[2.28] Enable the timing.c selftest with MBEDTLS_TIMING_ALT #6931
Conversation
This caused trouble for users that were using the selftest feature along with an alternative implementation. They were forced to provide their own version of a selftest. Since it was not mentioned in the define description, it should not be required, and is provided roughly as it was before breaking changes in 77daaad were introduced. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
AndrzejKurek
added
needs-review
|
This is for 2.28 - should there be a forward port? And since it's a bug fix, I guess there ought to be a Is there a way of catching something like this in the CI for next time? |
There should be no forward port, as there's no |
We currently have |
This seems to me not worth it for the LTS then |
The same technique should work for all modules (except ECP which has the additional complication that some context fields are public and need to keep their name). So it would be for the ALT modules in development as well. But far too much work for this bug fix. |
But at some point we are going to retire the ALT interface in favour of PSA drivers, so we should really not be putting more effort into it now |
Copy the original implementation Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
|
Updated with a changelog entry and a test with an alternate, but copied implementation. |
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
AndrzejKurek
force-pushed
the
timeless-selftest-waz-bad
branch
from
1ee8bda to
b36fa91
Compare
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
|
CI all green |
ChangeLog.d/fix_timing_alt.txt
Outdated
| @@ -0,0 +1,5 @@ | |||
| Bugfix | |||
| * Fix a build issue when defining MBEDTLS_TIMING_ALT and MBEDTLS_SELF_TEST. | |||
| The library would not link if the user didn't provide an external selftest | |||
There was a problem hiding this comment.
| The library would not link if the user didn't provide an external selftest | |
| The library would not link if the user didn't provide an external self-test |
| @@ -383,9 +383,8 @@ static void busy_msleep(unsigned long msec) | |||
| mbedtls_printf(" cycles=%lu ratio=%lu millisecs=%lu secs=%lu hardfail=%d a=%lu b=%lu\n", \ | |||
| cycles, ratio, millisecs, secs, hardfail, \ | |||
| (unsigned long) a, (unsigned long) b); \ | |||
| mbedtls_printf(" elapsed(hires)=%lu elapsed(ctx)=%lu status(ctx)=%d\n", \ | |||
There was a problem hiding this comment.
Commit mentions about enabling self-test when MBEDTLS_TIMING_ALT is defined and that is ok, but why information about delay time is removed?
There was a problem hiding this comment.
Because it was expecting a certain internal field from the context (ctx.timer), and the selftest should be implementation-agnostic.
| make lib TEST_TIMING_ALT_IMPL=1 CFLAGS="-I../tests/src/external_timing" | ||
|
|
||
| msg "test: MBEDTLS_TIMING_ALT - test suites" | ||
| make test TEST_TIMING_ALT_IMPL=1 CFLAGS="-I../tests/src/external_timing" |
There was a problem hiding this comment.
We are building external_timing_for_test.c and we have MBEDTLS_TIMING_ALT set, so now we will have mbedtls_timing_self_test that will use external timing functions. Is that correct?
We want to test that mbedtls_timing_self_test works in this configuration, but I don't see test suite that execute mbedtls_timing_self_test.
I see that mbedtls_timing_self_test is executes in mbedtls/programs/test/selftest.c.
There was a problem hiding this comment.
Normally we have a unit test that runs the self-test function. This is not the case for timing. It used to, then in #1136 we replaced the self-test by unit tests that were faster (the self-test takes 1 second of CPU time) and more reliable (the self-test can fail on a heavily loaded machine). The reasons for not running the timing self-test function from the unit tests still apply, so we should build and run the selftest program here.
There was a problem hiding this comment.
Sure, the addition of test suite run was unnecessary, but the problem we tried to solve here was linking the library with a certain set of defines, not building / running programs. There are other problems when we're trying to build them with an alternate timing implementation (fuzzer doesn't build, probably some Makefile shenanigans). Should we resolve this here too? I wanted to opt for a minimal solution that fixes an existing problem.
There was a problem hiding this comment.
I would say let's fix the existing problem, then raise an issue to capture the other concerns
There was a problem hiding this comment.
Added it here after all, it was just a matter of the fuzz programs having one level of directories nesting more, so not a big deal. Edit: I also went with leaving the test suite run in, as there are some tests from the timing test suite that will be run with the alternate implementation too.
The fuzz programs require one layer of directories more when adding include directories. Also remove an unnecessary include directory in the Makefile. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
tom-cosgrove-arm
added
approved
Description
This caused trouble for users that were using the selftest feature along with an alternative timing implementation. They were forced to provide their own version of a selftest. Since it was not mentioned in the define description, it should not be required, and is provided roughly as it was before breaking changes in 77daaad were introduced.
Bonus change: the FAIL macro no longer uses a field that exists only without
MBEDTLS_TIMING_ALT.Fixes #6923
Gatekeeper checklist
backport not required