[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor] 01/07: test_sandbox: equix crypto test case for issue 40794

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor] 01/07: test_sandbox: equix crypto test case for issue 40794
From: gitolite role via tor-commits <tor-commits@xxxxxxxxxxxxxxxxxxxx>
Date: Tue, 30 May 2023 19:14:48 +0000
Auto-submitted: auto-generated
Cc: gitolite role <git@xxxxxxxxxxxxxxxxxxxxx>
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 30 May 2023 15:15:00 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lists.torproject.org; s=2022-eugeni; t=1685474097; bh=RQ1hPkiYM82sh1HKfFYe1s1yhG7MM/BrzHTyJc/jmLs=; h=Date:To:In-Reply-To:References:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=hkr8BY7PqwkQURtYxdkGgP8a4UXxVuTXcTXQReAjpr7uF74v9NhOKCTIKnsIhvPOV jH33AsrsIS9cwzpiWfYVl1LYIAZ6MNC2Cghv39SVI5vUTNLClhiFinf1WN/I+m6EfA 24ACyzbZYPaqyym+dICPOgY7Rfjmpu5cdN5gnFV2zJh2I0AlgyVZYiNyKsXoqKWSoa UwvxtxDuHTSy/H3FALjma/qFywfMMcBEvgZftB3YY9KfcRirO9aGV+1O18N125+Pnw VA1i7/2LYOg7Oibb9GJhP0kfbt5kIx0pW0RWaBAyhXIbLmYQnD9Exr+2yfw0WAJ2Ge shTxL2YmBMpeQ==
In-reply-to: <168547408744.15457.15957716240080515456@cupani.torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
References: <168547408744.15457.15957716240080515456@cupani.torproject.org>
Reply-to: Micah Elizabeth Scott <beth@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQAAEjRW+oCT3qNtRry9gPJYzO95nw==

This is an automated email from the git hooks/post-receive script.

dgoulet pushed a commit to branch main
in repository tor.

commit c40c5adec21aa02ba21fdf530aeff81b3523cb63
Author: Micah Elizabeth Scott <beth@xxxxxxxxxxxxxx>
AuthorDate: Tue May 23 19:18:50 2023 -0700

    test_sandbox: equix crypto test case for issue 40794
    
    This is an additional test case for test_sandbox that runs a small
    subset of test_crypto_equix() inside the syscall sandbox, where
    mprotect() is filtered.
    
    It's reasonable for the sandbox to disallow JIT. We could revise this
    policy if we want, but it seems a good default for now. The problem
    in issue 40794 is that both equix and hashx need improvements in their
    API to handle failures after allocation time, and this failure occurs
    while the hash function is being compiled.
    
    With this commit only, the segfault from issue 40794 is reproduced.
    Subsequent commits will fix the segfault and revise the API.
    
    Signed-off-by: Micah Elizabeth Scott <beth@xxxxxxxxxxxxxx>
---
 src/test/test_sandbox.c | 61 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/src/test/test_sandbox.c b/src/test/test_sandbox.c
index 7ec08a3546..a28c9b6e41 100644
--- a/src/test/test_sandbox.c
+++ b/src/test/test_sandbox.c
@@ -12,6 +12,8 @@
 #include "orconfig.h"
 
 #include "lib/sandbox/sandbox.h"
+#include "lib/crypt_ops/crypto_rand.h"
+#include "ext/equix/include/equix.h"
 
 #ifdef USE_LIBSECCOMP
 
@@ -292,6 +294,63 @@ test_sandbox_stat_filename(void *arg)
   (void)0;
 }
 
+/** This is a simplified subset of test_crypto_equix(), running one solve
+ * and one verify from inside the sandbox. The sandbox restricts mprotect, and
+ * hashx will experience a failure at runtime which this test case exercises.
+ * The result of the solve and verify should both still be correct, since we
+ * expect it to cleanly fall back on an interpreted implementation which has
+ * no operating system dependencies. */
+static void
+test_sandbox_crypto_equix(void *arg)
+{
+  (void)arg;
+
+  const char *challenge_literal = "abce";
+  const size_t challenge_len = strlen(challenge_literal);
+  const size_t num_sols = 4;
+  static const equix_solution sols_expected[EQUIX_MAX_SOLS] = {
+    {{ 0x4fca, 0x72eb, 0x101f, 0xafab, 0x1add, 0x2d71, 0x75a3, 0xc978 }},
+    {{ 0x17f1, 0x7aa6, 0x23e3, 0xab00, 0x7e2f, 0x917e, 0x16da, 0xda9e }},
+    {{ 0x70ee, 0x7757, 0x8a54, 0xbd2b, 0x90e4, 0xe31e, 0x2085, 0xe47e }},
+    {{ 0x62c5, 0x86d1, 0x5752, 0xe1f0, 0x12da, 0x8f33, 0x7336, 0xf161 }},
+  };
+
+  equix_solution sols_actual[EQUIX_MAX_SOLS] = { 0 };
+  equix_ctx *solve_ctx = NULL, *verify_ctx = NULL;
+
+  /* TODO: A subsequent change will modify these flags to use an auto fallback
+   *       that will be built into our fork of equix. (This implements a
+   *       performant and low-complexity way to share the generated program
+   *       state during fallback instead of re-generating it.)
+   */
+  solve_ctx = equix_alloc(EQUIX_CTX_SOLVE | EQUIX_CTX_COMPILE);
+  tt_ptr_op(solve_ctx, OP_NE, NULL);
+  tt_ptr_op(solve_ctx, OP_NE, EQUIX_NOTSUPP);
+
+  int retval = equix_solve(solve_ctx, challenge_literal,
+                           challenge_len, sols_actual);
+  tt_int_op(retval, OP_EQ, num_sols);
+  tt_mem_op(sols_actual, OP_EQ, sols_expected,
+            num_sols * sizeof(equix_solution));
+
+  verify_ctx = equix_alloc(EQUIX_CTX_VERIFY | EQUIX_CTX_COMPILE);
+  tt_ptr_op(verify_ctx, OP_NE, NULL);
+  tt_ptr_op(verify_ctx, OP_NE, EQUIX_NOTSUPP);
+
+  /* Test one of the solutions randomly */
+  equix_result result;
+  const unsigned sol_i = crypto_rand_int(num_sols);
+  equix_solution *sol = &sols_actual[sol_i];
+
+  result = equix_verify(verify_ctx, challenge_literal,
+                        challenge_len, sol);
+  tt_int_op(EQUIX_OK, OP_EQ, result);
+
+ done:
+  equix_free(solve_ctx);
+  equix_free(verify_ctx);
+}
+
 #define SANDBOX_TEST_SKIPPED(name) \
   { #name, test_sandbox_ ## name, TT_SKIP, NULL, NULL }
 
@@ -343,6 +402,8 @@ struct testcase_t sandbox_tests[] = {
 #else
   SANDBOX_TEST_SKIPPED(stat_filename),
 #endif
+
+  SANDBOX_TEST_IN_SANDBOX(crypto_equix),
   END_OF_TESTCASES
 };
 

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

References:
- [tor-commits] [tor] branch main updated (d5dea2202c -> 415c0354b2)
  - From: gitolite role via tor-commits

Prev by Author: [tor-commits] [tor] 03/04: changes: Add file for MR 714
Next by Author: [tor-commits] [tor] 65/77: hs_pow: bump client-side effort limit from 500 to 10000
Previous by thread: [tor-commits] [tor] 04/07: hashx: API changes to allow recovery from late compile failures
Next by thread: [tor-commits] [tor] 02/07: hashx: minor, another logical operator change
Index(es):
- Author
- Thread