Since we are applying hooks transparently to all tests, we cannot setup
and teardown test hooks in the tests. Instead we must do this in the
test wrappers which are used to pre-poison and unpoison memory.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Use the preprocessor to wrap psa_cipher_encrypt in a wrapper that
poisons the input and output buffers.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
These are needed to allow them to operate on buffer copies without
triggering ASan use-after-poison detection.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This test case exercises an integer overflow in calloc. Under Asan, with
a modern Clang, this triggers an Asan complaint. The complaint can be
avoided with ASAN_OPTIONS=allocator_may_return_null=1, but this has to
be set in the environment before the program starts, and could hide
other errors.
Reproduced from a commit in mbedtls#8286
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Support for each test was checked before the command line had been
parsed, causing the support_ functions to ignore arguments that set a
tool's location.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
Where calloc returns two references to the same buffer, avoid calling
free() on both references by setting one to NULL.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Asan poisons memory with an 8-byte granularity. We want to make sure that
the whole specified region is poisoned (our typical use case is a
heap-allocated object, and we want to poison the whole object, and we don't
care about the bytes after the end of the object and up to the beginning of
the next object). So align the start and end of the region to (un)poison to
an 8-byte boundary.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
While an area of memory is poisoned, reading or writing from it triggers a
sanitizer violation.
Implemented for ASan.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Same test cases as in the previous commit.
Remove the redundant symmetric crypto dependency.
The dependency is ensured by the fact that:
1) the test case forces a cipher suite
2) ssl-opt.sh enforces automatically that the
forced ciphersuite is available.
3) The fact that the forced ciphersuite is
available implies that the symmetric
cipher algorithm it uses is available as
well.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix some dependencies on symmetric crypto that
were not correct in case of driver but not
builtin support. Revealed by "Analyze driver
test_psa_crypto_config_accel_cipher_aead vs reference
test_psa_crypto_config_reference_cipher_aead" in
analyze_outcomes.py.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This helps to prevent confusion as it avoids overloading the word
"copy" as both an action and an object.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This helps to prevent confusion as it avoids overloading the word
"copy" as both an action and an object.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
When we are copying output, it makes sense to return
PSA_ERROR_BUFFER_TOO_SMALL since the buffer we are copying to is a user
output buffer.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
