From 87d63686e32776e1810ac947407d115137f364c3 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Thu, 30 Mar 2023 17:38:11 +0200 Subject: [PATCH 01/28] Add Microwalk C example to CI --- .github/workflows/microwalk.yml | 33 +++++ src/microwalk/analyze.sh | 41 ++++++ src/microwalk/build.sh | 29 +++++ src/microwalk/config.yml | 58 +++++++++ src/microwalk/libexample/Makefile | 17 +++ src/microwalk/libexample/src/my_lib.c | 33 +++++ src/microwalk/libexample/src/my_lib.h | 9 ++ src/microwalk/main.c | 123 ++++++++++++++++++ src/microwalk/target-branch-leakage.c | 19 +++ src/microwalk/target-lookup-leakage.c | 20 +++ src/microwalk/target-loop-leakage.c | 19 +++ .../target-branch-leakage/t0.testcase | 1 + .../target-branch-leakage/t1.testcase | 1 + .../target-branch-leakage/t10.testcase | 1 + .../target-branch-leakage/t11.testcase | 1 + .../target-branch-leakage/t12.testcase | 2 + .../target-branch-leakage/t13.testcase | 1 + .../target-branch-leakage/t14.testcase | 1 + .../target-branch-leakage/t15.testcase | 1 + .../target-branch-leakage/t2.testcase | 1 + .../target-branch-leakage/t3.testcase | Bin 0 -> 32 bytes .../target-branch-leakage/t4.testcase | 1 + .../target-branch-leakage/t5.testcase | 1 + .../target-branch-leakage/t6.testcase | 1 + .../target-branch-leakage/t7.testcase | Bin 0 -> 32 bytes .../target-branch-leakage/t8.testcase | 2 + .../target-branch-leakage/t9.testcase | Bin 0 -> 32 bytes .../target-lookup-leakage/t0.testcase | 1 + .../target-lookup-leakage/t1.testcase | 1 + .../target-lookup-leakage/t10.testcase | 1 + .../target-lookup-leakage/t11.testcase | 1 + .../target-lookup-leakage/t12.testcase | 2 + .../target-lookup-leakage/t13.testcase | 1 + .../target-lookup-leakage/t14.testcase | 1 + .../target-lookup-leakage/t15.testcase | 1 + .../target-lookup-leakage/t2.testcase | 1 + .../target-lookup-leakage/t3.testcase | Bin 0 -> 32 bytes .../target-lookup-leakage/t4.testcase | 1 + .../target-lookup-leakage/t5.testcase | 1 + .../target-lookup-leakage/t6.testcase | 1 + .../target-lookup-leakage/t7.testcase | Bin 0 -> 32 bytes .../target-lookup-leakage/t8.testcase | 2 + .../target-lookup-leakage/t9.testcase | Bin 0 -> 32 bytes .../testcases/target-loop-leakage/t0.testcase | 1 + .../testcases/target-loop-leakage/t1.testcase | 1 + .../target-loop-leakage/t10.testcase | 1 + .../target-loop-leakage/t11.testcase | 1 + .../target-loop-leakage/t12.testcase | 2 + .../target-loop-leakage/t13.testcase | 1 + .../target-loop-leakage/t14.testcase | 1 + .../target-loop-leakage/t15.testcase | 1 + .../testcases/target-loop-leakage/t2.testcase | 1 + .../testcases/target-loop-leakage/t3.testcase | Bin 0 -> 32 bytes .../testcases/target-loop-leakage/t4.testcase | 1 + .../testcases/target-loop-leakage/t5.testcase | 1 + .../testcases/target-loop-leakage/t6.testcase | 1 + .../testcases/target-loop-leakage/t7.testcase | Bin 0 -> 32 bytes .../testcases/target-loop-leakage/t8.testcase | 2 + .../testcases/target-loop-leakage/t9.testcase | Bin 0 -> 32 bytes 59 files changed, 446 insertions(+) create mode 100644 .github/workflows/microwalk.yml create mode 100644 src/microwalk/analyze.sh create mode 100644 src/microwalk/build.sh create mode 100644 src/microwalk/config.yml create mode 100644 src/microwalk/libexample/Makefile create mode 100644 src/microwalk/libexample/src/my_lib.c create mode 100644 src/microwalk/libexample/src/my_lib.h create mode 100644 src/microwalk/main.c create mode 100644 src/microwalk/target-branch-leakage.c create mode 100644 src/microwalk/target-lookup-leakage.c create mode 100644 src/microwalk/target-loop-leakage.c create mode 100644 src/microwalk/testcases/target-branch-leakage/t0.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t1.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t10.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t11.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t12.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t13.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t14.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t15.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t2.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t3.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t4.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t5.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t6.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t7.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t8.testcase create mode 100644 src/microwalk/testcases/target-branch-leakage/t9.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t0.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t1.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t10.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t11.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t12.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t13.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t14.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t15.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t2.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t3.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t4.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t5.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t6.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t7.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t8.testcase create mode 100644 src/microwalk/testcases/target-lookup-leakage/t9.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t0.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t1.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t10.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t11.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t12.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t13.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t14.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t15.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t2.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t3.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t4.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t5.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t6.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t7.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t8.testcase create mode 100644 src/microwalk/testcases/target-loop-leakage/t9.testcase diff --git a/.github/workflows/microwalk.yml b/.github/workflows/microwalk.yml new file mode 100644 index 00000000000..17525c4b5e0 --- /dev/null +++ b/.github/workflows/microwalk.yml @@ -0,0 +1,33 @@ +name: Build & Analyze with Microwalk + +on: + push: + pull_request: + workflow_dispatch: + +env: + script_directory: src/microwalk + +jobs: + build-analyze: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Run Microwalk analysis + id: run_microwalk + uses: microwalk-project/microwalk-pin-action@v1 + with: + script-directory: ${{ env.script_directory }} + + - name: Upload analysis result + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: ${{ github.workspace }}/${{ env.script_directory }}/results/report.sarif + checkout_path: ${{ github.workspace }} + + - name: Archive analysis artifacts + uses: actions/upload-artifact@v3 + with: + name: leakage-analysis-results + path: ${{ github.workspace }}/${{ env.script_directory }}/results diff --git a/src/microwalk/analyze.sh b/src/microwalk/analyze.sh new file mode 100644 index 00000000000..03490d8f0d6 --- /dev/null +++ b/src/microwalk/analyze.sh @@ -0,0 +1,41 @@ +#!/bin/bash + +set -e + +thisDir=$(pwd) +repoRootDir=$(realpath $thisDir/..) +resultsDir=$thisDir/results + +mkdir -p $resultsDir + +reports="" + +for target in $(find . -name "target-*.c" -print) +do + targetName=$(basename -- ${target%.*}) + + echo "Running target ${targetName}..." + + export TESTCASE_DIRECTORY=$thisDir/testcases/$targetName + export TARGET_NAME=$targetName + + mkdir -p $WORK_DIR/$targetName/work + mkdir -p $WORK_DIR/$targetName/persist + + cd $MICROWALK_PATH + time dotnet Microwalk.dll $thisDir/config.yml + + cd $CQR_GENERATOR_PATH + reportFile=$resultsDir/report-$targetName.sarif + dotnet CiReportGenerator.dll $WORK_DIR/$targetName/persist/results/call-stacks.json $targetName $reportFile sarif dwarf $thisDir $repoRootDir + + cd $thisDir + cp $WORK_DIR/$targetName/persist/results/call-stacks.txt $resultsDir/call-stacks-$targetName.txt + + reports="${reports} ${reportFile}" + + echo "Running target ${targetName} successful, generated report ${reportFile}" +done + +echo "Merging report files..." +cat $reports | jq -s '.[0].runs[0].results=([.[].runs[0].results]|flatten)|.[0]' > $resultsDir/report.sarif \ No newline at end of file diff --git a/src/microwalk/build.sh b/src/microwalk/build.sh new file mode 100644 index 00000000000..9bf0dbc14a8 --- /dev/null +++ b/src/microwalk/build.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +thisDir=$(pwd) +mainDir=$(realpath $thisDir/libexample) + +# Build library +pushd $mainDir +make -j all +dwarfdump -l libexample.so >microwalk/libexample.so.dwarf +popd + +# Generate MAP file for library +pushd $MAP_GENERATOR_PATH +dotnet MapFileGenerator.dll $mainDir/libexample.so $thisDir/libexample.map +popd + +# Build targets +for target in $(find . -name "target-*.c" -print) +do + targetName=$(basename -- ${target%.*}) + + gcc main.c $targetName.c -g -fno-inline -fno-split-stack -L "$mainDir" -lexample -I "$mainDir/src" -o $targetName + + pushd $MAP_GENERATOR_PATH + dotnet MapFileGenerator.dll $thisDir/$targetName $thisDir/$targetName.map + popd + + dwarfdump -l $targetName >$targetName.dwarf +done diff --git a/src/microwalk/config.yml b/src/microwalk/config.yml new file mode 100644 index 00000000000..54ada3054d3 --- /dev/null +++ b/src/microwalk/config.yml @@ -0,0 +1,58 @@ +constants: + TARGET_PATH: $$CONFIG_PATH$$/$$$TARGET_NAME$$$ + LIBRARY_PATH: $$CONFIG_PATH$$/../ + WORK_DIR: $$$WORK_DIR$$$/$$$TARGET_NAME$$$ +--- + +general: + logger: + log-level: warning + file: $$WORK_DIR$$/work/log.txt + monitor: + enable: true + sample-rate: 50 + +testcase: + module: load + module-options: + input-directory: $$$TESTCASE_DIRECTORY$$$ + +trace: + module: pin + module-options: + output-directory: $$WORK_DIR$$/work/traces + pin-tool-path: $$$PINTOOL$$$ + pin-path: $$$PIN_PATH$$$/pin + wrapper-path: $$TARGET_PATH$$ + environment: + LD_LIBRARY_PATH: $$LIBRARY_PATH$$ + images: + - $$$TARGET_NAME$$$ + - libexample.so + options: + input-buffer-size: 4 + +preprocess: + module: pin + module-options: + output-directory: $$WORK_DIR$$/work/traces + store-traces: true + keep-raw-traces: false + options: + input-buffer-size: 2 + max-parallel-threads: 4 + +analysis: + modules: + - module: control-flow-leakage + module-options: + output-directory: $$WORK_DIR$$/persist/results + map-files: + - $$TARGET_PATH$$.map + - libexample.map + dump-call-tree: false + include-testcases-in-call-stacks: false + + options: + input-buffer-size: 1 + max-parallel-threads: 1 \ No newline at end of file diff --git a/src/microwalk/libexample/Makefile b/src/microwalk/libexample/Makefile new file mode 100644 index 00000000000..59138e01efd --- /dev/null +++ b/src/microwalk/libexample/Makefile @@ -0,0 +1,17 @@ +.PHONY : clean + +CFLAGS=-O2 -fPIC -g +LDFLAGS=-shared + +SOURCES=$(shell echo src/*.c) +OBJECTS=$(SOURCES:.c=.o) + +TARGET=libexample.so + +all: $(TARGET) + +clean: + rm -f $(OBJECTS) $(TARGET) + +$(TARGET) : $(OBJECTS) + $(CC) $(CFLAGS) $(OBJECTS) -o $@ $(LDFLAGS) \ No newline at end of file diff --git a/src/microwalk/libexample/src/my_lib.c b/src/microwalk/libexample/src/my_lib.c new file mode 100644 index 00000000000..8764882d99d --- /dev/null +++ b/src/microwalk/libexample/src/my_lib.c @@ -0,0 +1,33 @@ +#include +#include + +#include "my_lib.h" + +#define NOINLINE __attribute__((noinline)) + +uint8_t lookup[256]; + +void init(void) +{ + srand(0); + + for(int i = 0; i < sizeof(lookup) / sizeof(lookup[0]); ++i) + lookup[i] = (uint8_t)rand(); +} + +void lookup_leakage(uint8_t *input, int inputLength, uint8_t *output) +{ + // Empty and constant time +} + +int branch_leakage(uint8_t *input, int inputLength) +{ + // Empty and constant time + return lookup[0] + inputLength; +} + +int loop_leakage(uint8_t *input, int inputLength) +{ + // Empty and constant time + return lookup[0] + inputLength; +} \ No newline at end of file diff --git a/src/microwalk/libexample/src/my_lib.h b/src/microwalk/libexample/src/my_lib.h new file mode 100644 index 00000000000..99d51a7a71f --- /dev/null +++ b/src/microwalk/libexample/src/my_lib.h @@ -0,0 +1,9 @@ +#include + +void init(void); + +void lookup_leakage(uint8_t *input, int inputLength, uint8_t *output); + +int branch_leakage(uint8_t *input, int inputLength); + +int loop_leakage(uint8_t *input, int inputLength); \ No newline at end of file diff --git a/src/microwalk/main.c b/src/microwalk/main.c new file mode 100644 index 00000000000..22da9772920 --- /dev/null +++ b/src/microwalk/main.c @@ -0,0 +1,123 @@ +#ifdef _GNU_SOURCE + #undef _GNU_SOURCE +#endif + +#include + +#include +#include +#include +#include + + +// Performs target initialization steps. +// This function is called once in the very beginning for the first testcase file, to make sure that the target is entirely loaded. +// The call is included in the trace prefix. +extern void InitTarget(FILE* input); + +// Executes the target function. +// Do not use global variables, since the trace generator will reuse the instrumented version of this executable for several different inputs. +extern void RunTarget(FILE* input); + + +// Pin notification functions. +// These functions (and their names) must not be optimized away by the compiler, so Pin can find and instrument them. +// The return values reduce the probability that the compiler uses these function in other places as no-ops (Visual C++ did do this in some experiments). +#pragma optimize("", off) +int PinNotifyTestcaseStart(int t) { return t + 42; } +int PinNotifyTestcaseEnd() { return 42; } +int PinNotifyStackPointer(uint64_t spMin, uint64_t spMax) { return (int)(spMin + spMax + 42); } +int PinNotifyAllocation(uint64_t address, uint64_t size) { return (int)(address + 23 * size); } +#pragma optimize("", on) + +// Reads the stack pointer base value and transmits it to Pin. +void ReadAndSendStackPointer() +{ + // There does not seem to be a reliable way to get the stack size, so we use an estimation + // Compiling with -fno-split-stack may be desired, to avoid surprises during analysis + + // Take the current stack pointer as base value + uintptr_t stackBase; + asm("mov %%rsp, %0" : "=r"(stackBase)); + + // Get full stack size + struct rlimit stackLimit; + if(getrlimit(RLIMIT_STACK, &stackLimit) != 0) + { + char errBuffer[128]; + strerror_r(errno, errBuffer, sizeof(errBuffer)); + fprintf(stderr, "Error reading stack limit: [%d] %s\n", errno, errBuffer); + } + + uint64_t stackMin = (uint64_t)stackBase - (uint64_t)stackLimit.rlim_cur; + uint64_t stackMax = ((uint64_t)stackBase + 0x10000) & ~0xFFFFull; // Round to next higher multiple of 64 kB (should be safe on x86 systems) + PinNotifyStackPointer(stackMin, stackMax); +} + +// Main trace target function. The following actions are performed: +// The current action is read from stdin. +// A line with "t" followed by a numeric ID, and another line with a file path determining a new testcase, that is subsequently loaded and fed into the target function, while calling PinNotifyNextFile() beforehand. +// A line with "e 0" terminates the program. +void TraceFunc() +{ + // First transmit stack pointer information + ReadAndSendStackPointer(); + + PinNotifyAllocation((uint64_t)&errno, 8); + + // Run until exit is requested + char inputBuffer[512]; + char errBuffer[128]; + int targetInitialized = 0; + while(1) + { + // Read command and testcase ID (0 for exit command) + char command; + int testcaseId; + fgets(inputBuffer, sizeof(inputBuffer), stdin); + sscanf(inputBuffer, "%c %d", &command, &testcaseId); + + // Exit or process given testcase + if(command == 'e') + break; + if(command == 't') + { + // Read testcase file name + fgets(inputBuffer, sizeof(inputBuffer), stdin); + int inputFileNameLength = strlen(inputBuffer); + if(inputFileNameLength > 0 && inputBuffer[inputFileNameLength - 1] == '\n') + inputBuffer[inputFileNameLength - 1] = '\0'; + + // Load testcase file and run target function + FILE* inputFile = fopen(inputBuffer, "rb"); + if(!inputFile) + { + strerror_r(errno, errBuffer, sizeof(errBuffer)); + fprintf(stderr, "Error opening input file '%s': [%d] %s\n", inputBuffer, errno, errBuffer); + continue; + } + + // If the target was not yet initialized, call the init function for the first test case + if(!targetInitialized) + { + InitTarget(inputFile); + fseek(inputFile, 0, SEEK_SET); + targetInitialized = 1; + } + + PinNotifyTestcaseStart(testcaseId); + RunTarget(inputFile); + PinNotifyTestcaseEnd(); + + fclose(inputFile); + } + } +} + +// Wrapper entry point. +int main(int argc, const char** argv) +{ + // Run target function + TraceFunc(); + return 0; +} \ No newline at end of file diff --git a/src/microwalk/target-branch-leakage.c b/src/microwalk/target-branch-leakage.c new file mode 100644 index 00000000000..21ecc9164f2 --- /dev/null +++ b/src/microwalk/target-branch-leakage.c @@ -0,0 +1,19 @@ +#include +#include + +#include + +extern void RunTarget(FILE* input) +{ + uint8_t plain[16]; + if(fread(plain, 1, 16, input) != 16) + return; + + branch_leakage(plain, 16); +} + +extern void InitTarget(FILE* input) +{ + init(); + RunTarget(input); +} \ No newline at end of file diff --git a/src/microwalk/target-lookup-leakage.c b/src/microwalk/target-lookup-leakage.c new file mode 100644 index 00000000000..5de0fea3df0 --- /dev/null +++ b/src/microwalk/target-lookup-leakage.c @@ -0,0 +1,20 @@ +#include +#include + +#include + +extern void RunTarget(FILE* input) +{ + uint8_t plain[16]; + if(fread(plain, 1, 16, input) != 16) + return; + + uint8_t output[16]; + lookup_leakage(plain, 16, output); +} + +extern void InitTarget(FILE* input) +{ + init(); + RunTarget(input); +} \ No newline at end of file diff --git a/src/microwalk/target-loop-leakage.c b/src/microwalk/target-loop-leakage.c new file mode 100644 index 00000000000..657dc2e0768 --- /dev/null +++ b/src/microwalk/target-loop-leakage.c @@ -0,0 +1,19 @@ +#include +#include + +#include + +extern void RunTarget(FILE* input) +{ + uint8_t plain[16]; + if(fread(plain, 1, 16, input) != 16) + return; + + loop_leakage(plain, 16); +} + +extern void InitTarget(FILE* input) +{ + init(); + RunTarget(input); +} \ No newline at end of file diff --git a/src/microwalk/testcases/target-branch-leakage/t0.testcase b/src/microwalk/testcases/target-branch-leakage/t0.testcase new file mode 100644 index 00000000000..ff2f24957ea --- /dev/null +++ b/src/microwalk/testcases/target-branch-leakage/t0.testcase @@ -0,0 +1 @@ +Ÿè‘´ Rû"ň'³OŒ3­7`‚dí”z5M>L=J3T8-=`>7g}@-S{K0Plhhw*UYD literal 0 HcmV?d00001 diff --git a/src/microwalk/testcases/target-lookup-leakage/t0.testcase b/src/microwalk/testcases/target-lookup-leakage/t0.testcase new file mode 100644 index 00000000000..ff2f24957ea --- /dev/null +++ b/src/microwalk/testcases/target-lookup-leakage/t0.testcase @@ -0,0 +1 @@ +Ÿè‘´ Rû"ň'³OŒ3­7`‚dí”z5M>L=J3T8-=`>7g}@-S{K0Plhhw*UYD literal 0 HcmV?d00001 diff --git a/src/microwalk/testcases/target-loop-leakage/t0.testcase b/src/microwalk/testcases/target-loop-leakage/t0.testcase new file mode 100644 index 00000000000..ff2f24957ea --- /dev/null +++ b/src/microwalk/testcases/target-loop-leakage/t0.testcase @@ -0,0 +1 @@ +Ÿè‘´ Rû"ň'³OŒ3­7`‚dí”z5M>L=J3T8-=`>7g}@-S{K0Plhhw*UYD literal 0 HcmV?d00001 From 6ff473c9288727c67ad5ce0e71d4a9395f1e87be Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Thu, 30 Mar 2023 17:49:00 +0200 Subject: [PATCH 02/28] fix path --- src/microwalk/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/microwalk/build.sh b/src/microwalk/build.sh index 9bf0dbc14a8..c7e2ccb262e 100644 --- a/src/microwalk/build.sh +++ b/src/microwalk/build.sh @@ -6,7 +6,7 @@ mainDir=$(realpath $thisDir/libexample) # Build library pushd $mainDir make -j all -dwarfdump -l libexample.so >microwalk/libexample.so.dwarf +dwarfdump -l libexample.so >$thisDir/libexample.so.dwarf popd # Generate MAP file for library From 81aac01de1ae843d25a96240aeb4de8c97ad1a08 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Thu, 30 Mar 2023 17:57:30 +0200 Subject: [PATCH 03/28] enable debug logging --- src/microwalk/config.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/microwalk/config.yml b/src/microwalk/config.yml index 54ada3054d3..18fe2599b11 100644 --- a/src/microwalk/config.yml +++ b/src/microwalk/config.yml @@ -6,12 +6,12 @@ constants: general: logger: - log-level: warning + log-level: debug file: $$WORK_DIR$$/work/log.txt monitor: enable: true sample-rate: 50 - + testcase: module: load module-options: @@ -31,7 +31,7 @@ trace: - libexample.so options: input-buffer-size: 4 - + preprocess: module: pin module-options: @@ -41,7 +41,7 @@ preprocess: options: input-buffer-size: 2 max-parallel-threads: 4 - + analysis: modules: - module: control-flow-leakage @@ -52,7 +52,7 @@ analysis: - libexample.map dump-call-tree: false include-testcases-in-call-stacks: false - + options: input-buffer-size: 1 - max-parallel-threads: 1 \ No newline at end of file + max-parallel-threads: 1 From 724bc4e26728e71c19ee7192ca6a58c0e21603be Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Thu, 30 Mar 2023 18:16:07 +0200 Subject: [PATCH 04/28] fix ld path --- src/microwalk/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/microwalk/config.yml b/src/microwalk/config.yml index 18fe2599b11..e4b47fa9dd8 100644 --- a/src/microwalk/config.yml +++ b/src/microwalk/config.yml @@ -1,6 +1,6 @@ constants: TARGET_PATH: $$CONFIG_PATH$$/$$$TARGET_NAME$$$ - LIBRARY_PATH: $$CONFIG_PATH$$/../ + LIBRARY_PATH: $$CONFIG_PATH$$/libexample/ WORK_DIR: $$$WORK_DIR$$$/$$$TARGET_NAME$$$ --- From 6d58ff2784614656ac4c006c1cb4ad9df7114e16 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 14:06:36 +0200 Subject: [PATCH 05/28] add branch leakage --- src/microwalk/libexample/src/my_lib.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/microwalk/libexample/src/my_lib.c b/src/microwalk/libexample/src/my_lib.c index 8764882d99d..3478a0924bc 100644 --- a/src/microwalk/libexample/src/my_lib.c +++ b/src/microwalk/libexample/src/my_lib.c @@ -22,6 +22,14 @@ void lookup_leakage(uint8_t *input, int inputLength, uint8_t *output) int branch_leakage(uint8_t *input, int inputLength) { + if (inputLength > 0) + { + if (input[0] > 128) + { + return 256; + } + return 0; + } // Empty and constant time return lookup[0] + inputLength; } From 74da61a686c67d780d583afed1ac492c906302d7 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 14:14:15 +0200 Subject: [PATCH 06/28] another try for branch leakage --- src/microwalk/libexample/src/my_lib.c | 29 ++++++++++++++++++--------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/src/microwalk/libexample/src/my_lib.c b/src/microwalk/libexample/src/my_lib.c index 3478a0924bc..c7329d5f976 100644 --- a/src/microwalk/libexample/src/my_lib.c +++ b/src/microwalk/libexample/src/my_lib.c @@ -20,18 +20,27 @@ void lookup_leakage(uint8_t *input, int inputLength, uint8_t *output) // Empty and constant time } +static int branch_leakage_util(uint8_t data) +{ + // Use primes and random calculation to keep the compiler from optimizing this function too much + + if(data < 79) + return 7; + + if(data < 119) + return data; + + return 19 * data + 23; +} + int branch_leakage(uint8_t *input, int inputLength) { - if (inputLength > 0) - { - if (input[0] > 128) - { - return 256; - } - return 0; - } - // Empty and constant time - return lookup[0] + inputLength; + int result = 0; + + for(int i = 0; i < inputLength; ++i) + result += branch_leakage_util(input[i]); + + return result; } int loop_leakage(uint8_t *input, int inputLength) From 9d6a0238138dce6dee026a51242219856ce90ee3 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 15:11:49 +0200 Subject: [PATCH 07/28] change repoRootDir --- src/microwalk/analyze.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/microwalk/analyze.sh b/src/microwalk/analyze.sh index 03490d8f0d6..92659629ce2 100644 --- a/src/microwalk/analyze.sh +++ b/src/microwalk/analyze.sh @@ -3,7 +3,7 @@ set -e thisDir=$(pwd) -repoRootDir=$(realpath $thisDir/..) +repoRootDir=$(realpath $thisDir/../..) resultsDir=$thisDir/results mkdir -p $resultsDir From 308069efc3b0eb40fdafce543af0637ad0891764 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 15:11:58 +0200 Subject: [PATCH 08/28] whitespace --- src/microwalk/analyze.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/microwalk/analyze.sh b/src/microwalk/analyze.sh index 92659629ce2..e273d66e6f3 100644 --- a/src/microwalk/analyze.sh +++ b/src/microwalk/analyze.sh @@ -13,29 +13,29 @@ reports="" for target in $(find . -name "target-*.c" -print) do targetName=$(basename -- ${target%.*}) - + echo "Running target ${targetName}..." - + export TESTCASE_DIRECTORY=$thisDir/testcases/$targetName export TARGET_NAME=$targetName - + mkdir -p $WORK_DIR/$targetName/work mkdir -p $WORK_DIR/$targetName/persist - + cd $MICROWALK_PATH time dotnet Microwalk.dll $thisDir/config.yml - + cd $CQR_GENERATOR_PATH reportFile=$resultsDir/report-$targetName.sarif dotnet CiReportGenerator.dll $WORK_DIR/$targetName/persist/results/call-stacks.json $targetName $reportFile sarif dwarf $thisDir $repoRootDir - + cd $thisDir cp $WORK_DIR/$targetName/persist/results/call-stacks.txt $resultsDir/call-stacks-$targetName.txt - + reports="${reports} ${reportFile}" - + echo "Running target ${targetName} successful, generated report ${reportFile}" done echo "Merging report files..." -cat $reports | jq -s '.[0].runs[0].results=([.[].runs[0].results]|flatten)|.[0]' > $resultsDir/report.sarif \ No newline at end of file +cat $reports | jq -s '.[0].runs[0].results=([.[].runs[0].results]|flatten)|.[0]' > $resultsDir/report.sarif From 98d0af49284939b5287cd2b5eda84b7d9ebb4b0d Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 18:10:05 +0200 Subject: [PATCH 09/28] try with botan target --- .github/workflows/microwalk.yml | 6 ++ src/microwalk/analyze.sh | 2 +- src/microwalk/build.sh | 12 +-- src/microwalk/config.yml | 6 +- src/microwalk/libexample/Makefile | 17 ---- src/microwalk/libexample/src/my_lib.c | 50 ---------- src/microwalk/libexample/src/my_lib.h | 9 -- src/microwalk/{main.c => main.cpp} | 98 +++++++++---------- src/microwalk/main.h | 40 ++++++++ src/microwalk/target-branch-leakage.c | 19 ---- src/microwalk/target-ecc_mul.cpp | 34 +++++++ src/microwalk/target-lookup-leakage.c | 20 ---- src/microwalk/target-loop-leakage.c | 19 ---- .../testcases/target-ecc_mul/t0.testcase | 1 + .../testcases/target-ecc_mul/t1.testcase | 1 + src/scripts/ci_build.py | 5 +- 16 files changed, 144 insertions(+), 195 deletions(-) delete mode 100644 src/microwalk/libexample/Makefile delete mode 100644 src/microwalk/libexample/src/my_lib.c delete mode 100644 src/microwalk/libexample/src/my_lib.h rename src/microwalk/{main.c => main.cpp} (59%) create mode 100644 src/microwalk/main.h delete mode 100644 src/microwalk/target-branch-leakage.c create mode 100644 src/microwalk/target-ecc_mul.cpp delete mode 100644 src/microwalk/target-lookup-leakage.c delete mode 100644 src/microwalk/target-loop-leakage.c create mode 100644 src/microwalk/testcases/target-ecc_mul/t0.testcase create mode 100644 src/microwalk/testcases/target-ecc_mul/t1.testcase diff --git a/.github/workflows/microwalk.yml b/.github/workflows/microwalk.yml index 17525c4b5e0..4b6e50a0f88 100644 --- a/.github/workflows/microwalk.yml +++ b/.github/workflows/microwalk.yml @@ -14,6 +14,12 @@ jobs: steps: - uses: actions/checkout@v3 + - name: Setup Build Agent + uses: ./.github/actions/setup-build-agent + with: + target: shared + cache-key: linux-gcc-x86_64-microwalk + - name: Run Microwalk analysis id: run_microwalk uses: microwalk-project/microwalk-pin-action@v1 diff --git a/src/microwalk/analyze.sh b/src/microwalk/analyze.sh index e273d66e6f3..f9ecdfd16c4 100644 --- a/src/microwalk/analyze.sh +++ b/src/microwalk/analyze.sh @@ -10,7 +10,7 @@ mkdir -p $resultsDir reports="" -for target in $(find . -name "target-*.c" -print) +for target in $(find . -name "target-*.cpp" -print) do targetName=$(basename -- ${target%.*}) diff --git a/src/microwalk/build.sh b/src/microwalk/build.sh index c7e2ccb262e..f9561c9c6bc 100644 --- a/src/microwalk/build.sh +++ b/src/microwalk/build.sh @@ -1,25 +1,25 @@ #!/bin/bash thisDir=$(pwd) -mainDir=$(realpath $thisDir/libexample) +mainDir=$(realpath $thisDir/../..) # Build library pushd $mainDir -make -j all -dwarfdump -l libexample.so >$thisDir/libexample.so.dwarf +python3 ./src/scripts/ci_build.py --cc='gcc' microwalk +dwarfdump -l libbotan-3.so >$thisDir/libbotan-3.so.dwarf popd # Generate MAP file for library pushd $MAP_GENERATOR_PATH -dotnet MapFileGenerator.dll $mainDir/libexample.so $thisDir/libexample.map +dotnet MapFileGenerator.dll $mainDir/libbotan-3.so $thisDir/libbotan-3.map popd # Build targets -for target in $(find . -name "target-*.c" -print) +for target in $(find . -name "target-*.cpp" -print) do targetName=$(basename -- ${target%.*}) - gcc main.c $targetName.c -g -fno-inline -fno-split-stack -L "$mainDir" -lexample -I "$mainDir/src" -o $targetName + g++ main.cpp $targetName.cpp -g -fno-inline -fno-split-stack -L "$mainDir" -lbotan-3 -I "$mainDir/build/include" -o $targetName pushd $MAP_GENERATOR_PATH dotnet MapFileGenerator.dll $thisDir/$targetName $thisDir/$targetName.map diff --git a/src/microwalk/config.yml b/src/microwalk/config.yml index e4b47fa9dd8..319c45468a3 100644 --- a/src/microwalk/config.yml +++ b/src/microwalk/config.yml @@ -1,6 +1,6 @@ constants: TARGET_PATH: $$CONFIG_PATH$$/$$$TARGET_NAME$$$ - LIBRARY_PATH: $$CONFIG_PATH$$/libexample/ + LIBRARY_PATH: $$CONFIG_PATH$$/../ WORK_DIR: $$$WORK_DIR$$$/$$$TARGET_NAME$$$ --- @@ -28,7 +28,7 @@ trace: LD_LIBRARY_PATH: $$LIBRARY_PATH$$ images: - $$$TARGET_NAME$$$ - - libexample.so + - libbotan-3.so options: input-buffer-size: 4 @@ -49,7 +49,7 @@ analysis: output-directory: $$WORK_DIR$$/persist/results map-files: - $$TARGET_PATH$$.map - - libexample.map + - libbotan-3.map dump-call-tree: false include-testcases-in-call-stacks: false diff --git a/src/microwalk/libexample/Makefile b/src/microwalk/libexample/Makefile deleted file mode 100644 index 59138e01efd..00000000000 --- a/src/microwalk/libexample/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -.PHONY : clean - -CFLAGS=-O2 -fPIC -g -LDFLAGS=-shared - -SOURCES=$(shell echo src/*.c) -OBJECTS=$(SOURCES:.c=.o) - -TARGET=libexample.so - -all: $(TARGET) - -clean: - rm -f $(OBJECTS) $(TARGET) - -$(TARGET) : $(OBJECTS) - $(CC) $(CFLAGS) $(OBJECTS) -o $@ $(LDFLAGS) \ No newline at end of file diff --git a/src/microwalk/libexample/src/my_lib.c b/src/microwalk/libexample/src/my_lib.c deleted file mode 100644 index c7329d5f976..00000000000 --- a/src/microwalk/libexample/src/my_lib.c +++ /dev/null @@ -1,50 +0,0 @@ -#include -#include - -#include "my_lib.h" - -#define NOINLINE __attribute__((noinline)) - -uint8_t lookup[256]; - -void init(void) -{ - srand(0); - - for(int i = 0; i < sizeof(lookup) / sizeof(lookup[0]); ++i) - lookup[i] = (uint8_t)rand(); -} - -void lookup_leakage(uint8_t *input, int inputLength, uint8_t *output) -{ - // Empty and constant time -} - -static int branch_leakage_util(uint8_t data) -{ - // Use primes and random calculation to keep the compiler from optimizing this function too much - - if(data < 79) - return 7; - - if(data < 119) - return data; - - return 19 * data + 23; -} - -int branch_leakage(uint8_t *input, int inputLength) -{ - int result = 0; - - for(int i = 0; i < inputLength; ++i) - result += branch_leakage_util(input[i]); - - return result; -} - -int loop_leakage(uint8_t *input, int inputLength) -{ - // Empty and constant time - return lookup[0] + inputLength; -} \ No newline at end of file diff --git a/src/microwalk/libexample/src/my_lib.h b/src/microwalk/libexample/src/my_lib.h deleted file mode 100644 index 99d51a7a71f..00000000000 --- a/src/microwalk/libexample/src/my_lib.h +++ /dev/null @@ -1,9 +0,0 @@ -#include - -void init(void); - -void lookup_leakage(uint8_t *input, int inputLength, uint8_t *output); - -int branch_leakage(uint8_t *input, int inputLength); - -int loop_leakage(uint8_t *input, int inputLength); \ No newline at end of file diff --git a/src/microwalk/main.c b/src/microwalk/main.cpp similarity index 59% rename from src/microwalk/main.c rename to src/microwalk/main.cpp index 22da9772920..574c3444932 100644 --- a/src/microwalk/main.c +++ b/src/microwalk/main.cpp @@ -1,33 +1,22 @@ -#ifdef _GNU_SOURCE - #undef _GNU_SOURCE -#endif - -#include - -#include -#include -#include -#include +#include "main.h" +#include +#include +#include +#include +#include +#include -// Performs target initialization steps. -// This function is called once in the very beginning for the first testcase file, to make sure that the target is entirely loaded. -// The call is included in the trace prefix. -extern void InitTarget(FILE* input); - -// Executes the target function. -// Do not use global variables, since the trace generator will reuse the instrumented version of this executable for several different inputs. -extern void RunTarget(FILE* input); - +#include // Pin notification functions. // These functions (and their names) must not be optimized away by the compiler, so Pin can find and instrument them. // The return values reduce the probability that the compiler uses these function in other places as no-ops (Visual C++ did do this in some experiments). #pragma optimize("", off) -int PinNotifyTestcaseStart(int t) { return t + 42; } -int PinNotifyTestcaseEnd() { return 42; } -int PinNotifyStackPointer(uint64_t spMin, uint64_t spMax) { return (int)(spMin + spMax + 42); } -int PinNotifyAllocation(uint64_t address, uint64_t size) { return (int)(address + 23 * size); } +extern "C" int PinNotifyTestcaseStart(int t) { return t + 42; } +extern "C" int PinNotifyTestcaseEnd() { return 42; } +extern "C" int PinNotifyStackPointer(uint64_t spMin, uint64_t spMax) { return static_cast(spMin + spMax + 42); } +extern "C" int PinNotifyAllocation(uint64_t address, uint64_t size) { return (int)(address + 23 * size); } #pragma optimize("", on) // Reads the stack pointer base value and transmits it to Pin. @@ -49,11 +38,34 @@ void ReadAndSendStackPointer() fprintf(stderr, "Error reading stack limit: [%d] %s\n", errno, errBuffer); } - uint64_t stackMin = (uint64_t)stackBase - (uint64_t)stackLimit.rlim_cur; - uint64_t stackMax = ((uint64_t)stackBase + 0x10000) & ~0xFFFFull; // Round to next higher multiple of 64 kB (should be safe on x86 systems) + uint64_t stackMin = reinterpret_cast(stackBase) - reinterpret_cast(stackLimit.rlim_cur); + uint64_t stackMax = (reinterpret_cast(stackBase) + 0x10000) & ~0xFFFFull; // Round to next higher multiple of 64 kB (should be safe on x86 systems) PinNotifyStackPointer(stackMin, stackMax); } +static std::string read_testdata(const std::string& filename) + { + std::vector lines; + std::ifstream infile(filename); + if(infile.good() == false) + { + throw std::runtime_error("Error reading test data from '" + filename + "'"); + } + std::string line; + while(std::getline(infile, line)) + { + if(!line.empty() && line.at(0) != '#') + { + lines.push_back(line); + } + } + if(lines.size() != 1) + { + throw std::runtime_error("Error reading test data from '" + filename + "'. Expected exactly one line."); + } + return lines.at(0); + } + // Main trace target function. The following actions are performed: // The current action is read from stdin. // A line with "t" followed by a numeric ID, and another line with a file path determining a new testcase, that is subsequently loaded and fed into the target function, while calling PinNotifyNextFile() beforehand. @@ -62,14 +74,17 @@ void TraceFunc() { // First transmit stack pointer information ReadAndSendStackPointer(); - - PinNotifyAllocation((uint64_t)&errno, 8); + + PinNotifyAllocation((uint64_t)&errno, 8); + + // Initialize target library + // InitTarget(); + std::unique_ptr test = creat_test(); // Run until exit is requested char inputBuffer[512]; char errBuffer[128]; - int targetInitialized = 0; - while(1) + while(true) { // Read command and testcase ID (0 for exit command) char command; @@ -89,27 +104,12 @@ void TraceFunc() inputBuffer[inputFileNameLength - 1] = '\0'; // Load testcase file and run target function - FILE* inputFile = fopen(inputBuffer, "rb"); - if(!inputFile) - { - strerror_r(errno, errBuffer, sizeof(errBuffer)); - fprintf(stderr, "Error opening input file '%s': [%d] %s\n", inputBuffer, errno, errBuffer); - continue; - } - - // If the target was not yet initialized, call the init function for the first test case - if(!targetInitialized) - { - InitTarget(inputFile); - fseek(inputFile, 0, SEEK_SET); - targetInitialized = 1; - } - + std::string raw_input = read_testdata(inputBuffer); + std::vector input = test->prepare_input(raw_input); + PinNotifyTestcaseStart(testcaseId); - RunTarget(inputFile); + test->critical_function(input); PinNotifyTestcaseEnd(); - - fclose(inputFile); } } } @@ -120,4 +120,4 @@ int main(int argc, const char** argv) // Run target function TraceFunc(); return 0; -} \ No newline at end of file +} diff --git a/src/microwalk/main.h b/src/microwalk/main.h new file mode 100644 index 00000000000..d4bb4a2a987 --- /dev/null +++ b/src/microwalk/main.h @@ -0,0 +1,40 @@ +#include +#include + +#include +#include +#include + +class Microwalk_Test + { + public: + Microwalk_Test() + { + m_rng = std::make_shared(); + } + + virtual ~Microwalk_Test() = default; + + Microwalk_Test(const Microwalk_Test& other) = delete; + Microwalk_Test(Microwalk_Test&& other) = delete; + Microwalk_Test& operator=(const Microwalk_Test& other) = delete; + Microwalk_Test& operator=(Microwalk_Test&& other) = delete; + + virtual std::vector prepare_input(const std::string& input) + { + return Botan::hex_decode(input); + } + + virtual void critical_function(const std::vector& input) = 0; + + protected: + Botan::RandomNumberGenerator& timing_test_rng() + { + return (*m_rng); + } + + private: + std::shared_ptr m_rng; + }; + +std::unique_ptr creat_test(); diff --git a/src/microwalk/target-branch-leakage.c b/src/microwalk/target-branch-leakage.c deleted file mode 100644 index 21ecc9164f2..00000000000 --- a/src/microwalk/target-branch-leakage.c +++ /dev/null @@ -1,19 +0,0 @@ -#include -#include - -#include - -extern void RunTarget(FILE* input) -{ - uint8_t plain[16]; - if(fread(plain, 1, 16, input) != 16) - return; - - branch_leakage(plain, 16); -} - -extern void InitTarget(FILE* input) -{ - init(); - RunTarget(input); -} \ No newline at end of file diff --git a/src/microwalk/target-ecc_mul.cpp b/src/microwalk/target-ecc_mul.cpp new file mode 100644 index 00000000000..3458dacb9cb --- /dev/null +++ b/src/microwalk/target-ecc_mul.cpp @@ -0,0 +1,34 @@ +#include "main.h" + +#include +#include + +class ECC_Mul_Microwalk_Test final : public Microwalk_Test + { + public: + explicit ECC_Mul_Microwalk_Test(const std::string& ecgroup) : + m_group(ecgroup) + {} + + void critical_function(const std::vector& input) override; + + private: + const Botan::EC_Group m_group; + std::vector m_ws; + }; + +void ECC_Mul_Microwalk_Test::critical_function(const std::vector& input) + { + const Botan::BigInt k(input.data(), input.size()); + + // ticks start = get_ticks(); + + const Botan::EC_Point k_times_P = m_group.blinded_base_point_multiply(k, timing_test_rng(), m_ws); + + // ticks end = get_ticks(); + } + +std::unique_ptr creat_test() + { + return std::make_unique("brainpool512r1"); + } diff --git a/src/microwalk/target-lookup-leakage.c b/src/microwalk/target-lookup-leakage.c deleted file mode 100644 index 5de0fea3df0..00000000000 --- a/src/microwalk/target-lookup-leakage.c +++ /dev/null @@ -1,20 +0,0 @@ -#include -#include - -#include - -extern void RunTarget(FILE* input) -{ - uint8_t plain[16]; - if(fread(plain, 1, 16, input) != 16) - return; - - uint8_t output[16]; - lookup_leakage(plain, 16, output); -} - -extern void InitTarget(FILE* input) -{ - init(); - RunTarget(input); -} \ No newline at end of file diff --git a/src/microwalk/target-loop-leakage.c b/src/microwalk/target-loop-leakage.c deleted file mode 100644 index 657dc2e0768..00000000000 --- a/src/microwalk/target-loop-leakage.c +++ /dev/null @@ -1,19 +0,0 @@ -#include -#include - -#include - -extern void RunTarget(FILE* input) -{ - uint8_t plain[16]; - if(fread(plain, 1, 16, input) != 16) - return; - - loop_leakage(plain, 16); -} - -extern void InitTarget(FILE* input) -{ - init(); - RunTarget(input); -} \ No newline at end of file diff --git a/src/microwalk/testcases/target-ecc_mul/t0.testcase b/src/microwalk/testcases/target-ecc_mul/t0.testcase new file mode 100644 index 00000000000..8a0f05e166a --- /dev/null +++ b/src/microwalk/testcases/target-ecc_mul/t0.testcase @@ -0,0 +1 @@ +01 diff --git a/src/microwalk/testcases/target-ecc_mul/t1.testcase b/src/microwalk/testcases/target-ecc_mul/t1.testcase new file mode 100644 index 00000000000..33c63d5ac56 --- /dev/null +++ b/src/microwalk/testcases/target-ecc_mul/t1.testcase @@ -0,0 +1 @@ +FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF diff --git a/src/scripts/ci_build.py b/src/scripts/ci_build.py index c51e2282442..dd54126b9e0 100755 --- a/src/scripts/ci_build.py +++ b/src/scripts/ci_build.py @@ -60,7 +60,8 @@ def known_targets(): ] def build_targets(target, target_os): - if target in ['shared', 'minimized', 'bsi', 'nist']: + # TODO: disable cli, tests for microwalk? also make_targets + if target in ['shared', 'minimized', 'bsi', 'nist', 'microwalk']: yield 'shared' elif target in ['static', 'examples', 'fuzzers', 'cross-arm32-baremetal', 'emscripten']: yield 'static' @@ -180,7 +181,7 @@ def sanitize_kv(some_string): if target == 'coverage': flags += ['--with-coverage-info'] - if target in ['coverage']: + if target in ['coverage', 'microwalk']: flags += ['--with-debug-info'] if target in ['coverage', 'sanitizer', 'fuzzers']: From a5d3e28e9f5b3c2060303b060e6da2c148ecb5a1 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 18:14:11 +0200 Subject: [PATCH 10/28] try with python --- src/microwalk/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/microwalk/build.sh b/src/microwalk/build.sh index f9561c9c6bc..c88a1a39e53 100644 --- a/src/microwalk/build.sh +++ b/src/microwalk/build.sh @@ -5,7 +5,7 @@ mainDir=$(realpath $thisDir/../..) # Build library pushd $mainDir -python3 ./src/scripts/ci_build.py --cc='gcc' microwalk +python ./src/scripts/ci_build.py --cc='gcc' microwalk dwarfdump -l libbotan-3.so >$thisDir/libbotan-3.so.dwarf popd From b68ed78be999356cd2f4d6a5454ad1aa1f5a1e07 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 18:29:46 +0200 Subject: [PATCH 11/28] install python and ccache --- .github/workflows/microwalk.yml | 1 + src/microwalk/build.sh | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/microwalk.yml b/.github/workflows/microwalk.yml index 4b6e50a0f88..8e7a681fb70 100644 --- a/.github/workflows/microwalk.yml +++ b/.github/workflows/microwalk.yml @@ -14,6 +14,7 @@ jobs: steps: - uses: actions/checkout@v3 + # TODO: complete setup probably not needed, as Microwalk runs in separate container - name: Setup Build Agent uses: ./.github/actions/setup-build-agent with: diff --git a/src/microwalk/build.sh b/src/microwalk/build.sh index c88a1a39e53..3b70b044b36 100644 --- a/src/microwalk/build.sh +++ b/src/microwalk/build.sh @@ -3,9 +3,12 @@ thisDir=$(pwd) mainDir=$(realpath $thisDir/../..) +sudo apt-get -qq update +sudo apt-get -qq install python ccache + # Build library pushd $mainDir -python ./src/scripts/ci_build.py --cc='gcc' microwalk +python3 ./src/scripts/ci_build.py --cc='gcc' microwalk dwarfdump -l libbotan-3.so >$thisDir/libbotan-3.so.dwarf popd From 6d78717ec0f796313acc2653afa5a2bfb899d434 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 18:31:52 +0200 Subject: [PATCH 12/28] try without sudo --- src/microwalk/build.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/microwalk/build.sh b/src/microwalk/build.sh index 3b70b044b36..7eae4ca2603 100644 --- a/src/microwalk/build.sh +++ b/src/microwalk/build.sh @@ -3,8 +3,8 @@ thisDir=$(pwd) mainDir=$(realpath $thisDir/../..) -sudo apt-get -qq update -sudo apt-get -qq install python ccache +apt-get -qq update +apt-get -qq install python ccache # Build library pushd $mainDir From 7db47c0f0a79a6273811e8a3d354b9a2b1d589e5 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 18:34:24 +0200 Subject: [PATCH 13/28] install python 3 --- src/microwalk/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/microwalk/build.sh b/src/microwalk/build.sh index 7eae4ca2603..c99b1b30294 100644 --- a/src/microwalk/build.sh +++ b/src/microwalk/build.sh @@ -4,7 +4,7 @@ thisDir=$(pwd) mainDir=$(realpath $thisDir/../..) apt-get -qq update -apt-get -qq install python ccache +apt-get -qq install python3 ccache # Build library pushd $mainDir From 0c7a005f92b8c2a11b7b4533c1acdc6245063a4a Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 18:37:09 +0200 Subject: [PATCH 14/28] add microwalk to known targest --- src/scripts/ci_build.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/scripts/ci_build.py b/src/scripts/ci_build.py index dd54126b9e0..1e7c9824603 100755 --- a/src/scripts/ci_build.py +++ b/src/scripts/ci_build.py @@ -51,6 +51,7 @@ def known_targets(): 'format', 'fuzzers', 'lint', + 'microwalk', 'minimized', 'nist', 'sanitizer', From ede543f4bd11b02696104a17aff045ba7ac478b4 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Tue, 11 Apr 2023 19:03:22 +0200 Subject: [PATCH 15/28] build botan and target before the Microwalk action --- .github/workflows/microwalk.yml | 9 ++++++++- src/microwalk/build.sh | 7 ++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/.github/workflows/microwalk.yml b/.github/workflows/microwalk.yml index 8e7a681fb70..565c10c6c7e 100644 --- a/.github/workflows/microwalk.yml +++ b/.github/workflows/microwalk.yml @@ -14,13 +14,20 @@ jobs: steps: - uses: actions/checkout@v3 - # TODO: complete setup probably not needed, as Microwalk runs in separate container - name: Setup Build Agent uses: ./.github/actions/setup-build-agent with: target: shared cache-key: linux-gcc-x86_64-microwalk + - name: Build Botan + run: python3 ./src/scripts/ci_build.py --cc='gcc' microwalk + + - name: Build Microwalk target + run: | + cd src/microwalk/ + g++ main.cpp target-ecc_mul.cpp -g -fno-inline -fno-split-stack -L "../.." -lbotan-3 -I "../../build/include" -o target-ecc_mul + - name: Run Microwalk analysis id: run_microwalk uses: microwalk-project/microwalk-pin-action@v1 diff --git a/src/microwalk/build.sh b/src/microwalk/build.sh index c99b1b30294..bb5646a40c2 100644 --- a/src/microwalk/build.sh +++ b/src/microwalk/build.sh @@ -3,12 +3,9 @@ thisDir=$(pwd) mainDir=$(realpath $thisDir/../..) -apt-get -qq update -apt-get -qq install python3 ccache - # Build library pushd $mainDir -python3 ./src/scripts/ci_build.py --cc='gcc' microwalk +# Note: we already build botan before the Microwalk action dwarfdump -l libbotan-3.so >$thisDir/libbotan-3.so.dwarf popd @@ -22,7 +19,7 @@ for target in $(find . -name "target-*.cpp" -print) do targetName=$(basename -- ${target%.*}) - g++ main.cpp $targetName.cpp -g -fno-inline -fno-split-stack -L "$mainDir" -lbotan-3 -I "$mainDir/build/include" -o $targetName +# g++ main.cpp $targetName.cpp -g -fno-inline -fno-split-stack -L "$mainDir" -lbotan-3 -I "$mainDir/build/include" -o $targetName pushd $MAP_GENERATOR_PATH dotnet MapFileGenerator.dll $thisDir/$targetName $thisDir/$targetName.map From b752a8c41f515a155fa803b83796dcccda945842 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Wed, 12 Apr 2023 11:14:05 +0200 Subject: [PATCH 16/28] debug --- .github/workflows/microwalk.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/microwalk.yml b/.github/workflows/microwalk.yml index 565c10c6c7e..04410e36a31 100644 --- a/.github/workflows/microwalk.yml +++ b/.github/workflows/microwalk.yml @@ -26,6 +26,12 @@ jobs: - name: Build Microwalk target run: | cd src/microwalk/ + pwd + ls -lha + ls -lha .. + ls -lha ../.. + ls -lha ../../build + ls -lha ../../build/include g++ main.cpp target-ecc_mul.cpp -g -fno-inline -fno-split-stack -L "../.." -lbotan-3 -I "../../build/include" -o target-ecc_mul - name: Run Microwalk analysis From 412cf680e041e12eccb955597f9814d80da9d13f Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Wed, 12 Apr 2023 11:42:44 +0200 Subject: [PATCH 17/28] no cleanup for microwalk --- src/scripts/ci_build.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/scripts/ci_build.py b/src/scripts/ci_build.py index 1e7c9824603..41a226f9634 100755 --- a/src/scripts/ci_build.py +++ b/src/scripts/ci_build.py @@ -208,6 +208,8 @@ def sanitize_kv(some_string): if target == 'examples': flags += ['--with-boost'] + + if target in ['examples', 'microwalk']: test_cmd = None if target == 'fuzzers': @@ -737,8 +739,9 @@ def main(args=None): # Otherwise generate a local HTML report cmds.append(['genhtml', cov_file, '--output-directory', os.path.join(build_dir, 'lcov-out')]) - cmds.append(make_cmd + ['clean']) - cmds.append(make_cmd + ['distclean']) + if not target in ['microwalk']: + cmds.append(make_cmd + ['clean']) + cmds.append(make_cmd + ['distclean']) for cmd in cmds: if options.dry_run: From cf3c65146d27a52d8adae6a6555986d932a768f5 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Wed, 12 Apr 2023 11:45:39 +0200 Subject: [PATCH 18/28] only build libs --- src/scripts/ci_build.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) mode change 100755 => 100644 src/scripts/ci_build.py diff --git a/src/scripts/ci_build.py b/src/scripts/ci_build.py old mode 100755 new mode 100644 index 41a226f9634..dd35afddd8e --- a/src/scripts/ci_build.py +++ b/src/scripts/ci_build.py @@ -74,7 +74,7 @@ def build_targets(target, target_os): yield 'shared' yield 'static' - if target not in ['examples']: + if target not in ['examples', 'microwalk']: yield 'cli' yield 'tests' @@ -654,7 +654,10 @@ def main(args=None): if options.compiler_cache is not None: cmds.append([options.compiler_cache, '--show-stats']) - make_targets = ['libs', 'tests', 'cli'] + make_targets = ['libs'] + + if target not in ['examples', 'microwalk']: + make_targets += ['tests', 'cli'] if target in ['coverage', 'fuzzers']: make_targets += ['fuzzer_corpus_zip', 'fuzzers'] From 05252bcbd01bdd3060b7b93e44a3503b5e828027 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Wed, 12 Apr 2023 11:58:57 +0200 Subject: [PATCH 19/28] add -std=c++20 --- .github/workflows/microwalk.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/microwalk.yml b/.github/workflows/microwalk.yml index 04410e36a31..cd16efb3f50 100644 --- a/.github/workflows/microwalk.yml +++ b/.github/workflows/microwalk.yml @@ -26,13 +26,8 @@ jobs: - name: Build Microwalk target run: | cd src/microwalk/ - pwd - ls -lha - ls -lha .. - ls -lha ../.. - ls -lha ../../build ls -lha ../../build/include - g++ main.cpp target-ecc_mul.cpp -g -fno-inline -fno-split-stack -L "../.." -lbotan-3 -I "../../build/include" -o target-ecc_mul + g++ main.cpp target-ecc_mul.cpp -g -fno-inline -fno-split-stack -L "../.." -lbotan-3 -I "../../build/include" -std=c++20 -o target-ecc_mul - name: Run Microwalk analysis id: run_microwalk From a91172c8c70b8d1823628f20a96ec5fb1db31f24 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Wed, 12 Apr 2023 12:12:36 +0200 Subject: [PATCH 20/28] remove debug --- .github/workflows/microwalk.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/microwalk.yml b/.github/workflows/microwalk.yml index cd16efb3f50..4a42ee294db 100644 --- a/.github/workflows/microwalk.yml +++ b/.github/workflows/microwalk.yml @@ -26,7 +26,6 @@ jobs: - name: Build Microwalk target run: | cd src/microwalk/ - ls -lha ../../build/include g++ main.cpp target-ecc_mul.cpp -g -fno-inline -fno-split-stack -L "../.." -lbotan-3 -I "../../build/include" -std=c++20 -o target-ecc_mul - name: Run Microwalk analysis From f878bd6a7ba9167d1db7af67c3c303c6ec95bee8 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Wed, 12 Apr 2023 12:17:41 +0200 Subject: [PATCH 21/28] fix LIBRARY_PATH --- src/microwalk/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/microwalk/config.yml b/src/microwalk/config.yml index 319c45468a3..2df1f2615a0 100644 --- a/src/microwalk/config.yml +++ b/src/microwalk/config.yml @@ -1,6 +1,6 @@ constants: TARGET_PATH: $$CONFIG_PATH$$/$$$TARGET_NAME$$$ - LIBRARY_PATH: $$CONFIG_PATH$$/../ + LIBRARY_PATH: $$CONFIG_PATH$$/../../ WORK_DIR: $$$WORK_DIR$$$/$$$TARGET_NAME$$$ --- From b07d06b2be0b66616926af52b0833364de659fae Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Wed, 12 Apr 2023 12:31:03 +0200 Subject: [PATCH 22/28] No bzip2/sqlite/zlib for microwalk --- src/scripts/ci_build.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/scripts/ci_build.py b/src/scripts/ci_build.py index dd35afddd8e..b90255098db 100644 --- a/src/scripts/ci_build.py +++ b/src/scripts/ci_build.py @@ -329,7 +329,7 @@ def sanitize_kv(some_string): else: # Flags specific to native targets - if target_os in ['osx', 'linux']: + if target_os in ['osx', 'linux'] and not target in ['microwalk']: flags += ['--with-bzip2', '--with-sqlite', '--with-zlib'] if target_os in ['osx', 'ios']: From f1a4ed4007abe05ad5c99d70571f38a5343803c7 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Thu, 13 Apr 2023 15:55:38 +0200 Subject: [PATCH 23/28] also disable lzma --- src/scripts/ci_build.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/scripts/ci_build.py b/src/scripts/ci_build.py index b90255098db..bf66b827c5a 100644 --- a/src/scripts/ci_build.py +++ b/src/scripts/ci_build.py @@ -360,7 +360,7 @@ def add_boost_support(target, target_os): # as per: https://stackoverflow.com/questions/38770895/how-to-fix-undefined-reference-to-getacceptexsockaddrs-boost-asio-in-clion#comment105791579_38771260 flags += ['--ldflags=-static -lwsock32'] - if target_os == 'linux': + if target_os == 'linux' and not target in ['microwalk']: flags += ['--with-lzma'] if target in ['coverage']: From c960b8445b7ffb82865d38fedf25fc803addaac8 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Fri, 14 Apr 2023 17:59:04 +0200 Subject: [PATCH 24/28] explicitly set to run on ubuntu-22.04 --- .github/workflows/microwalk.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/microwalk.yml b/.github/workflows/microwalk.yml index 4a42ee294db..1a78266a028 100644 --- a/.github/workflows/microwalk.yml +++ b/.github/workflows/microwalk.yml @@ -10,7 +10,7 @@ env: jobs: build-analyze: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v3 From 3da2934226d545a53978ec61846f9c2b606d9f01 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Fri, 14 Apr 2023 18:23:48 +0200 Subject: [PATCH 25/28] disable locking_allocator --- src/scripts/ci_build.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/scripts/ci_build.py b/src/scripts/ci_build.py index bf66b827c5a..eb24ece21d3 100644 --- a/src/scripts/ci_build.py +++ b/src/scripts/ci_build.py @@ -226,7 +226,7 @@ def sanitize_kv(some_string): else: flags += ['--enable-sanitizers=address'] - if target in ['valgrind', 'sanitizer', 'fuzzers']: + if target in ['valgrind', 'sanitizer', 'fuzzers', 'microwalk']: flags += ['--disable-modules=locking_allocator'] if target == 'emscripten': From 6d21b8c141820c1373619249024f09c48927cb81 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Wed, 31 May 2023 11:33:46 +0200 Subject: [PATCH 26/28] Build Microwalk target in build.sh --- .github/workflows/microwalk.yml | 5 ----- src/microwalk/build.sh | 2 +- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/microwalk.yml b/.github/workflows/microwalk.yml index 1a78266a028..57c0088ee4c 100644 --- a/.github/workflows/microwalk.yml +++ b/.github/workflows/microwalk.yml @@ -23,11 +23,6 @@ jobs: - name: Build Botan run: python3 ./src/scripts/ci_build.py --cc='gcc' microwalk - - name: Build Microwalk target - run: | - cd src/microwalk/ - g++ main.cpp target-ecc_mul.cpp -g -fno-inline -fno-split-stack -L "../.." -lbotan-3 -I "../../build/include" -std=c++20 -o target-ecc_mul - - name: Run Microwalk analysis id: run_microwalk uses: microwalk-project/microwalk-pin-action@v1 diff --git a/src/microwalk/build.sh b/src/microwalk/build.sh index bb5646a40c2..253d62fb000 100644 --- a/src/microwalk/build.sh +++ b/src/microwalk/build.sh @@ -19,7 +19,7 @@ for target in $(find . -name "target-*.cpp" -print) do targetName=$(basename -- ${target%.*}) -# g++ main.cpp $targetName.cpp -g -fno-inline -fno-split-stack -L "$mainDir" -lbotan-3 -I "$mainDir/build/include" -o $targetName + g++ main.cpp $targetName.cpp -g -fno-inline -fno-split-stack -L "$mainDir" -lbotan-3 -I "$mainDir/build/include" -std=c++20 -o $targetName pushd $MAP_GENERATOR_PATH dotnet MapFileGenerator.dll $thisDir/$targetName $thisDir/$targetName.map From 83ecfebda93134de9acb421ec3c3e7c02ce56f42 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Wed, 31 May 2023 11:35:30 +0200 Subject: [PATCH 27/28] Disable normal CI --- .github/workflows/ci.yml | 4 ++-- .github/workflows/cifuzz.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3f32e7b73fa..be72bf1fb32 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,8 +13,8 @@ permissions: on: push: branches: [ master ] - pull_request: - branches: [ master ] + # pull_request: + # branches: [ master ] # cancel running workflows when new commits are being pushed in pull requests # but not on the master branch diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml index c07b8676f7e..64058f89b8b 100644 --- a/.github/workflows/cifuzz.yml +++ b/.github/workflows/cifuzz.yml @@ -1,5 +1,5 @@ name: CIFuzz -on: [pull_request] +on: [] jobs: Fuzzing: runs-on: ubuntu-22.04 From 7aff7fcd2218c37c310360f1d6281cb87f978652 Mon Sep 17 00:00:00 2001 From: Philippe Lieser Date: Thu, 1 Jun 2023 18:33:45 +0200 Subject: [PATCH 28/28] Call start/end of test in critical_function() --- src/microwalk/main.cpp | 14 +++++++++++--- src/microwalk/main.h | 6 +++++- src/microwalk/target-ecc_mul.cpp | 8 ++++---- 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/src/microwalk/main.cpp b/src/microwalk/main.cpp index 574c3444932..6f5f7818204 100644 --- a/src/microwalk/main.cpp +++ b/src/microwalk/main.cpp @@ -19,6 +19,16 @@ extern "C" int PinNotifyStackPointer(uint64_t spMin, uint64_t spMax) { return st extern "C" int PinNotifyAllocation(uint64_t address, uint64_t size) { return (int)(address + 23 * size); } #pragma optimize("", on) +void Microwalk_Test::critical_section_start(int testcaseId) +{ + PinNotifyTestcaseStart(testcaseId); +} + +void Microwalk_Test::critical_section_end() +{ + PinNotifyTestcaseEnd(); +} + // Reads the stack pointer base value and transmits it to Pin. void ReadAndSendStackPointer() { @@ -107,9 +117,7 @@ void TraceFunc() std::string raw_input = read_testdata(inputBuffer); std::vector input = test->prepare_input(raw_input); - PinNotifyTestcaseStart(testcaseId); - test->critical_function(input); - PinNotifyTestcaseEnd(); + test->critical_function(testcaseId, input); } } } diff --git a/src/microwalk/main.h b/src/microwalk/main.h index d4bb4a2a987..74971fab848 100644 --- a/src/microwalk/main.h +++ b/src/microwalk/main.h @@ -25,7 +25,7 @@ class Microwalk_Test return Botan::hex_decode(input); } - virtual void critical_function(const std::vector& input) = 0; + virtual void critical_function(int testcaseId, const std::vector& input) = 0; protected: Botan::RandomNumberGenerator& timing_test_rng() @@ -33,6 +33,10 @@ class Microwalk_Test return (*m_rng); } + static void critical_section_start(int testcaseId); + + static void critical_section_end(); + private: std::shared_ptr m_rng; }; diff --git a/src/microwalk/target-ecc_mul.cpp b/src/microwalk/target-ecc_mul.cpp index 3458dacb9cb..174892208b1 100644 --- a/src/microwalk/target-ecc_mul.cpp +++ b/src/microwalk/target-ecc_mul.cpp @@ -10,22 +10,22 @@ class ECC_Mul_Microwalk_Test final : public Microwalk_Test m_group(ecgroup) {} - void critical_function(const std::vector& input) override; + void critical_function(int testcaseId, const std::vector& input) override; private: const Botan::EC_Group m_group; std::vector m_ws; }; -void ECC_Mul_Microwalk_Test::critical_function(const std::vector& input) +void ECC_Mul_Microwalk_Test::critical_function(int testcaseId, const std::vector& input) { const Botan::BigInt k(input.data(), input.size()); - // ticks start = get_ticks(); + critical_section_start(testcaseId); const Botan::EC_Point k_times_P = m_group.blinded_base_point_multiply(k, timing_test_rng(), m_ws); - // ticks end = get_ticks(); + critical_section_end(); } std::unique_ptr creat_test()