Fix false positives in constant time tests using MSan with Clang 16 #170
+136
−4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In the documentation of `MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN`, note that since Clang 16, an extra command line option `-fsanitize-memory-param-retval` is required. As documented in the release notes https://releases.llvm.org/16.0.0/tools/clang/docs/ReleaseNotes.html#sanitizers since Clang 16, MSan forbids passing "uninitialized" values in and out of functions. In constant-flow testing, "uninitialized" values are actually secrets that must be manipulated with a data-independent flow, and it's perfectly fine to pass these in and out of functions. Fix #9921 Signed-off-by: Gilles Peskine <[email protected]>
New CMake build types CFMemSan, CFMemSanDbg to take care of differing compiler command lines with Clang <15 and Clang >=16. Signed-off-by: Gilles Peskine <[email protected]>
Add some basic checks of constant flow sanitizers. In particular, detect the specific way in which Clang 16 broke our constant-flow testing (by default, "uninitialized" values may not be passed to or returned from functions). Signed-off-by: Gilles Peskine <[email protected]>
gilles-peskine-arm
added
size-xs
gilles-peskine-arm
added
needs-review
6 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix false positives of constant-flow testing when using
MBEDTLS_TEST_CONSTANT_FLOW_MEMSANon Clang 16 and above. Fixes Mbed-TLS/mbedtls#9921.This isn't needed for the CI (in the short to medium term) because still we do this testing on an old platform with an old Clang, but is needed on typical developer machines nowadays.
PR checklist