mirror of
https://github.com/golang/go
synced 2024-11-26 05:57:58 -07:00
crypto/internal/fips/check: fix for ASAN builds
For now, FIPS does not work with ASAN: ASAN detects reads it doesn't like during the scans of memory done by verification. It could be made to work if there was a way to disable ASAN during verification, but that doesn't appear to be possible. Instead of a cryptic ASAN message, panic with a clear error. And disable the test during ASAN. Fixes #70321. Change-Id: Ibc3876836abb83248a23c18c3b44c4cbb4a0c600 Reviewed-on: https://go-review.googlesource.com/c/go/+/627603 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Russ Cox <rsc@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com>
This commit is contained in:
parent
102d031a58
commit
534551d55a
@ -15,6 +15,7 @@ package check
|
|||||||
import (
|
import (
|
||||||
"crypto/internal/fips/hmac"
|
"crypto/internal/fips/hmac"
|
||||||
"crypto/internal/fips/sha256"
|
"crypto/internal/fips/sha256"
|
||||||
|
"internal/asan"
|
||||||
"internal/byteorder"
|
"internal/byteorder"
|
||||||
"internal/godebug"
|
"internal/godebug"
|
||||||
"io"
|
"io"
|
||||||
@ -77,6 +78,17 @@ func init() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if asan.Enabled {
|
||||||
|
// ASAN disapproves of reading swaths of global memory below.
|
||||||
|
// One option would be to expose runtime.asanunpoison through
|
||||||
|
// crypto/internal/fipsdeps and then call it to unpoison the range
|
||||||
|
// before reading it, but it is unclear whether that would then cause
|
||||||
|
// false negatives. For now, FIPS+ASAN doesn't need to work.
|
||||||
|
// If this is made to work, also re-enable the test in check_test.go.
|
||||||
|
panic("fips140: cannot verify in asan mode")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
switch v {
|
switch v {
|
||||||
case "on", "only", "debug":
|
case "on", "only", "debug":
|
||||||
// ok
|
// ok
|
||||||
|
@ -9,6 +9,7 @@ import (
|
|||||||
"crypto/internal/fips/check/checktest"
|
"crypto/internal/fips/check/checktest"
|
||||||
"fmt"
|
"fmt"
|
||||||
"internal/abi"
|
"internal/abi"
|
||||||
|
"internal/asan"
|
||||||
"internal/godebug"
|
"internal/godebug"
|
||||||
"os"
|
"os"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
@ -37,6 +38,11 @@ func TestVerify(t *testing.T) {
|
|||||||
if !Supported() {
|
if !Supported() {
|
||||||
t.Skipf("skipping on %s-%s", runtime.GOOS, runtime.GOARCH)
|
t.Skipf("skipping on %s-%s", runtime.GOOS, runtime.GOARCH)
|
||||||
}
|
}
|
||||||
|
if asan.Enabled {
|
||||||
|
// Verification panics with asan; don't bother.
|
||||||
|
t.Skipf("skipping with -asan")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
cmd := exec.Command(os.Args[0], "-test.v")
|
cmd := exec.Command(os.Args[0], "-test.v")
|
||||||
cmd.Env = append(cmd.Environ(), "GODEBUG=fips140=on")
|
cmd.Env = append(cmd.Environ(), "GODEBUG=fips140=on")
|
||||||
|
@ -2,5 +2,5 @@
|
|||||||
|
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
||||||
DATA ·RODATA(SB)/4, $2
|
DATA crypto∕internal∕fips∕check∕checktest·RODATA(SB)/4, $2
|
||||||
GLOBL ·RODATA(SB), RODATA, $4
|
GLOBL crypto∕internal∕fips∕check∕checktest·RODATA(SB), RODATA, $4
|
||||||
|
@ -6,10 +6,17 @@
|
|||||||
// the crypto/internal/fips/check test.
|
// the crypto/internal/fips/check test.
|
||||||
package checktest
|
package checktest
|
||||||
|
|
||||||
import _ "crypto/internal/fips/check"
|
import (
|
||||||
|
_ "crypto/internal/fips/check"
|
||||||
|
_ "unsafe" // go:linkname
|
||||||
|
)
|
||||||
|
|
||||||
var NOPTRDATA int = 1
|
var NOPTRDATA int = 1
|
||||||
|
|
||||||
|
// The linkname here disables asan registration of this global,
|
||||||
|
// because asan gets mad about rodata globals.
|
||||||
|
//
|
||||||
|
//go:linkname RODATA crypto/internal/fips/check/checktest.RODATA
|
||||||
var RODATA int32 // set to 2 in asm.s
|
var RODATA int32 // set to 2 in asm.s
|
||||||
|
|
||||||
// DATA needs to have both a pointer and an int so that _some_ of it gets
|
// DATA needs to have both a pointer and an int so that _some_ of it gets
|
||||||
|
Loading…
Reference in New Issue
Block a user