| Minos Galanakis | 6aab5b7 | 2024-07-25 14:24:37 +0100 | [diff] [blame] | 1 | # components-sanitizers.sh |
| 2 | # |
| 3 | # Copyright The Mbed TLS Contributors |
| 4 | # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later |
| 5 | |
| Minos Galanakis | 609f749 | 2024-07-31 16:39:28 +0100 | [diff] [blame^] | 6 | # This file contains test components that are executed by all.sh |
| Minos Galanakis | 6aab5b7 | 2024-07-25 14:24:37 +0100 | [diff] [blame] | 7 | |
| 8 | ################################################################ |
| 9 | #### Sanitizer Testing |
| 10 | ################################################################ |
| 11 | |
| Minos Galanakis | e280ff8 | 2024-07-26 17:42:50 +0100 | [diff] [blame] | 12 | skip_suites_without_constant_flow () { |
| 13 | # Skip the test suites that don't have any constant-flow annotations. |
| 14 | # This will need to be adjusted if we ever start declaring things as |
| 15 | # secret from macros or functions inside tests/include or tests/src. |
| 16 | SKIP_TEST_SUITES=$( |
| 17 | git -C tests/suites grep -L TEST_CF_ 'test_suite_*.function' | |
| 18 | sed 's/test_suite_//; s/\.function$//' | |
| 19 | tr '\n' ,),$( |
| 20 | git -C tf-psa-crypto/tests/suites grep -L TEST_CF_ 'test_suite_*.function' | |
| 21 | sed 's/test_suite_//; s/\.function$//' | |
| 22 | tr '\n' ,) |
| 23 | export SKIP_TEST_SUITES |
| 24 | } |
| 25 | |
| 26 | skip_all_except_given_suite () { |
| 27 | # Skip all but the given test suite |
| 28 | SKIP_TEST_SUITES=$( |
| 29 | ls -1 tests/suites/test_suite_*.function | |
| 30 | grep -v $1.function | |
| 31 | sed 's/tests.suites.test_suite_//; s/\.function$//' | |
| 32 | tr '\n' ,),$( |
| 33 | ls -1 tf-psa-crypto/tests/suites/test_suite_*.function | |
| 34 | grep -v $1.function | |
| 35 | sed 's/tf-psa-crypto.tests.suites.test_suite_//; s/\.function$//' | |
| 36 | tr '\n' ,) |
| 37 | export SKIP_TEST_SUITES |
| 38 | } |
| 39 | |
| 40 | component_test_memsan_constant_flow () { |
| 41 | # This tests both (1) accesses to undefined memory, and (2) branches or |
| 42 | # memory access depending on secret values. To distinguish between those: |
| 43 | # - unset MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - does the failure persist? |
| 44 | # - or alternatively, change the build type to MemSanDbg, which enables |
| 45 | # origin tracking and nicer stack traces (which are useful for debugging |
| 46 | # anyway), and check if the origin was TEST_CF_SECRET() or something else. |
| 47 | msg "build: cmake MSan (clang), full config minus MBEDTLS_USE_PSA_CRYPTO with constant flow testing" |
| 48 | scripts/config.py full |
| 49 | scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN |
| 50 | scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO |
| 51 | scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm |
| 52 | CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . |
| 53 | make |
| 54 | |
| 55 | msg "test: main suites (full minus MBEDTLS_USE_PSA_CRYPTO, Msan + constant flow)" |
| 56 | make test |
| 57 | } |
| 58 | |
| 59 | component_test_memsan_constant_flow_psa () { |
| 60 | # This tests both (1) accesses to undefined memory, and (2) branches or |
| 61 | # memory access depending on secret values. To distinguish between those: |
| 62 | # - unset MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN - does the failure persist? |
| 63 | # - or alternatively, change the build type to MemSanDbg, which enables |
| 64 | # origin tracking and nicer stack traces (which are useful for debugging |
| 65 | # anyway), and check if the origin was TEST_CF_SECRET() or something else. |
| 66 | msg "build: cmake MSan (clang), full config with constant flow testing" |
| 67 | scripts/config.py full |
| 68 | scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN |
| 69 | scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm |
| 70 | CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . |
| 71 | make |
| 72 | |
| 73 | msg "test: main suites (Msan + constant flow)" |
| 74 | make test |
| 75 | } |
| 76 | |
| 77 | component_release_test_valgrind_constant_flow () { |
| 78 | # This tests both (1) everything that valgrind's memcheck usually checks |
| 79 | # (heap buffer overflows, use of uninitialized memory, use-after-free, |
| 80 | # etc.) and (2) branches or memory access depending on secret values, |
| 81 | # which will be reported as uninitialized memory. To distinguish between |
| 82 | # secret and actually uninitialized: |
| 83 | # - unset MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND - does the failure persist? |
| 84 | # - or alternatively, build with debug info and manually run the offending |
| 85 | # test suite with valgrind --track-origins=yes, then check if the origin |
| 86 | # was TEST_CF_SECRET() or something else. |
| 87 | msg "build: cmake release GCC, full config minus MBEDTLS_USE_PSA_CRYPTO with constant flow testing" |
| 88 | scripts/config.py full |
| 89 | scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND |
| 90 | scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO |
| 91 | skip_suites_without_constant_flow |
| 92 | cmake -D CMAKE_BUILD_TYPE:String=Release . |
| 93 | make |
| 94 | |
| 95 | # this only shows a summary of the results (how many of each type) |
| 96 | # details are left in Testing/<date>/DynamicAnalysis.xml |
| 97 | msg "test: some suites (full minus MBEDTLS_USE_PSA_CRYPTO, valgrind + constant flow)" |
| 98 | make memcheck |
| 99 | |
| 100 | # Test asm path in constant time module - by default, it will test the plain C |
| 101 | # path under Valgrind or Memsan. Running only the constant_time tests is fast (<1s) |
| 102 | msg "test: valgrind asm constant_time" |
| 103 | scripts/config.py --force set MBEDTLS_TEST_CONSTANT_FLOW_ASM |
| 104 | skip_all_except_given_suite test_suite_constant_time |
| 105 | cmake -D CMAKE_BUILD_TYPE:String=Release . |
| 106 | make clean |
| 107 | make |
| 108 | make memcheck |
| 109 | } |
| 110 | |
| 111 | component_release_test_valgrind_constant_flow_psa () { |
| 112 | # This tests both (1) everything that valgrind's memcheck usually checks |
| 113 | # (heap buffer overflows, use of uninitialized memory, use-after-free, |
| 114 | # etc.) and (2) branches or memory access depending on secret values, |
| 115 | # which will be reported as uninitialized memory. To distinguish between |
| 116 | # secret and actually uninitialized: |
| 117 | # - unset MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND - does the failure persist? |
| 118 | # - or alternatively, build with debug info and manually run the offending |
| 119 | # test suite with valgrind --track-origins=yes, then check if the origin |
| 120 | # was TEST_CF_SECRET() or something else. |
| 121 | msg "build: cmake release GCC, full config with constant flow testing" |
| 122 | scripts/config.py full |
| 123 | scripts/config.py set MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND |
| 124 | skip_suites_without_constant_flow |
| 125 | cmake -D CMAKE_BUILD_TYPE:String=Release . |
| 126 | make |
| 127 | |
| 128 | # this only shows a summary of the results (how many of each type) |
| 129 | # details are left in Testing/<date>/DynamicAnalysis.xml |
| 130 | msg "test: some suites (valgrind + constant flow)" |
| 131 | make memcheck |
| 132 | } |
| 133 | |
| 134 | component_test_tsan () { |
| 135 | msg "build: TSan (clang)" |
| 136 | scripts/config.py full |
| 137 | scripts/config.py set MBEDTLS_THREADING_C |
| 138 | scripts/config.py set MBEDTLS_THREADING_PTHREAD |
| 139 | # Self-tests do not currently use multiple threads. |
| 140 | scripts/config.py unset MBEDTLS_SELF_TEST |
| 141 | |
| 142 | # The deprecated MBEDTLS_PSA_CRYPTO_SE_C interface is not thread safe. |
| 143 | scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C |
| 144 | |
| 145 | CC=clang cmake -D CMAKE_BUILD_TYPE:String=TSan . |
| 146 | make |
| 147 | |
| 148 | msg "test: main suites (TSan)" |
| 149 | make test |
| 150 | } |
| 151 | |
| 152 | component_test_memsan () { |
| 153 | msg "build: MSan (clang)" # ~ 1 min 20s |
| 154 | scripts/config.py unset MBEDTLS_AESNI_C # memsan doesn't grok asm |
| 155 | CC=clang cmake -D CMAKE_BUILD_TYPE:String=MemSan . |
| 156 | make |
| 157 | |
| 158 | msg "test: main suites (MSan)" # ~ 10s |
| 159 | make test |
| 160 | |
| 161 | msg "test: metatests (MSan)" |
| 162 | tests/scripts/run-metatests.sh any msan |
| 163 | |
| 164 | msg "program demos (MSan)" # ~20s |
| 165 | tests/scripts/run_demos.py |
| 166 | |
| 167 | msg "test: ssl-opt.sh (MSan)" # ~ 1 min |
| 168 | tests/ssl-opt.sh |
| 169 | |
| 170 | # Optional part(s) |
| 171 | |
| 172 | if [ "$MEMORY" -gt 0 ]; then |
| 173 | msg "test: compat.sh (MSan)" # ~ 6 min 20s |
| 174 | tests/compat.sh |
| 175 | fi |
| 176 | } |
| 177 | |
| 178 | component_release_test_valgrind () { |
| 179 | msg "build: Release (clang)" |
| 180 | # default config, in particular without MBEDTLS_USE_PSA_CRYPTO |
| 181 | CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . |
| 182 | make |
| 183 | |
| 184 | msg "test: main suites, Valgrind (default config)" |
| 185 | make memcheck |
| 186 | |
| 187 | # Optional parts (slow; currently broken on OS X because programs don't |
| 188 | # seem to receive signals under valgrind on OS X). |
| 189 | # These optional parts don't run on the CI. |
| 190 | if [ "$MEMORY" -gt 0 ]; then |
| 191 | msg "test: ssl-opt.sh --memcheck (default config)" |
| 192 | tests/ssl-opt.sh --memcheck |
| 193 | fi |
| 194 | |
| 195 | if [ "$MEMORY" -gt 1 ]; then |
| 196 | msg "test: compat.sh --memcheck (default config)" |
| 197 | tests/compat.sh --memcheck |
| 198 | fi |
| 199 | |
| 200 | if [ "$MEMORY" -gt 0 ]; then |
| 201 | msg "test: context-info.sh --memcheck (default config)" |
| 202 | tests/context-info.sh --memcheck |
| 203 | fi |
| 204 | } |
| 205 | |
| 206 | component_release_test_valgrind_psa () { |
| 207 | msg "build: Release, full (clang)" |
| 208 | # full config, in particular with MBEDTLS_USE_PSA_CRYPTO |
| 209 | scripts/config.py full |
| 210 | CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . |
| 211 | make |
| 212 | |
| 213 | msg "test: main suites, Valgrind (full config)" |
| 214 | make memcheck |
| 215 | } |
| 216 | |