed on undefined memory by dynamic analysers is the same as the set of operations allowed on secret data to avoid leaking it to a local attacker via side channels, namely, any operation except branching and dereferencing. (This isn't the full story, as on some CPUs some instructions have variable execution depending on the inputs, most notably division and on some cores multiplication. However, testing that no branch or memory access depends on secret data is already a good start.) Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
parent
65a6fa3e26
commit
6240defd17
8 changed files with 99 additions and 0 deletions
|
|
@ -1906,6 +1906,19 @@
|
|||
*/
|
||||
//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
|
||||
*
|
||||
* Enable testing of the constant-flow nature of some sensitive functions with
|
||||
* clang's MemorySanitizer. This causes some existing tests to also test
|
||||
* non-functional properties of the code under test.
|
||||
*
|
||||
* This setting requires compiling with clang -fsanitize=memory.
|
||||
*
|
||||
* Uncomment to enable testing of the constant-flow nature of seletected code.
|
||||
*/
|
||||
//#define MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN
|
||||
|
||||
/**
|
||||
* \def MBEDTLS_TEST_HOOKS
|
||||
*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue