Merge remote-tracking branch 'origin/pr/2332' into mbedtls-2.16

This commit is contained in:
Jaeden Amero 2019-01-30 15:52:26 +00:00
commit 462dfc5068
4 changed files with 253 additions and 241 deletions

View file

@ -98,6 +98,12 @@ if(CMAKE_COMPILER_IS_CLANG)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wmissing-declarations -Wmissing-prototypes -Wdocumentation -Wno-documentation-deprecated-sync -Wunreachable-code")
endif(CMAKE_COMPILER_IS_CLANG) endif(CMAKE_COMPILER_IS_CLANG)
if(UNSAFE_BUILD)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wno-error")
set(CMAKE_C_FLAGS_ASAN "${CMAKE_C_FLAGS_ASAN} -Wno-error")
set(CMAKE_C_FLAGS_ASANDBG "${CMAKE_C_FLAGS_ASANDBG} -Wno-error")
endif(UNSAFE_BUILD)
if(WIN32) if(WIN32)
set(libs ${libs} ws2_32) set(libs ${libs} ws2_32)
endif(WIN32) endif(WIN32)

View file

@ -59,27 +59,42 @@
# following naming conventions: # following naming conventions:
# * pre_XXX: things to do before running the tests, in order. # * pre_XXX: things to do before running the tests, in order.
# * component_XXX: independent components. They can be run in any order. # * component_XXX: independent components. They can be run in any order.
# * component_check_XXX: quick tests that aren't worth parallelizing # * component_check_XXX: quick tests that aren't worth parallelizing.
# * component_build_XXX: build things but don't run them # * component_build_XXX: build things but don't run them.
# * component_test_XXX: build and test # * component_test_XXX: build and test.
# * support_XXX: if support_XXX exists and returns false then
# component_XXX is not run by default.
# * post_XXX: things to do after running the tests. # * post_XXX: things to do after running the tests.
# * other: miscellaneous support functions. # * other: miscellaneous support functions.
# #
# Each component must start by invoking `msg` with a short informative message.
#
# The framework performs some cleanup tasks after each component. This
# means that components can assume that the working directory is in a
# cleaned-up state, and don't need to perform the cleanup themselves.
# * Run `make clean`.
# * Restore `include/mbedtks/config.h` from a backup made before running
# the component.
# * Check out `Makefile`, `library/Makefile`, `programs/Makefile` and
# `tests/Makefile` from git. This cleans up after an in-tree use of
# CMake.
#
# Any command that is expected to fail must be protected so that the
# script keeps running in --keep-going mode despite `set -e`. In keep-going
# mode, if a protected command fails, this is logged as a failure and the
# script will exit with a failure status once it has run all components.
# Commands can be protected in any of the following ways:
# * `make` is a function which runs the `make` command with protection.
# Note that you must write `make VAR=value`, not `VAR=value make`,
# because the `VAR=value make` syntax doesn't work with functions.
# * Put `report_status` before the command to protect it.
# * Put `if_build_successful` before a command. This protects it, and
# additionally skips it if a prior invocation of `make` in the same
# component failed.
#
# The tests are roughly in order from fastest to slowest. This doesn't # The tests are roughly in order from fastest to slowest. This doesn't
# have to be exact, but in general you should add slower tests towards # have to be exact, but in general you should add slower tests towards
# the end and fast checks near the beginning. # the end and fast checks near the beginning.
#
# Sanity checks have the following form:
# 1. msg "short description of what is about to be done"
# 2. run sanity check (failure stops the script)
#
# Build or build-and-test steps have the following form:
# 1. msg "short description of what is about to be done"
# 2. cleanup
# 3. preparation (config.pl, cmake, ...) (failure stops the script)
# 4. make
# 5. Run tests if relevant. All tests must be prefixed with
# if_build_successful for the sake of --keep-going.
@ -91,10 +106,7 @@
set -eu set -eu
pre_check_environment () { pre_check_environment () {
if [ "$( uname )" != "Linux" ]; then if [ -d library -a -d include -a -d tests ]; then :; else
echo "This script only works in Linux" >&2
exit 1
elif [ -d library -a -d include -a -d tests ]; then :; else
echo "Must be run from mbed TLS root" >&2 echo "Must be run from mbed TLS root" >&2
exit 1 exit 1
fi fi
@ -104,13 +116,9 @@ pre_initialize_variables () {
CONFIG_H='include/mbedtls/config.h' CONFIG_H='include/mbedtls/config.h'
CONFIG_BAK="$CONFIG_H.bak" CONFIG_BAK="$CONFIG_H.bak"
COMPONENTS=
ALL_EXCEPT=0
MEMORY=0 MEMORY=0
FORCE=0 FORCE=0
INTROSPECTION_MODE=
KEEP_GOING=0 KEEP_GOING=0
RUN_ARMCC=1
# Default commands, can be overriden by the environment # Default commands, can be overriden by the environment
: ${OPENSSL:="openssl"} : ${OPENSSL:="openssl"}
@ -125,17 +133,32 @@ pre_initialize_variables () {
: ${ARMC6_BIN_DIR:=/usr/bin} : ${ARMC6_BIN_DIR:=/usr/bin}
# if MAKEFLAGS is not set add the -j option to speed up invocations of make # if MAKEFLAGS is not set add the -j option to speed up invocations of make
if [ -n "${MAKEFLAGS+set}" ]; then if [ -z "${MAKEFLAGS+set}" ]; then
export MAKEFLAGS="-j" export MAKEFLAGS="-j"
fi fi
# Gather the list of available components. These are the functions
# defined in this script whose name starts with "component_".
# Parse the script with sed, because in sh there is no way to list
# defined functions.
ALL_COMPONENTS=$(sed -n 's/^ *component_\([0-9A-Z_a-z]*\) *().*/\1/p' <"$0")
# Exclude components that are not supported on this platform.
SUPPORTED_COMPONENTS=
for component in $ALL_COMPONENTS; do
case $(type "support_$component" 2>&1) in
*' function'*)
if ! support_$component; then continue; fi;;
esac
SUPPORTED_COMPONENTS="$SUPPORTED_COMPONENTS $component"
done
} }
# Test whether $1 is excluded via $COMPONENTS (a space-separated list of # Test whether the component $1 is included in the command line patterns.
# wildcard patterns). is_component_included()
component_is_excluded()
{ {
set -f set -f
for pattern in $COMPONENTS; do for pattern in $COMMAND_LINE_COMPONENTS; do
set +f set +f
case ${1#component_} in $pattern) return 0;; esac case ${1#component_} in $pattern) return 0;; esac
done done
@ -149,21 +172,26 @@ usage()
Usage: $0 [OPTION]... [COMPONENT]... Usage: $0 [OPTION]... [COMPONENT]...
Run mbedtls release validation tests. Run mbedtls release validation tests.
By default, run all tests. With one or more COMPONENT, run only those. By default, run all tests. With one or more COMPONENT, run only those.
COMPONENT can be the name of a component or a shell wildcard pattern.
Examples:
$0 "check_*"
Run all sanity checks.
$0 --no-armcc --except test_memsan
Run everything except builds that require armcc and MemSan.
Special options: Special options:
-h|--help Print this help and exit. -h|--help Print this help and exit.
--list-components List available test components and exit. --list-all-components List all available test components and exit.
--list-components List components supported on this platform and exit.
General options: General options:
-f|--force Force the tests to overwrite any modified files. -f|--force Force the tests to overwrite any modified files.
-k|--keep-going Run all tests and report errors at the end. -k|--keep-going Run all tests and report errors at the end.
-m|--memory Additional optional memory tests. -m|--memory Additional optional memory tests.
--armcc Run ARM Compiler builds (on by default). --armcc Run ARM Compiler builds (on by default).
--except If some components are passed on the command line, --except Exclude the COMPONENTs listed on the command line,
run all the tests except for these components. In instead of running only those.
this mode, you can pass shell wildcard patterns as
component names, e.g. "$0 --except 'test_*'" to
exclude all components that run tests.
--no-armcc Skip ARM Compiler builds. --no-armcc Skip ARM Compiler builds.
--no-force Refuse to overwrite modified files (default). --no-force Refuse to overwrite modified files (default).
--no-keep-going Stop at the first error (default). --no-keep-going Stop at the first error (default).
@ -275,46 +303,73 @@ check_headers_in_cpp () {
} }
pre_parse_command_line () { pre_parse_command_line () {
COMMAND_LINE_COMPONENTS=
all_except=0
no_armcc=
while [ $# -gt 0 ]; do while [ $# -gt 0 ]; do
case "$1" in case "$1" in
--armcc) RUN_ARMCC=1;; --armcc) no_armcc=;;
--armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";; --armc5-bin-dir) shift; ARMC5_BIN_DIR="$1";;
--armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";; --armc6-bin-dir) shift; ARMC6_BIN_DIR="$1";;
--except) ALL_EXCEPT=1;; --except) all_except=1;;
--force|-f) FORCE=1;; --force|-f) FORCE=1;;
--gnutls-cli) shift; GNUTLS_CLI="$1";; --gnutls-cli) shift; GNUTLS_CLI="$1";;
--gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";; --gnutls-legacy-cli) shift; GNUTLS_LEGACY_CLI="$1";;
--gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";; --gnutls-legacy-serv) shift; GNUTLS_LEGACY_SERV="$1";;
--gnutls-serv) shift; GNUTLS_SERV="$1";; --gnutls-serv) shift; GNUTLS_SERV="$1";;
--help|-h) usage; exit;; --help|-h) usage; exit;;
--keep-going|-k) KEEP_GOING=1;; --keep-going|-k) KEEP_GOING=1;;
--list-components) INTROSPECTION_MODE=list_components;; --list-all-components) printf '%s\n' $ALL_COMPONENTS; exit;;
--memory|-m) MEMORY=1;; --list-components) printf '%s\n' $SUPPORTED_COMPONENTS; exit;;
--no-armcc) RUN_ARMCC=0;; --memory|-m) MEMORY=1;;
--no-force) FORCE=0;; --no-armcc) no_armcc=1;;
--no-keep-going) KEEP_GOING=0;; --no-force) FORCE=0;;
--no-memory) MEMORY=0;; --no-keep-going) KEEP_GOING=0;;
--openssl) shift; OPENSSL="$1";; --no-memory) MEMORY=0;;
--openssl-legacy) shift; OPENSSL_LEGACY="$1";; --openssl) shift; OPENSSL="$1";;
--openssl-next) shift; OPENSSL_NEXT="$1";; --openssl-legacy) shift; OPENSSL_LEGACY="$1";;
--out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";; --openssl-next) shift; OPENSSL_NEXT="$1";;
--random-seed) unset SEED;; --out-of-source-dir) shift; OUT_OF_SOURCE_DIR="$1";;
--release-test|-r) SEED=1;; --random-seed) unset SEED;;
--seed|-s) shift; SEED="$1";; --release-test|-r) SEED=1;;
-*) --seed|-s) shift; SEED="$1";;
echo >&2 "Unknown option: $1" -*)
echo >&2 "Run $0 --help for usage." echo >&2 "Unknown option: $1"
exit 120 echo >&2 "Run $0 --help for usage."
;; exit 120
*) ;;
COMPONENTS="$COMPONENTS $1";; *) COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS $1";;
esac esac
shift shift
done done
# With no list of components, run everything.
if [ -z "$COMMAND_LINE_COMPONENTS" ]; then
all_except=1
fi
# --no-armcc is a legacy option. The modern way is --except '*_armcc*'.
# Ignore it if components are listed explicitly on the command line.
if [ -n "$no_armcc" ] && [ $all_except -eq 1 ]; then
COMMAND_LINE_COMPONENTS="$COMMAND_LINE_COMPONENTS *_armcc*"
fi
# Build the list of components to run.
RUN_COMPONENTS=
for component in $SUPPORTED_COMPONENTS; do
if is_component_included "$component"; [ $? -eq $all_except ]; then
RUN_COMPONENTS="$RUN_COMPONENTS $component"
fi
done
unset all_except
unset no_armcc
} }
pre_check_git () { pre_check_git () {
if [ $FORCE -eq 1 ]; then if [ $FORCE -eq 1 ]; then
rm -rf "$OUT_OF_SOURCE_DIR"
git checkout-index -f -q $CONFIG_H git checkout-index -f -q $CONFIG_H
cleanup cleanup
else else
@ -326,7 +381,7 @@ pre_check_git () {
exit 1 exit 1
fi fi
if ! git diff-files --quiet include/mbedtls/config.h; then if ! git diff --quiet include/mbedtls/config.h; then
err_msg "Warning - the configuration file 'include/mbedtls/config.h' has been edited. " err_msg "Warning - the configuration file 'include/mbedtls/config.h' has been edited. "
echo "You can either delete or preserve your work, or force the test by rerunning the" echo "You can either delete or preserve your work, or force the test by rerunning the"
echo "script as: $0 --force" echo "script as: $0 --force"
@ -419,34 +474,71 @@ pre_print_configuration () {
echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR" echo "ARMC6_BIN_DIR: $ARMC6_BIN_DIR"
} }
# Make sure the tools we need are available.
pre_check_tools () { pre_check_tools () {
ARMC5_CC="$ARMC5_BIN_DIR/armcc" # Build the list of variables to pass to output_env.sh.
ARMC5_AR="$ARMC5_BIN_DIR/armar" set env
ARMC6_CC="$ARMC6_BIN_DIR/armclang"
ARMC6_AR="$ARMC6_BIN_DIR/armar"
# To avoid setting OpenSSL and GnuTLS for each call to compat.sh and ssl-opt.sh case " $RUN_COMPONENTS " in
# we just export the variables they require # Require OpenSSL and GnuTLS if running any tests (as opposed to
export OPENSSL_CMD="$OPENSSL" # only doing builds). Not all tests run OpenSSL and GnuTLS, but this
export GNUTLS_CLI="$GNUTLS_CLI" # is a good enough approximation in practice.
export GNUTLS_SERV="$GNUTLS_SERV" *" test_"*)
# To avoid setting OpenSSL and GnuTLS for each call to compat.sh
# and ssl-opt.sh, we just export the variables they require.
export OPENSSL_CMD="$OPENSSL"
export GNUTLS_CLI="$GNUTLS_CLI"
export GNUTLS_SERV="$GNUTLS_SERV"
# Avoid passing --seed flag in every call to ssl-opt.sh
if [ -n "${SEED-}" ]; then
export SEED
fi
set "$@" OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY"
set "$@" GNUTLS_CLI="$GNUTLS_CLI" GNUTLS_SERV="$GNUTLS_SERV"
set "$@" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI"
set "$@" GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV"
check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \
"$GNUTLS_CLI" "$GNUTLS_SERV" \
"$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV"
;;
esac
# Avoid passing --seed flag in every call to ssl-opt.sh case " $RUN_COMPONENTS " in
if [ -n "${SEED-}" ]; then *_doxygen[_\ ]*) check_tools "doxygen" "dot";;
export SEED esac
fi
# Make sure the tools we need are available. case " $RUN_COMPONENTS " in
check_tools "$OPENSSL" "$OPENSSL_LEGACY" "$OPENSSL_NEXT" \ *_arm_none_eabi_gcc[_\ ]*) check_tools "arm-none-eabi-gcc";;
"$GNUTLS_CLI" "$GNUTLS_SERV" \ esac
"$GNUTLS_LEGACY_CLI" "$GNUTLS_LEGACY_SERV" "doxygen" "dot" \
"arm-none-eabi-gcc" "i686-w64-mingw32-gcc" "gdb" case " $RUN_COMPONENTS " in
if [ $RUN_ARMCC -ne 0 ]; then *_mingw[_\ ]*) check_tools "i686-w64-mingw32-gcc";;
check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR" esac
fi
case " $RUN_COMPONENTS " in
*" test_zeroize "*) check_tools "gdb";;
esac
case " $RUN_COMPONENTS " in
*_armcc*)
ARMC5_CC="$ARMC5_BIN_DIR/armcc"
ARMC5_AR="$ARMC5_BIN_DIR/armar"
ARMC6_CC="$ARMC6_BIN_DIR/armclang"
ARMC6_AR="$ARMC6_BIN_DIR/armar"
check_tools "$ARMC5_CC" "$ARMC5_AR" "$ARMC6_CC" "$ARMC6_AR";;
esac
msg "info: output_env.sh"
case $RUN_COMPONENTS in
*_armcc*)
set "$@" ARMC5_CC="$ARMC5_CC" ARMC6_CC="$ARMC6_CC" RUN_ARMCC=1;;
*) set "$@" RUN_ARMCC=0;;
esac
"$@" scripts/output_env.sh
} }
################################################################ ################################################################
#### Basic checks #### Basic checks
################################################################ ################################################################
@ -462,14 +554,6 @@ pre_check_tools () {
# #
# Indicative running times are given for reference. # Indicative running times are given for reference.
pre_print_tools () {
msg "info: output_env.sh"
OPENSSL="$OPENSSL" OPENSSL_LEGACY="$OPENSSL_LEGACY" GNUTLS_CLI="$GNUTLS_CLI" \
GNUTLS_SERV="$GNUTLS_SERV" GNUTLS_LEGACY_CLI="$GNUTLS_LEGACY_CLI" \
GNUTLS_LEGACY_SERV="$GNUTLS_LEGACY_SERV" ARMC5_CC="$ARMC5_CC" \
ARMC6_CC="$ARMC6_CC" RUN_ARMCC="$RUN_ARMCC" scripts/output_env.sh
}
component_check_recursion () { component_check_recursion () {
msg "test: recursion.pl" # < 1s msg "test: recursion.pl" # < 1s
record_status tests/scripts/recursion.pl library/*.c record_status tests/scripts/recursion.pl library/*.c
@ -796,7 +880,7 @@ component_test_null_entropy () {
scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED scripts/config.pl unset MBEDTLS_ENTROPY_NV_SEED
scripts/config.pl unset MBEDTLS_ENTROPY_HARDWARE_ALT scripts/config.pl unset MBEDTLS_ENTROPY_HARDWARE_ALT
scripts/config.pl unset MBEDTLS_HAVEGE_C scripts/config.pl unset MBEDTLS_HAVEGE_C
CC=gcc cmake -D UNSAFE_BUILD=ON -D CMAKE_C_FLAGS:String="-fsanitize=address -fno-common -O3" . CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan -D UNSAFE_BUILD=ON .
make make
msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)" msg "test: MBEDTLS_TEST_NULL_ENTROPY - main suites (inc. selftests) (ASan build)"
@ -857,6 +941,12 @@ component_test_m32_o0 () {
msg "test: i386, make, gcc -O0 (ASan build)" msg "test: i386, make, gcc -O0 (ASan build)"
make test make test
} }
support_test_m32_o0 () {
case $(uname -m) in
*64*) true;;
*) false;;
esac
}
component_test_m32_o1 () { component_test_m32_o1 () {
# Build again with -O1, to compile in the i386 specific inline assembly # Build again with -O1, to compile in the i386 specific inline assembly
@ -867,6 +957,9 @@ component_test_m32_o1 () {
msg "test: i386, make, gcc -O1 (ASan build)" msg "test: i386, make, gcc -O1 (ASan build)"
make test make test
} }
support_test_m32_o1 () {
support_test_m32_o0 "$@"
}
component_test_mx32 () { component_test_mx32 () {
msg "build: 64-bit ILP32, make, gcc" # ~ 30s msg "build: 64-bit ILP32, make, gcc" # ~ 30s
@ -876,6 +969,12 @@ component_test_mx32 () {
msg "test: 64-bit ILP32, make, gcc" msg "test: 64-bit ILP32, make, gcc"
make test make test
} }
support_test_mx32 () {
case $(uname -m) in
amd64|x86_64) true;;
*) false;;
esac
}
component_test_have_int32 () { component_test_have_int32 () {
msg "build: gcc, force 32-bit bignum limbs" msg "build: gcc, force 32-bit bignum limbs"
@ -997,25 +1096,23 @@ component_build_armcc () {
scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit scripts/config.pl unset MBEDTLS_MEMORY_BUFFER_ALLOC_C # calls exit
scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME scripts/config.pl unset MBEDTLS_PLATFORM_TIME_ALT # depends on MBEDTLS_HAVE_TIME
if [ $RUN_ARMCC -ne 0 ]; then make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib
make CC="$ARMC5_CC" AR="$ARMC5_AR" WARNING_CFLAGS='--strict --c99' lib make clean
make clean
# ARM Compiler 6 - Target ARMv7-A # ARM Compiler 6 - Target ARMv7-A
armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a" armc6_build_test "--target=arm-arm-none-eabi -march=armv7-a"
# ARM Compiler 6 - Target ARMv7-M # ARM Compiler 6 - Target ARMv7-M
armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m" armc6_build_test "--target=arm-arm-none-eabi -march=armv7-m"
# ARM Compiler 6 - Target ARMv8-A - AArch32 # ARM Compiler 6 - Target ARMv8-A - AArch32
armc6_build_test "--target=arm-arm-none-eabi -march=armv8.2-a" armc6_build_test "--target=arm-arm-none-eabi -march=armv8.2-a"
# ARM Compiler 6 - Target ARMv8-M # ARM Compiler 6 - Target ARMv8-M
armc6_build_test "--target=arm-arm-none-eabi -march=armv8-m.main" armc6_build_test "--target=arm-arm-none-eabi -march=armv8-m.main"
# ARM Compiler 6 - Target ARMv8-A - AArch64 # ARM Compiler 6 - Target ARMv8-A - AArch64
armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a" armc6_build_test "--target=aarch64-arm-none-eabi -march=armv8.2-a"
fi
} }
component_test_allow_sha1 () { component_test_allow_sha1 () {
@ -1061,7 +1158,7 @@ component_test_memsan () {
fi fi
} }
component_test_memcheck () { component_test_valgrind () {
msg "build: Release (clang)" msg "build: Release (clang)"
CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release . CC=clang cmake -D CMAKE_BUILD_TYPE:String=Release .
make make
@ -1117,17 +1214,27 @@ component_test_zeroize () {
# system in all cases that the script fails, so we must manually search the # system in all cases that the script fails, so we must manually search the
# output to check whether the pass string is present and no failure strings # output to check whether the pass string is present and no failure strings
# were printed. # were printed.
# Don't try to disable ASLR. We don't care about ASLR here. We do care
# about a spurious message if Gdb tries and fails, so suppress that.
gdb_disable_aslr=
if [ -z "$(gdb -batch -nw -ex 'set disable-randomization off' 2>&1)" ]; then
gdb_disable_aslr='set disable-randomization off'
fi
for optimization_flag in -O2 -O3 -Ofast -Os; do for optimization_flag in -O2 -O3 -Ofast -Os; do
for compiler in clang gcc; do for compiler in clang gcc; do
msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()" msg "test: $compiler $optimization_flag, mbedtls_platform_zeroize()"
make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag" make programs CC="$compiler" DEBUG=1 CFLAGS="$optimization_flag"
if_build_succeeded gdb -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log if_build_succeeded gdb -ex "$gdb_disable_aslr" -x tests/scripts/test_zeroize.gdb -nw -batch -nx 2>&1 | tee test_zeroize.log
if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log if_build_succeeded grep "The buffer was correctly zeroized" test_zeroize.log
if_build_succeeded not grep -i "error" test_zeroize.log if_build_succeeded not grep -i "error" test_zeroize.log
rm -f test_zeroize.log rm -f test_zeroize.log
make clean make clean
done done
done done
unset gdb_disable_aslr
} }
component_check_python_files () { component_check_python_files () {
@ -1157,83 +1264,8 @@ post_report () {
#### Run all the things #### Run all the things
################################################################ ################################################################
run_all_components () {
# Small things
run_component component_check_recursion
run_component component_check_generated_files
run_component component_check_doxy_blocks
run_component component_check_files
run_component component_check_names
run_component component_check_doxygen_warnings
# Test many different configurations
run_component component_test_default_cmake_gcc_asan
run_component component_test_ref_configs
run_component component_test_sslv3
run_component component_test_no_renegotiation
run_component component_test_rsa_no_crt
run_component component_test_small_ssl_out_content_len
run_component component_test_small_ssl_in_content_len
run_component component_test_small_ssl_dtls_max_buffering
run_component component_test_small_mbedtls_ssl_dtls_max_buffering
run_component component_test_full_cmake_clang
run_component component_build_deprecated
run_component component_test_depends_curves
run_component component_test_depends_hashes
run_component component_test_depends_pkalgs
run_component component_build_key_exchanges
run_component component_build_default_make_gcc_and_cxx
run_component component_test_check_params_without_platform
run_component component_test_check_params_silent
run_component component_test_no_platform
run_component component_build_no_std_function
run_component component_build_no_ssl_srv
run_component component_build_no_ssl_cli
run_component component_build_no_sockets
run_component component_test_no_max_fragment_length
run_component component_test_no_max_fragment_length_small_ssl_out_content_len
run_component component_test_null_entropy
run_component component_test_platform_calloc_macro
run_component component_test_aes_fewer_tables
run_component component_test_aes_rom_tables
run_component component_test_aes_fewer_tables_and_rom_tables
if uname -a | grep -F Linux >/dev/null; then
run_component component_test_make_shared
fi
if uname -a | grep -F x86_64 >/dev/null; then
run_component component_test_m32_o0
run_component component_test_m32_o1
run_component component_test_mx32
fi
run_component component_test_have_int32
run_component component_test_have_int64
run_component component_test_no_udbl_division
run_component component_test_no_64bit_multiplication
run_component component_build_arm_none_eabi_gcc
run_component component_build_arm_none_eabi_gcc_no_udbl_division
run_component component_build_arm_none_eabi_gcc_no_64bit_multiplication
run_component component_build_armcc
run_component component_test_allow_sha1
run_component component_build_mingw
# MemSan currently only available on Linux 64 bits
if uname -a | grep 'Linux.*x86_64' >/dev/null; then
run_component component_test_memsan
else # no MemSan
run_component component_test_memcheck
fi
run_component component_test_cmake_out_of_source
# More small things
run_component component_test_zeroize
run_component component_check_python_files
run_component component_check_generate_test_code
}
# Run one component and clean up afterwards. # Run one component and clean up afterwards.
run_component () { run_component () {
if [ $ALL_EXCEPT -ne 0 ] && component_is_excluded "$1"; then
return
fi
# Back up the configuration in case the component modifies it. # Back up the configuration in case the component modifies it.
# The cleanup function will restore it. # The cleanup function will restore it.
cp -p "$CONFIG_H" "$CONFIG_BAK" cp -p "$CONFIG_H" "$CONFIG_BAK"
@ -1247,47 +1279,23 @@ pre_check_environment
pre_initialize_variables pre_initialize_variables
pre_parse_command_line "$@" pre_parse_command_line "$@"
case "$INTROSPECTION_MODE" in pre_check_git
list_components) build_status=0
components= if [ $KEEP_GOING -eq 1 ]; then
newline=' pre_setup_keep_going
'
run_component () {
components="${components}${newline}${1#component_}"
}
;;
*)
pre_check_git
build_status=0
if [ $KEEP_GOING -eq 1 ]; then
pre_setup_keep_going
else
record_status () {
"$@"
}
fi
pre_print_configuration
pre_check_tools
pre_print_tools
cleanup
;;
esac
if [ -n "$COMPONENTS" ] && [ $ALL_EXCEPT -eq 0 ]; then
for component in $COMPONENTS; do
run_component "component_$component"
done
else else
run_all_components record_status () {
"$@"
}
fi fi
pre_print_configuration
pre_check_tools
cleanup
# Run the requested tests.
for component in $RUN_COMPONENTS; do
run_component "component_$component"
done
# We're done. # We're done.
case "$INTROSPECTION_MODE" in post_report
list_components)
echo "$components" | sort
;;
*)
post_report
;;
esac

View file

@ -41,8 +41,6 @@
# number does not need to be updated often. # number does not need to be updated often.
set confirm off set confirm off
# We don't need to turn off ASLR, so don't try.
set disable-randomization off
file ./programs/test/zeroize file ./programs/test/zeroize
break zeroize.c:100 break zeroize.c:100

View file

@ -167,7 +167,7 @@ requires_config_disabled() {
get_config_value_or_default() { get_config_value_or_default() {
NAME="$1" NAME="$1"
DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h | DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h |
sed 's/^.*\s\([0-9]*\)$/\1/' ) sed 's/^.* \([0-9]*\)$/\1/' )
../scripts/config.pl get $NAME || echo "$DEF_VAL" ../scripts/config.pl get $NAME || echo "$DEF_VAL"
} }