lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Fix asm Memsan workaround

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman
2023-07-28 18:22:56 +01:00
parent 983448ea62
commit 2d28c46055
2 changed files with 26 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
library/constant_time_impl.h
View File

@ -73,17 +73,18 @@ static inline mbedtls_ct_uint_t mbedtls_ct_compiler_opaque(mbedtls_ct_uint_t x)
#if defined(MBEDTLS_CT_ASM)
/* Prevent false positives from Memsan - otherwise it will report the asm as
* accessing secret data. */
TEST_CF_PUBLIC(&x, sizeof(x));
TEST_CF_SAVE_SECRET(x);
asm volatile ("" : [x] "+r" (x) :);
/* Mark the return value as secret. This is needed so that code of the form:
/* Mark the return value as secret (if it was previously marked secret).
* This is needed so that code of the form:
*
* if (mbedtls_ct_compiler_opaque(secret)) { ... }
*
* will fail const-flow tests.
*/
TEST_CF_SECRET(&x, sizeof(x));
TEST_CF_RESTORE_SECRET(x);
return x;
#else
return x ^ mbedtls_ct_zero;