[sw,cryptolib] Fix trigger_fault_if_fg0 functions #28574
Conversation
h-filali
requested review from
andrea-caforio,
andreaskurth,
johannheyszl and
vogelpi
sw/otbn/crypto/p256_base.s
Outdated
| /* If we get here, the flag must have been 1. Restore w31 to zero and return. | ||
| /* If we get here, the flag must have been 0. Restore w31 to zero and return. |
There was a problem hiding this comment.
This change should be reverted: This version of the function creates the error if the flag is 0.
sw/otbn/crypto/p384_isoncurve.s
Outdated
| * the flag's value is likely clearly visible to an attacker through timing. | ||
| * | ||
| * @param[in] w31: all-zero | ||
| * @param[in] FG0.Z: boolean indicating fault condition |
There was a problem hiding this comment.
This comment needs to be aligned with the actual implementation and the comments below. The function name suggests it creates an error if the flag is NOT 0, while the comment here says the opposite.
There was a problem hiding this comment.
Sorry this is not addressed. Did you forget to push maybe? Can you please re-read the whole comment starting at line 19 and going to line 34? The mismatch is at lines 20, 22 and 24. Thanks.
h-filali
force-pushed
the
cryptolib-ecc-fix-flg-zero-err
branch
from
80b2bfc to
71f3306
Compare
|
Thanks @vogelpi for the review, I addressed all your comments. PTAL |
| * | ||
| * @param[in] w31: all-zero | ||
| * @param[in] FG0.Z: boolean indicating fault condition | ||
| * @param[in] FG0.Z: boolean indicating fault condition when 1 |
There was a problem hiding this comment.
Also for this file, can you please check the function names and the header comments please? In particular:
- Line 36 says this function triggers a fault if fault if FG0.Z is 1
The function is then namedtrigger_fault_if_fg0_z(does the final z stand for the Z of the flag or for zero?)
Line 60 is aligned with that (cause error if FG0.Z is 1) - Line 71 says the second function triggers a fault if FG0.Z is 0
The function is namedtrigger_fault_if_fg0_not_z- I think this name is counterintuitive comparing it with the terminology / function name above
Line 96 then again says the error is triggered if FG0.Z is 0.
Maybe the counterintuitive function name is what confused me also with the other comment still open. Can we please align things?
There was a problem hiding this comment.
If fg0_z means fg0 is zero, then the naming is correct. However it can clearly be interpreted differently. I also thought the function names should be changed but I didn't want to make this change about changing the namings. I'll change the naming in my next amendment.
h-filali
force-pushed
the
cryptolib-ecc-fix-flg-zero-err
branch
4 times, most recently
from
3aade91 to
f2ad6f4
Compare
h-filali
force-pushed
the
cryptolib-ecc-fix-flg-zero-err
branch
from
f2ad6f4 to
7fc93f8
Compare
h-filali
added
the
CherryPick:earlgrey_1.0.0
|
FYI: #28592 has now been added to the merge queue. Once it's merged, this PR here needs to be rebased. |
h-filali
force-pushed
the
cryptolib-ecc-fix-flg-zero-err
branch
from
7fc93f8 to
c20217c
Compare
|
Thanks @vogelpi I rebased the PR so once CI passes this can be merged. |
The trigger_fault_if_fg0 functions had a bug where we never trigger a fault. This new implementation should now correctly trigger the fault. For the case where no fault is triggered, we load address 0 into w31. For the error case we try to load address 0 into w39 (which doesn't exist), which triggers a ILLEGAL_INSN error. Signed-off-by: Hakim Filali <[email protected]>
vogelpi
force-pushed
the
cryptolib-ecc-fix-flg-zero-err
branch
from
c20217c to
7fc6955
Compare
|
Backport failed for Please cherry-pick the changes locally and resolve any conflicts. git fetch origin earlgrey_1.0.0
git worktree add -d .worktree/backport-28574-to-earlgrey_1.0.0 origin/earlgrey_1.0.0
cd .worktree/backport-28574-to-earlgrey_1.0.0
git switch --create backport-28574-to-earlgrey_1.0.0
git cherry-pick -x 7fc6955a6e6056975fecfa7e0016f6960bf520f7 |
lowrisc-ci
bot
added
the
Manually CherryPick
|
Backport failed for Please cherry-pick the changes locally and resolve any conflicts. git fetch origin earlgrey_1.0.0
git worktree add -d .worktree/backport-28574-to-earlgrey_1.0.0 origin/earlgrey_1.0.0
cd .worktree/backport-28574-to-earlgrey_1.0.0
git switch --create backport-28574-to-earlgrey_1.0.0
git cherry-pick -x 7fc6955a6e6056975fecfa7e0016f6960bf520f7 |
2 participants
The trigger_fault_if_fg0 functions had a bug where we never trigger a fault. This new implementation should now correctly trigger the fault.
For the case where no fault is triggered, we load address 0 into w31. For the error case we try to load address 0 into w39 (which doesn't exist), which triggers a ILLEGAL_INSN error.
This PR is based on #28592